生成验证码:
using System;
using System.Data;
using System.Configuration;
using System.Collections;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
using System.Drawing;
public partial class CheckCode : System.Web.UI.Page
{
protected void Page_Load(object sender, EventArgs e)
{
if (!this.IsPostBack)
{
//生成验证码
string temp = this.GetCode(4);
HttpCookie cookie = new HttpCookie("yzm");
cookie.Value = temp;
Response.Cookies.Add(cookie);
//画图
this.GetCheckCodeImage(temp);
}
}
//产生随机字符串
private string GetCode(int num)
{
string[] source ={ "1", "2", "3", "4", "5", "6", "7", "8", "9", "A", "B", "C", "D", "E", "F", "G", "H", "I", "J",
"K", "L", "M", "N", "O","P", "Q", "R", "S", "T", "U", "V", "W", "X", "Y", "Z" ,"a", "b", "c", "d", "e", "f", "g", "h", "i", "j",
"k", "l", "m", "n", "o", "p", "q", "r", "s", "t", "u", "v", "w", "x", "y","z"};
string code = "";
Random rd = new Random();
for (int i = 0; i < num; i++)
{
code += source[rd.Next(0, source.Length)];
}
Session["ValidateCode"] = code;//将字符串保存到Session中,以便需要时进行验证
return code;
}
#region 验证码
/// <summary>
/// 生成验证码
/// </summary>
/// <param name="checkCode"></param>
private void GetCheckCodeImage(string checkCode)
{
if (checkCode == null || checkCode.Trim() == String.Empty) return;
System.Drawing.Bitmap image = new System.Drawing.Bitmap((int)Math.Ceiling((checkCode.Length * 12.5)),25);
Graphics g = Graphics.FromImage(image);
try
{
Random random = new Random(); //生成随机生成器
g.Clear(Color.White); //清空图片背景色 www.2cto.com
for (int i = 0; i < 5; i++) //画图片的背景噪音线
{
int x1 = random.Next(image.Width);
int x2 = random.Next(image.Width);
int y1 = random.Next(image.Height);
int y2 = random.Next(image.Height);
g.DrawLine(new Pen(Color.Silver), x1, y1, x2, y2);
}
Font font = new System.Drawing.Font("Arial", 12, (System.Drawing.FontStyle.Bold | System.Drawing.FontStyle.Italic));
System.Drawing.Drawing2D.LinearGradientBrush brush = new System.Drawing.Drawing2D.LinearGradientBrush(new Rectangle(0, 0, image.Width, image.Height), Color.Blue, Color.DarkRed, 1.2f, true);
g.DrawString(checkCode, font, brush, 2, 2);
//画图片的前景噪音点
for (int i = 0; i < 60; i++)
{
int x = random.Next(image.Width);
int y = random.Next(image.Height);
image.SetPixel(x, y, Color.FromArgb(random.Next()));
}
//画图片的边框线
g.DrawRectangle(new Pen(Color.Silver), 0, 0, image.Width - 1, image.Height - 1);
System.IO.MemoryStream ms = new System.IO.MemoryStream();
image.Save(ms, System.Drawing.Imaging.ImageFormat.Gif);
Response.ClearContent();
Response.ContentType = "image/Gif";
Response.BinaryWrite(ms.ToArray());
}
finally
{
g.Dispose();
image.Dispose();
}
}
#endregion
}
清空缓存:
//清空客户端页面缓存
public static void ClearClientPageCache()
{
HttpContext.Current.Response.Buffer = true;
HttpContext.Current.Response.Expires = 0;
HttpContext.Current.Response.ExpiresAbsolute = DateTime.Now.AddDays(-1);
HttpContext.Current.Response.AddHeader("pragma", "no-cache");
HttpContext.Current.Response.AddHeader("cache-control", "private");
HttpContext.Current.Response.CacheControl = "no-cache";
}
分页方法:
using System;
using System.Collections.Generic;
using System.Web;
using System.Text;
using System.Text.RegularExpressions;
public class PagingCollection<T>
{
private int pagezise;
public int Pagezise
{
get { return pagezise; }
set { pagezise = value; }
}
private int pageindex;
public int Pageindex
{
get { return pageindex; }
set { pageindex = value; }
}
private int TotalCount;
