最近悟出来一个道理,在这儿分享给大家:学历代表你的过去,能力代表你的现在,学习代表你的将来。我们都知道计算机技术发展日新月异,速度惊人的快,你我稍不留神,就会被慢慢淘汰!因此:每日不间断的学习是避免被淘汰的不二法宝。
十年河东十年河西,莫欺少年穷!
无聊,随便来点代码,刷刷成就感@
1、SQL注入攻击防范之关键字过滤
#region sql注入攻击 public static string[] words = { "select", "insert", "delete", "count(", "drop table", "update", "truncate", "asc(", "mid(", "char(", "xp_cmdshell", "exec", "master", "net", "and", "or", "where" }; public static string CheckParam(string Value) { Value = Value.Replace("'", ""); Value = Value.Replace(";", ""); Value = Value.Replace("--", ""); Value = Value.Replace("/**/", ""); return Value; } public static string CheckParamThrow(string Value) { for (int i = 0; i < words.Length; i++) { if (Value.IndexOf(words[i], StringComparison.OrdinalIgnoreCase) > 0) { string pattern = string.Format(@"[W]{0}[W]", words[i]); Regex rx = new Regex(pattern, RegexOptions.IgnoreCase); if (rx.IsMatch(Value)) throw new Exception("发现sql注入痕迹!"); } } return CheckParam(Value); } /// <summary> /// 查找是否含有非法参数 /// </summary> /// <param name="Value"></param> /// <returns></returns> public static bool CheckParamBool(string Value) { for (int i = 0; i < words.Length; i++) { if (Value.IndexOf(words[i], StringComparison.OrdinalIgnoreCase) > 0) return true; } return false; } #endregion
2、C#获取公网IP的方法
#region IP地址处理 /// <summary> /// 取得客户端真实IP。如果有代理则取第一个非内网地址 /// by flower.b /// </summary> public static string IPAddress { get { string result = String.Empty; result = HttpContext.Current.Request.ServerVariables["HTTP_X_FORWARDED_FOR"]; if (result != null && result != String.Empty) { //可能有代理 if (result.IndexOf(".") == -1) //没有“.”肯定是非IPv4格式 result = null; else { if (result.IndexOf(",") != -1) { //有“,”,估计多个代理。取第一个不是内网的IP。 result = result.Replace(" ", "").Replace("'", ""); string[] temparyip = result.Split(",;".ToCharArray()); for (int i = 0; i < temparyip.Length; i++) { if (IsIPAddress(temparyip[i]) && temparyip[i].Substring(0, 3) != "10." && temparyip[i].Substring(0, 7) != "192.168" && temparyip[i].Substring(0, 7) != "172.16.") { return temparyip[i]; //找到不是内网的地址 } } } else if (IsIPAddress(result)) //代理即是IP格式 return result; else result = null; //代理中的内容 非IP,取IP } } string IpAddress = (HttpContext.Current.Request.ServerVariables["HTTP_X_FORWARDED_FOR"] != null && HttpContext.Current.Request.ServerVariables["HTTP_X_FORWARDED_FOR"] != String.Empty) ? HttpContext.Current.Request.ServerVariables["HTTP_X_FORWARDED_FOR"] : HttpContext.Current.Request.ServerVariables["REMOTE_ADDR"]; if (null == result || result == String.Empty) result = HttpContext.Current.Request.ServerVariables["REMOTE_ADDR"]; if (result == null || result == String.Empty) result = HttpContext.Current.Request.UserHostAddress; return result; } } /// <summary> /// 判断是否是IP地址格式 0.0.0.0 /// </summary> /// <param name="str1">待判断的IP地址</param> /// <returns>true or false</returns> private static bool IsIPAddress(string str1) { if (str1 == null || str1 == string.Empty || str1.Length < 7 || str1.Length > 15) return false; string regformat = @"^d{1,3}[.]d{1,3}[.]d{1,3}[.]d{1,3}$"; Regex regex = new Regex(regformat, RegexOptions.IgnoreCase); return regex.IsMatch(str1); } #endregion
3、站点URL基本信息处理
#region 站点的基本url信息 /// <summary> /// 获取当前网站根地址 http://wwww.baidu.com /// </summary> public static string GetRootUrl() { return "http://" + HttpContext.Current.Request.Url.Host; } /// <summary> /// 获得网站的根目录的url,比如http://www.baidu.com /// </summary> /// <returns></returns> public static string getWebSite() { string website = "http://" + HttpContext.Current.Request.Url.Authority; return website; } /// <summary> /// 设当前页完整地址 /// 比如:http://www.jb51.net/aaa/bbb.aspx?id=5&name=kelli /// </summary> /// <returns></returns> public static string getTotalUrl() { string url = HttpContext.Current.Request.Url.ToString(); return url; } /// <summary> /// 取得网站根目录的物理路径 /// </summary> /// <returns></returns> public static string GetRootPath() { string AppPath = ""; HttpContext HttpCurrent = HttpContext.Current; if (HttpCurrent != null) { AppPath = HttpCurrent.Server.MapPath("~"); } else { AppPath = AppDomain.CurrentDomain.BaseDirectory; if (Regex.Match(AppPath, @"\$", RegexOptions.Compiled).Success) AppPath = AppPath.Substring(0, AppPath.Length - 1); } return AppPath; } #endregion
