28,390
社区成员
发帖
与我相关
我的任务
分享
' ============================================
' 函数功能:得到安全字符串(在查询中或有必要强行替换的表单中使用)
' 参数说明:
' str :被处理的字符串
' ============================================
Function GetSafeStr(Str)
GetSafeStr = Replace(Replace(Replace(Trim(Str), "'", ""), Chr(34), ""), ";", "")
End Function
' ============================================
' 函数功能:判断是否安全字符串,在注册登录等特殊字段中使用
' 参数说明:
' str :被处理的字符串
' ============================================
Function IsSafeStr(Str)
Dim s_BadStr, n, i
s_BadStr = "' &<>?%,;:()`~!@#$^*{}[]|+-=" & Chr(34) & Chr(9) & Chr(32)
n = Len(s_BadStr)
IsSafeStr = True
For i = 1 To n
If InStr(Str, Mid(s_BadStr, i, 1)) > 0 Then
IsSafeStr = False
Exit Function
End If
Next
End Function
set cm.CommandText = "Update school set school_name = ? where id = ?"
cm.CommandType = adCmdText
cm.Prepared =true
cm.Parameters.append cm.CreateParameter("name",adChar,adParamInput,50)
cm.Parameters.append cm.CreateParameter("school_id, adInteger, adParamInput)
cm("name")="Golden Lion"
cm("id") = 1
cm.execute