public int TotalCount1
{
get { return TotalCount; }
set { TotalCount = value; }
}
private int TotalPage=0;
public int TotalPage1
{
get { return TotalPage; }
set { TotalPage = value; }
}
private string url;
public string Url
{
get { return url; }
set { url = value; }
}
private string urlparms;
public string Urlparms
{
get {
return urlparms; }
set { urlparms = value; }
}
/// <summary>
/// 分页数据构造
/// </summary>
/// <param name="source"></param>
/// <param name="pageindex"></param>
/// <param name="pagezise"></param>
/// <param name="totalcount"></param>
/// <param name="url"></param>
public PagingCollection(int pageindex, int pagezise, int totalcount, string url)
{
this.pageindex = pageindex;
this.pagezise = pagezise;
TotalCount = totalcount;
TotalPage = (int)Math.Ceiling(TotalCount / (double)pagezise);
this.url = url;
}
public PagingCollection(int pageindex, int pagezise, int totalcount, string url,string urlparms)
{
this.pageindex = pageindex;
this.pagezise = pagezise;
TotalCount = totalcount;
TotalPage = (int)Math.Ceiling(TotalCount / (double)pagezise);
this.url = url;
this.urlparms = urlparms;
}
#region 分页属性 返回分页数据
public string GetPatePar
{
get
{
if (TotalCount1 > 0)
{
StringBuilder str = new StringBuilder();
int startpage = (pageindex - 1) / 10 * 10 + 1;
int endpage = (pageindex - 1) / 10 * 10 + 10;
int x = endpage > TotalPage ? TotalPage : endpage;
str.Append("<div style=' color:#1E5494;'>共" + TotalPage1 + "页 / 当前第" + pageindex + "页 ");
if (HasPreviousPage)
{
str.Append("<a href=" + url + "?page=1" + GetURLParms + "" + urlparms + ">首页</a> ");
str.Append("<a href=" + url + "?page=" + (pageindex - 1) + GetURLParms + "" + urlparms + ">上一页</a>");
}
else
{
str.Append("<a href=#>首页 </a>");
str.Append("<a href=#>上一页</a>");
}
for (int i = startpage; i <= x; i++)
{
if (i == pageindex)
{
str.Append(string.Format("<a style='margin-left:3px; margin-right:3px;padding:2px 4px 2px 4px;color:red;border:1px solid #cccccc;background-color:#ffffff; '>" + i + "</a>"));
}
else
{
str.Append(string.Format("<a style='margin-left:3px; margin-right:3px;' href=" + url + "?page=" + i + GetURLParms + "" + urlparms + ">" + i + "</a>"));
}
}
if (HasNextPage)
{
str.Append("<a href=" + url + "?page=" + (pageindex + 1) + GetURLParms + "" + urlparms + ">下一页 </a>");
str.Append("<a href=" + url + "?page=" + TotalPage + GetURLParms + "" + urlparms + ">尾页</a>");
}
else
{
str.Append("<a href=#>下一页 </a>");
str.Append("<a href=#>尾页</a>");
}
str.Append("</div>");
return str.ToString();
}
else
{
return "<font color=red>暂无数据!</font>";
}
}
}
#endregion
/// <summary>
/// url重写
/// </summary>
private string GetURLParms
{
get
{
string query = HttpContext.Current.Request.Url.Query;
query = Regex.Replace(query, @"\?page=\d*", "", RegexOptions.Compiled);
return query;
}
}
/// <summary>
///判断是否有上一页
/// </summary>
public bool HasPreviousPage
{
get
{
return (pageindex > 1);
}
}
/// <summary>
///判断是否有下一页
/// </summary>
public bool HasNextPage
{
get
{
return (pageindex < TotalPage);
}
}
}
/// <summary>
/// 分页数据类
/// </summary>
/// <typeparam name="T"></typeparam>
public class PageBean<T>
{
IList<T> datasource = new List<T>();
public IList<T> Datasource
{
get { return datasource; }
set { datasource = value; }
}
int pagesum;
public int Pagesum
{
get { return pagesum; }
set { pagesum = value; }
}
public PageBean(IList<T> datasource, int pagesum)
{
this.datasource = datasource;
this.pagesum = pagesum;
}
