在asp编写中,我们需要注意特殊字符串的处理,防止被黑客利用。使用asp的朋友一定要参考下。

代码如下: ''===================================== ''转换内容,防止意外 ''===================================== Function Content_Encode(ByVal t0) IF IsNull(t0) Or Len(t0)=0 Then Content_Encode='' Else Content_Encode=Replace(t0,'','') Content_Encode=Replace(Content

作者: 来源: 时间: 17-11-23 16:04:23

代码如下:
''=====================================
''转换内容,防止意外
''=====================================
Function Content_Encode(ByVal t0)
IF IsNull(t0) Or Len(t0)=0 Then
Content_Encode=""
Else
Content_Encode=Replace(t0,"<","<")
Content_Encode=Replace(Content_Encode,">",">")
End IF
End Function

''=====================================
''反转换内容
''=====================================
Function Content_Decode(ByVal t0)
IF IsNull(t0) Or Len(t0)=0 Then
Content_Decode=""
Else
Content_Decode=Replace(t0,"<","<")
Content_Decode=Replace(Content_Decode,">",">")
End IF
End Function

''=====================================
''过滤字符
''=====================================
Function FilterText(ByVal t0,ByVal t1)
IF Len(t0)=0 Or IsNull(t0) Or IsArray(t0) Then FilterText="":Exit Function
t0=Trim(t0)
Select Case t1
Case "1"
t0=Replace(t0,Chr(32)," ")
t0=Replace(t0,Chr(13),"")
t0=Replace(t0,Chr(10)&Chr(10),"<br>")
t0=Replace(t0,Chr(10),"<br>")
Case "2"
t0=Replace(t0,Chr(8),"")''回格
t0=Replace(t0,Chr(9),"")''tab(水平制表符)
t0=Replace(t0,Chr(10),"")''换行
t0=Replace(t0,Chr(11),"")''tab(垂直制表符)
t0=Replace(t0,Chr(12),"")''换页
t0=Replace(t0,Chr(13),"")''回车 chr(13)&chr(10) 回车和换行的组合
t0=Replace(t0,Chr(22),"")
t0=Replace(t0,Chr(32),"")''空格 SPACE
t0=Replace(t0,Chr(33),"")''!
t0=Replace(t0,Chr(34),"")''"
t0=Replace(t0,Chr(35),"")''#
t0=Replace(t0,Chr(36),"")''$
t0=Replace(t0,Chr(37),"")''%
t0=Replace(t0,Chr(38),"")''&
t0=Replace(t0,Chr(39),"")''''
t0=Replace(t0,Chr(40),"")''(
t0=Replace(t0,Chr(41),"")'')
t0=Replace(t0,Chr(42),"")''*
t0=Replace(t0,Chr(43),"")''+
t0=Replace(t0,Chr(44),"")'',
t0=Replace(t0,Chr(45),"")''-
t0=Replace(t0,Chr(46),"")''.
t0=Replace(t0,Chr(47),"")''/
t0=Replace(t0,Chr(58),"")'':
t0=Replace(t0,Chr(59),"")'';
t0=Replace(t0,Chr(60),"")''<
t0=Replace(t0,Chr(61),"")''=
t0=Replace(t0,Chr(62),"")''>
t0=Replace(t0,Chr(63),"")''?
t0=Replace(t0,Chr(64),"")''@
t0=Replace(t0,Chr(91),"")''\
t0=Replace(t0,Chr(92),"")''\
t0=Replace(t0,Chr(93),"")'']
t0=Replace(t0,Chr(94),"")''^
t0=Replace(t0,Chr(95),"")''_
t0=Replace(t0,Chr(96),"")''`
t0=Replace(t0,Chr(123),"")''{
t0=Replace(t0,Chr(124),"")''|
t0=Replace(t0,Chr(125),"")''}
t0=Replace(t0,Chr(126),"")''~
Case Else
t0=Replace(t0, "&", "&")
t0=Replace(t0, "''", "'")
t0=Replace(t0, """", """)
t0=Replace(t0, "<", "<")
t0=Replace(t0, ">", ">")
End Select
IF Instr(Lcase(t0),"expression")>0 Then
t0=Replace(t0,"expression","e­xpression", 1, -1, 0)
End If
FilterText=t0
End Function

