public Function RSQL(strChar)
U% _; w2 J+ P; V+ H If strChar = "" or IsNull(strChar) Then RSQL = "":Exit Function
7 B: C8 ]0 \/ e5 ^, h7 t Dim strBadChar, arrBadChar, tempChar, I i+ E% n7 r. p8 H, q% ^
strBadChar = "$,#,',%,^,&,?,(,),<,>,[,],{,},/,\,;,:," & Chr(34) & "," & Chr(0) & ""’注意这里过滤的是特殊字符 ‘Chr(34)对应的ASCII码是双引号。Chr(0)其实就是我们上传改包把空格(20)改成的00& a2 ^/ H( c# Y/ ?7 m) u7 R
arrBadChar = Split(strBadChar, ",")
- ~7 Q1 J8 z9 M# G tempChar = strChar2 O& L- K1 e9 e, V# U
For I = 0 To UBound(arrBadChar)
- V8 o s, R6 ] n( D6 N, u T tempChar = Replace(tempChar, arrBadChar(I), "") ‘将特殊字符过滤为空
- r- P# ~% s2 H$ J6 \- L6 M Next
0 a8 k, K1 [$ J2 [5 } RSQL = tempChar/ J) p8 I" u( Q# D3 O& V# W0 x
End Function
( F8 j+ ?' b% N: P# B3 z; r% b+ H6 R |
发表于 2012-9-15 14:40:40
收藏
支持
反对