public PageBean()
{
//
// TODO: 在此处添加构造函数逻辑
//
}
}
生成图片水印:
using System;
using System.Data;
using System.Configuration;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
using System.IO;
using System.Drawing;
using System.Drawing.Imaging;
/// <summary>
/// PictureHandler 的摘要说明
/// </summary>
public class PicHandler : IHttpHandler
{
public void ProcessRequest(HttpContext context)
{
context.Response.ContentType = "text/plain";
string imgUrl = context.Request.PhysicalPath;//得到当前处理图片的物理路径
if (File.Exists(imgUrl))
{
Image img = Image.FromFile(imgUrl);//通过图片路径得到图片对象
Image watering = Image.FromFile(context.Server.MapPath("~/themes/images/water.jpg"));//得到数字水印图片
Graphics g = Graphics.FromImage(img);//通过图片对象创建画布
g.DrawImage(watering, new Rectangle(img.Width - watering.Width, img.Height - watering.Height, watering.Width, watering.Height), 0, 0, watering.Width, watering.Height, GraphicsUnit.Pixel);//画图
context.Response.ContentType = "image/jpeg";//设置图片的格式
img.Save(context.Response.OutputStream, ImageFormat.Jpeg);//把图片保存在输出流中
g.Dispose();//销毁画布
img.Dispose();//销毁图片
context.Response.End();
}
else
{
Image defaultimg = Image.FromFile(context.Server.MapPath("~/themes/images/water.jpg"));//通过图片路径得到默认图片对象
Image watering = Image.FromFile(context.Server.MapPath("~/themes/images/water.jpg"));//得到数字水印图片
Graphics g = Graphics.FromImage(defaultimg);//通过图片对象创建画布
g.DrawImage(watering, new Rectangle(defaultimg.Width - watering.Width, defaultimg.Height - watering.Height, watering.Width, watering.Height), 0, 0, watering.Width, watering.Height, GraphicsUnit.Pixel);//画图
context.Response.ContentType = "image/jpeg";//设置图片的格式
defaultimg.Save(context.Response.OutputStream, ImageFormat.Jpeg);
g.Dispose();
defaultimg.Dispose();
context.Response.End();
}
}
public bool IsReusable
{
get
{
return false;
}
}
}
防注入过滤:
using System;
using System.Data;
using System.Configuration;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
using System.Data.SqlClient;
/// <summary>
/// SqlCheck 的摘要说明
/// </summary>
public class SqlCheck
{
public void CheckSql()
{
string jk1986_sql = "exec↓select↓drop↓alter↓exists↓union↓and↓or↓xor↓order↓mid↓asc↓execute↓xp_cmdshell↓insert↓update↓delete↓join↓declare↓char↓sp_oacreate↓wscript.shell↓xp_regwrite↓'↓;↓--";
string[] jk_sql = jk1986_sql.Split('↓');
foreach (string jk in jk_sql)
{
// -----------------------防 Post 注入-----------------------
if (System.Web.HttpContext.Current.Request.Form != null)
{
for (int k = 0; k < System.Web.HttpContext.Current.Request.Form.Count; k++)
{
string getsqlkey = System.Web.HttpContext.Current.Request.Form.Keys[k];
string getip;
if (System.Web.HttpContext.Current.Request.Form[getsqlkey].ToLower().Contains(jk) == true)
{
System.Web.HttpContext.Current.Response.Write("<script Language=JavaScript>alert('请勿提交非法字符!');</" + "script>");
System.Web.HttpContext.Current.Response.Write("非法操作!系统做了如下记录 ↓" + "<br>");
if (System.Web.HttpContext.Current.Request.ServerVariables["HTTP_X_FORWARDED_FOR"] != null)
{
getip = System.Web.HttpContext.Current.Request.ServerVariables["HTTP_X_FORWARDED_FOR"];
}
else
{
getip = System.Web.HttpContext.Current.Request.ServerVariables["REMOTE_ADDR"];
}
System.Web.HttpContext.Current.Response.Write("操 作 I P :" + getip + "<br>");
System.Web.HttpContext.Current.Response.Write("操 作 时 间:" + DateTime.Now.ToString() + "<br>");
System.Web.HttpContext.Current.Response.Write("操 作 页 面:" + System.Web.HttpContext.Current.Request.ServerVariables["URL"] + "<br>");
