asp 에서 불법 SQL 문 자 를 걸 러 내 는 함수 코드

'************************************************** 
'   ：R 
'   ：     SQL   
'   ：strChar-----       
'   ：       
'************************************************** 
Public Function R(strChar) 
If strChar = "" Or IsNull(strChar) Then R = "":Exit Function 
Dim strBadChar, arrBadChar, tempChar, I 
'strBadChar = "$,#,',%,^,&,?,(,),<,>,[,],{,},/,\,;,:," & Chr(34) & "," & Chr(0) & "" 
strBadChar = "+,',--,%,^,&,?,(,),<,>,[,],{,},/,\,;,:," & Chr(34) & "," & Chr(0) & "" 
arrBadChar = Split(strBadChar, ",") 
tempChar = strChar 
For I = 0 To UBound(arrBadChar) 
tempChar = Replace(tempChar, arrBadChar(I), "") 
Next 
tempChar = Replace(tempChar, "@@", "@") 
R = tempChar 
End Function 
'  xss 
Function CheckXSS(ByVal strCode) 
Dim Re 
Set re=new RegExp 
re.IgnoreCase =True 
re.Global=True 
re.Pattern="<.[^>]*(style).>" 
strCode = re.Replace(strCode, "") 
re.Pattern="<(a.[^>]*|\/a|li|br|B|\/li|\/B|font.[^>]*|\/font)>" 
strCode=re.Replace(strCode,"[$1]") 
strCode=Replace(Replace(strCode, "<", "&lt;"), ">", "&gt;") 
re.Pattern="\[(a.[^\]]*|\/a|li|br|B|\/li|\/B|font.[^\]]*|\/font)\]" 
strCode=re.Replace(strCode,"<$1>") 
re.Pattern="<.[^>]*(on(load|click|dbclick|mouseover|mouseout|mousedown|mouseup|mousewheel|keydown|submit|change|focus)).>" 
strCode = re.Replace(strCode, "") 
Set Re=Nothing 
CheckXSS=strCode 
End Function 

Function FilterIDs(byval strIDs) 
Dim arrIDs,i,strReturn 
strIDs=Trim(strIDs) 
If Len(strIDs)=0 Then Exit Function 
arrIDs=Split(strIDs,",") 
For i=0 To Ubound(arrIds) 
If ChkClng(Trim(arrIDs(i)))<>0 Then 
strReturn=strReturn & "," & Int(arrIDs(i)) 
End If 
Next 
If Left(strReturn,1)="," Then strReturn=Right(strReturn,Len(strReturn)-1) 
FilterIDs=strReturn 
End Function