Simple prevention of SQL INJECT, it is said that it is actually not enough, please understand the man's explanation

zhaozj2021-02-16 45

///

//////// query. it will double up single quotes, and return the support /// String Wrapped in single quotes. Eg the string "Steve's a guy" /// Will be returned as "'steve'sa guy'". Binary characters are /// not handled. /// /// Resulting String

Public Static String Quote

String Input)

{

Return string.format ("'{0}'", input

.Replace ("'", "' '"));

}

转载请注明原文地址:https://www.9cbs.com/read-20315.html

9cbs

New Post(0)