有时我们会把一些sql的在前台动态生成,,这是我们首先要做的是验证他是不是合法,如果sql 语句结尾为and 或or 我们也要进行删除处理,不然会报错。
1.前台js 判断是否满足左右括号对称
function checkBracket(algorithms) {var bracket = [];var algorithms = algorithms || '';for (var i = 0; i < algorithms.length; i++) {if (algorithms.charAt(i) == "(") {bracket.push('(');}if (algorithms.charAt(i) == ")") {if (bracket.length) {bracket.pop();} else {alert('条件括号不配对,缺少左括号!')return false;}}}if (bracket.length) {alert('条件括号不配对,缺少右括号!')return false;}return true;}2.判断是否满足sql语句语法
public string GetBool(string exp){string flag = "true";try{if (exp.EndsWith("and ") || exp.EndsWith("or ")){exp = exp.Contains("and ") ? exp.Substring(0, exp.Length – 4) : exp.Substring(0, exp.Length – 3);}exp = exp.Replace("and", "&&").Replace("or", "||");var type = Type.GetTypeFromProgID("MSScriptControl.ScriptControl");var obj = Activator.CreateInstance(type);type.InvokeMember("Language", System.Reflection.BindingFlags.SetProperty, null, obj, new object[] { "javascript" });var result = type.InvokeMember("Eval", System.Reflection.BindingFlags.InvokeMethod, null, obj, new object[] { exp });}catch (Exception e){flag = "false";}return flag;}
你所缺少的部分,也早已被我用想像的画笔填满。