4、检索文件、文件夹
#region 检索文件 static System.Collections.ArrayList alst; /// <summary> /// 检索文件 /// </summary> /// <param name="dir">目录</param> /// <param name="Filetype">文件类型 .css .jpg</param> /// foreach (string f in readlist(Server.MapPath(@"/Manger/")))//xiaobaigang为文件夹名称 ///{ /// Response.Write(f); /// //this.ListBox1.Items.Add(f); ///} public static void GetFiles(string dir,string Filetype) { try { string[] files = Directory.GetFiles(dir);//得到文件 foreach (string file in files)//循环文件 { string exname = file.Substring(file.LastIndexOf(".") + 1);//得到后缀名 // if (".txt|.aspx".IndexOf(file.Substring(file.LastIndexOf(".") + 1)) > -1)//查找.txt .aspx结尾的文件 if (Filetype.IndexOf(file.Substring(file.LastIndexOf(".") + 1)) > -1)//如果后缀名为.txt文件 { FileInfo fi = new FileInfo(file);//建立FileInfo对象 alst.Add(fi.FullName);//把.txt文件全名加人到FileInfo对象 //if (File.Exists(fi.FullName)) //{ // File.Delete(fi.FullName); //} } } } catch { } } /// <summary> /// 获取CSS文件 /// </summary> /// <param name="dir"></param> public static void GetFiles(string dir) { try { string[] files = Directory.GetFiles(dir);//得到文件 foreach (string file in files)//循环文件 { string exname = file.Substring(file.LastIndexOf(".") + 1);//得到后缀名 // if (".txt|.aspx".IndexOf(file.Substring(file.LastIndexOf(".") + 1)) > -1)//查找.txt .aspx结尾的文件 if (".css".IndexOf(file.Substring(file.LastIndexOf(".") + 1)) > -1)//如果后缀名为.txt文件 { FileInfo fi = new FileInfo(file);//建立FileInfo对象 alst.Add(fi.FullName);//把.txt文件全名加人到FileInfo对象 //if (File.Exists(fi.FullName)) //{ // File.Delete(fi.FullName); //} } } } catch { } } public static string[] readlist(string path) { alst = new System.Collections.ArrayList();//建立ArrayList对象 GetDirs(path);//得到文件夹 return (string[])alst.ToArray(typeof(string));//把ArrayList转化为string[] } public static void GetDirs(string d)//得到所有文件夹 { GetFiles(d);//得到所有文件夹里面的文件 try { string[] dirs = Directory.GetDirectories(d); foreach (string dir in dirs) { GetDirs(dir);//递归 } } catch { } } #endregion
5、C#时间处理
#region 时间处理 /// <summary> /// 用于统计时间段内的天数 /// </summary> /// <param name="DateTime1">时间一</param> /// <param name="DateTime2">时间二</param> /// <returns></returns> public static int DayDiff(DateTime DateTime1, DateTime DateTime2) { TimeSpan ts1 = new TimeSpan(DateTime1.Ticks); TimeSpan ts2 = new TimeSpan(DateTime2.Ticks); TimeSpan ts = ts1.Subtract(ts2).Duration(); return ts.Days; } public static int MinutesDiff(DateTime DateTime1, DateTime DateTime2) { TimeSpan ts1 = new TimeSpan(DateTime1.Ticks); TimeSpan ts2 = new TimeSpan(DateTime2.Ticks); TimeSpan ts = ts1.Subtract(ts2).Duration(); return ts.Minutes; } /// <summary> /// 时间一减去时间二 /// </summary> /// <param name="DateTime1">时间一</param> /// <param name="DateTime2">时间二</param> /// <returns></returns> public static int DiffDay(DateTime DateTime1, DateTime DateTime2) { TimeSpan ts1 = new TimeSpan(DateTime1.Ticks); TimeSpan ts2 = new TimeSpan(DateTime2.Ticks); TimeSpan ts = ts1.Subtract(ts2); return ts.Days; } /// <summary> /// 时间格式转换 /// </summary> /// <param name="dt">时间</param> /// <returns>特定时间格式</returns> public static string GetDateFomatString(DateTime dt) { return string.Format("{0:yy年MM月dd日HH时mm分}", dt); } public static string GetDateFomatString() { return string.Format("{0:yy年MM月dd日HH时mm分}", DateTime.Now); } public static string GetDateFomatAllString(DateTime dt) { return string.Format("{0:yyyy-MM-dd HH:mm:ss}", dt); } public static string GetDateFomatAllString(object dt) { return string.Format("{0:yyyy-MM-dd HH:mm:ss}", dt); } public static string GetDateFomatStringSimple(object dt) { return string.Format("{0:yyyy-MM-dd}", dt); } #endregion
@陈卧龙的博客