public Function RSQL(strChar)6 M# g0 J. p/ j* U0 I
If strChar = "" or IsNull(strChar) Then RSQL = "":Exit Function
/ H# ~" n" {. r2 j/ ~ O Dim strBadChar, arrBadChar, tempChar, I n& X& n2 J: \) l3 w9 ^; n4 w
strBadChar = "$,#,',%,^,&,?,(,),<,>,[,],{,},/,\,;,:," & Chr(34) & "," & Chr(0) & ""’注意这里过滤的是特殊字符 ‘Chr(34)对应的ASCII码是双引号。Chr(0)其实就是我们上传改包把空格(20)改成的00
9 j3 L. D; K! D% h5 j9 y; \ arrBadChar = Split(strBadChar, ","). X' k3 ?* p( ~( X9 A0 S9 Q$ _! L
tempChar = strChar4 w& t) E- ?$ a- Q- H/ P" ^
For I = 0 To UBound(arrBadChar)
6 C, I" W6 g' o7 W' |% w tempChar = Replace(tempChar, arrBadChar(I), "") ‘将特殊字符过滤为空4 a* j* _; b$ A
Next/ G7 e7 G4 N2 h1 t
RSQL = tempChar/ v9 P. k; U- w5 a( B
End Function
% g, X9 N- ~4 g& V* R |
发表于 2012-9-15 14:40:40
收藏
支持
反对