public static boolean commandIsSafe(String parameter) {
parameter = parameter.trim();
if (parameter.length() == 0) {
return false;
}
StringBuilder safeParam = new StringBuilder();
String whiteCharList = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz1234567890-=[]\\',./ ~@#%^*()_+\"{}:?";
char[] safeParamChars = parameter.toCharArray();
for (char safeParamChar : safeParamChars) {
int whiteListIndex = whiteCharList.indexOf(safeParamChar);
if (-1 == whiteListIndex) {
return false;
}
safeParam.append(whiteCharList.charAt(whiteListIndex));
}
return true;
}
public static boolean commandIsSafe(String[] parameters) {
List<String> parameterList = Arrays.asList(parameters);
for (int i = 0; i < parameterList.size(); i++) {
if (!commandIsSafe(parameterList.get(i))) {
return false;
}
}
return true;
}
判断paramters是否合法,有非法字符就返回false,否则返回true。