我们在注册的时候经常需要判断客户输入的内容是否合法,或者在页面传递参数的时候要判断,是否有客户恶意添加参数进行SQL注入等,这就需要1个函数去判断检测。
' ============================================ ' 判断是否安全字符串,在注册登录等特殊字段中使用 ' ============================================ Function IsSafeStr(str) Dim s_BadStr, n, i s_BadStr = "' &<>" & Chr(34) & Chr(9) & Chr(32) n = Len(s_BadStr) IsSafeStr = True For i = 1 To n If Instr(str, Mid(s_BadStr, i, 1)) > 0 Then IsSafeStr = False Exit Function End If Next End Function
大家可以自行添加BadStr字符串里面的字符,增加你想要过滤的字符即可。
下面是其他网友的补充
'=====================================
'转换内容,防止意外
'=====================================
Function Content_Encode(ByVal t0)
IF IsNull(t0) Or Len(t0)=0 Then
Content_Encode=""
Else
Content_Encode=Replace(t0,"<","<")
Content_Encode=Replace(Content_Encode,">",">")
End IF
End Function
'=====================================
'反转换内容
'=====================================
Function Content_Decode(ByVal t0)
IF IsNull(t0) Or Len(t0)=0 Then
Content_Decode=""
Else
Content_Decode=Replace(t0,"<","<")
Content_Decode=Replace(Content_Decode,">",">")
End IF
End Function
'=====================================
'过滤字符
'=====================================
Function FilterText(ByVal t0,ByVal t1)
IF Len(t0)=0 Or IsNull(t0) Or IsArray(t0) Then FilterText="":Exit Function
t0=Trim(t0)
Select Case t1
Case "1"
t0=Replace(t0,Chr(32)," ")
t0=Replace(t0,Chr(13),"")
t0=Replace(t0,Chr(10)&Chr(10),"<br>")
t0=Replace(t0,Chr(10),"<br>")
Case "2"
t0=Replace(t0,Chr(8),"")'回格
t0=Replace(t0,Chr(9),"")'tab(水平制表符)
t0=Replace(t0,Chr(10),"")'换行
t0=Replace(t0,Chr(11),"")'tab(垂直制表符)
t0=Replace(t0,Chr(12),"")'换页
t0=Replace(t0,Chr(13),"")'回车 chr(13)&chr(10) 回车和换行的组合
t0=Replace(t0,Chr(22),"")
t0=Replace(t0,Chr(32),"")'空格 SPACE
t0=Replace(t0,Chr(33),"")'!
t0=Replace(t0,Chr(34),"")'"
t0=Replace(t0,Chr(35),"")'#
t0=Replace(t0,Chr(36),"")'$
t0=Replace(t0,Chr(37),"")'%
t0=Replace(t0,Chr(38),"")'&
t0=Replace(t0,Chr(39),"")''
t0=Replace(t0,Chr(40),"")'(
t0=Replace(t0,Chr(41),"")')
t0=Replace(t0,Chr(42),"")'*
t0=Replace(t0,Chr(43),"")'+
t0=Replace(t0,Chr(44),"")',
t0=Replace(t0,Chr(45),"")'-
t0=Replace(t0,Chr(46),"")'.
