public Function RSQL(strChar)
' R+ x( y$ P- J6 A If strChar = "" or IsNull(strChar) Then RSQL = "":Exit Function& P+ ^8 G3 \/ `
Dim strBadChar, arrBadChar, tempChar, I' l# z5 m# ?1 n0 R: u
strBadChar = "$,#,',%,^,&,?,(,),<,>,[,],{,},/,\,;,:," & Chr(34) & "," & Chr(0) & ""’注意这里过滤的是特殊字符 ‘Chr(34)对应的ASCII码是双引号。Chr(0)其实就是我们上传改包把空格(20)改成的00' x5 r8 F6 [2 I" s$ g
arrBadChar = Split(strBadChar, ",")1 I' h' L% D) A4 G7 A9 p: B5 d
tempChar = strChar
: p y" s. [- c For I = 0 To UBound(arrBadChar): p% \ T) i2 H/ ^, y) Z/ R) a
tempChar = Replace(tempChar, arrBadChar(I), "") ‘将特殊字符过滤为空
+ I1 ]9 U& \7 w: k0 `5 m7 S Next
, s( t; d" E" `1 l: ?( k RSQL = tempChar
% E, Y- R2 ~( r0 z& UEnd Function- f8 S9 }7 ^ t) k/ A
|
发表于 2012-9-15 14:40:40
收藏
支持
反对