public Function RSQL(strChar)9 \9 i$ _4 Z/ | Y( }2 P: l- H8 n
If strChar = "" or IsNull(strChar) Then RSQL = "":Exit Function
4 k* ?$ }* `. t( J# D# N Dim strBadChar, arrBadChar, tempChar, I2 b }, ?2 }. _( g, d* l
strBadChar = "$,#,',%,^,&,?,(,),<,>,[,],{,},/,\,;,:," & Chr(34) & "," & Chr(0) & ""’注意这里过滤的是特殊字符 ‘Chr(34)对应的ASCII码是双引号。Chr(0)其实就是我们上传改包把空格(20)改成的00; }( n+ P/ |# M* Q. K# F w3 u
arrBadChar = Split(strBadChar, ",")
' [0 k9 P: D! u+ b! ?1 a) _! I- k tempChar = strChar1 f* J9 D. `! Y7 P" ~% o* G+ ]" X) v
For I = 0 To UBound(arrBadChar)
5 e$ t- x f: F/ O2 z tempChar = Replace(tempChar, arrBadChar(I), "") ‘将特殊字符过滤为空2 j' W2 K/ K4 A1 g3 D7 ~
Next
2 I, t: r3 I6 ^/ A7 | RSQL = tempChar8 V9 q j5 V/ w3 j
End Function! C$ W, \7 K+ C$ C8 X! ?
|
发表于 2012-9-15 14:40:40
收藏
支持
反对