誰能告訴我如何在ASP(經典)中去除所有特殊字符(<>,/ \'%;()& + - *)?去除所有特殊字符
這是我有,但它不工作。
Function RemoveBad(strTemp)
Dim regEx
Set regEx = New RegExp
regEx.IgnoreCase = True
regEx.Pattern = "[/\<|\>|\|\'|\%|\;|\(|\)|\&|\+|\-/g]"
RemoveBad = replace(strTemp,regEx.Pattern," ")
End Function
爲了防止XSS,所有你需要的是這個;
function RemoveBad(strTemp)
RemoveBad = server.htmlencode(strTemp)
end function
使用RegExp.Replace方法:
RemoveBad = regEx.Replace(strTemp, "")
您可以在函數中使用了一系列replcae語句
Function RemoveBad(strTemp)
strTemp = REPLACE(strTemp, Chr(1), '')
strTemp = REPLACE(strTemp, Chr(2), '')
strTemp = REPLACE(strTemp, Chr(3), '')
strTemp = REPLACE(strTemp, Chr(4), '')
strTemp = REPLACE(strTemp, Chr(5), '')
strTemp = REPLACE(strTemp, Chr(6), '')
strTemp = REPLACE(strTemp, Chr(7), '')
strTemp = REPLACE(strTemp, Chr(8), '')
strTemp = REPLACE(strTemp, Chr(9), '')
strTemp = REPLACE(strTemp, Chr(10), '')
strTemp = REPLACE(strTemp, Chr(11), '')
strTemp = REPLACE(strTemp, Chr(12), '')
strTemp = REPLACE(strTemp, Chr(13), '')
strTemp = REPLACE(strTemp, Chr(14), '')
strTemp = REPLACE(strTemp, Chr(15), '')
strTemp = REPLACE(strTemp, Chr(16), '')
strTemp = REPLACE(strTemp, Chr(17), '')
strTemp = REPLACE(strTemp, Chr(18), '')
strTemp = REPLACE(strTemp, Chr(19), '')
strTemp = REPLACE(strTemp, Chr(20), '')
strTemp = REPLACE(strTemp, Chr(21), '')
strTemp = REPLACE(strTemp, Chr(22), '')
strTemp = REPLACE(strTemp, Chr(23), '')
strTemp = REPLACE(strTemp, Chr(24), '')
strTemp = REPLACE(strTemp, Chr(25), '')
strTemp = REPLACE(strTemp, Chr(26), '')
strTemp = REPLACE(strTemp, Chr(27), '')
strTemp = REPLACE(strTemp, Chr(28), '')
strTemp = REPLACE(strTemp, Chr(29), '')
strTemp = REPLACE(strTemp, Chr(30), '')
strTemp = REPLACE(strTemp, Chr(31), '')
' Add as many replace statements as you need
End Function
我想知道是否可以通過將它粘貼在for循環中使它更易於閱讀? – 2017-04-13 05:08:23
您需要定義*正是*你的意思是「特殊字符」。 – 2012-02-14 21:13:42
爲什麼你需要去掉它們呢? – Neil 2012-02-14 22:03:30
防止跨站腳本。 – Ram 2012-02-14 22:28:57