西西軟件園多重安全檢測下載網(wǎng)站、值得信賴的軟件下載站!
軟件
軟件
文章
搜索

首頁編程開發(fā)C#.NET → Web頁面安全驗證類函數(shù)代碼

Web頁面安全驗證類函數(shù)代碼

相關軟件相關文章發(fā)表評論 來源:本站整理時間:2010/11/23 9:41:08字體大。A-A+

作者:佚名點擊:57次評論:2次標簽: 安全驗證 Web

  • 類型:圖像瀏覽大。13.0M語言:英文 評分:3.6
  • 標簽:
立即下載
///<summary>
    /// Web請求安全類
    ///</summary>
    publicclass RequestKeeper
    {
        ///<summary>
        /// 獲取查詢字符串字符值
        ///</summary>
        ///<param name="key"></param>
        ///<returns></returns>
        publicstaticstring GetQuerryString(string key)
        {
            string s = GetQuerry(key);

            return InputText(s);
        }

        ///<summary>
        ///獲取查詢字符串數(shù)字值
        ///</summary>
        ///<param name="key"></param>
        ///<returns></returns>
        publicstaticint GetQuerryInt(string key)
        {
            int i =0;

            int.TryParse(GetQuerryString(key), out i);

            return i;
        }

        #region Utilities

        privatestaticstring GetQuerry(string key)
        {
            string s ="";

            if (System.Web.HttpContext.Current.Request.QueryString[key] !=null)
            {
                s = System.Web.HttpContext.Current.Request.QueryString[key];
            }

            return s;
        }

        #endregion


        ///<summary>
        /// 獲取表單字符值
        ///</summary>
        ///<param name="strText"></param>
        ///<returns></returns>
        publicstaticstring GetFormString(string strText)
        {
            return InputText(strText);
        }

        ///<summary>
        /// 獲取表單數(shù)字值
        ///</summary>
        ///<param name="strText"></param>
        ///<returns></returns>
        publicstaticint GetFormInt(string strText)
        {
            strText = GetFormString(strText);

            int i =0;
            int.TryParse(strText, out i);

            return i;
        }

        #region Utilities

        ///<summary>
        /// 驗證是否為正整數(shù)
        ///</summary>
        ///<param name="str"></param>
        ///<returns></returns>
        publicstaticbool IsInt(string str)
        {
            return Regex.IsMatch(str, @"^[0-9]*$");
        }

        ///<summary>
        /// 驗證是否為日期格式的字符串
        ///</summary>
        ///<param name="str"></param>
        ///<returns></returns>
        publicstaticbool IsDateString(string str)
        {
            return Regex.IsMatch(str, @"(\d{4})-(\d{1,2})-(\d{1,2})");
        }

        ///<summary>
        /// 返回 HTML 字符串的編碼結果
        ///</summary>
        ///<param name="str">字符串</param>
        ///<returns>編碼結果</returns>
        publicstaticstring HtmlEncode(string str)
        {
            return HttpUtility.HtmlEncode(str);
        }

        ///<summary>
        /// 返回 HTML 字符串的解碼結果
        ///</summary>
        ///<param name="str">字符串</param>
        ///<returns>解碼結果</returns>
        publicstaticstring HtmlDecode(string str)
        {
            return HttpUtility.HtmlDecode(str);
        }

        ///<summary>
        /// 返回 URL 字符串的編碼結果
        ///</summary>
        ///<param name="str">字符串</param>
        ///<returns>編碼結果</returns>
        publicstaticstring UrlEncode(string str)
        {
            return HttpUtility.UrlEncode(str);
        }

        ///<summary>
        /// 返回 URL 字符串的編碼結果
        ///</summary>
        ///<param name="str">字符串</param>
        ///<returns>解碼結果</returns>
        publicstaticstring UrlDecode(string str)
        {
            return HttpUtility.UrlDecode(str);
        }

