Function UploadClearVar(sVar)
Dim str
str = Trim(Upload(sVar))
If str <> "" Then
str = Replace(str,"'","''")
str = Replace(str,";","")
'str = Replace(str, "(", "(")
'str = Replace(str, ")", ")")
'str = Replace(str, "#", "#")
str = Replace(str, "&", "&")
str = Replace(str,">",">")
str = Replace(str,"<","<")
str = Replace(str, "%", "")
str = Replace(str, "--", "")
str = Replace(str, "/*", "")
str = Replace(str, "*/", "")
str = Replace(LCase(str), "cookie", "cook1e")
str = Replace(LCase(str), "document", "d0cument")
str = Replace(LCase(str), "script", "scr1pt")
str = replace(LCase(str), "iframe", "ifr@me")
str = Replace(LCase(str), "@variable", "")
str = Replace(LCase(str), "@@variable", "")
str = Replace(LCase(str), "print", "")
str = Replace(LCase(str), "set", "")
str = Replace(LCase(str), "or", "")
str = Replace(LCase(str), "union", "")
str = Replace(LCase(str), "and", "")
str = Replace(LCase(str), "select", "")
str = Replace(LCase(str), "insert", "")
str = Replace(LCase(str), "update", "")
str = Replace(LCase(str), "delete", "")
str = Replace(LCase(str), "openrowset", "")
str = Replace(LCase(str), "declare", "")
str = Replace(LCase(str), "shutdown", "")
str = Replace(LCase(str), "drop", "")
str = Replace(LCase(str), "xp_", "")
End IF
UploadClearVar = str
End Function
Function UploadClearVar(sVar)
Dim str
str = Trim(Upload(sVar))
If str <> "" Then
str = Replace(str,"'","''")
str = Replace(str,";","")
'str = Replace(str, "(", "(")
'str = Replace(str, ")", ")")
'str = Replace(str, "#", "#")
str = Replace(str, "&", "&")
str = Replace(str,">",">")
str = Replace(str,"<","<")
str = Replace(str, "%", "")
str = Replace(str, "--", "")
str = Replace(str, "/*", "")
str = Replace(str, "*/", "")
str = Replace(LCase(str), "cookie", "cook1e")
str = Replace(LCase(str), "document", "d0cument")
str = Replace(LCase(str), "script", "scr1pt")
str = replace(LCase(str), "iframe", "ifr@me")
str = Replace(LCase(str), "@variable", "")
str = Replace(LCase(str), "@@variable", "")
str = Replace(LCase(str), "print", "")
str = Replace(LCase(str), "set", "")
str = Replace(LCase(str), "or", "")
str = Replace(LCase(str), "union", "")
str = Replace(LCase(str), "and", "")
str = Replace(LCase(str), "select", "")
str = Replace(LCase(str), "insert", "")
str = Replace(LCase(str), "update", "")
str = Replace(LCase(str), "delete", "")
str = Replace(LCase(str), "openrowset", "")
str = Replace(LCase(str), "declare", "")
str = Replace(LCase(str), "shutdown", "")
str = Replace(LCase(str), "drop", "")
str = Replace(LCase(str), "xp_", "")
End IF
UploadClearVar = str
End Function