·ÀSQLÊý×Ö×¢È뺯Êý

·ÀSQLÊý×Ö×¢È뺯Êý
http://blog.csdn.net/cncco/archive/2007/10/03/1810540.aspx
·ÀSQL×¢È뺯Êý
³ÌÐò´úÂ룺
º¯Êý²¿·Ö========================================================================
'------------------------------------------------
'ÓÃ;:¼ì²éÊÇ·ñΪÊý×Ö,ÒÔ¼°Êý×ÖÊÇ·ñ³¬³ö·¶Î§
'ÊäÈë:¼ì²é×Ö·û,´«Öµ·½Ê½(0Ö±½Ó´«,1È¡Form,2È¡QueryString,3È¡cookies,4Ö±½ÓReqeust),¿ªÊ¼Êý×Ö(ĬÈÏÊý×Ö),½áÊøÊý×Ö(Ϊ-1Ôò²»¼ì²é´óС)
Function CheckNum(str_str,int_quest,int_startnum,int_endnum)
mystr=Trim(str_str)
Select Case int_quest
Case 1
istr=Request.Form(mystr)
Case 2
istr=Request.QueryString(mystr)
Case 3
istr=Request.Cookies(mystr)
Case 4
istr=Request(mystr)
Case Else
istr=mystr
End Select
istr=Left(istr,32)
If IsNumeric(istr) Then
iNum=CDbl(istr)
Else
iNum=int_startnum
End If
If int_endnum>-1Then
If iNum If iNum>int_endnum Then iNum=int_endnum
End If
CheckNum=iNum
End Function
'------------------------------------------------
'ÓÃ;:¼ì²é¹ýÂË×Ö·û´®
'ÊäÈë:×Ö·û´®,´«Öµ·½Ê½(0Ö±½Ó´«,1È¡Form,2È¡QueryString,3È¡cookies,4Ö±½ÓReqeust),¼ì²é·½Ê½(1²»¹ýÂËhtml,2´¿html,3±êÌâ¹ýÂË,4ÆäËûhtml¹ýÂË,),×Ö·û¶Î½ØÈ¡³¤¶È
Function CheckStr(str_str,int_quest,int_type,int_strlen)
mystr=str_str
Select Case int_quest
Case 1
istr=Request.Form(mystr)
Case 2
istr=Request.QueryString(mystr)
Case 3
istr=Request.Cookies(mystr)
Case 4
istr=Request(mystr)
Case Else
istr=mystr
End Select
istr=""&Trim(istr)
istr=Replace(istr,"'","''")
Select Case int_type
Case 1
istr=Replace(istr,CHR(32)," ")
istr=Replace(istr,CHR(9)," ")
istr=Replace(istr,CHR(10) & CHR(10),"
")
istr=Replace(istr,CHR(10),"
")
istr=Replace(istr,CHR(13),"")
Case 2
istr=istr
Case 3
istr=Replace(istr,CHR(32)," ")
istr=Replace(istr,CHR(9)," ")
istr=Replace(istr,CHR(13), "")
istr=Replace(istr,"<","<")
istr=Replace(istr,">",">")
istr=Replace(istr,CHR(34),""")
istr=Replace(istr," "," ")
istr=Replace(istr,CHR(39), "'")
Case Else
istr=Replace(istr,CHR(32)," ")
istr=Replace(is