{"id":567,"date":"2009-08-06T20:32:00","date_gmt":"2009-08-06T12:32:00","guid":{"rendered":""},"modified":"2013-11-27T20:21:08","modified_gmt":"2013-11-27T12:21:08","slug":"sql-server%e7%89%b9%e6%ae%8a%e5%ad%97%e7%ac%a6%e8%bd%ac%e6%8d%a2","status":"publish","type":"post","link":"https:\/\/kyle.ai\/blog\/567.html","title":{"rendered":"SQL Server\u7279\u6b8a\u5b57\u7b26\u8f6c\u6362"},"content":{"rendered":"

\u6211\u4eec\u90fd\u77e5\u9053SQL\u67e5\u8be2\u8fc7\u7a0b\u4e2d\uff0c\u5355\u5f15\u53f7\u201c\u2018\u201d\u662f\u7279\u6b8a\u5b57\u7b26\uff0c\u6240\u4ee5\u5728\u67e5\u8be2\u7684\u65f6\u5019\u8981\u8f6c\u6362\u6210\u53cc\u5355\u5f15\u53f7\u201c\u201d\u201d\u3002
\n\u4f46\u8fd9\u53ea\u662f\u7279\u6b8a\u5b57\u7b26\u7684\u4e00\u4e2a\uff0c\u5728\u5b9e\u9645\u9879\u76ee\u4e2d\uff0c\u53d1\u73b0\u5bf9\u4e8elike\u64cd\u4f5c\u8fd8\u6709\u4ee5\u4e0b\u7279\u6b8a\u5b57\u7b26\uff1a\u4e0b\u5212\u7ebf\u201c_\u201d\uff0c\u767e\u5206\u53f7\u201c%\u201d\uff0c\u65b9\u62ec\u53f7\u201c[]\u201d\u4ee5\u53ca\u5c16\u53f7\u201c^\u201d\u3002
\n\u5176\u7528\u9014\u5982\u4e0b\uff1a
\n\u4e0b\u5212\u7ebf\uff1a\u7528\u4e8e\u4ee3\u66ff\u4e00\u4e2a\u4efb\u610f\u5b57\u7b26\uff08\u76f8\u5f53\u4e8e\u6b63\u5219\u8868\u8fbe\u5f0f\u4e2d\u7684 ? \uff09
\n\u767e\u5206\u53f7\uff1a\u7528\u4e8e\u4ee3\u66ff\u4efb\u610f\u6570\u76ee\u7684\u4efb\u610f\u5b57\u7b26\uff08\u76f8\u5f53\u4e8e\u6b63\u5219\u8868\u8fbe\u5f0f\u4e2d\u7684 * \uff09
\n\u65b9\u62ec\u53f7\uff1a\u7528\u4e8e\u8f6c\u4e49\uff08\u4e8b\u5b9e\u4e0a\u53ea\u6709\u5de6\u65b9\u62ec\u53f7\u7528\u4e8e\u8f6c\u4e49\uff0c\u53f3\u65b9\u62ec\u53f7\u4f7f\u7528\u6700\u8fd1\u4f18\u5148\u539f\u5219\u5339\u914d\u6700\u8fd1\u7684\u5de6\u65b9\u62ec\u53f7\uff09
\n\u5c16\u53f7\uff1a\u7528\u4e8e\u6392\u9664\u4e00\u4e9b\u5b57\u7b26\u8fdb\u884c\u5339\u914d\uff08\u8fd9\u4e2a\u4e0e\u6b63\u5219\u8868\u8fbe\u5f0f\u4e2d\u7684\u4e00\u6837\uff09
\n\u4ee5\u4e0b\u662f\u4e00\u4e9b\u5339\u914d\u7684\u4e3e\u4f8b\uff0c\u9700\u8981\u8bf4\u660e\u7684\u662f\uff0c\u53ea\u6709like\u64cd\u4f5c\u624d\u6709\u8fd9\u4e9b\u7279\u6b8a\u5b57\u7b26\uff0c=\u64cd\u4f5c\u662f\u6ca1\u6709\u7684\u3002<\/p>\n

a_b\u2026
\na[_]b%
\na%b\u2026
\na[%]b%
\na[b…
\na[[]b%
\na]b\u2026
\na]b%
\na[]b\u2026
\na[[]]b%
\na[^]b\u2026
\na[[][^]]b%
\na[^^]b\u2026
\na[[][^][^]]b%<\/p>\n

\u5bf9\u4e8elike\u64cd\u4f5c\uff0c\u9700\u8981\u8fdb\u884c\u4ee5\u4e0b\u66ff\u6362\uff08\u6ce8\u610f\u987a\u5e8f\u4e5f\u5f88\u91cd\u8981\uff09<\/p>\n

[ -> [[] (\u8fd9\u4e2a\u5fc5\u987b\u662f\u7b2c\u4e00\u4e2a\u66ff\u6362\u7684!!)
\n% -> [%] (\u8fd9\u91cc%\u662f\u6307\u5e0c\u671b\u5339\u914d\u7684\u5b57\u7b26\u672c\u8eab\u5305\u62ec\u7684%\u800c\u4e0d\u662f\u4e13\u95e8\u7528\u4e8e\u5339\u914d\u7684\u901a\u914d\u7b26)
\n_ -> [_]
\n^ -> [^]<\/p>\n

