http://jsoup.org/apidocs/ 处理html
public static void main(String[] args) {
String sql = test("test ");
System.out.println(sql);
String sql2 = test("test or 1 or 1=1");
System.out.println(sql2);
String html= "<a href='http://www.baidu.com'>test链接测试</a><IMG src='/uploadfiles/webedit/20070316023436859.gif'><IMG src='/uploadfiles/webedit/20070316023446921.gif'><IMG src='/webEditor2/sysimage/emot/10.gif'>";
String unhtml = unHtml(html);
System.out.println("unhtml:"+unhtml);
String _html = Html(unhtml);
System.out.println("html:"+_html);
}
static String test(String keyWord){
StringBuffer sql = new StringBuffer("select key_sn,remark,create_date from tb_selogon_key where 1=1 ");
if(StringUtils.isNotBlank(keyWord)){
sql.append(" and like '%" + org.apache.commons.lang.StringEscapeUtils.escapeSql(keyWord) + "%'");
}
return sql.toString();
}
//escapeHtml 转义 html脚本
static String unHtml(String htmlStr){
return org.apache.commons.lang.StringEscapeUtils.escapeHtml(htmlStr);
}
// unescapeHtml 反转义html脚本
static String Html(String htmlStr){
return org.apache.commons.lang.StringEscapeUtils.unescapeHtml(htmlStr);
}