时间:2022-12-06 01:24
防止sql危险字符注入的方法:
将危险字符替换掉,代码示例如下:
public class Checkstr {
public String dostring(String str){
str=str.replaceAll(";","");
str=str.replaceAll("&","&");
str=str.replaceAll("<","<");
str=str.replaceAll(">",">");
str=str.replaceAll("'","");
str=str.replaceAll("--","");
str=str.replaceAll("/","");
str=str.replaceAll("%","");
return str;
}
}
