过滤关键字大全-网页关键字过滤-sql注入关键字过滤

最新推荐文章于 2024-04-25 22:12:49 发布
最新推荐文章于 2024-04-25 22:12:49 发布
阅读量2.5k 收藏 1
点赞数
分类专栏: C# JavaScript SQL 文章标签: string input null output 加密 exception
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/lavly/article/details/4551539
版权
C# 同时被 3 个专栏收录
20 篇文章 0 订阅
订阅专栏
SQL
6 篇文章 0 订阅
订阅专栏
JavaScript
5 篇文章 0 订阅
订阅专栏

using System;  
using System.Collections.Generic;  
using System.Text;  
using System.Text.RegularExpressions;  
using System.Web;  
using System.Security.Cryptography;  
 
public class Input  
{  
      
    /// <summary>  
    /// 检测是否整数型数据  
    /// </summary>  
    /// <param name="Num">待检查数据</param>  
    /// <returns></returns>  
    public static bool IsInteger(string Input)  
    {  
        if (Input == null)  
        {  
            return false;  
        }  
        else 
        {  
            return IsInteger(Input, true);  
        }  
    }  
 
    /// <summary>  
    /// 是否全是正整数  
    /// </summary>  
    /// <param name="Input"></param>  
    /// <returns></returns>  
    public static bool IsInteger(string Input, bool Plus)  
    {  
        if (Input == null)  
        {  
            return false;  
        }  
        else 
        {  
            string pattern = "^-?[0-9]+$";  
            if (Plus)  
                pattern = "^[0-9]+$";  
            if (Regex.Match(Input, pattern, RegexOptions.Compiled).Success)  
            {  
                return true;  
            }  
            else 
            {  
                return false;  
            }  
        }  
    }  
 
    /// <summary>  
    /// 判断输入是否为日期类型  
    /// </summary>  
    /// <param name="s">待检查数据</param>  
    /// <returns></returns>  
    public static bool IsDate(string s)  
    {  
        try 
        {  
            DateTime d = DateTime.Parse(s);  
            return true;  
        }  
        catch 
        {  
            return false;  
        }  
    }  
 
 
    /// <summary>  
    /// 过滤字符串中的html代码  
    /// </summary>  
    /// <param name="Str"></param>  
    /// <returns>返回过滤之后的字符串</returns>  
    public static string LostHTML(string Str)  
    {  
        string Re_Str = "";  
        if (Str != null)  
        {  
            if (Str != string.Empty)  
            {  
                string Pattern = "<///*[^<>]*>";  
                Re_Str = Regex.Replace(Str, Pattern, "");  
            }  
        }  
        return (Re_Str.Replace("//r//n", "")).Replace("//r", "");  
    }  
 
    public static string LostPage(string Str)  
    {  
        string Re_Str = "";  
        if (Str != null)  
        {  
            if (Str != string.Empty)  
            {  
                string Pattern = "//[NT:PAGE///*[^<>]*//$//]";  
                Re_Str = Regex.Replace(Str, Pattern, "");  
            }  
        }  
        return Re_Str;  
    }  
 
    public static string LostVoteStr(string Str)  
    {  
        string Re_Str = "";  
        if (Str != null)  
        {  
            if (Str != string.Empty)  
            {  
                string Pattern = "//[NT:unLoop///*[^<>]*//[///NT:unLoop//]";  
                Re_Str = Regex.Replace(Str, Pattern, "");  
            }  
        }  
        return Re_Str;  
    }  
 
    /// <summary>  
    /// 根据新闻标题的属性设置返回设置后的标题  
    /// </summary>  
    /// <param name="Title">标题</param>  
    /// <param name="TitleColor">标题颜色</param>  
    /// <param name="IsB">是否粗体</param>  
    /// <param name="IsI">是否斜体</param>  
    /// <param name="TitleNum">返回标题字数</param>  
    /// <returns>返回设置后的标题</returns>  
    public static string GetColorTitleSubStr(string Title, string TitleColor, int IsB, int IsI, int TitleNum)  
    {  
        string Return_title = "";  
        string FormatTitle = LostHTML(Title);  
        if (FormatTitle != null && FormatTitle != string.Empty)  
        {  
            FormatTitle = GetSubString(FormatTitle, TitleNum);  
            if (IsB == 1)  
            {  
                FormatTitle = "<b>" + FormatTitle + "</b>";  
            }  
            if (IsI == 1)  
            {  
                FormatTitle = "<i>" + FormatTitle + "</i>";  
            }  
            if (TitleColor != null && TitleColor != string.Empty)  
            {  
                FormatTitle = "<font style="/" mce_style="/""color:" + TitleColor + ";/">" + FormatTitle + "</font>";  
            }  
            Return_title = FormatTitle;  
        }  
        return Return_title;  
    }  
 
