什么符号会导致sql注入

会导致sql注入的符号有：

"'", "<", ">", "%", "\"", ",", ".", ">=", "=<", "<>", "-", "_", ";", "||", "[", "]", "&", "/", "-", "|", " "

还有其他会导致sql注入的标签以及关键字，例如：

//标签：
<applet>
<body>
<embed>
<frame>
<script>
<frameset>
<html>
<iframe>
<img>
<style>
<layer>
<link>
<ilayer>
<meta>
<object>
//关键字：
select, update, insert, delete, declare, @, exec, dbcc, alter, drop, create, backup, if, else, end, and, or, add, set, open, close, use, begin, retun, as, go, exists