zoukankan      html  css  js  c++  java
  • 在CSDN上看到的一个过滤方法,感觉还不错

            /// <summary>
            /// 把字符串中包含的敏感词替换成别的关键字
            /// </summary>
            /// <param name="s">原字符串</param>
            /// <param name="oldstr">要查找的敏感词</param>
            /// <param name="newstr">替换后的关键字</param>
            /// <returns>新的字符串</returns>
            private string ChangeSubStr(string s, string oldstr, string newstr)
            {
                if (s == null || s == "")
                    return "";
                //转为小写
                string s1 = s.ToLower();
                //获取第一个匹配项的索引值
                int i = s1.IndexOf(oldstr);
                //如果有匹配的(有关键字)
                while (i != -1)
                {
                    //截取有敏感词之前的内容
                    string l = s.Substring(0, i);
                    //截取敏感词之后的内容
                    string r = s.Substring(i + oldstr.Length);
                    //组合成新的内容
                    s = l + newstr + r;
                    s1 = s.ToLower();
                    i = s1.IndexOf(oldstr);
                }
                return s;
            }
    
            private void CheckForSQLs(HttpRequest Request, HttpResponse Response)
            {
                string[] sql = new string[] { "/*", "*/", "--", "'", "declare", "select", "into", "insert", "update", "delete", "drop", "create", "exec", "master" };
                string[] sqlc = new string[] { "/ *", "* /", "- -", "", "declare", "select", "into", "insert", "update", "delete", "drop", "create", "exec", "master" };
    
                //Form
    
                if (Request.Form.Count > 0)
                {
                    Type type = typeof(System.Collections.Specialized.NameObjectCollectionBase);// Request.Form.GetType();
                    PropertyInfo pi = type.GetProperty("IsReadOnly", BindingFlags.Instance | BindingFlags.NonPublic);
                    pi.SetValue(Request.Form, false, null);
    
                    for (int i = 0; i < Request.Form.Count; i++)
                    {
                        string s = Request.Form[i];
                        //查询每个敏感词,如果字符里含有敏感词,则替换成中文类型的字符
                        for (int j = 0; j < sql.Length; j++)
                            s = ChangeSubStr(s, sql[j], sqlc[j]);
                        Request.Form.Set(Request.Form.GetKey(i), s);
                    }
                    pi.SetValue(Request.Form, true, null);
                }
    
                //QueryString
                if (Request.QueryString.Count > 0)
                {
                    Type type = typeof(System.Collections.Specialized.NameObjectCollectionBase);// Request.Form.GetType();
                    PropertyInfo pi = type.GetProperty("IsReadOnly", BindingFlags.Instance | BindingFlags.NonPublic);
                    pi.SetValue(Request.QueryString, false, null);
    
                    for (int i = 0; i < Request.QueryString.Count; i++)
                    {
                        string s = Request.QueryString[i];
                        for (int j = 0; j < sql.Length; j++)
                            s = ChangeSubStr(s, sql[j], sqlc[j]);
                        Request.QueryString.Set(Request.QueryString.GetKey(i), s);
                    }
                    pi.SetValue(Request.QueryString, true, null);
                }
    
    
                //cookie
                for (int k = 0; k < Request.Cookies.Count; k++)
                {
                    HttpCookie c = Request.Cookies[k];
    
                    if (c.Values.Count > 0)
                    {
                        Type type = typeof(System.Collections.Specialized.NameObjectCollectionBase);// Request.Form.GetType();
                        PropertyInfo pi = type.GetProperty("IsReadOnly", BindingFlags.Instance | BindingFlags.NonPublic);
                        pi.SetValue(c.Values, false, null);
    
                        for (int i = 0; i < c.Values.Count; i++)
                        {
                            string s = c.Values[i];
                            for (int j = 0; j < sql.Length; j++)
                                s = ChangeSubStr(s, sql[j], sqlc[j]);
                            c.Values.Set(c.Values.GetKey(i), s);
                        }
                        pi.SetValue(c.Values, true, null);
                    }
    
                    Response.Cookies.Set(c);
                }
            }
  • 相关阅读:
    线段树专辑—— pku 1436 Horizontally Visible Segments
    线段树专辑——pku 3667 Hotel
    线段树专辑——hdu 1540 Tunnel Warfare
    线段树专辑—— hdu 1828 Picture
    线段树专辑—— hdu 1542 Atlantis
    线段树专辑 —— pku 2482 Stars in Your Window
    线段树专辑 —— pku 3225 Help with Intervals
    线段树专辑—— hdu 1255 覆盖的面积
    线段树专辑—— hdu 3016 Man Down
    Ajax跨域访问
  • 原文地址:https://www.cnblogs.com/qiywtc/p/4586176.html
Copyright © 2011-2022 走看看