t0=Replace(t0,Chr(47),"")'/
t0=Replace(t0,Chr(58),"")':
t0=Replace(t0,Chr(59),"")';
t0=Replace(t0,Chr(60),"")'<
t0=Replace(t0,Chr(61),"")'=
t0=Replace(t0,Chr(62),"")'>
t0=Replace(t0,Chr(63),"")'"")'@
t0=Replace(t0,Chr(91),"")'\
t0=Replace(t0,Chr(92),"")'\
t0=Replace(t0,Chr(93),"")']
t0=Replace(t0,Chr(94),"")'^
t0=Replace(t0,Chr(95),"")'_
t0=Replace(t0,Chr(96),"")'`
t0=Replace(t0,Chr(123),"")'{
t0=Replace(t0,Chr(124),"")'|
t0=Replace(t0,Chr(125),"")'}
t0=Replace(t0,Chr(126),"")'~
Case Else
t0=Replace(t0, "&", "&")
t0=Replace(t0, "'", "'")
t0=Replace(t0, """", """)
t0=Replace(t0, "<", "<")
t0=Replace(t0, ">", ">")
End Select
IF Instr(Lcase(t0),"expression")>0 Then
t0=Replace(t0,"expression","e­xpression", 1, -1, 0)
End If
FilterText=t0
End Function
'=====================================
'过滤常见字符及Html
'=====================================
Function FilterHtml(ByVal t0)
IF Len(t0)=0 Or IsNull(t0) Or IsArray(t0) Then FilterHtml="":Exit Function
IF Len(Sdcms_Badhtml)>0 Then t0=ReplaceText(t0,"<(\/|)("&Sdcms_Badhtml&")", "<$1$2")
IF Len(Sdcms_BadEvent)>0 Then t0=ReplaceText(t0,"<(.[^>]*)("&Sdcms_BadEvent&")", "<$1$2")
t0=FilterText(t0,0)
FilterHtml=t0
End Function
Function GotTopic(ByVal t0,ByVal t1)
IF Len(t0)=0 Or IsNull(t0) Then
GotTopic=""
Exit Function
End IF
Dim l,t,c, i
t0=Replace(Replace(Replace(Replace(t0," "," "),""",chr(34)),">",">"),"<","<")
l=Len(t0)
t=0
For I=1 To l
c=Abs(Asc(Mid(t0,i,1)))
IF c>255 Then t=t+2 Else t=t+1
IF t>=t1 Then
gotTopic=Left(t0,I)&"…"
Exit For
Else
GotTopic=t0
End IF
Next
GotTopic=Replace(Replace(Replace(Replace(GotTopic," "," "),chr(34),"""),">",">"),"<","<")
End Function
Function UrlDecode(ByVal t0)
Dim t1,t2,t3,i,t4,t5,t6
t1=""
t2=False
t3=""
For I=1 To Len(t0)
t4=Mid(t0,I,1)
IF t4="+" Then
t1=t1&" "
ElseIF t4="%" Then
t5=Mid(t0,i+1,2)
t6=Cint("&H" & t5)
IF t2 Then
t2=False
t1=t1&Chr(Cint("&H"&t3&t5))
Else
IF Abs(t6)<=127 then
t1=t1&Chr(t6)
Else
t2=True
t3=t5
End IF
End IF
I=I+2
Else
t1=t1&t4
End IF
Next
UrlDecode=t1
End Function
Function CutStr(byVal t0,byVal t1)
Dim l,t,c,i
IF IsNull(t0) Then CutStr="":Exit Function
l=Len(t0)
t1=Int(t1)
t=0
For I=1 To l
c=Asc(Mid(t0,I,1))
IF c<0 Or c>255 Then t=t+2 Else t=t+1
IF t>=t1 Then
CutStr=Left(t0,I)&"..."
Exit For
Else
CutStr=t0
End IF
Next
End Function
Function CloseHtml(ByVal t0)
Dim t1,I,t2,t3,Regs,Matches,J,Match
Set Regs=New RegExp
Regs.IgnoreCase=True
Regs.Global=True
t1=Array("p","div","span","table","ul","font","b","u","i","h1","h2","h3","h4","h5","h6")
For I=0 To UBound(t1)
t2=0
t3=0
Regs.Pattern="\<"&t1(I)&"( [^\<\>]+|)\>"
Set Matches=Regs.Execute(t0)
For Each Match In Matches
t2=t2+1
Next
Regs.Pattern="\</"&t1(I)&"\>"
Set Matches=Regs.Execute(t0)
For Each Match In Matches
t3=t3+1
Next
For j=1 To t2-t3
t0=t0+"</"&t1(I)&">"
Next
Next
CloseHtml=t0
End Function
以上就是asp中常用的字符串安全处理函数集合(过滤特殊字符等)的详细内容,更多关于字符串 安全处理的资料请关注其它相关文章!
标签:
字符串,安全处理
免责声明:本站文章均来自网站采集或用户投稿,网站不提供任何软件下载或自行开发的软件!
如有用户或公司发现本站内容信息存在侵权行为,请邮件告知! 858582#qq.com
桃源资源网 Design By www.nqtax.com
暂无“asp中常用的字符串安全处理函数集合(过滤特殊字符等)”评论...
RTX 5090要首发 性能要翻倍!三星展示GDDR7显存
三星在GTC上展示了专为下一代游戏GPU设计的GDDR7内存。
首次推出的GDDR7内存模块密度为16GB,每个模块容量为2GB。其速度预设为32 Gbps(PAM3),但也可以降至28 Gbps,以提高产量和初始阶段的整体性能和成本效益。
据三星表示,GDDR7内存的能效将提高20%,同时工作电压仅为1.1V,低于标准的1.2V。通过采用更新的封装材料和优化的电路设计,使得在高速运行时的发热量降低,GDDR7的热阻比GDDR6降低了70%。