#region Anti-SQL Injection Attack
/// <summary>
/// 匹配字符串sWord,若含有注入代码,则返回True,否则返回False
/// </summary>
/// <param name="sWord">需要检测的内容</param>
/// <returns>布尔值</returns>
public bool SqlInjectionRegex(string sWord)
{
sWord = sWord.ToLower();
string sPattern = @"(/')|(/;)|(drop)|(delete)|(update)|(insert)|(create)|(declare)|(exec)|(count)|(chr)|(mid)|(master)|(truncate)|(char)|(cast)|(db_name)|(db_owner)|(sysobjects)|(///*)";
bool flag = Regex.IsMatch(sWord, sPattern, RegexOptions.IgnoreCase);
return flag;
}
#endregion
sql Injection
最新推荐文章于 2024-07-13 19:43:54 发布