看看我写的代码,好郁闷,和乎。。。。

wangkunhong 2004-09-13 11:01:56
request.setCharacterEncoding("gb2312");
String Book_Name = request.getParameter("book_Name");
Book_Name = Book_Name.replaceAll("<","<");
Book_Name = Book_Name.replaceAll(">",">");
Book_Name = Book_Name.replaceAll(" ","  ");
Book_Name = Book_Name.replaceAll("#_#","#__#");
Book_Name = Book_Name.replaceAll("\n","<br>");
Book_Name = Book_Name.replaceAll("<!--newLine-->","");
String Book_Email = request.getParameter("email");
Book_Email = Book_Email.replaceAll("<","<");
Book_Email = Book_Email.replaceAll(">",">");
Book_Email = Book_Email.replaceAll(" ","  ");
Book_Email = Book_Email.replaceAll("#_#","#__#");
Book_Email = Book_Email.replaceAll("\n","<br>");
Book_Email = Book_Email.replaceAll("<!--newLine-->","");
String Book_Http = request.getParameter("http");
Book_Http = Book_Http.replaceAll("<","<");
Book_Http = Book_Http.replaceAll(">",">");
Book_Http = Book_Http.replaceAll(" ","  ");
Book_Http = Book_Http.replaceAll("#_#","#__#");
Book_Http = Book_Http.replaceAll("\n","<br>");
Book_Http = Book_Http.replaceAll("<!--newLine-->","");
String Book_Pic = request.getParameter("face");
String Book_Content = request.getParameter("body");
Book_Content = Book_Content.replaceAll("(,|;|\')","");
Book_Content = Book_Content.replaceAll("<","<");
Book_Content = Book_Content.replaceAll(">",">");
Book_Content = Book_Content.replaceAll(" ","  ");
Book_Content = Book_Content.replaceAll("#_#","#__#");
Book_Content = Book_Content.replaceAll("\n","<br>");
Book_Content = Book_Content.replaceAll("<!--newLine-->","");
String Book_Add = request.getParameter("area");
String Book_Qicq = request.getParameter("oicq");
Book_Qicq = Book_Qicq.replaceAll("<","<");
Book_Qicq = Book_Qicq.replaceAll(">",">");
Book_Qicq = Book_Qicq.replaceAll(" ","  ");
Book_Qicq = Book_Qicq.replaceAll("#_#","#__#");
Book_Qicq = Book_Qicq.replaceAll("\n","<br>");
Book_Qicq = Book_Qicq.replaceAll("<!--newLine-->","");
String Book_Tel = request.getParameter("oicq");
Book_Tel = Book_Tel.replaceAll("<","<");
Book_Tel = Book_Tel.replaceAll(">",">");
Book_Tel = Book_Tel.replaceAll(" ","  ");
Book_Tel = Book_Tel.replaceAll("#_#","#__#");
Book_Tel = Book_Tel.replaceAll("\n","<br>");
Book_Tel = Book_Tel.replaceAll("<!--newLine-->","");
有没有更好的,处理这种事情的方法啊,我这个简直是笨死了,但是我菜,5555。。。
...全文
148 点赞 收藏 21
写回复
21 条回复
切换为时间正序
当前发帖距今超过3年,不再开放新的回复
发表回复
redlaputa 2004-09-14
写个函数调用吧

public static String validString(String in) {
if(in==null){return null;}
else{
try {
in=in.replace('\'',' ');
in=in.replaceAll("<","<");
...

in=in.trim();
return in;
}
catch(Exception e) {
System.out.println(e.toString());
return "null";
}
}

