C#替换特殊字符防SQL注入
ions.IgnoreCase); str = Regex.Replace(str, "xp_cmdshell", "", RegexOptions.IgnoreCase); str = Regex.Replace(str, "exec master", "", RegexOptions.IgnoreCase); str = Regex.Replace(str, "net localgroup administrators", "", RegexOptions.IgnoreCase); str = Regex.Replace(str, "and", "", Regex