 
/// <summary>  
    /// 截取字符串函数  
    /// </summary>  
    /// <param name="Str">所要截取的字符串</param>  
    /// <param name="Num">截取字符串的长度</param>  
    /// <returns></returns>  
    public static string GetSubString(string Str, int Num)  
    {  
        if (Str == null || Str == "")  
            return "";  
        string outstr = "";  
        int n = 0;  
        foreach (char ch in Str)  
        {  
            n += System.Text.Encoding.Default.GetByteCount(ch.ToString());  
            if (n > Num)  
                break;  
            else 
                outstr += ch;  
        }  
        return outstr;  
    }  
    /// <summary>  
    /// 截取字符串函数  
    /// </summary>  
    /// <param name="Str">所要截取的字符串</param>  
    /// <param name="Num">截取字符串的长度</param>  
    /// <param name="Num">截取字符串后省略部分的字符串</param>  
    /// <returns></returns>  
    public static string GetSubString(string Str, int Num, string LastStr)  
    {  
        return (Str.Length > Num) ? Str.Substring(0, Num) + LastStr : Str;  
    }  
 
    /// <summary>  
    /// 验证字符串是否是图片路径  
    /// </summary>  
    /// <param name="Input">待检测的字符串</param>  
    /// <returns>返回true 或false</returns>  
    public static bool IsImgString(string Input)  
    {  
        return IsImgString(Input, "/{@dirfile}/");  
    }  
 
    public static bool IsImgString(string Input, string checkStr)  
    {  
        bool re_Val = false;  
        if (Input != string.Empty)  
        {  
            string s_input = Input.ToLower();  
            if (s_input.IndexOf(checkStr.ToLower()) != -1 && s_input.IndexOf(".") != -1)  
            {  
                string Ex_Name = s_input.Substring(s_input.LastIndexOf(".") + 1).ToString().ToLower();  
                if (Ex_Name == "jpg" || Ex_Name == "gif" || Ex_Name == "bmp" || Ex_Name == "png")  
                {  
                    re_Val = true;  
                }  
            }  
        }  
        return re_Val;  
    }  
 
/// <summary>  
    /// 将字符转化为HTML编码  
    /// </summary>  
    /// <param name="str">待处理的字符串</param>  
    /// <returns></returns>  
    public static string HtmlEncode(string Input)  
    {  
        return HttpContext.Current.Server.HtmlEncode(Input);  
    }  
 
    /// <summary>  
    ///   
    /// </summary>  
    /// <param name="Input"></param>  
    /// <returns></returns>  
    public static string HtmlDecode(string Input)  
    {  
        return HttpContext.Current.Server.HtmlDecode(Input);  
    }  
 
    /// <summary>  
    /// URL地址编码  
    /// </summary>  
    /// <param name="Input"></param>  
    /// <returns></returns>  
    public static string URLEncode(string Input)  
    {  
        return HttpContext.Current.Server.UrlEncode(Input);  
    }  
 
    /// <summary>  
    /// URL地址解码  
    /// </summary>  
    /// <param name="Input"></param>  
    /// <returns></returns>  
    public static string URLDecode(string Input)  
    {  
        return HttpContext.Current.Server.UrlDecode(Input);  
    }  
 
    /// <summary>  
    /// 过滤字符  
    /// </summary>  
    /// <param name="Input"></param>  
    /// <returns></returns>  
    public static string Filter(string sInput)  
    {  
        if (sInput == null || sInput == "")  
            return null;  
        string sInput1 = sInput.ToLower();  
        string output = sInput;  
        string pattern = @"*|and|exec|insert|select|delete|update|count|master|truncate|declare|char(|mid(|chr(|'";  
        if (Regex.Match(sInput1, Regex.Escape(pattern), RegexOptions.Compiled | RegexOptions.IgnoreCase).Success)  
        {  
            throw new Exception("字符串中含有非法字符!");  
        }  
        else 
        {  
            output = output.Replace("'", "''");  
        }  
        return output;  
 
/// <summary>  
    /// 过滤特殊字符/前台会员  
    /// </summary>  
    /// <param name="Input"></param>  
    /// <returns></returns>  
    public static string Htmls(string Input)  
    {  
        if (Input != string.Empty && Input != null)  
        {  
            string ihtml = Input.ToLower();  
            ihtml = ihtml.Replace("<script", "<script");  
            ihtml = ihtml.Replace("script>", "script>");  
            ihtml = ihtml.Replace("<%", "&lt;%");  
            ihtml = ihtml.Replace("%>", "%>");  
            ihtml = ihtml.Replace("<$", "<$");  
            ihtml = ihtml.Replace("$>", "$>");  
            return ihtml;  
        }  
        else 
        {  
            return string.Empty;  
        }  
    }  
 
