public Function RSQL(strChar)
* E0 ?3 F; {; a3 d3 H If strChar = "" or IsNull(strChar) Then RSQL = "":Exit Function
: D7 m, [* I+ r' t/ w Dim strBadChar, arrBadChar, tempChar, I/ k( h" R8 m) a; X* f3 n
strBadChar = "$,#,',%,^,&,?,(,),<,>,[,],{,},/,\,;,:," & Chr(34) & "," & Chr(0) & ""’注意这里过滤的是特殊字符 ‘Chr(34)对应的ASCII码是双引号。Chr(0)其实就是我们上传改包把空格(20)改成的00
4 }2 s& y9 N2 s% C1 J arrBadChar = Split(strBadChar, ",")& h/ R8 G+ j- Y2 F- ^/ z
tempChar = strChar& _" l% r; Y* s* ?$ o/ `* c% s5 A
For I = 0 To UBound(arrBadChar)
8 Z" e; C( ~ P" G- s/ }- A tempChar = Replace(tempChar, arrBadChar(I), "") ‘将特殊字符过滤为空# k8 N: _( \) ^: k' w3 X
Next
! L' V( l: }3 k H; m2 [: Z9 I RSQL = tempChar
) ^, S7 \6 d) ], Z! y" a4 oEnd Function2 e% A t" N0 O/ @
|
发表于 2012-9-15 14:40:40
收藏
支持
反对