//Excel导入数据库
private DataSet CreateDataSource()
{
string strCon;
strCon = "Provider=Microsoft.Jet.OLEDB.4.0;Data Source=" + Server.MapPath("/net_admin/exportcj/excel.xls") + "; Extended Properties=Excel 8.0;";
OleDbConnection olecon = new OleDbConnection(strCon);
OleDbDataAdapter myda = new OleDbDataAdapter("SELECT * FROM [Sheet1$]", strCon);
DataSet myds = new DataSet();
myda.Fill(myds);
return myds;
}
/// <summary>
/// 字符串过滤
/// </summary>
/// <param name="strvalue">传来参数</param>
/// <returns>过滤后的字符串</returns>
public string FilterStr(string strvalue)
{
string strfilter = ";|%|*|and|exec|insert|select|delete|update|count|chr|mid|master|truncate|char|declare|script";
string[] strfil = strfilter.Split('|');
foreach ( string str in strfil)
{
strvalue = strvalue.Replace(str,"");
}
return strvalue;
}