asp中常用的字符串安全处理函数集合(过滤特殊字符等)

代码如下:

'=====================================
'转换内容,防止意外
'=====================================
Function Content_Encode(ByVal t0)
IF IsNull(t0) Or Len(t0)=0 Then
Content_Encode=""
Else
Content_Encode=Replace(t0,"<","<")
Content_Encode=Replace(Content_Encode,">",">")
End IF
End Function

'=====================================
'反转换内容
'=====================================
Function Content_Decode(ByVal t0)
IF IsNull(t0) Or Len(t0)=0 Then
Content_Decode=""
Else
Content_Decode=Replace(t0,"<","<")
Content_Decode=Replace(Content_Decode,">",">")
End IF
End Function

'=====================================
'过滤字符
'=====================================
Function FilterText(ByVal t0,ByVal t1)
IF Len(t0)=0 Or IsNull(t0) Or IsArray(t0) Then FilterText="":Exit Function
t0=Trim(t0)
Select Case t1
Case "1"
t0=Replace(t0,Chr(32)," ")
t0=Replace(t0,Chr(13),"")
t0=Replace(t0,Chr(10)&Chr(10),"<br>")
t0=Replace(t0,Chr(10),"<br>")
Case "2"
t0=Replace(t0,Chr(8),"")'回格
t0=Replace(t0,Chr(9),"")'tab(水平制表符)
t0=Replace(t0,Chr(10),"")'换行
t0=Replace(t0,Chr(11),"")'tab(垂直制表符)
t0=Replace(t0,Chr(12),"")'换页
t0=Replace(t0,Chr(13),"")'回车 chr(13)&chr(10) 回车和换行的组合
t0=Replace(t0,Chr(22),"")
t0=Replace(t0,Chr(32),"")'空格 SPACE
t0=Replace(t0,Chr(33),"")'!
t0=Replace(t0,Chr(34),"")'"
t0=Replace(t0,Chr(35),"")'#
t0=Replace(t0,Chr(36),"")'$
t0=Replace(t0,Chr(37),"")'%
t0=Replace(t0,Chr(38),"")'&
t0=Replace(t0,Chr(39),"")''
t0=Replace(t0,Chr(40),"")'(
t0=Replace(t0,Chr(41),"")')
t0=Replace(t0,Chr(42),"")'*
t0=Replace(t0,Chr(43),"")'+
t0=Replace(t0,Chr(44),"")',
t0=Replace(t0,Chr(45),"")'-
t0=Replace(t0,Chr(46),"")'.
t0=Replace(t0,Chr(47),"")'/
t0=Replace(t0,Chr(58),"")':
t0=Replace(t0,Chr(59),"")';
t0=Replace(t0,Chr(60),"")'<
t0=Replace(t0,Chr(61),"")'=
t0=Replace(t0,Chr(62),"")'>
t0=Replace(t0,Chr(63),"")'?
t0=Replace(t0,Chr(64),"")'@
t0=Replace(t0,Chr(91),"")'\
t0=Replace(t0,Chr(92),"")'\
t0=Replace(t0,Chr(93),"")']
t0=Replace(t0,Chr(94),"")'^
t0=Replace(t0,Chr(95),"")'_
t0=Replace(t0,Chr(96),"")'`
t0=Replace(t0,Chr(123),"")'{
t0=Replace(t0,Chr(124),"")'|
t0=Replace(t0,Chr(125),"")'}
t0=Replace(t0,Chr(126),"")'~
Case Else
t0=Replace(t0, "&", "&")
t0=Replace(t0, "'", "'")
t0=Replace(t0, """", """)
t0=Replace(t0, "<", "<")
t0=Replace(t0, ">", ">")
End Select
IF Instr(Lcase(t0),"expression")>0 Then
t0=Replace(t0,"expression","e­xpression", 1, -1, 0)
End If
FilterText=t0
End Function

