我们在注册的时候经常需要判断客户输入的内容是否合法,或者在页面传递参数的时候要判断,是否有客户恶意添加参数进行SQL注入等,这就需要1个函数去判断检测。
' ============================================ ' 判断是否安全字符串,在注册登录等特殊字段中使用 ' ============================================ Function IsSafeStr(str) Dim s_BadStr, n, i s_BadStr = "' &<>" & Chr(34) & Chr(9) & Chr(32) n = Len(s_BadStr) IsSafeStr = True For i = 1 To n If Instr(str, Mid(s_BadStr, i, 1)) > 0 Then IsSafeStr = False Exit Function End If Next End Function
大家可以自行添加BadStr字符串里面的字符,增加你想要过滤的字符即可。
下面是其他网友的补充
'===================================== '转换内容,防止意外 '===================================== Function Content_Encode(ByVal t0) IF IsNull(t0) Or Len(t0)=0 Then Content_Encode="" Else Content_Encode=Replace(t0,"<","<") Content_Encode=Replace(Content_Encode,">",">") End IF End Function '===================================== '反转换内容 '===================================== Function Content_Decode(ByVal t0) IF IsNull(t0) Or Len(t0)=0 Then Content_Decode="" Else Content_Decode=Replace(t0,"<","<") Content_Decode=Replace(Content_Decode,">",">") End IF End Function '===================================== '过滤字符 '===================================== Function FilterText(ByVal t0,ByVal t1) IF Len(t0)=0 Or IsNull(t0) Or IsArray(t0) Then FilterText="":Exit Function t0=Trim(t0) Select Case t1 Case "1" t0=Replace(t0,Chr(32)," ") t0=Replace(t0,Chr(13),"") t0=Replace(t0,Chr(10)&Chr(10),"<br>") t0=Replace(t0,Chr(10),"<br>") Case "2" t0=Replace(t0,Chr(8),"")'回格 t0=Replace(t0,Chr(9),"")'tab(水平制表符) t0=Replace(t0,Chr(10),"")'换行 t0=Replace(t0,Chr(11),"")'tab(垂直制表符) t0=Replace(t0,Chr(12),"")'换页 t0=Replace(t0,Chr(13),"")'回车 chr(13)&chr(10) 回车和换行的组合 t0=Replace(t0,Chr(22),"") t0=Replace(t0,Chr(32),"")'空格 SPACE t0=Replace(t0,Chr(33),"")'! t0=Replace(t0,Chr(34),"")'" t0=Replace(t0,Chr(35),"")'# t0=Replace(t0,Chr(36),"")'$ t0=Replace(t0,Chr(37),"")'% t0=Replace(t0,Chr(38),"")'& t0=Replace(t0,Chr(39),"")'' t0=Replace(t0,Chr(40),"")'( t0=Replace(t0,Chr(41),"")') t0=Replace(t0,Chr(42),"")'* t0=Replace(t0,Chr(43),"")'+ t0=Replace(t0,Chr(44),"")', t0=Replace(t0,Chr(45),"")'- t0=Replace(t0,Chr(46),"")'. t0=Replace(t0,Chr(47),"")'/ t0=Replace(t0,Chr(58),"")': t0=Replace(t0,Chr(59),"")'; t0=Replace(t0,Chr(60),"")'< t0=Replace(t0,Chr(61),"")'= t0=Replace(t0,Chr(62),"")'> t0=Replace(t0,Chr(63),"")'"")'@ t0=Replace(t0,Chr(91),"")'\ t0=Replace(t0,Chr(92),"")'\ t0=Replace(t0,Chr(93),"")'] t0=Replace(t0,Chr(94),"")'^ t0=Replace(t0,Chr(95),"")'_ t0=Replace(t0,Chr(96),"")'` t0=Replace(t0,Chr(123),"")'{ t0=Replace(t0,Chr(124),"")'| t0=Replace(t0,Chr(125),"")'} t0=Replace(t0,Chr(126),"")'~ Case Else t0=Replace(t0, "&", "&") t0=Replace(t0, "'", "'") t0=Replace(t0, """", """) t0=Replace(t0, "<", "<") t0=Replace(t0, ">", ">") End Select IF Instr(Lcase(t0),"expression")>0 Then t0=Replace(t0,"expression","e­xpression", 1, -1, 0) End If FilterText=t0 End Function '===================================== '过滤常见字符及Html '===================================== Function FilterHtml(ByVal t0) IF Len(t0)=0 Or IsNull(t0) Or IsArray(t0) Then FilterHtml="":Exit Function IF Len(Sdcms_Badhtml)>0 Then t0=ReplaceText(t0,"<(\/|)("&Sdcms_Badhtml&")", "<$1$2") IF Len(Sdcms_BadEvent)>0 Then t0=ReplaceText(t0,"<(.