        ///<summary>
        /// HH:mm:ss
        ///</summary>
        ///<returns>日期字符串</returns>
        publicstaticstring GetTime()
        {
            return GetDateTime("HH:mm:ss", null);
        }

        ///<summary>
        /// yyyy-MM-dd
        ///</summary>
        ///<returns>日期字符串</returns>
        publicstaticstring GetDate()
        {
            return GetDateTime("yyyy-MM-dd", null);
        }

        ///<summary>
        /// yyyy-MM-dd HH:mm:ss
        ///</summary>
        ///<returns>日期字符串</returns>
        publicstaticstring GetDateTime()
        {
            return GetDateTime("yyyy-MM-dd HH:mm:ss", null);
        }

        ///<summary>
        /// yyyy-MM-dd HH:mm:ss
        ///</summary>
        ///<param name="adddays">需要增加的天數(shù)</param>
        ///<returns>日期字符串</returns>
        publicstaticstring GetDateTime(int adddays)
        {
            return DateTime.Now.AddDays(adddays).ToString("yyyy-MM-dd HH:mm:ss");
        }

        ///<summary>
        /// 自定義日期
        ///</summary>
        ///<param name="formats">日期格式 如:yyyy-MM-dd</param>
        ///<param name="defaultd">默認日期 如:2010-10-10</param>
        ///<returns>日期字符串</returns>
        publicstaticstring GetDateTime(string formats, string defaultd)
        {
            if (string.IsNullOrEmpty(formats)) { formats ="yyyy-MM-dd"; }
            if (string.IsNullOrEmpty(defaultd)) { defaultd = DateTime.Now.ToString("yyyy-MM-dd"); }

            string d ="";

            try
            {
                d = DateTime.Now.ToString(formats);
            }
            catch (FormatException e)
            {
                d = Convert.ToDateTime(defaultd).ToString("yyyy-MM-dd");
            }

            return d;
        }

        ///<summary>
        /// 清除所有腳本
        ///</summary>
        ///<param name="inputText"></param>
        ///<returns></returns>
        privatestaticstring InputText(string inputText)
        {
            if (inputText ==null) return"";

            inputText = Regex.Replace(inputText, "[\\s]{2,}", "");
            inputText = Regex.Replace(inputText, "(<[b|B][r|R]/*>)+|(<[p|P](.|\\n)*?>)", "\n");
            inputText = Regex.Replace(inputText, "(\\s*&[n|N][b|B][s|S][p|P];\\s*)+", "");
            inputText = Regex.Replace(inputText, "<(.|\\n)*?>", "");
            inputText = inputText.Replace("'", "''");

            return Filter(inputText);
        }

        ///<summary>
        ///<summary>
        /// 過濾危險字符
        ///</summary>
        ///<param name="input"></param>
        ///<returns></returns>
        publicstaticstring Filter(string input)
        {
            if ((input ==null) || (input ==""))
            {
                returnnull;
            }

            string p =@"exec[\s]{1,}|insert[\s]{1,}into[\s]{1,}|select[\s\S]{1,}from|delete[\s]{1,}|update[\s]{1,}|truncate[\s]{1,}table|--";

            MatchCollection matches = Regex.Matches(input, p, RegexOptions.IgnoreCase);

            foreach (Match m in matches)
            {
                input = input.Replace(m.Value, "");
            }
            return input;

        }

        #endregion
    }

    相關文章

    相關評論

    閱讀本文后您有什么感想? 已有人給出評價!

    • 8 喜歡喜歡
    • 3 頂
    • 1 難過難過
    • 5 囧
    • 3 圍觀圍觀
    • 2 無聊無聊

    熱門評論

    最新評論

    發(fā)表評論 查看所有評論(2)

    昵稱:
    表情: 高興 可 汗 我不要 害羞 好 下下下 送花 屎 親親
    字數(shù): 0/500 (您的評論需要經(jīng)過審核才能顯示)