\r\n public static string sqlEncode(string strValue, bool isLikeStatement)\r\n    {\r\n        string rtStr = strValue;\r\n        if (isLikeStatement)\r\n        {\r\n            rtStr = strValue.Replace("[", "[[]"); \/\/\u6b64\u53e5\u4e00\u5b9a\u8981\u5728\u6700\u524d\r\n            rtStr = rtStr.Replace("_", "[_]");\r\n            rtStr = rtStr.Replace("%", "[%]");\r\n            rtStr = rtStr.Replace(@"\\", "\\\\\\\\");\r\n        }\r\n        rtStr = rtStr.Replace("'", "''");\r\n        return rtStr;\r\n    }\r\n<\/pre>\n
\u4f8b\uff1a<\/p>\n
\r\nstring text = Request.Form["FCKeditor1"].ToString().Trim();\r\ntext = sqlEncode(text, true);\r\n<\/pre>\n
\u8f93\u51fa\u65f6\u66ff\u6362\u6240\u6709HTML\u6807\u8bb0\uff1a<\/p>\n
\r\n      public static string NoHTML(string Htmlstring)  \/\/\u66ff\u6362HTML\u6807\u8bb0\r\n      {\r\n          \/\/\u5220\u9664\u811a\u672c\r\n          Htmlstring = Regex.Replace(Htmlstring, @"<script[^>]*?>.*?<\/script>", "", RegexOptions.IgnoreCase);\r\n          \/\/\u5220\u9664HTML\r\n          Htmlstring = Regex.Replace(Htmlstring, @"<(.[^>]*)>", "", RegexOptions.IgnoreCase);\r\n          Htmlstring = Regex.Replace(Htmlstring, @"([\\r\\n])[\\s]+", "", RegexOptions.IgnoreCase);\r\n          Htmlstring = Regex.Replace(Htmlstring, @"-->", "", RegexOptions.IgnoreCase);\r\n          Htmlstring = Regex.Replace(Htmlstring, @"<!--.*", "", RegexOptions.IgnoreCase);\r\n          Htmlstring = Regex.Replace(Htmlstring, @"&(quot|#34);", "\\"", RegexOptions.IgnoreCase);\r\n          Htmlstring = Regex.Replace(Htmlstring, @"&(amp|#38);", "&", RegexOptions.IgnoreCase);\r\n          Htmlstring = Regex.Replace(Htmlstring, @"&(lt|#60);", "<", RegexOptions.IgnoreCase);\r\n          Htmlstring = Regex.Replace(Htmlstring, @"&(gt|#62);", ">", RegexOptions.IgnoreCase);\r\n          Htmlstring = Regex.Replace(Htmlstring, @"&(nbsp|#160);", " ", RegexOptions.IgnoreCase);\r\n          Htmlstring = Regex.Replace(Htmlstring, @"&(iexcl|#161);", "\\xa1", RegexOptions.IgnoreCase);\r\n          Htmlstring = Regex.Replace(Htmlstring, @"&(cent|#162);", "\\xa2", RegexOptions.IgnoreCase);\r\n          Htmlstring = Regex.Replace(Htmlstring, @"&(pound|#163);", "\\xa3", RegexOptions.IgnoreCase);\r\n          Htmlstring = Regex.Replace(Htmlstring, @"&(copy|#169);", "\\xa9", RegexOptions.IgnoreCase);\r\n          Htmlstring = Regex.Replace(Htmlstring, @"&#(\\d+);", "", RegexOptions.IgnoreCase);\r\n          Htmlstring = Regex.Replace(Htmlstring, @"<img[^>]*>;", "", RegexOptions.IgnoreCase);\r\n          Htmlstring.Replace("<", "");\r\n          Htmlstring.Replace(">", "");\r\n          Htmlstring.Replace("\\r\\n", "");\r\n          Htmlstring = HttpContext.Current.Server.HtmlEncode(Htmlstring).Trim();\r\n          return Htmlstring;\r\n      }\r\n<\/pre>\n","protected":false},"excerpt":{"rendered":"
\u6211\u4eec\u90fd\u77e5\u9053SQL\u67e5\u8be2\u8fc7\u7a0b\u4e2d\uff0c\u5355\u5f15\u53f7\u201c\u2018\u201d\u662f\u7279\u6b8a\u5b57\u7b26\uff0c\u6240\u4ee5\u5728\u67e5\u8be2\u7684\u65f6\u5019\u8981\u8f6c\u6362\u6210\u53cc\u5355\u5f15\u53f7\u201c\u201d\u201d\u3002 \u4f46\u8fd9\u53ea\u662f\u7279\u6b8a\u5b57\u7b26 […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[],"class_list":["post-567","post","type-post","status-publish","format-standard","hentry","category-code_related"],"_links":{"self":[{"href":"https:\/\/kyle.ai\/blog\/wp-json\/wp\/v2\/posts\/567","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/kyle.ai\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/kyle.ai\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/kyle.ai\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/kyle.ai\/blog\/wp-json\/wp\/v2\/comments?post=567"}],"version-history":[{"count":1,"href":"https:\/\/kyle.ai\/blog\/wp-json\/wp\/v2\/posts\/567\/revisions"}],"predecessor-version":[{"id":5268,"href":"https:\/\/kyle.ai\/blog\/wp-json\/wp\/v2\/posts\/567\/revisions\/5268"}],"wp:attachment":[{"href":"https:\/\/kyle.ai\/blog\/wp-json\/wp\/v2\/media?parent=567"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/kyle.ai\/blog\/wp-json\/wp\/v2\/categories?post=567"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/kyle.ai\/blog\/wp-json\/wp\/v2\/tags?post=567"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}