中国网络渗透测试联盟
标题:
对特殊字符的过滤代码
[打印本页]
作者:
admin
时间:
2012-9-15 14:40
标题:
对特殊字符的过滤代码
public Function RSQL(strChar)
+ N% i3 X6 \; @, ]
If strChar = "" or IsNull(strChar) Then RSQL = "":Exit Function
$ D7 m: q( a$ S3 E$ I! w9 Y3 |& x
Dim strBadChar, arrBadChar, tempChar, I
3 Q1 ]( D9 B8 ]5 ~% }$ B0 N3 t
strBadChar = "$,#,',%,^,&,?,(,),<,>,[,],{,},/,\,;,:," & Chr(34) & "," & Chr(0) & ""’注意这里过滤的是特殊字符 ‘Chr(34)对应的ASCII码是双引号。Chr(0)其实就是我们上传改包把空格(20)改成的00
8 q2 o2 |2 M2 L* Z; z! b, N
arrBadChar = Split(strBadChar, ",")
! M' L- n: b( U% @ b! l
tempChar = strChar
o% I! Y0 n/ N
For I = 0 To UBound(arrBadChar)
5 j1 a+ O4 B/ L: a2 F9 g @
tempChar = Replace(tempChar, arrBadChar(I), "") ‘将特殊字符过滤为空
% u! J5 n* W$ ~) ~& U% |' s: {- V
Next
5 L# J# s3 o l- M$ h) _: W) B; H
RSQL = tempChar
. J, D5 ]/ Q: B& i
End Function
( H$ P6 K* c0 M/ r! s$ [/ V1 P' V! g8 b
欢迎光临 中国网络渗透测试联盟 (https://www.cobjon.com/)
Powered by Discuz! X3.2