Asp.net anti-SQL injection methods and instance code applications
Asp tutorial. net anti-SQL injection methods and instance Code Application
Clear Request Method injection Problems
Static string [] get_ SQL _a ()
{
String SQL _1 = "exec | insert + | select + | delete | update | count | master + | truncate | char | declare | drop + table | creat + table ";
String [] SQL _c = SQL _1.Split (char. Parse ("| "));
Return SQL _c;
}
Static string [] get_ SQL _ B ()
{
String SQL _2 = "exec + | insert + | delete + | update + | count (| count + | chr + | + mid (|+ | + master + | truncate + | char + | + char (| declare + | drop + | creat + | drop + table | creat + table ";
String [] SQL _c = SQL _2.Split (char. Parse ("| "));
Return SQL _c;
}
/// <Summary>
/// Automatically clear SQL Injection problems and Display error messages. Add the Application_BeginRequest (Obect sender, EventArgs e) event to the global variable. Call this method. 1 2 3 4