.NET过滤字符串

<summary>
    /// 过滤sql中非法字符
    /// </summary>
    /// <param name="value">要过滤的字符串 </param>
    /// <returns>string </returns>
    public string Filter(string value)
    {
        if (string.IsNullOrEmpty(value)) return string.Empty;
        value = Regex.Replace(value, @";", ";");
        value = Regex.Replace(value, @"'", "‘");
        value = Regex.Replace(value, @"(", "(");
        value = Regex.Replace(value, @")", ")");
        value = Regex.Replace(value, @"0x", "0 x");

        value = Regex.Replace(value, @"select", "[select]");
        value = Regex.Replace(value, @"insert", "[insert]");
        value = Regex.Replace(value, @"update", "[update]");
        value = Regex.Replace(value, @"delete", "[delete]");
        value = Regex.Replace(value, @"and", "[and]");
        value = Regex.Replace(value, @"or", "[or]");
        value = Regex.Replace(value, @"chr", "[chr]");
        value = Regex.Replace(value, @"mid", "[mid]");
        value = Regex.Replace(value, @"master", "[master]");
        value = Regex.Replace(value, @"truncate", "[truncate]");
        value = Regex.Replace(value, @"char", "[char]");
        value = Regex.Replace(value, @"declare", "[declare]");
        value = Regex.Replace(value, @"join", "[join]");
        
        vvalue = Regex.Replace(value, @"&", string.Empty);
        value = Regex.Replace(value, @"%20", string.Empty);
        value = Regex.Replace(value, @"--", string.Empty);
        value = Regex.Replace(value, @"==", string.Empty);
        value = Regex.Replace(value, @" <", string.Empty);
        value = Regex.Replace(value, @">", string.Empty);
        value = Regex.Replace(value, @"%", string.Empty);
        return value;
    }

s


/** <summary>
        /// 过滤sql中非法字符
         /// </summary>
        /// <param name="value">要过滤的字符串 </param>
        /// <returns>string </returns>
        public static string Filter(string value)
        {
            if (string.IsNullOrEmpty(value)) return string.Empty;
            value = Regex.Replace(value, @";", string.Empty);
            value = Regex.Replace(value, @"'", string.Empty);
            value = Regex.Replace(value, @"&", string.Empty);
            value = Regex.Replace(value, @"%20", string.Empty);
            value = Regex.Replace(value, @"--", string.Empty);
            value = Regex.Replace(value, @"==", string.Empty);
            value = Regex.Replace(value, @" <", string.Empty);
            value = Regex.Replace(value, @">", string.Empty);
            value = Regex.Replace(value, @"%", string.Empty);

            return value;
        }

/// <summary>
        /// 过滤非法字符
        /// </summary>
        /// <param name="inputString1">等待处理的字符串</param>
        /// <returns></returns>
        public static string InputText3(object inputString1)
        {
            if (inputString1 == null) return "";
            string inputString = inputString1.ToString();
            StringBuilder retVal = new StringBuilder();
            if (inputString != String.Empty)
            {
                inputString = inputString.Trim().ToLower();
                for (int i = 0; i < inputString.Length; i++)
                {
                    switch (inputString[i])
                    {
                        case '"':
                            retVal.Append("");
                            break;
                        case '<':
                            retVal.Append("");
                            break;
                        case '>':
                            retVal.Append("");
                            break;

                        default:
                            retVal.Append(inputString[i]);
                            break;
                    }
                }
                retVal = retVal.Replace("'", "");
                retVal = retVal.Replace(";", "");
                retVal = retVal.Replace(":", "");
            }
          
            return retVal.ToString();
        }

/// <summary>
        /// 过滤非法字符,判断字符串
        /// </summary>
        /// <param name="inputString1">等待处理的字符串</param>
        /// <returns></returns>
        public static string InputText2(object inputString1)
        {
            if (inputString1 == null || inputString1.ToString() == "") return "";
            string inputString = inputString1.ToString();
            StringBuilder retVal = new StringBuilder();
            if (inputString != String.Empty)
            {
                inputString = inputString.Trim().ToLower();
                for (int i = 0; i < inputString.Length; i++)
                {
                    switch (inputString[i])
                    {
                        case '"':
                            retVal.Append("");
                            break;
                        case '<':
                            retVal.Append("");
                            break;
                        case '>':
                            retVal.Append("");
                            break;

                        default:
                            retVal.Append(inputString[i]);
                            break;
                    }
                }
                retVal = retVal.Replace("'", "");
                retVal = retVal.Replace(";", "");
                retVal = retVal.Replace(":", "");
            
               
            }
            if (!IsInt(retVal.ToString()))
            {
                HttpContext.Current.Response.Redirect(SiteCommon.SiteConst.URL_ERROR_PAGE);
            }
            return retVal.ToString();
        }

   /// <summary>
        /// 是否整数
        /// </summary>
        /// <param name="str1">原字符</param>
        /// <returns></returns>
        public static bool IsInt(string str1)
        {
            if (string.IsNullOrEmpty(str1))
            {
                return false;
            }
            Regex reg = new Regex("^[0-9]+[0-9]*$");
            Match match = reg.Match(str1);
            return match.Success;
        }

/** <summary>
        /// 检测输入字符串strInput是否在禁用字符串strConfigWords中存在,存在则过滤该输入值。
        /// </summary>
        public string CheckRepWords(string strConfigWords,string strInput)
        {
            //创建strWords数组,以“|”号为分割符。
            string strWords = strConfigWords.Split(new char {'|'});
            //依此读取数组中各个单元,并检测该字符串是否存在于以定义过滤词组strConfigWords中,
            //strConfigWords一行内的格式为:“str1,str2”,若str1存在于输入内容strInput内,
            //则将str1替换为str2。
            foreach(string strWord in strWords)
            {
                string strSplitWord = strWord.Split(new char {','});
                if(strInput.IndexOf(strSplitWord[0])>=0)
                {
                    strInput = strInput.Replace(strSplitWord[0],strSplitWord);
                }
            }
            return strInput;
        }

评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值