var surl = location.search.tolowercase();
var squery = surl.substring(surl.indexof("=") + 1);
re = /select|update|delete|truncate|join|union|exec|insert|drop|count|'|"|;|>|<|%/i;
if (re.test(squery)) {
    alert("请勿输入非法字符");
    location.href = surl.replace(squery, "");
}