如何防御SQL注入攻击网站安全狗来帮忙

写个函数
function htmlencode(fString)
if not isnull(fString) then
fString = replace(fString, ">", ">")
fString = replace(fString, "<", "<")
fString = Replace(fString, CHR(9), " ")
fString = Replace(fString, CHR(34), """)
fString = Replace(fString, CHR(39), "'")
fString = Replace(fString, CHR(10) & CHR(10), "</P>

")
fString = Replace(fString, Chr(13)&Chr(10), "
")
HTMLEncode = fString
end if
end function
调用即可。如：
username=htmlencode(request.form("username"))

声明：你问我答网所有作品（图文、音视频）均由用户自行上传分享，仅供网友学习交流。若您的权利被侵害，请联系fangmu6661024@163.com