public Function RSQL(strChar)
+ ^& }2 n/ g0 `4 J If strChar = "" or IsNull(strChar) Then RSQL = "":Exit Function4 P& G% @1 x3 A
Dim strBadChar, arrBadChar, tempChar, I5 V% R/ F$ }8 V* o8 w
strBadChar = "$,#,',%,^,&,?,(,),<,>,[,],{,},/,\,;,:," & Chr(34) & "," & Chr(0) & ""’注意这里过滤的是特殊字符 ‘Chr(34)对应的ASCII码是双引号。Chr(0)其实就是我们上传改包把空格(20)改成的00
U7 s/ u4 i% _' i' v arrBadChar = Split(strBadChar, ",")
% ~3 |. j9 @ j4 a0 J8 u1 X5 V7 j tempChar = strChar
; A. ?( e9 J/ |5 B For I = 0 To UBound(arrBadChar)
; g, J5 }2 f) b tempChar = Replace(tempChar, arrBadChar(I), "") ‘将特殊字符过滤为空1 i1 g% n7 S7 |8 ]; D" e4 U
Next
0 Z9 H+ n! [8 q- Z; |3 s/ {6 X' ] RSQL = tempChar
0 C2 N# ]6 l' R3 f* T5 cEnd Function
8 K7 ]# T( e- r( @4 N5 Q |
发表于 2012-9-15 14:40:40
收藏
支持
反对