    /// <summary>  
    /// 字符串字符处理  
    /// </summary>  
    /// <param name="chr">等待处理的字符串</param>  
    /// <returns>处理后的字符串</returns>  
    /// //把HTML代码转换成TXT格式  
    public static String ToTxt(String Input)  
    {  
        StringBuilder sb = new StringBuilder(Input);  
        sb.Replace(" ", " ");  
        sb.Replace("<br>", "/r/n");  
        sb.Replace("<br>", "/n");  
        sb.Replace("<br />", "/n");  
        sb.Replace("<br />", "/r/n");  
        sb.Replace("<", "<");  
        sb.Replace(">", ">");  
        sb.Replace("&", "&");  
        return sb.ToString();  
    }  
 
    /// <summary>  
    /// 字符串字符处理  
    /// </summary>  
    /// <param name="chr">等待处理的字符串</param>  
    /// <returns>处理后的字符串</returns>  
    /// //把HTML代码转换成TXT格式  
    public static String ToshowTxt(String Input)  
    {  
        StringBuilder sb = new StringBuilder(Input);  
        sb.Replace("<", "<");  
        sb.Replace(">", ">");  
        return sb.ToString();  
    }  
    }  
 
/// <summary>  
    /// 把字符转化为文本格式  
    /// </summary>  
    /// <param name="Input"></param>  
    /// <returns></returns>  
    public static string ForTXT(string Input)  
    {  
        StringBuilder sb = new StringBuilder(Input);  
        sb.Replace("<font", " ");  
        sb.Replace("<span", " ");  
        sb.Replace("<style", " ");  
        sb.Replace("<div", " ");  
        sb.Replace("<p", "");  
        sb.Replace("</p>", "");  
        sb.Replace("<label", " ");  
        sb.Replace(" ", " ");  
        sb.Replace("<br>", "");  
        sb.Replace("<br />", "");  
        sb.Replace("<br />", "");  
        sb.Replace("<", "");  
        sb.Replace(">", "");  
        sb.Replace("&", "");  
        sb.Replace("<", "");  
        sb.Replace(">", "");  
        return sb.ToString();  
    }  
    /// <summary>  
    /// 字符串字符处理  
    /// </summary>  
    /// <param name="chr">等待处理的字符串</param>  
    /// <returns>处理后的字符串</returns>  
    /// //把TXT代码转换成HTML格式  
 
    public static String ToHtml(string Input)  
    {  
        StringBuilder sb = new StringBuilder(Input);  
        sb.Replace("&", "&");  
        sb.Replace("<", "<");  
        sb.Replace(">", ">");  
        sb.Replace("/r/n", "<br />");  
        sb.Replace("/n", "<br />");  
        sb.Replace("/t", " ");  
        //sb.Replace(" ", " ");  
        return sb.ToString();  
    }  
 
    /// <summary>  
    /// MD5加密字符串处理  
    /// </summary>  
    /// <param name="Half">加密是位还是位;如果为true为位</param>  
    /// <param name="Input">待加密码字符串</param>  
    /// <returns></returns>  
    public static string MD5(string Input, bool Half)  
    {  
        string output = System.Web.Security.FormsAuthentication.HashPasswordForStoringInConfigFile(Input, "MD5").ToLower();  
        if (Half)//16位MD5加密(取位加密的~25字符)  
            output = output.Substring(8, 16);  
        return output;  
    }  
 
    public static string MD5(string Input)  
    {  
        return MD5(Input, true);  
    }  
 
    /// <summary>  
    /// 字符串加密 进行位移操作  
    /// </summary>  
    /// <param name="str">待加密数据</param>  
    /// <returns>加密后的数据</returns>  
    public static string EncryptString(string Input)  
    {  
        string _temp = "";  
        int _inttemp;  
        char[] _chartemp = Input.ToCharArray();  
        for (int i = 0; i < _chartemp.Length; i++)  
        {  
            _inttemp = _chartemp[i] + 1;  
            _chartemp[i] = (char)_inttemp;  
            _temp += _chartemp[i];  
        }  
        return _temp;  
    }  
 
    /// <summary>  
    /// 字符串解密  
    /// </summary>  
    /// <param name="str">待解密数据</param>  
    /// <returns>解密成功后的数据</returns>  
    public static string NcyString(string Input)  
    {  
        string _temp = "";  
        int _inttemp;  
        char[] _chartemp = Input.ToCharArray();  
        for (int i = 0; i < _chartemp.Length; i++)  
        {  
            _inttemp = _chartemp[i] - 1;  
            _chartemp[i] = (char)_inttemp;  
            _temp += _chartemp[i];  
        }  
        return _temp;  
    }  
 
    /// <summary>  
    /// 检测含中文字符串实际长度  
    /// </summary>  
    /// <param name="str">待检测的字符串</param>  
    /// <returns>返回正整数</returns>  
    public static int NumChar(string Input)  
    {  
        ASCIIEncoding n = new ASCIIEncoding();  
        byte[] b = n.GetBytes(Input);  
        int l = 0;  
        for (int i = 0; i <= b.Length - 1; i++)  
        {  
            if (b[i] == 63)//判断是否为汉字或全脚符号  
            {  
                l++;  
            }  
            l++;  
        }  
        return l;  
    }  
 