''=====================================
''过滤常见字符及Html
''=====================================
Function FilterHtml(ByVal t0)
IF Len(t0)=0 Or IsNull(t0) Or IsArray(t0) Then FilterHtml="":Exit Function
IF Len(Sdcms_Badhtml)>0 Then t0=ReplaceText(t0,"<(/|)("&Sdcms_Badhtml&")", "<$1$2")
IF Len(Sdcms_BadEvent)>0 Then t0=ReplaceText(t0,"<(.[^>]*)("&Sdcms_BadEvent&")", "<$1$2")
t0=FilterText(t0,0)
FilterHtml=t0
End Function

Function GotTopic(ByVal t0,ByVal t1)
IF Len(t0)=0 Or IsNull(t0) Then
GotTopic=""
Exit Function
End IF
Dim l,t,c, i
t0=Replace(Replace(Replace(Replace(t0," "," "),""",chr(34)),">",">"),"<","<")
l=Len(t0)
t=0
For I=1 To l
c=Abs(Asc(Mid(t0,i,1)))
IF c>255 Then t=t+2 Else t=t+1
IF t>=t1 Then
gotTopic=Left(t0,I)&"…"
Exit For
Else
GotTopic=t0
End IF
Next
GotTopic=Replace(Replace(Replace(Replace(GotTopic," "," "),chr(34),"""),">",">"),"<","<")
End Function

Function UrlDecode(ByVal t0)
Dim t1,t2,t3,i,t4,t5,t6
t1=""
t2=False
t3=""
For I=1 To Len(t0)
t4=Mid(t0,I,1)
IF t4="+" Then
t1=t1&" "
ElseIF t4="%" Then
t5=Mid(t0,i+1,2)
t6=Cint("&H" & t5)
IF t2 Then
t2=False
t1=t1&Chr(Cint("&H"&t3&t5))
Else
IF Abs(t6)<=127 then
t1=t1&Chr(t6)
Else
t2=True
t3=t5
End IF
End IF
I=I+2
Else
t1=t1&t4
End IF
Next
UrlDecode=t1
End Function

Function CutStr(byVal t0,byVal t1)
Dim l,t,c,i
IF IsNull(t0) Then CutStr="":Exit Function
l=Len(t0)
t1=Int(t1)
t=0
For I=1 To l
c=Asc(Mid(t0,I,1))
IF c<0 Or c>255 Then t=t+2 Else t=t+1
IF t>=t1 Then
CutStr=Left(t0,I)&"..."
Exit For
Else
CutStr=t0
End IF
Next
End Function

Function CloseHtml(ByVal t0)
Dim t1,I,t2,t3,Regs,Matches,J,Match
Set Regs=New RegExp
Regs.IgnoreCase=True
Regs.Global=True
t1=Array("p","div","span","table","ul","font","b","u","i","h1","h2","h3","h4","h5","h6")
For I=0 To UBound(t1)
t2=0
t3=0
Regs.Pattern="\<"&t1(I)&"( [^\<\>]+|)\>"
Set Matches=Regs.Execute(t0)
For Each Match In Matches
t2=t2+1
Next
Regs.Pattern="\</"&t1(I)&"\>"
Set Matches=Regs.Execute(t0)
For Each Match In Matches
t3=t3+1
Next
For j=1 To t2-t3
t0=t0+"</"&t1(I)&">"
Next
Next
CloseHtml=t0
End Function
11
22
33
隐藏区块

会员注册

本功能为预留功能,暂不支持注册 ^_^

Login

社交帐号登陆

使用以下任意帐号可登陆本站

Close section
Close

联系我们

关于5UCMS 您有任何需求 均可以留言给我们