关于过滤掉用户提交数据中的HTML代码 请问用何种方式过滤非法字符,并保留回车空格。都有什么做法呢?是否也有类似UBB一类的东西,可以在ASP.NET中使用呢? 解决方案 » 免费领取超大流量手机卡,每月29元包185G流量+100分钟通话, 中国电信官方发货 strContent=strContent.Replace("&","&");strContent=strContent.Replace("'","''");strContent=strContent.Replace("<","<");strContent=strContent.Replace(">",">");strContent=strContent.Replace("chr(60)","<");strContent=strContent.Replace("chr(37)",">");strContent=strContent.Replace("\"",""");strContent=strContent.Replace(";",";");strContent=strContent.Replace("\n","<br/>");strContent=strContent.Replace(" "," ");return strContent; public static string ConvertStr(string inputString) { string retVal=inputString; retVal=retVal.Replace("&","&"); retVal=retVal.Replace("\"","""); retVal=retVal.Replace("<","<"); retVal=retVal.Replace(">",">"); retVal=retVal.Replace(" "," "); retVal=retVal.Replace(" "," "); retVal=retVal.Replace("\t"," "); retVal=retVal.Replace("\r", "<br>"); return retVal; } public static string OutputText(string inputString) { string retVal=inputString; retVal= ConvertStr(retVal); retVal=retVal.Replace(" retVal=retVal.Replace("">", ""); retVal=retVal.Replace("", ""); retVal=retVal.Replace("", ""); retVal= Regex.Replace(retVal,@"\[flash=\d+,\d+](?<x>[^\]]*)\[/flash]",@"$1",RegexOptions.IgnoreCase); retVal=retVal.Replace("[flash]", ""); retVal=retVal.Replace("[/flash]", ""); return retVal; } public static string ToUrl(string inputString) { string retVal=inputString; retVal= ConvertStr(retVal); retVal= Regex.Replace(retVal,@"\ retVal= Regex.Replace(retVal,@"\[flash=(?<width>\d+),(?<height>\d+)](?<x>[^\]]*)\[/flash]",@"<embed src=""$3"" width=""${width}"" height=""${height}""></embed>",RegexOptions.IgnoreCase); retVal= Regex.Replace(retVal,@"\[flash](?<x>[^\]]*)\[/flash]",@"<embed src=""$1""></embed>",RegexOptions.IgnoreCase); return Regex.Replace(retVal,@"\",@"<a href=""$1"" target=""_blank""><img src=""$1"" onload=""javascript:if(this.width>screen.width-220)this.width=screen.width-220"" border=1></a>",RegexOptions.IgnoreCase); } 我有详细的一个用于处理的类,包括UBB处理,如果你需要请留下你的Email,我发给你。 <%@ import Namespace="System.Web" %><td><%# HttpUtility.HtmlEncode(DataBinder.Eval(Container.DataItem, "ID").ToString())%></td> 过滤(解码):StringWriter writer = new StringWriter();Server.HtmlDecode(str,writer);string tmp = writer.ToString();还原(编码):StringWriter writer = new StringWriter();Server.HtmlEncode(str,writer);string tmp = writer.ToString();目前在我开发项目中就是使用方法过滤html代码的。效果还行,同时空格可以保留。 to: v192(魔渡众生)[email protected]多谢多谢! 晕,Server.HtmlEncode(...) 足够了~~ http://blog.csdn.net/johnsuna/archive/2004/12/05/FilterRealProxy.aspx 服务器文件报错,BC2000: 编译器初始化意外失败: 拒绝访问。 MVC新手请教各位前辈高手 c#实现邮件发送总是失败,求高人指点啊 cache 缓存中移除项时通知应用程序的方法 中httpcontext 为 null 怎么处理 读取excel文件 然后将里面的数据保存到resource文件中 在aspx.vb中如何写入java脚本语言? 求助:Windows2003匿名访问下还需要输入用户名和密码! 水晶报表 做一个系统监控组件,求思路 根據部門表來做部門的層次顯示 谁给一个过滤不文明语言的js程序吧 求asp.net中字符串过滤得函数
strContent=strContent.Replace("'","''");
strContent=strContent.Replace("<","<");
strContent=strContent.Replace(">",">");
strContent=strContent.Replace("chr(60)","<");
strContent=strContent.Replace("chr(37)",">");
strContent=strContent.Replace("\"",""");
strContent=strContent.Replace(";",";");
strContent=strContent.Replace("\n","<br/>");
strContent=strContent.Replace(" "," ");
return strContent;
{
string retVal=inputString;
retVal=retVal.Replace("&","&");
retVal=retVal.Replace("\"",""");
retVal=retVal.Replace("<","<");
retVal=retVal.Replace(">",">");
retVal=retVal.Replace(" "," ");
retVal=retVal.Replace(" "," ");
retVal=retVal.Replace("\t"," ");
retVal=retVal.Replace("\r", "<br>");
return retVal;
} public static string OutputText(string inputString)
{
string retVal=inputString;
retVal= ConvertStr(retVal);
retVal=retVal.Replace("
retVal=retVal.Replace("">", "");
retVal=retVal.Replace("", "");
retVal=retVal.Replace("", "");
retVal= Regex.Replace(retVal,@"\[flash=\d+,\d+](?<x>[^\]]*)\[/flash]",@"$1",RegexOptions.IgnoreCase);
retVal=retVal.Replace("[flash]", "");
retVal=retVal.Replace("[/flash]", "");
return retVal;
} public static string ToUrl(string inputString)
{
string retVal=inputString;
retVal= ConvertStr(retVal);
retVal= Regex.Replace(retVal,@"\
retVal= Regex.Replace(retVal,@"\[flash=(?<width>\d+),(?<height>\d+)](?<x>[^\]]*)\[/flash]",@"<embed src=""$3"" width=""${width}"" height=""${height}""></embed>",RegexOptions.IgnoreCase);
retVal= Regex.Replace(retVal,@"\[flash](?<x>[^\]]*)\[/flash]",@"<embed src=""$1""></embed>",RegexOptions.IgnoreCase);
return Regex.Replace(retVal,@"\",@"<a href=""$1"" target=""_blank""><img src=""$1"" onload=""javascript:if(this.width>screen.width-220)this.width=screen.width-220"" border=1></a>",RegexOptions.IgnoreCase);
}
<td>
<%# HttpUtility.HtmlEncode(DataBinder.Eval(Container.DataItem, "ID").ToString())%>
</td>
StringWriter writer = new StringWriter();
Server.HtmlDecode(str,writer);
string tmp = writer.ToString();还原(编码):
StringWriter writer = new StringWriter();
Server.HtmlEncode(str,writer);
string tmp = writer.ToString();目前在我开发项目中就是使用方法过滤html代码的。效果还行,同时空格可以保留。