//检测地址栏的非法字符，防止SQL注入
var url = location.search;
var re=/^\?(.*)(select%20|insert%20|delete%20from%20|count\(|drop%20table|update%20truncate%20|asc\(|mid\(|char\(|xp_cmdshell|exec%20master|net%20localgroup%20administrators|\"|:|net%20user|\|%20or%20)(.*)$/gi;
var e = re.test(url);
if(e)
{
      //检测有非法字符，跳转页面
      location.href="http://www.jlzkbk.com/error.aspx?msg=s";
}