一套基于asp.net的安全校验机制应用模型 ！

using System;
using System.Data;
using System.Configuration;
using System.Linq;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.HtmlControls;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Xml.Linq;
using System.IO;
using System.Text;
using System.Web.UI.MobileControls;
using System.Collections.Generic;
/// <summary>
///SQLFilter 的摘要说明
/// </summary>
public static class SQLFilter
{
    #region SQL注入过滤
    /// <summary>
    /// SQL注入过滤
    /// </summary>
    /// <param name="sqlParems">要过滤的参数数组</param>
    /// <returns>如果参数存在不安全字符，则返回false</returns>
    // 应用示例
    // if(TheManagerUtils.SqlFilter(new string[] { "ss","kk" }, this.Page) == false)
    // {
    //     //直接跳转到相应的错误页面
    //     Response.Redirect("WelfarePage.aspx");
    //     return;
    // }
    public static bool SqlFilter(string[] sqlParems, Page p)
    {
        StringBuilder parems = new StringBuilder();
        #region 有关非法数据的相关维护
        //常用的SQL恶意字符屏蔽
        string sql = "insert|delete|update|select|exec|script";
        try
        {
            //获取配置在Web.config中最新的SQL恶意字符屏蔽
            sql = System.Configuration.ConfigurationSettings.AppSettings["