这只是一个方法,如果连方法都不会用的人。不好意思,我还没有见过
protected void AspNetPager1_PageChanged(object sender, EventArgs e)
{
DataSet dt = GetDataSet();
Repeater1.DataSource = dt;
Repeater1.DataBind();
}
public string checkStr(string html)
{
System.Text.RegularExpressions.Regex regex1 = new System.Text.RegularExpressions.Regex(@"<script[\s\S]+</script *>", System.Text.RegularExpressions.RegexOptions.IgnoreCase);
System.Text.RegularExpressions.Regex regex2 = new System.Text.RegularExpressions.Regex(@" href *= *[\s\S]*script *:", System.Text.RegularExpressions.RegexOptions.IgnoreCase);
System.Text.RegularExpressions.Regex regex3 = new System.Text.RegularExpressions.Regex(@" no[\s\S]*=", System.Text.RegularExpressions.RegexOptions.IgnoreCase);
System.Text.RegularExpressions.Regex regex4 = new System.Text.RegularExpressions.Regex(@"<iframe[\s\S]+</iframe *>", System.Text.RegularExpressions.RegexOptions.IgnoreCase);
System.Text.RegularExpressions.Regex regex5 = new System.Text.RegularExpressions.Regex(@"<frameset[\s\S]+</frameset *>", System.Text.RegularExpressions.RegexOptions.IgnoreCase);
System.Text.RegularExpressions.Regex regex6 = new System.Text.RegularExpressions.Regex(@"\<img[^\>]+\>", System.Text.RegularExpressions.RegexOptions.IgnoreCase);
System.Text.RegularExpressions.Regex regex7 = new System.Text.RegularExpressions.Regex(@"</p>", System.Text.RegularExpressions.RegexOptions.IgnoreCase);
System.Text.RegularExpressions.Regex regex8 = new System.Text.RegularExpressions.Regex(@"<p>", System.Text.RegularExpressions.RegexOptions.IgnoreCase);
System.Text.RegularExpressions.Regex regex9 = new System.Text.RegularExpressions.Regex(@"<[^>]*>", System.Text.RegularExpressions.RegexOptions.IgnoreCase);
System.Text.RegularExpressions.Regex regex10 = new System.Text.RegularExpressions.Regex(@"<BR/>", System.Text.RegularExpressions.RegexOptions.IgnoreCase);
System.Text.RegularExpressions.Regex regex11 = new System.Text.RegularExpressions.Regex(@"<BR>", System.Text.RegularExpressions.RegexOptions.IgnoreCase);
html = regex1.Replace(html, ""); //过滤<script></script>标记
html = regex2.Replace(html, ""); //过滤href=javascript: (<A>) 属性
html = regex3.Replace(html, " _disibledevent="); //过滤其它控件的on...事件
html = regex4.Replace(html, ""); //过滤iframe
html = regex5.Replace(html, ""); //过滤frameset
html = regex6.Replace(html, ""); //过滤frameset
html = regex7.Replace(html, ""); //过滤frameset
html = regex8.Replace(html, ""); //过滤frameset
html = regex9.Replace(html, "");
html = regex10.Replace(html, "");
html = regex11.Replace(html, "");
html = html.Replace(" ", "");
html = html.Replace(" ", "");
html = html.Replace(" ", "");
html = html.Replace("</strong>", "");
html = html.Replace("<strong>", "");
return html;
}
又来一个方法
public static string Filter(string str, string mode)
{
mode = mode.ToLower();
switch (mode)
{
case "html":
str = str.Replace("\r\n", "\n");
str = str.Replace("'", "'");
str = str.Replace("\"", """);
str = str.Replace("<", "<");
str = str.Replace(">", ">");
str = str.Replace("\n", "<br />");
break;
//case "nohtml":
// str = str.Replace(str, "<[^>]*>", "");
// break;
case "sql1":
str = str.Replace("'", "");
str = str.Replace(";", "");
break;
case "htmltojs":
str = str.Replace("\r\n", "\n");
str = str.Replace(@"\", @"\\");
str = str.Replace("'", "\\\'");
str = str.Replace("\"", "\\\"");
str = str.Replace("/", "\\/");
str = str.Replace("\n", "<br />");
str = str.Replace(" ", " ");
break;
default:
str = str.Replace("'", "''");
str = str.Replace(";", ";");
break;
}
return str;
}
