Below through two aspects to introduce JS code to prevent SQL injection method, very simple and practical, interested friends under the reference bar!
1.URL address anti-injection:
Filter URL illegal SQL character
var surl=location.search.tolowercase ();
var squery=surl.substring (surl.indexof ("=") +1);
Re=/select|update|delete|truncate|join|union|exec|insert|drop|count| ' | "|;| >|<|%/ i;
if (Re.test (squery))
{
alert ("Do not enter illegal characters");
Location.href=surl.replace (Squery, "");
}
2. Input text box anti-injection:
/Prevent SQL injection
function Antisqlvalid (Ofield)
{
re=/select|update|delete|exec|count| ' | ' | =|;| >|<|%/ i;
if (Re.test (ofield.value))
{
//alert ("Please do not enter special characters and SQL keywords in the parameters!") "); Note Chinese garbled
ofield.value = ";
Ofield.classname= "Errinfo";
Ofield.focus ();
return false;
}
Add the following method in the input text box that requires anti-injection
About the JS code to prevent SQL injection method small series to introduce so many people, I hope to help you!