FlockRecommendation
/// <Summary> /// Parameter verification prevents SQL injection attacks 1 /// Call: object [] ARGs = new object [6] {realname, address, areacode, contacttel, email, proviceid }; /// If (! Basecheck. checkparams (ARGs )) ///{ /// Common. showdsmsg ("the content you entered cannot pass "); /// Return; ///} /// </Summary> /// <Param name = "ARGs"> </param> /// <Returns> </returns> Public Static Bool Checkparams ( Params Object [] ARGs ){ String [] Lawlesses = { "=" , "'" }; If (Lawlesses = Null | Lawlesses. Length <= 0) Return True ; // Construct a regular expression, // For example, the regular expression is. * [= | ']. * (because it is intended to be a common and easy-to-Modify function, there is an additional step from the character array to the regular expression. In actual use, you can directly write the regular expression; String Str_regex = ".*[" ;For ( Int I = 0; I <lawlesses. Length-1; I ++) str_regex + = lawlesses [I] + "|" ; Str_regex + = lawlesses [lawlesses. Length-1] + "]. *" ; Foreach ( Object ARG In ARGs ){ If (ARG Is String ) // If it is a string, directly check { If (RegEx. Matches (Arg. tostring (), str_regex). Count> 0)Return False ;} Else If (ARG Is Icollection) // If it is a set, check whether the element in the set is a string. { Foreach ( Object OBJ In (Icollection) Arg ){ If (OBJ Is String ){ If (RegEx. Matches (obj. tostring (), str_regex). Count> 0) Return False ;}}}} Return True ;}