28,390
社区成员
发帖
与我相关
我的任务
分享纯文字评论提交的时候要过滤那些内容?
想用文本框做个简单的评论提交页面,要求过滤js脚本网页标签等等,但换行空格保留,总而言之最后的结果就像贴吧那样,不含被浏览器执行的内容.
请问一般要怎样书写代码,能否给个例子参考.
或者说有这方面写好的控件,我找了一下貌似功能都太强大.
请问一般要怎样书写代码,能否给个例子参考.
或者说有这方面写好的控件,我找了一下貌似功能都太强大.
...全文
请发表友善的回复…
发表回复
叫我梁大侠 2010-08-10
- 打赏
- 举报
可以选择简单的过滤全部HTNL代码:
Dim re
Set re=new RegExp
re.IgnoreCase =True
re.Global=True
re.Pattern="<(.[^>]*)>"
CleanHTML=re.Replace(str,"")
set re=Nothing
Dim re
Set re=new RegExp
re.IgnoreCase =True
re.Global=True
re.Pattern="<(.[^>]*)>"
CleanHTML=re.Replace(str,"")
set re=Nothing
KK3K2005 2010-08-10
- 打赏
- 举报
强制htmlcode输出
caizhuguanguan 2010-08-10
- 打赏
- 举报
3 楼不错
gaozhen1990 2010-08-10
- 打赏
- 举报
一般是替换 <>
lbcleo 2010-08-09
- 打赏
- 举报
<script type="text/javascript">
<!--
var str = '<ok>,-';
// 用Hash存储进行正则替换
String.prototype.multiReplace = function(hash){
var str = this, key;
for(key in hash){
if(Object.prototype.hasOwnProperty.call(hash, key)){
str = str.replace(new RegExp( key, 'g'), hash[key]);
}
}
return str;
}
str = str.multiReplace({
'&(?!#?\\w+;)' : '&' ,
'"([^"]*)"' : '“$1”' ,
'<' : '<' ,
'>' : '>' ,
'…' : '…',
'“' : '“' ,
'”' : '”' ,
'‘' : '‘' ,
'’' : '’' ,
'—' : '—' ,
'–' : '–'
});
alert(str);
//-->
</script>
<!--
var str = '<ok>,-';
// 用Hash存储进行正则替换
String.prototype.multiReplace = function(hash){
var str = this, key;
for(key in hash){
if(Object.prototype.hasOwnProperty.call(hash, key)){
str = str.replace(new RegExp( key, 'g'), hash[key]);
}
}
return str;
}
str = str.multiReplace({
'&(?!#?\\w+;)' : '&' ,
'"([^"]*)"' : '“$1”' ,
'<' : '<' ,
'>' : '>' ,
'…' : '…',
'“' : '“' ,
'”' : '”' ,
'‘' : '‘' ,
'’' : '’' ,
'—' : '—' ,
'–' : '–'
});
alert(str);
//-->
</script>
g497772921 2010-08-09
- 打赏
- 举报
过滤函数
Function IN_Replace(N_urlString)
N_urlString = Replace(N_urlString,"'","‘")
N_urlString = Replace(N_urlString, ";",";")
N_urlString = Replace(N_urlString, ">", ">")
N_urlString = Replace(N_urlString, "<", "<")
N_urlString = Replace(N_urlString, "<", "<")
N_urlString = Replace(N_urlString, "href", "")
N_urlString = Replace(N_urlString, "script", " ")
N_urlString = Replace(N_urlString, "iframe", " ")
N_urlString = Replace(N_urlString, "src", "")
N_urlString = Replace(N_urlString, "url", "")
N_urlString = Replace(N_urlString, "(", "(")
N_urlString = Replace(N_urlString, ")", ")")
N_urlString = Replace(N_urlString, "[", "『")
N_urlString = Replace(N_urlString, "]", "』")
IN_Replace = N_urlString
End Function
Function IN_Replace(N_urlString)
N_urlString = Replace(N_urlString,"'","‘")
N_urlString = Replace(N_urlString, ";",";")
N_urlString = Replace(N_urlString, ">", ">")
N_urlString = Replace(N_urlString, "<", "<")
N_urlString = Replace(N_urlString, "<", "<")
N_urlString = Replace(N_urlString, "href", "")
N_urlString = Replace(N_urlString, "script", " ")
N_urlString = Replace(N_urlString, "iframe", " ")
N_urlString = Replace(N_urlString, "src", "")
N_urlString = Replace(N_urlString, "url", "")
N_urlString = Replace(N_urlString, "(", "(")
N_urlString = Replace(N_urlString, ")", ")")
N_urlString = Replace(N_urlString, "[", "『")
N_urlString = Replace(N_urlString, "]", "』")
IN_Replace = N_urlString
End Function
lzp4881 2010-08-09
- 打赏
- 举报
替换<>为<>就行了
Dogfish 2010-08-09
- 打赏
- 举报
至少把html那些有害的代码去掉。如iframe等等。
Chronicle 2010-08-09
- 打赏
- 举报
sContent=Server.HtmlEncoder(Trim(Request.Form("content")))
sContent=Replace(SContent,vbCrLf,"<br/>")
sContent=Replace(SContent,Chr(9)," ")
ls几位好像都没有注意到换行,这样如何?
sContent=Replace(SContent,vbCrLf,"<br/>")
sContent=Replace(SContent,Chr(9)," ")
ls几位好像都没有注意到换行,这样如何?
