/** * 验证有无敏感字符 * @author heshuang * @date 20191224 */ public boolean checkParams(String param) { String reg = "(?:')|(?:--)|(/\\*(?:.|[\\n\\r])*?\\*/)|" + "(\\b(select|update|and|or|delete|insert|trancate|char|into|substr|ascii|declare|exec|count|master|into|drop|execute)\\b)"; Pattern sqlPattern = Pattern.compile(reg, Pattern.CASE_INSENSITIVE); //String cFlag = "Y"; if (sqlPattern.matcher(param).find()) { //cFlag = "N"; return false; } return true; }
过滤器敏感字符
最新推荐文章于 2024-09-30 23:36:44 发布