From e1a849e9ce29901db9b418cb1f6e9af8e857105f Mon Sep 17 00:00:00 2001
From: wuxw <928255095@qq.com>
Date: 星期六, 13 四月 2019 17:52:31 +0800
Subject: [PATCH] 整理文档

---
 java110-common/src/main/java/com/java110/common/util/CommonUtil.java |   18 ++++++++++++++++++
 1 files changed, 18 insertions(+), 0 deletions(-)

diff --git a/java110-common/src/main/java/com/java110/common/util/CommonUtil.java b/java110-common/src/main/java/com/java110/common/util/CommonUtil.java
index 01506c7..4329513 100644
--- a/java110-common/src/main/java/com/java110/common/util/CommonUtil.java
+++ b/java110-common/src/main/java/com/java110/common/util/CommonUtil.java
@@ -59,4 +59,22 @@
 
         return result;
     }
+
+
+    //鏁堥獙
+    public static boolean sqlValidate(String str) {
+        str = str.toLowerCase();//缁熶竴杞负灏忓啓
+        String badStr = "'|and|exec|execute|insert|select|delete|update|count|drop|*|%|chr|mid|master|truncate|" +
+                "char|declare|sitename|net user|xp_cmdshell|;|or|-|+|,|like'|and|exec|execute|insert|create|drop|" +
+                "table|from|grant|use|group_concat|column_name|" +
+                "information_schema.columns|table_schema|union|where|select|delete|update|order|by|count|*|" +
+                "chr|mid|master|truncate|char|declare|or|;|-|--|+|,|like|//|/|%|#";//杩囨护鎺夌殑sql鍏抽敭瀛楋紝鍙互鎵嬪姩娣诲姞
+        String[] badStrs = badStr.split("\\|");
+        for (int i = 0; i < badStrs.length; i++) {
+            if (str.indexOf(badStrs[i]) >= 0) {
+                return true;
+            }
+        }
+        return false;
+    }
 }

--
Gitblit v1.8.0