預止XSS攻擊的函式....
01 
protected string GetSafeHtml(object o)
02
{
03
if (o != null)
04
{
05 string o2 = (string)o;
06 if (o2.IndexOf(",stringcomparison.invariantcultureignorecase) !="-1)" {="" while="" (true)="" int="" index="o2.IndexOf("<script"," stringcomparison.invariantcultureignorecase);="" if="" (index="=" -1)="" break;="" o2="o2.Replace(o2.Substring(index," 8),="">");
10
}
11 }
12 return o2;
13 }
14 return string.Empty;
15 }}
16
17 private bool DetectInjection(string input)
18 {
19 if (input.IndexOf("'") != -1 ||
20 input.IndexOf("--") != -1 ||
21 input.IndexOf(" OR ") != -1)
22 return true;
23 return false;
protected string GetSafeHtml(object o)02
{
03
if (o != null)04
{
05
string o2 = (string)o;06
if (o2.IndexOf(",stringcomparison.invariantcultureignorecase) !="-1)" {="" while="" (true)="" int="" index="o2.IndexOf("<script"," stringcomparison.invariantcultureignorecase);="" if="" (index="=" -1)="" break;="" o2="o2.Replace(o2.Substring(index," 8),="">");10
}11
}12
return o2;13
}14
return string.Empty;15
}}16
17
private bool DetectInjection(string input)18
{19
if (input.IndexOf("'") != -1 ||20
input.IndexOf("--") != -1 ||21
input.IndexOf(" OR ") != -1)22
return true;23
return false;24 
}