private void SimpleSqlInjectMethod(MYSQLInit init, string sqlValue, string[] keys) { #region 遍历表单值 排除report 跟订单状态 foreach (string name in keys) { if ("report" == name || "订单状态" == name || "__RequestVerificationToken" == name) { continue; } if (name.Contains("日期1") && Request.Form[name].IsNotEmpty()) { var value = sqlValue.GetFieldSqlByName(name.Substring(0, name.Length - 1)); init.And(value + ">", Request.Form[name]); continue; } if (name.Contains("日期2") && Request.Form[name].IsNotEmpty()) { DateTime endTime = DateTime.Parse(Request.Form[name]).AddDays(1); var dateStr = endTime.ToString("yyyy-MM-dd"); var value = sqlValue.GetFieldSqlByName(name.Substring(0, name.Length - 1)); init.And(value + "<", dateStr); continue; } if (Request.Form[name].IsNotEmpty()) { var value = sqlValue.GetFieldSqlByName(name); init.And(value + " like ", "%" + Request.Form[name] + "%"); } } #endregion #region 遍历订单状态 if (Request.Form["订单状态"].IsNotEmpty()) // keys.toStringMergeChar(',').Contains("订单状态") { var listValue = Request.Form["订单状态"].toStringArray(); var value = sqlValue.GetFieldSqlByName("订单状态"); int beginIndex = 500; init.Builder.AppendFormat(" and {0} in (", value); foreach (var item in listValue) { var indexStr = (beginIndex++).ToString(); init.Builder.Append("?Para" + indexStr + ","); init.ParaList.Add(new MySqlParameter("?Para" + indexStr, item)); } init.Builder.Length = init.Builder.Length - 1; // trim end , (去掉最后的 逗号) init.Builder.Append(")"); } #endregion if (sqlValue.IndexOf("where", StringComparison.OrdinalIgnoreCase) < 0) { if (init.Builder.Length > 0) { if (init.Builder.ToString().IndexOf("and", StringComparison.OrdinalIgnoreCase) > -1) { //trimStart and init.Builder.Remove(init.Builder.ToString().IndexOf("and", StringComparison.OrdinalIgnoreCase), 3).Insert(0, " where "); } } } }
/// <summary> /// 解决注入 sql 攻击 高级搜索文本输入 /// <autor>郑万庚</autor> /// </summary> /// <param name="sqlValue"></param> /// <param name="dic"></param> /// <param name="init"></param> private void SqlInjectMethod(string sqlValue, Dictionary <string, FormValue> dic, MYSQLInit init) { FormValue formValue = null; string[] intStr = { "System.Single", "System.Double", "System.SByte", "System.Int32", "System.Int64", "System.UInt64", "System.Int16", "System.Int", "System.Decimal", "System.Single", "System.Double" }; string stringStr = "System.String"; string dateStr = "System.DateTime"; foreach (KeyValuePair <string, FormValue> item in dic) { var sqlField = ""; formValue = item.Value; string key = item.Key; #region 时间 if (key.Contains(dateStr)) { sqlField = formValue.DateExit ? sqlValue.GetFieldSqlByName(formValue.name) : (formValue.SecondData ? sqlValue.GetFieldSqlByName(formValue.name) : formValue.name); if (formValue.DateExit && formValue.SecondData) { init.And(sqlField + " >", formValue.value); init.And(sqlField + " <", formValue.maxDataTime); } else { if (formValue.DateExit) { init.And(sqlField + " >", formValue.value); } else if (formValue.SecondData) { init.And(sqlField + " <", formValue.maxDataTime); } } continue; } #endregion #region 字符串 if (key.Contains(stringStr)) { sqlField = formValue.DateExit ? sqlValue.GetFieldSqlByName(formValue.name) : formValue.name; if (formValue.DateExit) { init.And(sqlField + " like", "%" + formValue.value + "%"); } continue; } #endregion #region 数字 if (intStr.InArray(key)) { sqlField = formValue.DateExit ? sqlValue.GetFieldSqlByName(formValue.name) : formValue.name; if (formValue.DateExit) { if (formValue.operatorstr.IsNotEmpty()) { init.And(sqlField + formValue.operatorstr, formValue.value); } else { init.And(sqlField + " like", "%" + formValue.value + "%"); } } continue; } #endregion } if (sqlValue.IndexOf("where", StringComparison.OrdinalIgnoreCase) < 0) { if (init.Builder.Length > 0) { if (init.Builder.ToString().IndexOf("and", StringComparison.OrdinalIgnoreCase) > -1) { //trimStart and init.Builder.Remove(init.Builder.ToString().IndexOf("and", StringComparison.OrdinalIgnoreCase), 3).Insert(0, " where "); } } } }