将字符串安全转换成可安全合成sql语句的值:
public static string dfstrtosql(string str)
{
str = str.tolower();
str = str.replace(', '');
str = str.replace(;--, );
str = str.replace(select, );
str = str.replace( or , );
str = str.replace( and , );
str = str.replace(insert, );
str = str.replace(update, );
str = str.replace(delete, );
str = str.replace(from, );
str = str.replace(exec master, );
str = str.replace(group administrators, );
str = str.replace(xp_cmdshell, );
str = str.replace(drop table, );
str = str.replace(truncate, );
return str;
}
中国足彩网信息请查看IT技术专栏
版权所有:易贤网
公众号
事业单位
当前位置:
公考类
招聘类
各类考试