.NET防SQL注入方法

---

1，利用SqlCommand传参数的方法：

string strSQL="SELECT * FROM [user] WHERE user_id=@id";

SqlCommand cmd = new SqlCommand();

cmd.CommandText = strSQL;

cmd.Parameters.Add("@id",SqlDbType.VarChar,20).Value=Request["id"].ToString();

2，过滤禁止运行法：

/// <summary>

/// 过滤SQL语句,防止注入

/// </summary>

/// <param name="strSql"></param>

/// <returns>0 - 没有注入, 1 - 有注入 </returns>

public int filterSql(string sSql)

{

int srcLen, decLen = 0;

sSql = sSql.ToLower().Trim();

srcLen = sSql.Length;

sSql = sSql.Replace("exec", "");

sSql = sSql.Replace("delete", "");

sSql = sSql.Replace("master", "");

sSql = sSql.Replace("truncate", "");

sSql = sSql.Replace("declare", "");

sSql = sSql.Replace("create", "");

sSql = sSql.Replace("xp_", "no");

decLen = sSql.Length;

if (srcLen == decLen) return 0; else return 1;        

}

//sql过滤关键字   public static bool CheckKeyWord(string sWord)    {       //过滤关键字        string StrKeyWord = @"select|insert|delete|from|count\(|drop table|update|truncate|asc\(|mid\(|char\(|xp_cmdshell|exec master|netlocalgroup administrators|:|net user|""|or|and";     //过滤关键字符     string StrRegex = @"[-|;|,|/|\(|\)|\[|\]|}|{|%|\@|*|!|']";        if (Regex.IsMatch(sWord, StrKeyWord, RegexOptions.IgnoreCase) || Regex.IsMatch(sWord, StrRegex))            return true;        return false;    }

3，存储过程

---

js版的防范SQL注入式攻击代码：

<script language="javascript">

<!--

var url = location.search;

var re=/^\?(.*)(select%20|insert%20|delete%20from%20|count\(|drop%20table|update%20truncate%20|asc\(|mid\(|char\(|xp_cmdshell|exec%20master|net%20localgroup%20administrators|\"|:|net%20user|\|%20or%20)(.*)$/gi;

var e = re.test(url);

if(e) {

alert("地址中含有非法字符～");

location.href="error.asp";

}

//-->

<script>