/// <summary>  
    /// 检测是否合法日期  
    /// </summary>  
    /// <param name="str">待检测的字符串</param>  
    /// <returns></returns>  
    public static bool ChkDate(string Input)  
    {  
        try 
        {  
            DateTime t1 = DateTime.Parse(Input);  
            return true;  
        }  
        catch 
        {  
            return false;  
        }  
    }  
 
    /// <summary>  
    /// 转换日期时间函数  
    /// </summary>  
    /// <returns></returns>          
    public static string ReDateTime()  
    {  
        return System.DateTime.Now.ToString("yyyyMMdd");  
    }  
 
 
    /// <summary>  
    /// 去除字符串最后一个','号  
    /// </summary>  
    /// <param name="chr">:要做处理的字符串</param>  
    /// <returns>返回已处理的字符串</returns>  
    /// /// CreateTime:2007-03-26 Code By DengXi  
    public static string CutComma(string Input)  
    {  
        return CutComma(Input, ",");  
    }  
 
    public static string CutComma(string Input, string indexStr)  
    {  
        if (Input.IndexOf(indexStr) >= 0)  
            return Input.Remove(Input.LastIndexOf(indexStr));  
        else 
            return Input;  
    }  
 
    /// <summary>  
    /// 去掉首尾P  
    /// </summary>  
    /// <param name="Input"></param>  
    /// <returns></returns>  
    public static string RemovePor(string Input)  
    {  
        if (Input != string.Empty && Input != null)  
        {  
            string TMPStr = Input;  
            if (Input.ToLower().Substring(0, 3) == "<p>")  
            {  
                TMPStr = TMPStr.Substring(3);  
            }  
            if (TMPStr.Substring(TMPStr.Length - 4) == "</p>")  
            {  
                TMPStr = TMPStr.Remove(TMPStr.ToLower().LastIndexOf("</p>"));  
            }  
            return TMPStr;  
        }  
        else 
        {  
            return string.Empty;  
        }  
    }  
 
/// <summary>  
    /// 判断参数是否合法  
    /// </summary>  
    /// <param name="ID">要判断的参数</param>  
    /// <returns>返回已处理的字符串</returns>  
 
    public static string checkID(string ID)  
    {  
        if (ID == null && ID == string.Empty)  
            throw new Exception("参数传递错误!<li>参数不能为空</li>");  
        return ID;  
    }  
 
    /// <summary>  
    /// 去除编号字符串中的'-1'  
    /// </summary>  
    /// <param name="id"></param>  
    /// <returns>如果为空则返回'IsNull'</returns>  
 
    public static string Losestr(string id)  
    {  
        if (id == null || id == "" || id == string.Empty)  
            return "IsNull";  
 
        id = id.Replace("'-1',", "");  
 
        if (id == null || id == "" || id == string.Empty)  
            return "IsNull";  
        else 
            return id;  
    } 
using System;
using System.Collections.Generic;
using System.Text;
using System.Text.RegularExpressions;
using System.Web;
using System.Security.Cryptography;

public class Input
{
   
    /// <summary>
    /// 检测是否整数型数据
    /// </summary>
    /// <param name="Num">待检查数据</param>
    /// <returns></returns>
    public static bool IsInteger(string Input)
    {
        if (Input == null)
        {
            return false;
        }
        else
        {
            return IsInteger(Input, true);
        }
    }

    /// <summary>
    /// 是否全是正整数
    /// </summary>
    /// <param name="Input"></param>
    /// <returns></returns>
    public static bool IsInteger(string Input, bool Plus)
    {
        if (Input == null)
        {
            return false;
        }
        else
        {
            string pattern = "^-?[0-9]+$";
            if (Plus)
                pattern = "^[0-9]+$";
            if (Regex.Match(Input, pattern, RegexOptions.Compiled).Success)
            {
                return true;
            }
            else
            {
                return false;
            }
        }
    }

    /// <summary>
    /// 判断输入是否为日期类型
    /// </summary>
    /// <param name="s">待检查数据</param>
    /// <returns></returns>
    public static bool IsDate(string s)
    {
        try
        {
            DateTime d = DateTime.Parse(s);
            return true;
        }
        catch
        {
            return false;
        }
    }


    /// <summary>
    /// 过滤字符串中的html代码
    /// </summary>
    /// <param name="Str"></param>
    /// <returns>返回过滤之后的字符串</returns>
    public static string LostHTML(string Str)
    {
        string Re_Str = "";
        if (Str != null)
        {
            if (Str != string.Empty)
            {
                string Pattern = "<///*[^<>]*>";
                Re_Str = Regex.Replace(Str, Pattern, "");
            }
        }
        return (Re_Str.Replace("//r//n", "")).Replace("//r", "");
    }

    public static string LostPage(string Str)
    {
        string Re_Str = "";
        if (Str != null)
        {
            if (Str != string.Empty)
            {
                string Pattern = "//[NT:PAGE///*[^<>]*//$//]";
                Re_Str = Regex.Replace(Str, Pattern, "");
            }
        }
        return Re_Str;
    }

    public static string LostVoteStr(string Str)
    {
        string Re_Str = "";
        if (Str != null)
        {
            if (Str != string.Empty)
            {
                string Pattern = "//[NT:unLoop///*[^<>]*//[///NT:unLoop//]";
                Re_Str = Regex.Replace(Str, Pattern, "");
            }
        }
        return Re_Str;
    }

