package com.xdja.drs.filter.xss;

import org.apache.commons.lang.StringUtils;

/* loaded from: input_file:com/xdja/drs/filter/xss/SQLFilter.class */
public class SQLFilter {
    public static String sqlInject(String str) {
        if (StringUtils.isBlank(str)) {
            return str;
        }
        String replace = StringUtils.replace(StringUtils.replace(str, "'", "%27"), "\"", "%22");
        String lowerCase = replace.toLowerCase();
        for (String str2 : new String[]{"master", "truncate", "insert", "select", "delete", "update", "declare", "alter", "drop"}) {
            int indexOf = lowerCase.indexOf(str2);
            if (indexOf != -1) {
                replace = replace.substring(0, indexOf) + replace.substring(indexOf + str2.length());
            }
        }
        return replace;
    }

    public static void main(String[] strArr) {
        System.err.println(sqlInject("seLect 'XxvasfUU' from dual;TrunCate T_UseR"));
    }
}
