如何防止用户在文本框中输入易受攻击的字符？ [英] How to prevent a user from entering vulnerable characters in a textbox?

问题描述

您好..

我有一个文本框，我想阻止用户在我提交包含此文本框的表单时输入可能对我的数据库造成伤害的字符..

你可以帮我解决..

谢谢你.. ..

Hello..
I have a textbox and i want to prevent the user from entering characters which may cause harm to my database when i submit my form containing this textbox..
Can you help me plzz..
Thank u.. ..

推荐答案

这是错误的想法。任何超出脚本小子初学者知识的黑客都会知道如何使用脚本提交值。在那里他可以输入任何他想要的东西。您必须保护您的服务器，例如数据库通信的参数化查询。

That's the wrong idea. Any hacker who is beyond the knowledge of a script kiddie beginner will know how to submit the values using a script. And there he can enter anything he wants to do so. You have to secure your server, e.g. Parameterized Queries for the databse communication.

您可以使用正则表达式。您已经提到了Javascript，请查看下面提到的链接以获取更多信息。 />


JavaScript RegExp对象



正则表达



正则表达式使用JavaScript

You can use Regular expression for that.Hence you have mentioned Javascript,please check below mentioned links for more info.

JavaScript RegExp Object

Regular Expressions

Regular Expressions with JavaScript

使用正则表达式验证或使用ajava脚本验证



js val ::

Use Regular Expression validation or use ajava Script validation

js val::

function fncheck()
{
        var pgng = document.getElementById("<%=txtPagingGoto.ClientID%>").value.trim();
        if(pgnd == "")
        {
            alert('The textbox should not be empty...');
            document.getElementById("<%=txtfname.ClientID%>").focus();
            return false;
        }
}

在onclient点击按钮时调用此fncheck

call this fncheck in onclient click of button

这篇关于如何防止用户在文本框中输入易受攻击的字符？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！