    /// <summary>
    /// 根据新闻标题的属性设置返回设置后的标题
    /// </summary>
    /// <param name="Title">标题</param>
    /// <param name="TitleColor">标题颜色</param>
    /// <param name="IsB">是否粗体</param>
    /// <param name="IsI">是否斜体</param>
    /// <param name="TitleNum">返回标题字数</param>
    /// <returns>返回设置后的标题</returns>
    public static string GetColorTitleSubStr(string Title, string TitleColor, int IsB, int IsI, int TitleNum)
    {
        string Return_title = "";
        string FormatTitle = LostHTML(Title);
        if (FormatTitle != null && FormatTitle != string.Empty)
        {
            FormatTitle = GetSubString(FormatTitle, TitleNum);
            if (IsB == 1)
            {
                FormatTitle = "<b>" + FormatTitle + "</b>";
            }
            if (IsI == 1)
            {
                FormatTitle = "<i>" + FormatTitle + "</i>";
            }
            if (TitleColor != null && TitleColor != string.Empty)
            {
                FormatTitle = "<font style="/" mce_style="/""color:" + TitleColor + ";/">" + FormatTitle + "</font>";
            }
            Return_title = FormatTitle;
        }
        return Return_title;
    }


/// <summary>
    /// 截取字符串函数
    /// </summary>
    /// <param name="Str">所要截取的字符串</param>
    /// <param name="Num">截取字符串的长度</param>
    /// <returns></returns>
    public static string GetSubString(string Str, int Num)
    {
        if (Str == null || Str == "")
            return "";
        string outstr = "";
        int n = 0;
        foreach (char ch in Str)
        {
            n += System.Text.Encoding.Default.GetByteCount(ch.ToString());
            if (n > Num)
                break;
            else
                outstr += ch;
        }
        return outstr;
    }
    /// <summary>
    /// 截取字符串函数
    /// </summary>
    /// <param name="Str">所要截取的字符串</param>
    /// <param name="Num">截取字符串的长度</param>
    /// <param name="Num">截取字符串后省略部分的字符串</param>
    /// <returns></returns>
    public static string GetSubString(string Str, int Num, string LastStr)
    {
        return (Str.Length > Num) ? Str.Substring(0, Num) + LastStr : Str;
    }

    /// <summary>
    /// 验证字符串是否是图片路径
    /// </summary>
    /// <param name="Input">待检测的字符串</param>
    /// <returns>返回true 或false</returns>
    public static bool IsImgString(string Input)
    {
        return IsImgString(Input, "/{@dirfile}/");
    }

    public static bool IsImgString(string Input, string checkStr)
    {
        bool re_Val = false;
        if (Input != string.Empty)
        {
            string s_input = Input.ToLower();
            if (s_input.IndexOf(checkStr.ToLower()) != -1 && s_input.IndexOf(".") != -1)
            {
                string Ex_Name = s_input.Substring(s_input.LastIndexOf(".") + 1).ToString().ToLower();
                if (Ex_Name == "jpg" || Ex_Name == "gif" || Ex_Name == "bmp" || Ex_Name == "png")
                {
                    re_Val = true;
                }
            }
        }
        return re_Val;
    }

/// <summary>
    /// 将字符转化为HTML编码
    /// </summary>
    /// <param name="str">待处理的字符串</param>
    /// <returns></returns>
    public static string HtmlEncode(string Input)
    {
        return HttpContext.Current.Server.HtmlEncode(Input);
    }

    /// <summary>
    ///
    /// </summary>
    /// <param name="Input"></param>
    /// <returns></returns>
    public static string HtmlDecode(string Input)
    {
        return HttpContext.Current.Server.HtmlDecode(Input);
    }

    /// <summary>
    /// URL地址编码
    /// </summary>
    /// <param name="Input"></param>
    /// <returns></returns>
    public static string URLEncode(string Input)
    {
        return HttpContext.Current.Server.UrlEncode(Input);
    }

    /// <summary>
    /// URL地址解码
    /// </summary>
    /// <param name="Input"></param>
    /// <returns></returns>
    public static string URLDecode(string Input)
    {
        return HttpContext.Current.Server.UrlDecode(Input);
    }