'=====================================
'过滤常见字符及Html
'=====================================
Function FilterHtml(ByVal t0)
IF Len(t0)=0 Or IsNull(t0) Or IsArray(t0) Then FilterHtml="":Exit Function
IF Len(Sdcms_Badhtml)>0 Then t0=ReplaceText(t0,"<(\/|)("&Sdcms_Badhtml&")", "<$1$2")
IF Len(Sdcms_BadEvent)>0 Then t0=ReplaceText(t0,"<(.[^>]*)("&Sdcms_BadEvent&")", "<$1$2")
t0=FilterText(t0,0)
FilterHtml=t0
End Function

Function GotTopic(ByVal t0,ByVal t1)
IF Len(t0)=0 Or IsNull(t0) Then
GotTopic=""
Exit Function
End IF
Dim l,t,c, i
t0=Replace(Replace(Replace(Replace(t0," "," "),""",chr(34)),">",">"),"<","<")
l=Len(t0)
t=0
For I=1 To l
c=Abs(Asc(Mid(t0,i,1)))
IF c>255 Then t=t+2 Else t=t+1
IF t>=t1 Then
gotTopic=Left(t0,I)&"…"
Exit For
Else
GotTopic=t0
End IF
Next
GotTopic=Replace(Replace(Replace(Replace(GotTopic," "," "),chr(34),"""),">",">"),"<","<")
End Function

Function UrlDecode(ByVal t0)
Dim t1,t2,t3,i,t4,t5,t6
t1=""
t2=False
t3=""
For I=1 To Len(t0)
t4=Mid(t0,I,1)
IF t4="+" Then
t1=t1&" "
ElseIF t4="%" Then
t5=Mid(t0,i+1,2)
t6=Cint("&H" & t5)
IF t2 Then
t2=False
t1=t1&Chr(Cint("&H"&t3&t5))
Else
IF Abs(t6)<=127 then
t1=t1&Chr(t6)
Else
t2=True
t3=t5
End IF
End IF
I=I+2
Else
t1=t1&t4
End IF
Next
UrlDecode=t1
End Function

Function CutStr(byVal t0,byVal t1)
Dim l,t,c,i
IF IsNull(t0) Then CutStr="":Exit Function
l=Len(t0)
t1=Int(t1)
t=0
For I=1 To l
c=Asc(Mid(t0,I,1))
IF c<0 Or c>255 Then t=t+2 Else t=t+1
IF t>=t1 Then
CutStr=Left(t0,I)&"..."
Exit For
Else
CutStr=t0
End IF
Next
End Function

Function CloseHtml(ByVal t0)
Dim t1,I,t2,t3,Regs,Matches,J,Match
Set Regs=New RegExp
Regs.IgnoreCase=True
Regs.Global=True
t1=Array("p","div","span","table","ul","font","b","u","i","h1","h2","h3","h4","h5","h6")
For I=0 To UBound(t1)
t2=0
t3=0
Regs.Pattern="\<"&t1(I)&"( [^\<\>]+|)\>"
Set Matches=Regs.Execute(t0)
For Each Match In Matches
t2=t2+1
Next
Regs.Pattern="\</"&t1(I)&"\>"
Set Matches=Regs.Execute(t0)
For Each Match In Matches
t3=t3+1
Next
For j=1 To t2-t3
t0=t0+"</"&t1(I)&">"
Next
Next
CloseHtml=t0
End Function

时间: 2011-01-03

ASP中Server.HTMLEncode用法(附自定义函数)

Server.HTMLEncode定义和用法 HTMLEncode 方法对一段指定的字符串应用 HTML 编码.主要是为了安全考虑. 语法 Server.HTMLEncode(string) 参数 描述 string 必需.要编码的字符串. 实例 脚本: <% response.write(Server.HTMLEncode("The image tag: <img>")) %> 输出: The image tag: <img> 浏览器的输出: Th

