Return to Snippet

Revision: 5143
at February 14, 2008 00:34 by jags_sonawane


Initial Code
public bool InvalidChars(string sInput)
 {
     bool functionReturnValue = false;
    
     //Declare variables
    
     object sBadChars;
     object iCounter;
    
     //Set functionReturnValue to False
    
     functionReturnValue = false;
    
     //Create an array of invalid characters and words
    
     sBadChars = array("select", "drop", ";", "--", "insert", "delete", "xp_", "#", "%", 

"&",
     "'", "(", ")", "/", "\\", ":", ";", "<", ">", "=",
     "[", "]", "?", "`", "|");
    
     //Loop through array sBadChars using our counter & UBound function
    
     for (iCounter = 0; iCounter <= Information.uBound(sBadChars); iCounter++) {
        
         //Use Function Instr to check presence of illegal character in our variable
        
         if (Strings.Instr(sInput, sBadChars(iCounter)) > 0) {
            
             functionReturnValue = true;
            
         }
        
     }
     return functionReturnValue;
    
 }

Initial URL

                                

Initial Description

                                

Initial Title
String Validation for Sqlinjection

Initial Tags
sql

Initial Language
C#