    /// <summary>
    /// 过滤字符
    /// </summary>
    /// <param name="Input"></param>
    /// <returns></returns>
    public static string Filter(string sInput)
    {
        if (sInput == null || sInput == "")
            return null;
        string sInput1 = sInput.ToLower();
        string output = sInput;
        string pattern = @"*|and|exec|insert|select|delete|update|count|master|truncate|declare|char(|mid(|chr(|'";
        if (Regex.Match(sInput1, Regex.Escape(pattern), RegexOptions.Compiled | RegexOptions.IgnoreCase).Success)
        {
            throw new Exception("字符串中含有非法字符!");
        }
        else
        {
            output = output.Replace("'", "''");
        }
        return output;

/// <summary>
    /// 过滤特殊字符/前台会员
    /// </summary>
    /// <param name="Input"></param>
    /// <returns></returns>
    public static string Htmls(string Input)
    {
        if (Input != string.Empty && Input != null)
        {
            string ihtml = Input.ToLower();
            ihtml = ihtml.Replace("<script", "<script");
            ihtml = ihtml.Replace("script>", "script>");
            ihtml = ihtml.Replace("<%", "&lt;%");
            ihtml = ihtml.Replace("%>", "%>");
            ihtml = ihtml.Replace("<$", "<$");
            ihtml = ihtml.Replace("$>", "$>");
            return ihtml;
        }
        else
        {
            return string.Empty;
        }
    }

    /// <summary>
    /// 字符串字符处理
    /// </summary>
    /// <param name="chr">等待处理的字符串</param>
    /// <returns>处理后的字符串</returns>
    /// //把HTML代码转换成TXT格式
    public static String ToTxt(String Input)
    {
        StringBuilder sb = new StringBuilder(Input);
        sb.Replace(" ", " ");
        sb.Replace("<br>", "/r/n");
        sb.Replace("<br>", "/n");
        sb.Replace("<br />", "/n");
        sb.Replace("<br />", "/r/n");
        sb.Replace("<", "<");
        sb.Replace(">", ">");
        sb.Replace("&", "&");
        return sb.ToString();
    }

    /// <summary>
    /// 字符串字符处理
    /// </summary>
    /// <param name="chr">等待处理的字符串</param>
    /// <returns>处理后的字符串</returns>
    /// //把HTML代码转换成TXT格式
    public static String ToshowTxt(String Input)
    {
        StringBuilder sb = new StringBuilder(Input);
        sb.Replace("<", "<");
        sb.Replace(">", ">");
        return sb.ToString();
    }
    }

/// <summary>
    /// 把字符转化为文本格式
    /// </summary>
    /// <param name="Input"></param>
    /// <returns></returns>
    public static string ForTXT(string Input)
    {
        StringBuilder sb = new StringBuilder(Input);
        sb.Replace("<font", " ");
        sb.Replace("<span", " ");
        sb.Replace("<style", " ");
        sb.Replace("<div", " ");
        sb.Replace("<p", "");
        sb.Replace("</p>", "");
        sb.Replace("<label", " ");
        sb.Replace(" ", " ");
        sb.Replace("<br>", "");
        sb.Replace("<br />", "");
        sb.Replace("<br />", "");
        sb.Replace("<", "");
        sb.Replace(">", "");
        sb.Replace("&", "");
        sb.Replace("<", "");
        sb.Replace(">", "");
        return sb.ToString();
    }
    /// <summary>
    /// 字符串字符处理
    /// </summary>
    /// <param name="chr">等待处理的字符串</param>
    /// <returns>处理后的字符串</returns>
    /// //把TXT代码转换成HTML格式

    public static String ToHtml(string Input)
    {
        StringBuilder sb = new StringBuilder(Input);
        sb.Replace("&", "&");
        sb.Replace("<", "<");
        sb.Replace(">", ">");
        sb.Replace("/r/n", "<br />");
        sb.Replace("/n", "<br />");
        sb.Replace("/t", " ");
        //sb.Replace(" ", " ");
        return sb.ToString();
    }

    /// <summary>
    /// MD5加密字符串处理
    /// </summary>
    /// <param name="Half">加密是位还是位;如果为true为位</param>
    /// <param name="Input">待加密码字符串</param>
    /// <returns></returns>
    public static string MD5(string Input, bool Half)
    {
        string output = System.Web.Security.FormsAuthentication.HashPasswordForStoringInConfigFile(Input, "MD5").ToLower();
        if (Half)//16位MD5加密(取位加密的~25字符)
            output = output.Substring(8, 16);
        return output;
    }

    public static string MD5(string Input)
    {
        return MD5(Input, true);
    }

    /// <summary>
    /// 字符串加密 进行位移操作
    /// </summary>
    /// <param name="str">待加密数据</param>
    /// <returns>加密后的数据</returns>
    public static string EncryptString(string Input)
    {
        string _temp = "";
        int _inttemp;
        char[] _chartemp = Input.ToCharArray();
        for (int i = 0; i < _chartemp.Length; i++)
        {
            _inttemp = _chartemp[i] + 1;
            _chartemp[i] = (char)_inttemp;
            _temp += _chartemp[i];
        }
        return _temp;
    }

