可以过滤掉 例如把 “<” 转换为 < 等等.....
解决方案 »
- 急急急~~一段JS代码在IE下总是执行错误,但在FF和Chrome下执行正常,求大神们指点,看看我错那了。
- 使用javascript读写网络文件
- js传参小问题
- 怎样获取checkbox的id?
- 这段代码执行不出来
- 为什么在a标签的href中可以写javascript脚本,javascript脚本与网页标签是什么关系?
- 帮帮忙,请各位找找错
- Javascript中,Events对象是属于JS内置对象还是HTML DOM的对象?
- 怎么用javascript实现这个功能:在一个页面包含上下2个Frame,在上方页面的一个button的onclick事件中要求把页面demo.htm显示在下方的Frame
- 请教:这个onLoad事件怎么不起反应
- showModalDialog对话框中的status只要有就会默认显示地址,怎么让他显示我想显示的内容?
- 50分,跪求正则问题,还请各位进来看看,在线等,急
还有更多的呢
1,字符串输出至HTML.
2,输出至URL
3,输出至javascript等脚本
4,输出至sql
...
If Isnull(Str) or Str = "" or (len(Str)<0) Then
fn_chk_to_html = ""
Exit Function
End If
Str = trim(Str)
Str = Replace(Str, Chr(0), "",1,-1,1)
Str = Replace(Str, """", """,1,-1,1)
Str = Replace(Str, "'", "'",1,-1,1)
Str = Replace(Str, "<","<",1,-1,1)
Str = Replace(Str, ">",">",1,-1,1)
Str = Replace(Str, vbCrlf, "<br>",1,-1,1)
fn_chk_to_html = Str
End Function
%>
<%Function fn_chk_to_script(Str)
If Isnull(Str) or Str = "" or (len(Str)<0) Then
fn_chk_to_script = ""
Exit Function
End If
Str = trim(Str)
Str = Replace(Str, "\", "\\",1,-1,1)
Str = Replace(Str, """", "\""",1,-1,1)
Str = Replace(Str, "'", "\'",1,-1,1)
Str = Replace(Str, chr(13), "\n",1,-1,1)
fn_chk_to_script = Str
End Function
%>
<%Function fn_chk_to_sql_(Str)
If Isnull(Str) or Str = "" or (len(Str)<0) Then
fn_chk_to_sql_ = ""
Exit Function
End If
Str = trim(Str)
Str = Replace(Str, "'", "''",1,-1,1)
fn_chk_to_sql_ = Str
End Function
%><%Function fn_chk_to_sql_go(Str)
If Isnull(Str) or Str = "" or (len(Str)<0) Then
fn_chk_to_sql_go = ""
Exit Function
End If
Str = trim(Str)
Str = Replace(Str, Chr(0), "",1,-1,1)
Str = Replace(Str, """", """,1,-1,1)
Str = Replace(Str, "'", "'",1,-1,1)
Str = Replace(Str, "<","<",1,-1,1)
Str = Replace(Str, ">",">",1,-1,1)
Str = Replace(Str, "[", "[",1,-1,1)
Str = Replace(Str, "]", "]",1,-1,1)
Str = Replace(Str, "\", "\",1,-1,1)
Str = Replace(Str, "*", "*",1,-1,1)
Str = Replace(Str, "%", "%",1,-1,1)
Str = Replace(Str, ";", ";",1,-1,1)
Str = Replace(Str, vbCrlf, "<br>",1,-1,1)
Str = Replace(Str, "--", "--")
fn_chk_to_sql_go = Str
End Function
%><%Function fn_chk_to_url(Str)
If Isnull(Str) or Str = "" or (len(Str)<0) Then
fn_chk_to_url = ""
Exit Function
End If
Str = trim(Str)
Str = server.URLEncode(Str)
fn_chk_to_url = Str
End Function
%>
/*
* Created by Seamus
* Updated on 2004-10-21 by JK
*
*/
package com.jk.util;public class CommStr
{
/**
*replace the old string to new string in the given destination string.
*/
public static java.lang.String strReplace(java.lang.String destStr, java.lang.String oldStr, java.lang.String newStr)
{
if(destStr==null)
return "";
String tmpStr = destStr;
int foundPos = tmpStr.indexOf(oldStr);
while (foundPos>=0)
{
tmpStr = tmpStr.substring(0,foundPos) + newStr + tmpStr.substring(foundPos + oldStr.length(),tmpStr.length());
foundPos = tmpStr.indexOf(oldStr,foundPos+newStr.length());
}
return tmpStr;
} /**
*Encode for HTML.
*/
public static String htmlEncoder(String str)
{
if(str==null || str.equals(""))
return "";
String res_str;
res_str=strReplace(str,"&","&");
res_str=strReplace(str," "," ");
res_str=strReplace(str,"<","<");
res_str=strReplace(str,">","&rt;");
res_str=strReplace(str,"\"",""");
res_str=strReplace(str,"'","'");
return res_str;
} /**
*Encode for HTML-Text.
*/
public static String htmlTextEncoder(String str)
{
if(str==null || str.equals(""))
return "";
String res_str;
res_str=strReplace(str,"&","&");
res_str=strReplace(str,"<","<");
res_str=strReplace(str,">","&rt;");
res_str=strReplace(str,"\"",""");
res_str=strReplace(str,"'","'");
res_str=strReplace(str," "," ");
res_str=strReplace(str,"\r\n","<br>");
res_str=strReplace(str,"\r","<br>");
res_str=strReplace(str,"\n","<br>");
return res_str;
} /**
*Encode for URL.
*/
public static String urlEncoder(String str) {
return java.net.URLEncoder.encode(str) ;
} /**
*Encode for XML.
*/
public static String xmlEncoder(String str)
{
if(str==null || str.equals(""))
return "";
String res_str;
res_str=strReplace(str,"&","&");
res_str=strReplace(res_str,"<","<");
res_str=strReplace(res_str,">",">");
res_str=strReplace(res_str,"\"", """);
res_str=strReplace(res_str,"\'", "´");
return res_str;
} /**
*Encode for SQL.
*/
public static String sqlEncoder(String str)
{
if(str==null || str.equals(""))
return "";
String res_str;
res_str=strReplace(str,"'","''");
return res_str;
} /**
*Encode for Javascript.
*/
public static String jsEncoder(String str)
{
if(str==null || str.equals(""))
return "";
String res_str;
res_str=strReplace(str,"'","\\'");
res_str=strReplace(str,"\"","\\\"");
res_str=strReplace(str,"\r\n","\\\n");
res_str=strReplace(str,"\n","\\\n");
res_str=strReplace(str,"\r","\\\n");
return res_str;
}}
http://community.csdn.net/Expert/topic/4172/4172187.xml?temp=.3651087
估计.JK_10000(JK)大侠没有看到.要不,我就不用这么辛苦去做那几个函数了.
呵.