[^>]*)("&Sdcms_BadEvent&")", "<$1$2") t0=FilterText(t0,0) FilterHtml=t0 End Function Function GotTopic(ByVal t0,ByVal t1) IF Len(t0)=0 Or IsNull(t0) Then GotTopic="" Exit Function End IF Dim l,t,c, i t0=Replace(Replace(Replace(Replace(t0," "," "),""",chr(34)),">",">"),"<","<") l=Len(t0) t=0 For I=1 To l c=Abs(Asc(Mid(t0,i,1))) IF c>255 Then t=t+2 Else t=t+1 IF t>=t1 Then gotTopic=Left(t0,I)&"…" Exit For Else GotTopic=t0 End IF Next GotTopic=Replace(Replace(Replace(Replace(GotTopic," "," "),chr(34),"""),">",">"),"<","<") End Function Function UrlDecode(ByVal t0) Dim t1,t2,t3,i,t4,t5,t6 t1="" t2=False t3="" For I=1 To Len(t0) t4=Mid(t0,I,1) IF t4="+" Then t1=t1&" " ElseIF t4="%" Then t5=Mid(t0,i+1,2) t6=Cint("&H" & t5) IF t2 Then t2=False t1=t1&Chr(Cint("&H"&t3&t5)) Else IF Abs(t6)<=127 then t1=t1&Chr(t6) Else t2=True t3=t5 End IF End IF I=I+2 Else t1=t1&t4 End IF Next UrlDecode=t1 End Function Function CutStr(byVal t0,byVal t1) Dim l,t,c,i IF IsNull(t0) Then CutStr="":Exit Function l=Len(t0) t1=Int(t1) t=0 For I=1 To l c=Asc(Mid(t0,I,1)) IF c<0 Or c>255 Then t=t+2 Else t=t+1 IF t>=t1 Then CutStr=Left(t0,I)&"..." Exit For Else CutStr=t0 End IF Next End Function Function CloseHtml(ByVal t0) Dim t1,I,t2,t3,Regs,Matches,J,Match Set Regs=New RegExp Regs.IgnoreCase=True Regs.Global=True t1=Array("p","div","span","table","ul","font","b","u","i","h1","h2","h3","h4","h5","h6") For I=0 To UBound(t1) t2=0 t3=0 Regs.Pattern="\<"&t1(I)&"( [^\<\>]+|)\>" Set Matches=Regs.Execute(t0) For Each Match In Matches t2=t2+1 Next Regs.Pattern="\</"&t1(I)&"\>" Set Matches=Regs.Execute(t0) For Each Match In Matches t3=t3+1 Next For j=1 To t2-t3 t0=t0+"</"&t1(I)&">" Next Next CloseHtml=t0 End Function
以上就是asp中常用的字符串安全处理函数集合(过滤特殊字符等)的详细内容,更多关于字符串 安全处理的资料请关注其它相关文章!
标签:
字符串,安全处理
免责声明:本站文章均来自网站采集或用户投稿,网站不提供任何软件下载或自行开发的软件!
如有用户或公司发现本站内容信息存在侵权行为,请邮件告知! 858582#qq.com
暂无“asp中常用的字符串安全处理函数集合(过滤特殊字符等)”评论...
RTX 5090要首发 性能要翻倍!三星展示GDDR7显存
三星在GTC上展示了专为下一代游戏GPU设计的GDDR7内存。
首次推出的GDDR7内存模块密度为16GB,每个模块容量为2GB。其速度预设为32 Gbps(PAM3),但也可以降至28 Gbps,以提高产量和初始阶段的整体性能和成本效益。
据三星表示,GDDR7内存的能效将提高20%,同时工作电压仅为1.1V,低于标准的1.2V。通过采用更新的封装材料和优化的电路设计,使得在高速运行时的发热量降低,GDDR7的热阻比GDDR6降低了70%。
更新动态
2024年11月09日
2024年11月09日
- 雨林唱片《赏》新曲+精选集SACD版[ISO][2.3G]
- 罗大佑与OK男女合唱团.1995-再会吧!素兰【音乐工厂】【WAV+CUE】
- 草蜢.1993-宝贝对不起(国)【宝丽金】【WAV+CUE】
- 杨培安.2009-抒·情(EP)【擎天娱乐】【WAV+CUE】
- 周慧敏《EndlessDream》[WAV+CUE]
- 彭芳《纯色角3》2007[WAV+CUE]
- 江志丰2008-今生为你[豪记][WAV+CUE]
- 罗大佑1994《恋曲2000》音乐工厂[WAV+CUE][1G]
- 群星《一首歌一个故事》赵英俊某些作品重唱企划[FLAC分轨][1G]
- 群星《网易云英文歌曲播放量TOP100》[MP3][1G]
- 方大同.2024-梦想家TheDreamer【赋音乐】【FLAC分轨】
- 李慧珍.2007-爱死了【华谊兄弟】【WAV+CUE】
- 王大文.2019-国际太空站【环球】【FLAC分轨】
- 群星《2022超好听的十倍音质网络歌曲(163)》U盘音乐[WAV分轨][1.1G]
- 童丽《啼笑姻缘》头版限量编号24K金碟[低速原抓WAV+CUE][1.1G]