    /// <summary>
    /// 字符串解密
    /// </summary>
    /// <param name="str">待解密数据</param>
    /// <returns>解密成功后的数据</returns>
    public static string NcyString(string Input)
    {
        string _temp = "";
        int _inttemp;
        char[] _chartemp = Input.ToCharArray();
        for (int i = 0; i < _chartemp.Length; i++)
        {
            _inttemp = _chartemp[i] - 1;
            _chartemp[i] = (char)_inttemp;
            _temp += _chartemp[i];
        }
        return _temp;
    }

    /// <summary>
    /// 检测含中文字符串实际长度
    /// </summary>
    /// <param name="str">待检测的字符串</param>
    /// <returns>返回正整数</returns>
    public static int NumChar(string Input)
    {
        ASCIIEncoding n = new ASCIIEncoding();
        byte[] b = n.GetBytes(Input);
        int l = 0;
        for (int i = 0; i <= b.Length - 1; i++)
        {
            if (b[i] == 63)//判断是否为汉字或全脚符号
            {
                l++;
            }
            l++;
        }
        return l;
    }

/// <summary>
    /// 检测是否合法日期
    /// </summary>
    /// <param name="str">待检测的字符串</param>
    /// <returns></returns>
    public static bool ChkDate(string Input)
    {
        try
        {
            DateTime t1 = DateTime.Parse(Input);
            return true;
        }
        catch
        {
            return false;
        }
    }

    /// <summary>
    /// 转换日期时间函数
    /// </summary>
    /// <returns></returns>       
    public static string ReDateTime()
    {
        return System.DateTime.Now.ToString("yyyyMMdd");
    }


    /// <summary>
    /// 去除字符串最后一个','号
    /// </summary>
    /// <param name="chr">:要做处理的字符串</param>
    /// <returns>返回已处理的字符串</returns>
    /// /// CreateTime:2007-03-26 Code By DengXi
    public static string CutComma(string Input)
    {
        return CutComma(Input, ",");
    }

    public static string CutComma(string Input, string indexStr)
    {
        if (Input.IndexOf(indexStr) >= 0)
            return Input.Remove(Input.LastIndexOf(indexStr));
        else
            return Input;
    }

    /// <summary>
    /// 去掉首尾P
    /// </summary>
    /// <param name="Input"></param>
    /// <returns></returns>
    public static string RemovePor(string Input)
    {
        if (Input != string.Empty && Input != null)
        {
            string TMPStr = Input;
            if (Input.ToLower().Substring(0, 3) == "<p>")
            {
                TMPStr = TMPStr.Substring(3);
            }
            if (TMPStr.Substring(TMPStr.Length - 4) == "</p>")
            {
                TMPStr = TMPStr.Remove(TMPStr.ToLower().LastIndexOf("</p>"));
            }
            return TMPStr;
        }
        else
        {
            return string.Empty;
        }
    }

/// <summary>
    /// 判断参数是否合法
    /// </summary>
    /// <param name="ID">要判断的参数</param>
    /// <returns>返回已处理的字符串</returns>

    public static string checkID(string ID)
    {
        if (ID == null && ID == string.Empty)
            throw new Exception("参数传递错误!<li>参数不能为空</li>");
        return ID;
    }

    /// <summary>
    /// 去除编号字符串中的'-1'
    /// </summary>
    /// <param name="id"></param>
    /// <returns>如果为空则返回'IsNull'</returns>

    public static string Losestr(string id)
    {
        if (id == null || id == "" || id == string.Empty)
            return "IsNull";

        id = id.Replace("'-1',", "");

        if (id == null || id == "" || id == string.Empty)
            return "IsNull";
        else
            return id;
    }

