/**
* 验证有无敏感字符
* @author heshuang
* @date 20191224
*/
public boolean checkParams(String param) {
String reg = "(?:')|(?:--)|(/\\*(?:.|[\\n\\r])*?\\*/)|"
+ "(\\b(select|update|and|or|delete|insert|trancate|char|into|substr|ascii|declare|exec|count|master|into|drop|execute)\\b)";
Pattern sqlPattern = Pattern.compile(reg, Pattern.CASE_INSENSITIVE);
//String cFlag = "Y";
if (sqlPattern.matcher(param).find()) {
//cFlag = "N";
return false;
}
return true;
}
过滤敏感字符
最新推荐文章于 2022-07-13 11:42:27 发布