字符串处理
using System;
using System.Data;
using System.Configuration;
using System.Collections;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
using System.Collections.Generic;
using System.Text;
using System.Security.Cryptography;
using System.Text.RegularExpressions;
public partial class Default2 : System.Web.UI.Page
{
protected void Page_Load(object sender, EventArgs e)
{
Response.Write(RestoreFromHtml("/// <param name='normalStr'>所要格式,化的字,a符串</param>"));
}
/**/
/// <summary>
///将字符串格式化为HTML
/// </summary>
/// <param name="normalStr">所要格式化的字符串</param>
/// <returns>返回格式化后的HTML代码</returns>
public static string FormatToHtml(string normalStr)
{
normalStr = System.Web.HttpContext.Current.Server.UrlDecode(normalStr);
normalStr = System.Web.HttpContext.Current.Server.HtmlEncode(normalStr);
StringBuilder html = new StringBuilder(normalStr);
html.Replace(" ", " ");
html.Replace("\r\n", "<br />");
return html.ToString();
}
/**/
/// <summary>
/// 将HTML转为普通文本格式
/// </summary>
/// <param name="htmlStr">所要转换的HTML字符串</param>
/// <returns>返回普通文本</returns>
public static string RestoreFromHtml(string htmlStr)
{
htmlStr = System.Web.HttpContext.Current.Server.HtmlDecode(htmlStr);
StringBuilder normalStr = new StringBuilder(htmlStr);
normalStr.Replace("<br />", "\r\n");
normalStr.Replace(""", "\"");
normalStr.Replace("<", "<");
normalStr.Replace(">", ">");
normalStr.Replace(" ", " ");
normalStr.Replace("&", "&");
return normalStr.ToString();
}
/**/
/// <summary>
///
/// </summary>
/// <param name="str"></param>
/// <param name="length"></param>
/// <returns></returns>
public static string CutString(string str, int length)
{
if (str != null && str.Length > length)
{
return string.Format("{0}.", str.Substring(0, length));
}
else
{
return str;
}
}
/**/
/// <summary>
///
/// </summary>
/// <param name="withOut"></param>
/// <returns></returns>
public static string GetCurrentQueryString(string withOut)
{
string _getkeys = "";
string _result = "";
if (System.Web.HttpContext.Current.Request.QueryString != null)
{
for (int i = 0; i < System.Web.HttpContext.Current.Request.QueryString.Count; i++)
{
_getkeys = System.Web.HttpContext.Current.Request.QueryString.Keys[i];
if (_getkeys != withOut)
{
_result = string.Format("{0}&{1}={2}", _result, _getkeys, System.Web.HttpContext.Current.Request.QueryString[_getkeys]);
}
}
}
return _result;
}
/**/
/// <summary>
/// 对字符串进行加密(不可逆)
/// 0 is SHA1,1 is MD5
/// </summary>
/// <param name="Password">要加密的字符串</param>
/// <param name="Format">加密方式,0 is SHA1,1 is MD5</param>
/// <returns></returns>
public static string HashEncrypt(string Password, int Format)
{
string strResult = "";
switch (Format)
{
case 0:
strResult = FormsAuthentication.HashPasswordForStoringInConfigFile(Password, "SHA1");
break;
case 1:
strResult = FormsAuthentication.HashPasswordForStoringInConfigFile(Password, "MD5");
break;
default:
strResult = Password;
break;
}
return strResult;
}
/**/
/// <summary>
/// 使用SHA1Managed类产生长度为 位哈希值。不需要提供密钥。
/// </summary>
/// <returns></returns>
public string SHA1ManagedHasher(string hashText)
{
byte[] SHA1Data = System.Text.Encoding.UTF8.GetBytes(hashText);
SHA1Managed Sha1 = new SHA1Managed();
byte[] Result = Sha1.ComputeHash(SHA1Data);
return Convert.ToBase64String(Result); //返回长度为28字节的字符串
}
// 防SQL注入式攻击代码#region 防SQL注入式攻击代码
/**/
/// <summary>
/// 处理用户提交的请求
/// </summary>
public static void StartProcessRequest()
{
try
{
string getkeys = "";
Regex _regex = new Regex("\\b(and|exec|insert|select|delete|update|count|chr|mid|master|truncate|char|declare)\\b|\\*");
if (System.Web.HttpContext.Current.Request.QueryString != null)
{
for (int i = 0; i < System.Web.HttpContext.Current.Request.QueryString.Count; i++)
{
getkeys = System.Web.HttpContext.Current.Request.QueryString.Keys[i];
if (_regex.IsMatch(System.Web.HttpContext.Current.Request.QueryString[getkeys]))
{
System.Web.HttpContext.Current.Response.Redirect("~/Default.aspx");
System.Web.HttpContext.Current.Response.End();
}
}
}
if (System.Web.HttpContext.Current.Request.Form != null)
{
for (int i = 0; i < System.Web.HttpContext.Current.Request.Form.Count; i++)
{
getkeys = System.Web.HttpContext.Current.Request.Form.Keys[i];
if (_regex.IsMatch(System.Web.HttpContext.Current.Request.Form[getkeys]))
{
System.Web.HttpContext.Current.Response.Redirect("~/Default.aspx");
System.Web.HttpContext.Current.Response.End();
}
}
}
}
catch
{
// 错误处理: 处理用户提交信息!
}
}
/**/
/// <summary>
/// 分析用户请求是否正常
/// </summary>
/// <param name="Str">传入用户提交数据</param>
/// <returns>返回是否含有SQL注入式攻击代码</returns>
private static bool ProcessSqlStr(string Str)
{
bool ReturnValue = true;
try
{
if (Str != "")
{
//string SqlStr = "and |exec |insert |select |delete |update |count | * |chr |mid |master |truncate |char |declare ";
string[] anySqlStr = { "and ", "exec ", "insert ", "select ", "delete ", "update ", "count ", " * ", "chr ", "mid ", "master ", "truncate ", "char ", "declare " };
foreach (string ss in anySqlStr)
{
if (Str.IndexOf(ss) >= 0)
{
ReturnValue = false;
}
}
}
}
catch
{
ReturnValue = false;
}
return ReturnValue;
}
}
