Public final static String filtersqlinjection (string s) {
if (s = = NULL | | "". Equals (s)) {
Return "";
}
try {
s = S.trim (). ReplaceAll ("</?[ S,s][c,c][r,r][i,i][p,p][t,t]>? "," ");//script
s = S.trim (). ReplaceAll ("[A,a][l,l][e,e][r,r][t,t]\\ (", ""). Replace ("\" "," ");//Alert
s = S.trim (). Replace ("\\.swf", ""). ReplaceAll ("\\.HTC", "" ");
s = S.trim (). Replace ("\\.php\\b", ""). ReplaceAll ("\\.asp\\b", "" ");
s = S.trim (). Replace ("document\\.", "" "). ReplaceAll (" [E,e][v,v][a,a][l,l]\\ ("," ");
s = S.trim (). ReplaceAll ("'", ""). ReplaceAll (">", "");
s = S.trim (). ReplaceAll ("<", ""). ReplaceAll ("=", "");
s = S.trim (). ReplaceAll ("[O,o][r,r]", "");
s = S.trim (). ReplaceAll ("etc/", ""). ReplaceAll ("Cat", "");
s = S.trim (). ReplaceAll ("/passwd", "" ");
s = S.trim (). ReplaceAll ("sleep\\ (", ""). ReplaceAll ("Limit", ""). ReplaceAll ("Limit", "");
s = S.trim (). ReplaceAll ("[D,d][e,e][l,l][e,e][t,t][e,e]", "" ");//delete
s = S.trim (). ReplaceAll ("[S,s][e,e][l,l][e,e][c,c][t,t]", "");//select;
s = S.trim (). ReplaceAll ("[U,u][p,p][d,d][a,a][t,t][e,e]", "" ");//update
s = S.trim (). ReplaceAll ("[D,d][e,e][l,l][a,a][y,y]", "" "). ReplaceAll (" waitfor "," ");
s = S.trim (). ReplaceAll ("print\\ (", ""). ReplaceAll ("md5\\ (", "");
s = S.trim (). ReplaceAll ("cookie\\ (", ""). ReplaceAll ("Send\\ (", "");
s = S.trim (). ReplaceAll ("response\\.", ""). ReplaceAll ("write\\ (", "")
. ReplaceAll ("&", "" ");
} catch (Exception e) {
E.printstacktrace ();
Return "";
}
return s;
}
java prevents SQL injection