PHP中一个控制字符串输出的函数

// php 中 一个控制字符串输出的函数(中英文),每行显示多少字数,避免英文的影响 // $str 字符串 // $len 每行显示的字数(汉字×2) function rep($str,$len) {       $strlen=strlen($str);       $i=0;     $finstr="";     $pos=0; while($i<$strlen)       {         $s1=substr($str,$i,1);       $s2=ord

python中常用检测字符串相关函数汇总

本文实例汇总了python中常用检测字符串相关函数.分享给大家供大家参考.具体分析如下: 下面的python代码可用于检测字符串,包括是否全部为数字,是否包含数字,是否包含标题单词,是否包含大写字母,是否包含小写字母,是否包含空格,是否以指定的字符开头和结尾. my_string = "Hello World" my_string.isalnum() #检测所有字符是否都是数字 my_string.isalpha() #检测字符串中的所有字符是否都是字母 my_string.isdig

asp 中常用的文件处理函数

asp 中处理文件上传以及删除时常用的自定义函数 <% '''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''' '所有自定义的VBS函数 '''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''' function DeleteFile(Filename) '删除文件 if Filename<>"&quo

ASP中Split分割字符串函数的实例用法

ASP中Split函数的用法 分割截取字符串看几个例子就能理解了 复制代码 代码如下: mystr="1,2,3,4,5" mystr=split(mystr,",") for i=0 to ubound(mystr) response.write mystr(i) next  '返回值为123456 mystr="xlei.net/http/student/x/index.asp" mystr=split(mystr,"/http/s

Python中常用操作字符串的函数与方法总结

例如这样一个字符串 Python,它就是几个字符:P,y,t,h,o,n,排列起来.这种排列是非常严格的,不仅仅是字符本身,而且还有顺序,换言之,如果某个字符换了,就编程一个新字符串了:如果这些字符顺序发生变化了,也成为了一个新字符串. 在 Python 中,把像字符串这样的对象类型(后面还会冒出来类似的其它有这种特点的对象类型,比如列表),统称为序列.顾名思义,序列就是"有序排列". 比如水泊梁山的 108 个好汉(里面分明也有女的,难道女汉子是从这里来的吗?),就是一个"

PHP开发中常用的字符串操作函数

1,拼接字符串 拼接字符串是最常用到的字符串操作之一,在PHP中支持三种方式对字符串进行拼接操作,分别是圆点.分隔符{}操作,还有圆点等号.=来进行操作,圆点等号可以把一个比较长的字符串分解为几行进行定义,这样做是比较有好处的. 2,替换字符串 在PHP这门语言中,提供了一个名字叫做substr_replace()的函数,该函数的作用可以快速的完成扫描和编辑文本内容较多的字符串替换功能.他的语法格式: mixed substr_replace(mixed $string,string $repl

PHP中常用的字符串格式化函数总结

字符串的格式化就是将字符串处理为某种特定的格式.通常用户从表单中提交给服务器的数据都是字符串的形式,为了达到期望的输出效果,就需要按照一定的格式处理这些字符串后再去使用.经常见到的字符串格式化函数如下图所示: 注意:在PHP中提供的字符串函数处理的字符串,大部分都不是在原字符串上修改,而是返回一个格式化后的新字符串. 一.取出空格和字符串填补函数 空格也是一个有效的字符,在字符串中也会占据一个位置.用户在表单输入数据时,经常在无意中会多输入一些无意义的空格.因此PHP脚本在接收到通过表单处理过来

ASP中常用的22个FSO文件操作函数整理

在ASP中,FSO的意思是File System Object,即文件系统对象.我们将要操纵的计算机文件系统,在这里是指位于web服务器之上.所以,确认你对此拥有合适的权限.理想情况下,你可以在自己的机器上建立一个web服务器,这样就能方便地进行测试.如果运行于Windows平台,请试一试微软公司的Web服务器iis. FSO 模型对象 Drive Object:驱动器对象 供存取磁盘或者网络驱动器 FileSystemObject Object:文件系统对象 供存取计算机的文件系统 Folde