Parameter verification prevents SQL injection attacks 1

 FlockRecommendation
 

 /// <Summary>          /// Parameter verification prevents SQL injection attacks 1          /// Call: object [] ARGs = new object [6] {realname, address, areacode, contacttel, email, proviceid };          /// If (! Basecheck. checkparams (ARGs ))          ///{          /// Common. showdsmsg ("the content you entered cannot pass ");          /// Return;          ///}          /// </Summary>          /// <Param name = "ARGs"> </param>          /// <Returns> </returns>          Public   Static  Bool Checkparams ( Params   Object [] ARGs ){ String [] Lawlesses = { "=" , "'" }; If (Lawlesses = Null | Lawlesses. Length <= 0) Return   True ; // Construct a regular expression,              // For example, the regular expression is. * [= | ']. * (because it is intended to be a common and easy-to-Modify function, there is an additional step from the character array to the regular expression. In actual use, you can directly write the regular expression;              String Str_regex = ".*[" ;For ( Int I = 0; I <lawlesses. Length-1; I ++) str_regex + = lawlesses [I] + "|" ; Str_regex + = lawlesses [lawlesses. Length-1] + "]. *" ; Foreach ( Object ARG In ARGs ){ If (ARG Is   String ) // If it is a string, directly check { If (RegEx. Matches (Arg. tostring (), str_regex). Count> 0)Return   False ;} Else   If (ARG Is Icollection) // If it is a set, check whether the element in the set is a string. { Foreach ( Object OBJ In (Icollection) Arg ){ If (OBJ Is   String ){ If (RegEx. Matches (obj. tostring (), str_regex). Count> 0) Return   False ;}}}} Return   True ;}