public Function RSQL(strChar)% ]! }2 {; a( `+ q3 ]. m5 S/ x, |; i
If strChar = "" or IsNull(strChar) Then RSQL = "":Exit Function
! ?4 g: Y; r0 F- N4 W Dim strBadChar, arrBadChar, tempChar, I+ C$ o* k& q/ x+ ^, _
strBadChar = "$,#,',%,^,&,?,(,),<,>,[,],{,},/,\,;,:," & Chr(34) & "," & Chr(0) & ""’注意这里过滤的是特殊字符 ‘Chr(34)对应的ASCII码是双引号。Chr(0)其实就是我们上传改包把空格(20)改成的00" r& T% J+ U H* w
arrBadChar = Split(strBadChar, ",")% y! ?0 G9 v* L5 m( V; R9 p
tempChar = strChar$ s2 K- d7 y3 s& @3 s& S% M4 B
For I = 0 To UBound(arrBadChar). j7 V- N. C* y `; \# n
tempChar = Replace(tempChar, arrBadChar(I), "") ‘将特殊字符过滤为空
+ E) L; O0 { ?: i Next( i8 D) Q4 o5 t/ Z. W$ J& u
RSQL = tempChar
$ n/ e- \6 c8 r, a% d2 E" \End Function7 e5 A: I9 Q5 h7 ~& z! [; H, o( f" F; p
|
发表于 2012-9-15 14:40:40
收藏
支持
反对