这个方法很实用,和我以前用的方法思路是一样,但这个更完整,故贴出来和大家分享!
/**/
/// <summary>
/// 过滤sql中非法字符
/// </summary>
/// <param name="value">要过滤的字符串 </param>
/// <returns>string </returns>
public
static
string
Filter(
string
value)
![](https://i-blog.csdnimg.cn/blog_migrate/a41954a27d6ad96fa2c2cf816e677448.gif)
...
{
if (string.IsNullOrEmpty(value)) return string.Empty;
value = Regex.Replace(value, @";", string.Empty);
value = Regex.Replace(value, @"'", string.Empty);
value = Regex.Replace(value, @"&", string.Empty);
value = Regex.Replace(value, @"%20", string.Empty);
value = Regex.Replace(value, @"--", string.Empty);
value = Regex.Replace(value, @"==", string.Empty);
value = Regex.Replace(value, @" <", string.Empty);
value = Regex.Replace(value, @">", string.Empty);
value = Regex.Replace(value, @"%", string.Empty);
![](https://i-blog.csdnimg.cn/blog_migrate/6a9c071a08f1dae2d3e1c512000eef41.gif)
return value;
}