var url = location.search;
 var re=/^\?(.*)(select%20|insert%20|delete%20from%20|count\(|drop%20table|update%20truncate%20|asc\(|mid\(|char\(|xp_cmdshell|exec%20master|net%20localgroup%20administrators|\"|:|net%20user|\'|%20or%20)(.*)$/gi;
 var e = re.test(url);
 if(e)
 {
  alert("很抱歉，由于您提交的内容中含有危险的SQL注入代码，致使本次操作无效！");
  history.go(-1);
 }