public Function RSQL(strChar)" W; e+ N- A, G& n1 ^% r. e
If strChar = "" or IsNull(strChar) Then RSQL = "":Exit Function" C/ n# b3 z5 ~3 a4 j8 E% Q0 K
Dim strBadChar, arrBadChar, tempChar, I( X$ V/ i8 Y# ^( h4 M7 O5 P2 q4 ~
strBadChar = "$,#,',%,^,&,?,(,),<,>,[,],{,},/,\,;,:," & Chr(34) & "," & Chr(0) & ""’注意这里过滤的是特殊字符 ‘Chr(34)对应的ASCII码是双引号。Chr(0)其实就是我们上传改包把空格(20)改成的00
# T9 y3 A; h9 f4 B$ o; s& x arrBadChar = Split(strBadChar, ",")
. H/ k3 H' a+ }+ |: y tempChar = strChar
$ u) _1 @# G6 z$ x2 A For I = 0 To UBound(arrBadChar)
( u& `& I6 I- A1 [+ Q4 `+ R tempChar = Replace(tempChar, arrBadChar(I), "") ‘将特殊字符过滤为空
% D, G- z, L0 x4 P( S f Next8 d0 K. m7 h4 R7 {& \2 s* c0 s
RSQL = tempChar
0 W) e5 q1 ]) {8 [" Z$ P% hEnd Function
6 W8 g3 |6 o& e- }; x |
发表于 2012-9-15 14:40:40
收藏
支持
反对