I. Verification Method
/// <Summary>
/// SQL Injection Filtering
/// </Summary>
/// <Param name = "intext"> string to be filtered </param>
/// <Returns> If the parameter contains insecure characters, true is returned. </returns>
Public static bool sqlfilter2 (string intext)
{
String word = "and | exec | insert | select | Delete | update | CHR | mid | master | or | truncate | char | declare | join ";
If (intext = NULL)
Return false;
Foreach (string I in Word. Split ('| '))
{
If (intext. tolower (). indexof (I + "")>-1) | (intext. tolower (). indexof ("" + I)>-1 ))
{
Return true;
}
}
Return false;
}
2. Global. asax event
/// <Summary>
/// Trigger an event when data is handed in
/// </Summary>
/// <Param name = "sender"> </param>
/// <Param name = "E"> </param>
Protected void application_beginrequest (Object sender, eventargs E)
{
// Traverse the post parameter, except for hidden fields
Foreach (string I in this. Request. Form)
{
If (I = "_ viewstate") continue;
This. goerr (this. Request. Form . Tostring ());
}
// Traverse get parameters.
Foreach (string I in this. Request. querystring)
{
This. goerr (this. Request. querystring [I]. tostring ());
}
}
3. A method in global
/// <Summary>
/// Check whether the parameter contains SQL characters
/// </Summary>
/// <Param name = "TM"> </param>
Private void goerr (string TM)
{
If (wlcw. Extend. cvalidity. sqlfilter2 (TM ))
This. response. Redirect ("/error.html ");
}
[/I]
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
