那位高手帮我一下.在下面的代码中帮忙添加一些过滤非法字符的代码.比如< > $之类的符号.本人非常感谢.

!--#include file=CONN.ASP-->
<%
dim id,username
id=trim(request("id"))
if not isnumeric(id) or id="" then
response.write "<li>参数错误！"
cl
response.end
end if
if request.cookies("ijob")("username")="" or request.cookies("ijob")("domain")="" or request.cookies("ijob")("id")="" then
response.write "<br>"
response.write "<li>你还没有登陆！"
cl
response.end
end if
if request("ijob")="chk" then
call ijob()
response.end
end if
%>
<meta http-equiv="Content-Language" content="zh-cn">
<link rel="stylesheet" type="text/css" href="1.CSS">
<title>发送邮件</title>
<style type="text/css">
<!--
body {
background-color: #F2F2F2;
}
-->
</style><body topmargin="3" leftmargin="0">
<div align="center">
<center>
<br>
<br>
<table width="352" height="64" border="0" cellpadding="0" cellspacing="0" bordercolor="#CCCCCC" bgcolor="#F2F2F2" style="border-collapse: collapse">
<form action="?id=<%=id%>&ijob=chk" method="POST">
<tr>
<td width="80" height="25" style="border-bottom-style: none; border-bottom-width: medium">
<p align="center"><font color="#FF0000">回复内容：</font></td>
<td width="273" height="25" style="border-bottom-style: none; border-bottom-width: medium">
<textarea class="inputa" crows="16" name="neirong" cols="37" style="height:150 "></textarea></td>
</tr>
<tr>
<td width="353" height="35" colspan="2" style="border-top-style: none; border-top-width: medium">
<p align="center">
<input class="inputb" type="submit" value="提交回复" name="B1"></td>
</tr>
</form>
</table>
</center>
</div>
<%
sub ijob()
dim rs,sql,neirong
if len(trim(request("neirong")))<2 then
response.write "<li>回复内容没有填写！"
cl
response.end
end if
set rs=server.createobject("adodb.recordset")
sql = "select * from hf "
rs.open sql,conn,1,3
rs.addnew
rs("username")=request.cookies("ijob")("username")
rs("neirong")=trim(request("neirong"))
rs("xxid")=id
rs.update
rs.close
set rs=nothing
Conn.Execute("Update xinxi Set hfcs=hfcs+1 where id="&cstr(id))
closedb
response.write "<li>回复成功！"
cl
end sub
%>
<%sub cl()%>
<body>
<%end sub%>