str = Regex.Replace(str, @"<script[^>]*?>.*?</script>", "", RegexOptions.IgnoreCase);
//str为需要校验的字符
str = Regex.Replace(str, @"[~`@#$%^&*()_+{}|<>/\[]]", "", RegexOptions.IgnoreCase);
//删除与数据库相关的词
str= Regex.Replace(str, "select", "", RegexOptions.IgnoreCase);