java防止sql注入
发布时间:2020-12-15 03:18:22 所属栏目:Java 来源:网络整理
导读:今天PHP站长网 52php.cn把收集自互联网的代码分享给大家,仅供参考。 public final static String filterSQLInjection(String s) { if (s == null || "".equals(s)) { return ""; } try { s = s.trim().replaceAll("/?[s,
|
以下代码由PHP站长网 52php.cn收集自互联网 现在PHP站长网小编把它分享给大家,仅供参考 public final static String filterSQLInjection(String s) {
if (s == null || "".equals(s)) {
return "";
}
try {
s = s.trim().replaceAll("</?[s,S][c,C][r,R][i,I][p,P][t,T]>?","");//script
s = s.trim().replaceAll("[a,A][l,L][e,E][r,R][t,T](","").replace(""","");// alert
s = s.trim().replace(".swf","").replaceAll(".htc","");
s = s.trim().replace(".phpb","").replaceAll(".aspb","");
s = s.trim().replace("document.","").replaceAll("[e,E][v,V][a,L](","");
s = s.trim().replaceAll("'","").replaceAll(">","");
s = s.trim().replaceAll("<","").replaceAll("=","");
s = s.trim().replaceAll(" [o,O][r,R]","");
s = s.trim().replaceAll("etc/","").replaceAll("cat ","");
s = s.trim().replaceAll("/passwd ","");
s = s.trim().replaceAll("sleep(","").replaceAll("limit ","").replaceAll("LIMIT ","");
s = s.trim().replaceAll("[d,D][e,E][l,E][t,T][e,E] ","");// delete
s = s.trim().replaceAll("[s,S][e,E][c,C][t,T] ","");// select;
s = s.trim().replaceAll("[u,U][p,P][d,D][a,A][t,"");// update
s = s.trim().replaceAll("[d,L][a,A][y,Y] ","").replaceAll("waitfor ","");
s = s.trim().replaceAll("print(","").replaceAll("md5(","");
s = s.trim().replaceAll("cookie(","").replaceAll("send(","");
s = s.trim().replaceAll("response.","").replaceAll("write(","")
.replaceAll("&","");
} catch (Exception e) {
e.printStackTrace();
return "";
}
return s;
}
以上内容由PHP站长网【52php.cn】收集整理供大家参考研究 如果以上内容对您有帮助,欢迎收藏、点赞、推荐、分享。 (编辑:李大同) 【声明】本站内容均来自网络,其相关言论仅代表作者个人观点,不代表本站立场。若无意侵犯到您的权利,请及时与联系站长删除相关内容! |