|
@@ -2,10 +2,18 @@ package common
|
|
|
|
|
|
|
|
import "strings"
|
|
import "strings"
|
|
|
|
|
|
|
|
-// SqlStrReplace 防止sql注入
|
|
|
|
|
-func SqlStrReplace(str string) string {
|
|
|
|
|
|
|
+// SqlStrReplaceSingleQuotes 防止sql注入 单引号
|
|
|
|
|
+func SqlStrReplaceSingleQuotes(str string) string {
|
|
|
if strings.Contains(str, "'") {
|
|
if strings.Contains(str, "'") {
|
|
|
str = strings.Replace(str, "'", "\\'", -1)
|
|
str = strings.Replace(str, "'", "\\'", -1)
|
|
|
}
|
|
}
|
|
|
return str
|
|
return str
|
|
|
}
|
|
}
|
|
|
|
|
+
|
|
|
|
|
+// SqlStrReplaceDoubleQuotes 防止sql注入 双引号
|
|
|
|
|
+func SqlStrReplaceDoubleQuotes(str string) string {
|
|
|
|
|
+ if strings.Contains(str, "\"") {
|
|
|
|
|
+ str = strings.Replace(str, "\"", "\\\"", -1)
|
|
|
|
|
+ }
|
|
|
|
|
+ return str
|
|
|
|
|
+}
|
dcsunny