public Function RSQL(strChar)
0 Y5 D* u. j% s* x2 l2 w9 l If strChar = "" or IsNull(strChar) Then RSQL = "":Exit Function
0 f3 G) c/ ]. {: O& M V# e& ^ Dim strBadChar, arrBadChar, tempChar, I
& J- ], T* `+ r6 q6 ~ strBadChar = "$,#,',%,^,&,?,(,),<,>,[,],{,},/,\,;,:," & Chr(34) & "," & Chr(0) & ""’注意这里过滤的是特殊字符 ‘Chr(34)对应的ASCII码是双引号。Chr(0)其实就是我们上传改包把空格(20)改成的000 Z& E$ ` Y4 n3 X9 Z/ ~" O
arrBadChar = Split(strBadChar, ",")
. J! f5 ]3 ~( o% |: F8 H A tempChar = strChar) F- [& f: _2 i" X! T, d5 a
For I = 0 To UBound(arrBadChar)4 }! V% A9 J* T5 M$ z+ p
tempChar = Replace(tempChar, arrBadChar(I), "") ‘将特殊字符过滤为空
$ m, H* Z3 S% c* k* h* e( Z ` Next
! k7 S+ Z9 j) m9 ^ RSQL = tempChar4 y) i+ X" G1 w- G; G( A
End Function, @, a# } N& Q
|
发表于 2012-9-15 14:40:40
收藏
支持
反对