function isSQL(st){ var in_str = "'|and|exec|insert|select|delete|update|count|*|%|chr|mid|master|truncate|char|declare|;|or|-|+|,"; var arrStr = in_str.split('|'); var l = arrStr.length; for(var i = 0; i < l; i++) { if(st.indexOf(arrStr[i]) >= 0) return true; } return false;}
public static bool isSQL(string str) { string in_str = "'|and|exec|insert|select|delete|update|count|*|%|chr|mid|master|truncate|char|declare|;|or|-|+|,"; string[] in_sql = in_str.Split('|'); for (int i = 0; i < in_sql.Length; i++) { if (str.IndexOf(in_sql[i]) >= 0) return true;//存在sql注入 } return false; }
转载于:https://www.cnblogs.com/daixingqing/archive/2012/11/13/2768441.html
相关资源:JAVA上百实例源码以及开源项目