欢迎来到Doc100.Net免费学习资源知识分享平台!
您的位置:首页 > 程序异常 >

sql过滤单引号遇到个小疑点

更新时间: 2014-01-05 01:52:25 责任编辑: Author_N1

 

sql过滤单引号遇到个小问题
VBScript code
<!--#include file="conn.asp"-->

<%
Function   SafeRequest(ParaName) 
    Dim   ParaValue 
    ParaValue=replace(ParaValue, "'", "&#39") 
    'ParaValue=replace(ParaValue," " ","&#39")
    SafeRequest=ParaValue 
End   function 
title=trim(request.form("title"))
content=trim(request.form("content"))


tilte=saferequest(title)
content=saferequest(content)

response.write title




response.write "<br/>"
response.write content
response.write "<br/>"
sql="insert into pro(title,content)values('"&title&"','"&content&"')"
response.write sql
response.end
conn.execute sql,adExecuteNoRecords
response.write"<script language=javascript>alert('ok!');window.location.href='index.asp';</script>"
%>


--参考方法--
VBScript code

Function   SafeRequest([color=#FF0000]ParaName[/color]) 
    Dim   ParaValue 
    ParaValue=replace([color=#FF0000]ParaValue[/color], "'", "&#39") 
    'ParaValue=replace(ParaValue," " ","&#39")
    SafeRequest=ParaValue 
End   function

--参考方法--
Function SafeRequest(ParaName) 
Dim ParaValue 
ParaValue=replace(ParaValue, "'", "&#39") 
'ParaValue=replace(ParaValue," " ","&#39")
SafeRequest=ParaValue 
End function 
上一篇:上一篇
下一篇:下一篇

 

随机推荐程序问答结果

 

 

如对文章有任何疑问请提交到问题反馈,或者您对内容不满意,请您反馈给我们DOC100.NET论坛发贴求解。
DOC100.NET资源网,机器学习分类整理更新日期::2014-01-05 01:52:25
如需转载,请注明文章出处和来源网址:http://www.doc100.net/bugs/t/2329/
本文WWW.DOC100.NET DOC100.NET版权所有。