Detecting SQL injection attack code under asp.net

Two classes:
(Page data verification class) PageValidate.cs is basically universal.
The code is as follows:

Use System;
Use System.Text;
Use System.Web;
Use System.Web.UI.WebControls;
Use System.Text.RegularExpressions;
Commonly used namespaces
{
///
/// Page data validation class
///
public class PageValidate
{
Private static regular expression RegNumber = new regular expression ("^[0-9] + $");
Private static regular expression RegNumberSign = new regex("^[+-][0-9]+$?");
private static regex RegDecimal = new regex("[]?^[0-9]+[0- 9] + $");
Private static regular expression RegDecimalSign = new regular expression("^ [+ - ] [0-9] + [0-9] + $?[]?"); //etc. Price at ^ [+ - ] D + D + $? []
Private static regex RegEmail = new regex("^[\W-]+@\W-]+\(COM|NETWORK|ORGANIZATION|EDU|CRYPTO|TV|BIZ|INFO)$" ); //W¯¯A string of English letters or numbers, the same syntax as [A-ZA-Z0-9]
Private static regular expression RegCHZN = new regular expression ("[u4e00- u9fa5]");
Public PageValidate()
{
}

#Region numeric string check
///
///Check the key value of the application query string, whether it is a number, the maximum length limit
///
///Request
/// Request key value
// / Maximum length
// / Returns the request query string
public static string FetchInputDigit(req HttpRequest, string inputKey, maxlen int)
{
string = retVal String.Empty;
if (inputKey = NULL && inputKey = String.Empty!)
{
retVal = req.QueryString [inputKey]
if (null == retVal)
retVal = req.Form [inputKey]
if (empty = retVal!)
{
retVal = SQLTEXT(retVal, MAXLEN);
if (ISNUMBER(retVal)!)
retVal = String.Empty;
}
}
if (retVal == NULL)
retVal = String.Empty;
return retVal;
}
///
///Is numeric string
///
///Input string
///
public Static Boolean ISNUMBER (String inputData)
{
Match M = RegNumber.Match(inputData);
Return m.Success;
}
///
///Whether the numeric string can have a positive or negative sign
///
///Input string
///
Public static boolean IsNumberSign(String inputData)
{
Match M = RegNumberSign.Match(inputData);
Return m.Success;
}
///
/// Whether it is a floating point number
///
///Input string
///
Public static Boolean IsDecimal(String inputData)
{
Match M = RegDecimal.Match(inputData);
Return m.Success;
}
///
///Whether it is a floating point number that can be signed
///
///Input string
///
Public static Boolean IsDecimalSign (string inputData)
{
Match M = RegDecimalSign. Match(inputData);
Return m.Success;
}
#endregion
#Regional Chinese detection
///
///Detect whether there are Chinese characters
///
///
///
Public static Boolean IsHasCHZN (String inputData)
{
Match M = RegCHZN.Match(inputData);
Return m.Success;
}
#endregion
# Regional email address
///
///Whether it is a floating point number that can be positive Negative sign
///
///Input string
///
Public static boolean ISEMAIL(String inputData)
{
Match M = RegEmail.Match(inputData);
Return m.Success;
}
#endregion
# Other regions
///
///Check the maximum length of the string and return a string of the specified length
///
///Input string
///Maximum length
///
Public static characters String SQLTEXT (String SQLInput, int max length)
{
if (SQLInput = NULL && SQLInput = String.Empty)!
{
SQLInput = sqlInput.Trim();
If (sqlInput.Length>maximum length) //Truncate the string according to the maximum length
SQLInput = sqlInput.Substring(0, maximum length);
}
The returned SQLInput ;
}
///
///String encoding
///
///
///
Public static string HTMLEncode(String inputData)
{
Return HttpUtility.HtmlEncode(inputData);
}
///
///Set the label to display the encoded string
///
///
///
Public static void SetLabel(label lbl, string txtInput)
{
lbl.Text = HTMLEncode( txtInput);
}
Public static void SetLabel(LBL label, object inputObj)
{
SetLabel(LBL, inputObj.ToString());
}
//String cleaning
public static string inputText(String inputString, int max length)
{
StringBuilder retVal = new StringBuilder();
// Check if it is null
if ((inputString = NULL) && (inputString = String.Empty)! )
{
inputString = inputString.Trim();
//Check the length
If (inputString.Length>maximum length)
inputString = inputString.Substring(0, maximum length);
//Danger of replacement char
for(int i = 0;i{
switch(inputString[I])
{
case '":
retVal.Append(""");
break ;
case '<':
retVal.Append("<");
break;
case '>':
retVal.Append(">");
break;
default:
retVal.Append (inputString[I]);
Break;
}
}
retVal.Replace("'", ""); //Replace single quotes
}
return retVal.ToString();
}
///
/ //Convert to HTML code
///
///String
///String
Public static string encoding (String str)
{
str = str.Replace("&", "&");
str = str.Replace("'", "'");
str = str.Replace(""", """);
str = str.Replace("", "");
str = str .Replace("<", "<");
str = str.Replace(">", ">");
str = str.Replace("n", "
");
return strait;
}
///
///Parse HTML into normal text
///
///String
///String
public static string decode(String str)
{
strait = str .Replace("
", "n");
str = str.Replace(">", ">");
str = str.Replace("<", "<");
str = str.Replace("","");
str = str.Replace(""",""");
return str; (in), save the Global.asax file name and put it under the root Trojan of the website. (Other functions can be added by yourself)