System.Web.HttpContext.Current.Response.Write("提 交 方 式:P O S T " + "<br>");
System.Web.HttpContext.Current.Response.Write("提 交 参 数:" + jk + "<br>");
System.Web.HttpContext.Current.Response.Write("提 交 数 据:" + System.Web.HttpContext.Current.Request.Form[getsqlkey].ToLower() + "<br>");
System.Web.HttpContext.Current.Response.End();
}
}
}
// -----------------------防 GET 注入-----------------------
if (System.Web.HttpContext.Current.Request.QueryString != null)
{
for (int k = 0; k < System.Web.HttpContext.Current.Request.QueryString.Count; k++)
{
string getsqlkey = System.Web.HttpContext.Current.Request.QueryString.Keys[k];
string getip;
if (System.Web.HttpContext.Current.Request.QueryString[getsqlkey].ToLower().Contains(jk) == true)
{
System.Web.HttpContext.Current.Response.Write("<script Language=JavaScript>alert('请勿提交非法字符!');</" + "script>");
System.Web.HttpContext.Current.Response.Write("非法操作!系统做了如下记录 ↓" + "<br>");
if (System.Web.HttpContext.Current.Request.ServerVariables["HTTP_X_FORWARDED_FOR"] != null)
{
getip = System.Web.HttpContext.Current.Request.ServerVariables["HTTP_X_FORWARDED_FOR"];
}
else
{
getip = System.Web.HttpContext.Current.Request.ServerVariables["REMOTE_ADDR"];
}
System.Web.HttpContext.Current.Response.Write("操 作 I P :" + getip + "<br>");
System.Web.HttpContext.Current.Response.Write("操 作 时 间:" + DateTime.Now.ToString() + "<br>");
System.Web.HttpContext.Current.Response.Write("操 作 页 面:" + System.Web.HttpContext.Current.Request.ServerVariables["URL"] + "<br>");
System.Web.HttpContext.Current.Response.Write("提 交 方 式:G E T " + "<br>");
System.Web.HttpContext.Current.Response.Write("提 交 参 数:" + jk + "<br>");
System.Web.HttpContext.Current.Response.Write("提 交 数 据:" + System.Web.HttpContext.Current.Request.QueryString[getsqlkey].ToLower() + "<br>");
System.Web.HttpContext.Current.Response.End();
}
}
}
// -----------------------防 Cookies 注入-----------------------
if (System.Web.HttpContext.Current.Request.Cookies != null)
{
for (int k = 0; k < System.Web.HttpContext.Current.Request.Cookies.Count; k++)
{
string getsqlkey = System.Web.HttpContext.Current.Request.Cookies.Keys[k];
string getip;
if (System.Web.HttpContext.Current.Request.Cookies[getsqlkey].Value.ToLower().Contains(jk) == true)
{
System.Web.HttpContext.Current.Response.Write("<script Language=JavaScript>alert('请勿提交非法字符!');</" + "script>");
System.Web.HttpContext.Current.Response.Write("非法操作!系统做了如下记录 ↓" + "<br>");
if (System.Web.HttpContext.Current.Request.ServerVariables["HTTP_X_FORWARDED_FOR"] != null)
{
getip = System.Web.HttpContext.Current.Request.ServerVariables["HTTP_X_FORWARDED_FOR"];
}
else
{
getip = System.Web.HttpContext.Current.Request.ServerVariables["REMOTE_ADDR"];
}
System.Web.HttpContext.Current.Response.Write("操 作 I P :" + getip + "<br>");
System.Web.HttpContext.Current.Response.Write("操 作 时 间:" + DateTime.Now.ToString() + "<br>");
System.Web.HttpContext.Current.Response.Write("操 作 页 面:" + System.Web.HttpContext.Current.Request.ServerVariables["URL"] + "<br>");
System.Web.HttpContext.Current.Response.Write("提 交 方 式: Cookies " + "<br>");
System.Web.HttpContext.Current.Response.Write("提 交 参 数:" + jk + "<br>");
System.Web.HttpContext.Current.Response.Write("提 交 数 据:" + System.Web.HttpContext.Current.Request.Cookies[getsqlkey].Value.ToLower() + "<br>");
System.Web.HttpContext.Current.Response.End();
}
}
}
}
}
}