lavly
关注
专栏目录
CTF---Web---SQL注入---03---联合注入+关键字过滤
qq_22160557的博客
07-29 916
文章目录前言一、题目描述二、解题步骤1、回显判断注入方式2、尝试列数3、寻找注入点4、尝试注入(库,表,列,字段)三、总结 前言 题目分类: CTF—Web—SQL注入—03—联合注入+关键字过滤 一、题目描述 题目:SQL注入 链接:http://192.168.87.175 二、解题步骤 1、回显判断注入方式 Step1: http://192.168.87.175/viewld.do?ldid=2,回显正常。有内容 Step2: http://192.168.87.175/viewld.do?ld
java 过滤sql关键字_JAVA中防止SQL注入(过滤特殊字符方案)
weixin_31545685的博客
02-13 2045
1.页面使用JavaScript过滤SQL注入的特殊字符function Check(theform){if (theform.UserName.value==""){alert("请输入用户名!")theform.UserName.focus();return (false);}if (theform.Password.value == ""){alert("请输入密码!");theform.P...
网站关键字过滤词库
02-14
最新网站关键词过滤词库,0分分享
sql注入过滤字典.txt
10-15
sql注入过滤字典.txt
php 拦截网页功能,网页关键字拦截 关键字过滤 关键字替换
weixin_32226157的博客
03-10 884
•如何快速在几百个网站中找出包含“关键字”的 xxx.htmxxx.asp xxx.php ...页面,通知客户删除?•面对服务器网站中 www.域名.com 包含非法内容,如何拦截阻断?•如何阻止非法信息提交发送到 BBS论坛、留言板?《智创IIS防火墙》网页关键字过滤拦截帮你解决这个难题,将各种有害信息阻挡在服务器之外。POST关键字拦截模式支持用“正则表达式”模式匹配“关键字”,各种变形组合...
SQL注入过滤关键字的Fuzz字典
末初的CSDN博客
11-06 5162
大家觉得有什么漏了的欢迎评论区留言,这个字典有持续更新,先就记得这么多了,慢慢加 ' " ; , . / [ ] \ < > ? { } | ` ~ ! @ # $ % ^ & * ( ) - = _ + -- --+ /**/ && || and or xor as if by select union where from order sleep limit group concat like prepare length ascii substring mid
sql注入关键字过滤fuzz字典
开心星人的博客
08-13 2140
sql注入关键字过滤fuzz字典。
sql_fuzz-检测waf过滤关键字字典.txt
09-26
非常全面的SQL注入关键字检测字典,检测网站waf过滤了哪些关键字的字典,配合burpsuit使用非常有效。
C# MVC 过滤器防止SQL注入
09-15
C# MVC 过滤器防止SQL注入
防注入过滤关键字
12-21
在IT安全领域,尤其是Web应用的安全防护中,“防注入过滤关键字”是一个至关重要的概念,它直接关系到系统能否有效抵御SQL注入攻击。SQL注入是一种常见的Web应用漏洞利用方式,攻击者通过将恶意的SQL代码插入到应用...
网站关键词屏蔽列表
11-21
网站关键词屏蔽列表,国内网站开发必备资源,网安提供,较权威
sql注入字典fuzz
01-11
sql注入字典fuzz
sql注入_表名、列名字典
05-06
union select * from 表名字典 union select 列名字典 from 表名
sql注入关键字大全
07-27
sql注入关键字大全,包括sqlserve , odbc,等
一个蛋疼强的的注入字典
05-02
#字典里面包含那些东西呢 1,收集了cgi的那些东东 2,加入了一些linux的东东 3,加入了最近网上出现的一些漏洞页面路径 4,把普瑞斯特牛以前发的后台字典增强了一下 5.增加了xxs相关的东西 6.asp 那些默认数据库当然也在里面 7,fcedit,edit那些啥编辑后台的一些漏洞文件啥都在里面 8.那些常用的注入工具,扫描后台的工具啥的字典里面的东东全部在字典里面躺着 #字典不足支持 1,还有一些字典没有整理,在我电脑躺着 2,涵盖的东西还不是很全面 # 在win下建议把字典加入wwwscan linux下用啥呢。我也不知道哦 #end .. 还有几份字典没处理,实在是没那个力气搞了。
关键词过滤
weixin_30621711的博客
03-27 201
关键词过滤器有两个功能:一个是多关键词组合功能并去掉重复项;一个是查找遗漏的关键词核心代码:组合功能://组合UpdateData(TRUE);CStringspace=_T("");//间隔CStringfirstKeyword=_T("");CStringresualt=_T("");CStringsencondKeyword...
网站敏感关键词过滤的重要性
最新发布
新视数据
04-25 292
2. **保护用户安全**:敏感信息的传播可能危害用户的身心健康,尤其是对未成年人。7. **满足合规要求**:对于特定行业如金融、教育、医疗等,可能有额外的行业规定要求过滤特定类型的敏感信息,以保护用户隐私和数据安全。6. **预防网络风险**:敏感词过滤也是预防网络欺凌、恶意攻击、谣言传播等不良行为的有效手段,有助于维护网络秩序和社会稳定。5. **提升内容质量**:通过过滤机制,可以鼓励用户发布更高质量、符合社区规范的内容,从而促进积极健康的讨论氛围。
“基于关键字匹配的文本过滤系统”配置文件的设计和实现(C/C++源码)
Liigo's blog
10-29 5421
本文原始链接:http://blog.csdn.net/liigo/archive/2009/10/29/4744700.aspx 作者:liigo, 2009/10/29 转载请注明出处:http://blog.csdn.net/liigo     假设有一个基于关键字匹配的文本过滤系统,或类似的系统,需要一个配置文件,用于设定欲过滤关键字列表。该怎么设计这样一个配置文件呢?又该如何编
SQL注入(入门其二——过滤
qq_43520778的博客
09-06 1333
[toc]SQL注入
SQL注入关键字大全与Burp配合使用
"SQL关键字字典包含了SQL语言中常用的关键字,这些关键字SQL注入攻击中经常被用作测试和绕过WAF规则的工具。它们可以与Burp Suite等安全测试工具配合使用,帮助安全研究人员快速进行模糊测试(fuzzing)。" SQL是...
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值