ds8-solution-pro/ds-wms-service/DS.WMS.PrintApi/Utils/SqlUtil.cs

using System;

namespace DS.WMS.PrintApi.Utils
{
    public static class SqlUtil
    {

        /// <summary>
        /// sql
        /// </summary>
        /// <param name="input"></param>
        /// <returns></returns>
        public static bool IsSqlInjection(string input)
        {
            string[] sqlCheckList = { "TRUNCATE", "INSERT", "UPDATE", "DELETE", "DROP", "--"};
            foreach (string item in sqlCheckList)
            {
                if (input.IndexOf(item, StringComparison.OrdinalIgnoreCase) >= 0)
                {
                    return true;
                }
            }
            return false;
        }
    }
}