看看我写的代码，好郁闷，和乎。。。。

写个函数调用吧 public static String validString(String in) {
if(in==null){return null;}
else{
try {
in=in.replace('\'',' ');
in=in.replaceAll("<","<");
...

in=in.trim();
return in;
}
catch(Exception e) {
System.out.println(e.toString());
return "null";
}
} }

解决方案 »

免费领取超大流量手机卡，每月29元包185G流量+100分钟通话, 中国电信官方发货

同意楼上或者写一个javabean同意处理应该更好
哎呀。不要笑我嘛，呵呵，谢谢redlaputa(吾心如秋思，爱随雨后归)
还有，如果接收过来的表单有特殊字符，你又不能替换掉，运行到insert into就会出错，咋办。。
哎呀，我调用出错，5555。。
<%
public static String validString(String in) {
if(in==null){return null;}
 else{
try {
in=in.replace('\'',' ');
in=in.replaceAll("<","<");
in=in.replaceAll(">",">");
in=in.replaceAll(" ","  ");
in=in.replaceAll("#_#","#__#");
in=in.replaceAll("\n"," ");
in=in.replaceAll("","");
in=in.trim();
return in;
}
catch(Exception e) {
System.out.println(e.toString());
return "null";
}
 }
}
public static String outString(String in) {
if(in==null){return null;}
 else{
try {
in=in.replaceAll(" ","  ");
in=in.replaceAll("#_#","#__#");
in=in.replaceAll("\n"," ");
in=in.replaceAll("","");
in=in.trim();
return in;
}
catch(Exception e) {
System.out.println(e.toString());
return "null";
}
 }
}
%>调用语句
String Book_Content = request.getParameter("body").validString;
错误：
org.apache.jasper.JasperException: Unable to compile class for JSPAn error occurred at line: 1 in the jsp file: /book/checkform.jspGenerated servlet error:
 [javac] Compiling 1 source fileC:\tomcat\work\Catalina\localhost\_\org\apache\jsp\book\add_005fsave_jsp.java:63: illegal start of expression
public static String validString(String in) {
 ^
1 error
org.apache.jasper.compiler.DefaultErrorHandler.javacError(DefaultErrorHandler.java:127)
org.apache.jasper.compiler.ErrorDispatcher.javacError(ErrorDispatcher.java:351)
org.apache.jasper.compiler.Compiler.generateClass(Compiler.java:415)
org.apache.jasper.compiler.Compiler.compile(Compiler.java:458)
org.apache.jasper.compiler.Compiler.compile(Compiler.java:439)
org.apache.jasper.JspCompilationContext.compile(JspCompilationContext.java:552)
org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:291)
org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:301)
org.apache.jasper.servlet.JspServlet.service(JspServlet.java:248)
javax.servlet.http.HttpServlet.service(HttpServlet.java:856)
to wangkunhong() ( )
在运行insert into 语句之前就要出处理好你接受的参数,至于你说的处理不了,那就只有返回给用户重新输入,这也说明你的程序的健壮性不好
String Book_Content = validString(request.getParameter("body"))；
555555555，还是错误，
add_fsave_jsp.java:63: illegal start of expression
public static String validString(String in) {
^
1 error
import java.util.regex.*;public class Check {
 //替换字符
 public static String insteadCode(String str,String regEx,String code){
 Pattern p=Pattern.compile(regEx);
 Matcher m=p.matcher(str);
 String s=m.replaceAll(code);
 return s;
 } //把内容替换成html格式，同时过滤掉html的标签
 public static String toHTML(String sourcestr){
 String targetstr=insteadCode(sourcestr,">",">");
 targetstr=insteadCode(targetstr,"<","<");
 targetstr=insteadCode(targetstr,"\n"," ");
 targetstr=insteadCode(targetstr," "," ");
 return targetstr;
 }
}
调用：
//因为'是数据库中的分界符，所以要转义'
 usertruename=Check.insteadCode(usertruename,"'","''");
 usertruename=Check.toHTML(usertruename);
<%@ page import="java.util.regex.*" %>
<%!
public class check{
public static String validString(String in){
if(in==null){return null;}
else{
try {
in=in.replace('\'',' ');
in=in.replaceAll("<","<");
in=in.replaceAll(">",">");
in=in.replaceAll(" ","  ");
in=in.replaceAll("#_#","#__#");
in=in.replaceAll("\n"," ");
in=in.replaceAll("","");
in=in.trim();
return in;
}
catch(Exception e) {
System.out.println(e.toString());
return "null";
}
}
}
public static String outString(String in){
if(in==null){return null;}
else{
try {
in=in.replaceAll(" ","  ");
in=in.replaceAll("#_#","#__#");
in=in.replaceAll("\n"," ");
in=in.replaceAll("","");
in=in.trim();
return in;
}
catch(Exception e) {
System.out.println(e.toString());
return "null";
}
}
}
}
%>
我这个也有错误
Generated servlet error:
 [javac] Compiling 1 source fileC:\tomcat\work\Catalina\localhost\_\org\apache\jsp\book\checkform_jsp.java:13: inner classes cannot have static declarations
public static String validString(String in){
 ^An error occurred at line: 2 in the jsp file: /book/checkform.jspGenerated servlet error:
C:\tomcat\work\Catalina\localhost\_\org\apache\jsp\book\checkform_jsp.java:33: inner classes cannot have static declarations
public static String outString(String in){
 ^
2 errors
public static final String encodeHTMLTagForLine(String strSrc) {
 int nLen;
 if(strSrc == null || (nLen = strSrc.length()) <= 0)
 return "";
 StringBuffer sbEnc = new StringBuffer(nLen * 2);
 for(int i = 0; i < nLen; i++) {
 char c;
 switch(c = strSrc.charAt(i)) {
 case 60: // '<'
 sbEnc.append("<");
 break;
 case 62: // '>'
 sbEnc.append(">");
 break;
 case 38: // '&'
 sbEnc.append("&");
 break;
 case 34: // '"'
 sbEnc.append(""");
 break;
 case 39: // '\''
 sbEnc.append("'");
 break;
 case '\n':
 sbEnc.append(" ");
 break;
 default:
 sbEnc.append(c);
 break;
 }
 }
 return sbEnc.toString();
 }