Hackers sometimes try to hack very important information from website, This utility helps you to protect against Harmful script in input string. Just copy and paste this utility in your c# code and call this utility and pass the input string. This method will return the filtered string.
/// <summary>
/// Filters harmful scripts from input string
/// </summary>
/// <param name="Text">Input String</param>
/// <returns>Filtered String</returns>
public string FormatTextForInput(string Text)
{
if (Text == "")
return "";
if (Text == null)
return "";
string output = Text;
//Build an array of characters that need to be filter.
string[] strDirtyInput = { "xp_", ";", "--", "<", ">", "iframe", "script" };
//Loop through all items in the array
foreach (string item in strDirtyInput)
{
output = output.Replace(item, "");
}
output = output.Replace("'", "''");
return output;
}
Thank you
ReplyDelete