这个函数是必需要的,很多黑客来捣乱,黑掉数据库,会注入大量的病毒js,在存储和展示文本数据的时候,使用此函数过滤一下,可避免不少麻烦
clearhtml代码
'清除HTML代码 function clearhtml(content) content=replacehtml("&#[^>]*;","",content) content=replacehtml("</?marquee[^>]*>","",content) content=replacehtml("</?object[^>]*>","",content) content=replacehtml("</?param[^>]*>","",content) content=replacehtml("</?embed[^>]*>","",content) content=replacehtml("</?table[^>]*>","",content) content=replacehtml(" ","",content) content=replacehtml("</?tr[^>]*>","",content) content=replacehtml("</?th[^>]*>","",content) content=replacehtml("</?p[^>]*>","",content) content=replacehtml("</?a[^>]*>","",content) content=replacehtml("</?img[^>]*>","",content) content=replacehtml("</?tbody[^>]*>","",content) content=replacehtml("</?li[^>]*>","",content) content=replacehtml("</?span[^>]*>","",content) content=replacehtml("</?div[^>]*>","",content) content=replacehtml("</?th[^>]*>","",content) content=replacehtml("</?td[^>]*>","",content) content=replacehtml("</?script[^>]*>","",content) content=replacehtml("(javascript|jscript|vbscript|vbs):","",content) content=replacehtml("on(mouse|exit|error|click|key)","",content) content=replacehtml("<\\?xml[^>]*>","",content) content=replacehtml("<\/?[a-z]+:[^>]*>","",content) content=replacehtml("</?font[^>]*>","",content) content=replacehtml("</?h[^>]*>","",content) content=replacehtml("</?u[^>]*>","",content) content=replacehtml("</?i[^>]*>","",content) content=replacehtml("</?center[^>]*>","",content) content=replacehtml("</?center[^>]*>","",content) content=replacehtml("</?nobr[^>]*>","",content) content=replacehtml("</?clk[^>]*>","",content) content=replacehtml("</?muti[^>]*>","",content) content=replacehtml("</?/option[^>]*>","",content) content=replacehtml("</?o[^>]*>","",content) content=replacehtml("</?strong[^>]*>","",content) clearhtml=content end function
replacehtml代码
function replacehtml(patrn,strng,content) if isnull(content) then content="" end if set regex=new regexp regex.pattern=patrn regex.ignorecase=true regex.global=true replacehtml=regex.replace(content,strng) end function
使用方法:
以上就是本文所述的全部内容了,希望大家能够喜欢。
本文转载自微信公众号「SQL数据库」,作者丶平凡世界 。转载本文请联系开发公众...
本文转载自微信公众号「SH的全栈笔记」,作者SH。转载本文请联系SH的全栈笔记公...
idea官方推送了2020.2.4版本的更新,那么大家最关心的问题来了,之前激活idea202...
本文实例讲述了AJAX+Servlet实现的数据处理显示功能。分享给大家供大家参考,具...
大家好,我是狂聊君。 今天来聊一聊 Mysql 缓存池原理。 提纲附上,话不多说,直...
问题:我们在做flex的开发中,如果用到别人搭建好的框架,而别人的server名称往...
CKeditor,以前叫FCKeditor,已经使用过好多年了,功能自然没的说。最近升级到3....
前言 项目开发中不管是前台还是后台都会遇到烦人的null,数据库表中字段允许空值...
来源:DeepenStudy 漏洞文件:js.asp % Dimoblog setoblog=newclass_sys oblog.a...
在Flash Player 10.1及以上版本中,adobe新增了全局错误处理程序UncaughtErrorEv...