lStr, "----", "")
HtmlStr = Replace(HtmlStr, "////", "")
HtmlStr = Replace(HtmlStr, "\\\\", "")
HtmlStr = Replace(HtmlStr, "####", "")
HtmlStr = Replace(HtmlStr, "@@@@", "")
HtmlStr = Replace(HtmlStr, "****", "")
HtmlStr = Replace(HtmlStr, "~~~~", "")
Set re = New RegExp
re.IgnoreCase = True
re.Global = True
re.Pattern = "\[br\]"
HtmlStr = re.Replace(HtmlStr, "")
re.Pattern = "\[align=right\](.*)\[\/align\]"
HtmlStr = re.Replace(HtmlStr, "")
re.Pattern = "<(.[^>]*)>"
HtmlStr = re.Replace(HtmlStr, "")
Set re = Nothing
HtmlStr = Replace(HtmlStr, ">", ">")
HtmlStr = Replace(HtmlStr, "<", "<")
l = Len(HtmlStr)
If l >= strLen Then
strContent = Left(HtmlStr, strLen) & "..."
Else
strContent = HtmlStr & " "
End If
strContent = Replace(strContent, Chr(34), """)
strContent = Replace(strContent, Chr(39), "'")
strContent = Replace(strContent, Chr(36), "$")
strContent = Replace(strContent, Chr(123), "{")
strContent = Replace(strContent, Chr(125), "}")
strContent = Replace(strContent, ">", ">")
strContent = Replace(strContent, "<", "<")
CutString = strContent
End Function
''================================================
''函数名:CheckInfuse
''作 用:防止SQL注入
''参 数:str ----原字符串
'' strLen ----提交字符串长度
''================================================
Public Function CheckInfuse(ByVal str, ByVal strLen)
Dim strUnsafe, arrUnsafe
Dim i
If Trim(str) = "" Then
CheckInfuse = ""
Exit Function
End If
str = Left(str, strLen)
On Error Resume Next
strUnsafe = "''|^|;|and|exec|insert|select|delete|update|count|*|%|chr|mid|master|truncate|char|declare"
If Trim(str) <> "" Then
If Len(str) > strLen Then
Response.Write "<Script Language=JavaScript>alert(''安全系统提示↓\n\n您提交的字符数超过了限制!'');history.back(-1)</Script>"
CheckInfuse = ""
Response.End
End If
arrUnsafe = Split(strUnsafe, "|")
For i = 0 To UBound(arrUnsafe)
If InStr(1, str, arrUnsafe(i), 1) > 0 Then
Response.Write "<Script Language=JavaScript>alert(''安全系统提示↓\n\n请不要在参数中包含非法字符!'');history.back(-1)</Script>"
CheckInfuse = ""
Response.End
End If
Next
End If
CheckInfuse = Trim(str)
Exit Function
If Err.Number <> 0 Then
Err.Clear
Response.Write "<Script Language=JavaScript>alert(''安全系统提示↓\n\n请不要在参数中包含非法字符!'