不是调用mysql的函数,先直接将字符串筛选一遍,避免字符串中含有导致mysql死掉的非法字符。
public string UrnHtml(string strHtml) {
string[] aryReg ={"'","<",">","%","""",",",".",">=","=<","-","_",";","||","[","]","&","/","-","|","", };
for (int i = 0; i < aryReg.Length; i++) {
strHtml = strHtml.Replace(aryReg[i], string.Empty);
}
return strHtml;
}