Copy codeThe Code is as follows: '*************************************** ***********
'Function name: R
'Usage: Filter invalid SQL characters
'Parameter: strChar ----- the character to be filtered
'Return value: filtered characters
'*************************************** ***********
Public Function R (strChar)
If strChar = "" Or IsNull (strChar) Then R = "": Exit Function
Dim strBadChar, arrBadChar, tempChar, I
'Strbadchar = "$, #, ', %, ^ ,&,?, (,), <,>, [,], {,},/, \,;,:, "& Chr (34) &", "& Chr (0) &""
StrBadChar = "+, ', --, %, ^ ,&,?, (,), <,>, [,], {,},/, \,;,:, "& Chr (34) &", "& Chr (0) &""
ArrBadChar = Split (strBadChar ,",")
TempChar = strChar
For I = 0 To UBound (arrBadChar)
TempChar = Replace (tempChar, arrBadChar (I ),"")
Next
TempChar = Replace (tempChar ,"@@","@")
R = tempChar
End Function
'Filter xss
Function CheckXSS (ByVal strCode)
Dim Re
Set re = new RegExp
Re. IgnoreCase = True
Re. Global = True
Re. Pattern = "<. [^>] * (style).>"
StrCode = re. Replace (strCode ,"")
Re. pattern = "<(. [^>] * | \/a | li | br | B | \/li | \/B | font. [^>] * | \/font)>"
StrCode = re. Replace (strCode, "[$1]")
StrCode = Replace (strCode, "<", "<"), ">", "> ")
Re. pattern = "\ [(. [^ \] * | \/a | li | br | B | \/li | \/B | font. [^ \] * | \/font) \]"
StrCode = re. Replace (strCode, "<$1> ")
Re. pattern = "<. [^>] * (on (load | click | dbclick | mouseover | mouseout | mousedown | mouseup | mousewheel | keydown | submit | change | focus).>"
StrCode = re. Replace (strCode ,"")
Set Re = Nothing
CheckXSS = strCode
End Function
Function FilterIDs (byval strIDs)
Dim arrIDs, I, strReturn
StrIDs = Trim (strIDs)
If Len (strIDs) = 0 Then Exit Function
ArrIDs = Split (strIDs ,",")
For I = 0 To Ubound (arrIds)
If ChkClng (Trim (arrIDs (I) <> 0 Then
StrReturn = strReturn & "," & Int (arrIDs (I ))
End If
Next
If Left (strReturn, 1) = "," Then strReturn = Right (strReturn, Len (strReturn)-1)
FilterIDs = strReturn
End Function
