将字符串转换一次就行了。这里有一段petshop中的代码,修改一下就行了: /*********************************************************/ public static string InputText(string inputString, int maxLength) { StringBuilder retVal = new StringBuilder(); // check incoming parameters for null or blank string if ((inputString != null) && (inputString != String.Empty)) { inputString = inputString.Trim(); //chop the string incase the client-side max length //fields are bypassed to prevent buffer over-runs if (inputString.Length > maxLength) inputString = inputString.Substring(0, maxLength); //convert some harmful symbols incase the regular //expression validators are changed for (int i = 0; i < inputString.Length; i++) { switch (inputString[i]) { case '"': retVal.Append("""); break; case '<': retVal.Append("<"); break; case '>': retVal.Append(">"); break; default: retVal.Append(inputString[i]); break; } } // Replace single quotes with white space retVal.Replace("'", " "); } return retVal.ToString();
/*********************************************************/
public static string InputText(string inputString, int maxLength) {
StringBuilder retVal = new StringBuilder(); // check incoming parameters for null or blank string
if ((inputString != null) && (inputString != String.Empty)) {
inputString = inputString.Trim(); //chop the string incase the client-side max length
//fields are bypassed to prevent buffer over-runs
if (inputString.Length > maxLength)
inputString = inputString.Substring(0, maxLength); //convert some harmful symbols incase the regular
//expression validators are changed
for (int i = 0; i < inputString.Length; i++) {
switch (inputString[i]) {
case '"':
retVal.Append(""");
break;
case '<':
retVal.Append("<");
break;
case '>':
retVal.Append(">");
break;
default:
retVal.Append(inputString[i]);
break;
}
} // Replace single quotes with white space
retVal.Replace("'", " ");
} return retVal.ToString();
}
Server.HtmlDecode()
Server.HtmlDecode()
nod
取出来时split成数组,用一个循环把用户输入的非法字符一律replace成空格就行
HTMLDocumentClass htmlDocClass = new HTMLDocumentClass();
IHTMLDocument2 htmlDoc2 = htmlDocClass as IHTMLDocument2;
htmlDoc2.designMode="On";
htmlDoc2.write(s);
string sb= htmlDoc2.body.innerText;