}
回复
qyzj 2004-09-14
public static final String encodeHTMLTagForLine(String strSrc) {
int nLen;
if(strSrc == null || (nLen = strSrc.length()) <= 0)
return "";
StringBuffer sbEnc = new StringBuffer(nLen * 2);
for(int i = 0; i < nLen; i++) {
char c;
switch(c = strSrc.charAt(i)) {
case 60: // '<'
sbEnc.append("<");
break;
case 62: // '>'
sbEnc.append(">");
break;
case 38: // '&'
sbEnc.append("&");
break;
case 34: // '"'
sbEnc.append(""");
break;
case 39: // '\''
sbEnc.append("'");
break;
case '\n':
sbEnc.append(" ");
break;
default:
sbEnc.append(c);
break;
}
}
return sbEnc.toString();
}
回复
wangkunhong 2004-09-14
up
回复
wangkunhong 2004-09-14
<%@ page import="java.util.regex.*" %>
<%!
public class check{
public static String validString(String in){
if(in==null){return null;}
else{
try {
in=in.replace('\'',' ');
in=in.replaceAll("<","<");
in=in.replaceAll(">",">");
in=in.replaceAll(" ","  ");
in=in.replaceAll("#_#","#__#");
in=in.replaceAll("\n","<br>");
in=in.replaceAll("<!--newLine-->","");
in=in.trim();
return in;
}
catch(Exception e) {
System.out.println(e.toString());
return "null";
}
}
}
public static String outString(String in){
if(in==null){return null;}
else{
try {
in=in.replaceAll(" ","  ");
in=in.replaceAll("#_#","#__#");
in=in.replaceAll("\n","<br>");
in=in.replaceAll("<!--newLine-->","");
in=in.trim();
return in;
}
catch(Exception e) {
System.out.println(e.toString());
return "null";
}
}
}
}
%>
我这个也有错误。。。
Generated servlet error:
[javac] Compiling 1 source file

C:\tomcat\work\Catalina\localhost\_\org\apache\jsp\book\checkform_jsp.java:13: inner classes cannot have static declarations
public static String validString(String in){
^



An error occurred at line: 2 in the jsp file: /book/checkform.jsp

Generated servlet error:
C:\tomcat\work\Catalina\localhost\_\org\apache\jsp\book\checkform_jsp.java:33: inner classes cannot have static declarations
public static String outString(String in){
^
2 errors
回复
yehuiquan 2004-09-14
以上代码转载于“浪子留言版”
回复
yehuiquan 2004-09-14
import java.util.regex.*;

public class Check {
//替换字符
public static String insteadCode(String str,String regEx,String code){
Pattern p=Pattern.compile(regEx);
Matcher m=p.matcher(str);
String s=m.replaceAll(code);
return s;
}

//把内容替换成html格式,同时过滤掉html的标签
public static String toHTML(String sourcestr){
String targetstr=insteadCode(sourcestr,">",">");
targetstr=insteadCode(targetstr,"<","<");
targetstr=insteadCode(targetstr,"\n","<br>");
targetstr=insteadCode(targetstr," "," ");
return targetstr;
}
}
调用:
//因为'是数据库中的分界符,所以要转义'
usertruename=Check.insteadCode(usertruename,"'","''");
usertruename=Check.toHTML(usertruename);
回复
wangkunhong 2004-09-14
555555555,还是错误,
add_fsave_jsp.java:63: illegal start of expression
public static String validString(String in) {
^
1 error
回复
wangkunhong 2004-09-14
谢谢哈,我试一下
回复
chn217 2004-09-14
String Book_Content = validString(request.getParameter("body"));
回复
lecy 2004-09-14
就是自己些个类,就是处理字符串是否合法的函数,然后你就可以到处调用了,多美。
回复
wangkunhong 2004-09-14
up啊,我从昨天等到今天。。呵呵。。。
回复
wangkunhong 2004-09-14
谢谢喽,我本来就是才学习的唉,所以嘛。。呵呵。。。就不说啦。。。
回复
wsmall1 2004-09-14
to wangkunhong() ( )
在运行insert into 语句之前就要出处理好你接受的参数,至于你说的处理不了,那就只有返回给用户重新输入,这也说明你的程序的健壮性不好
回复
wangkunhong 2004-09-14
哎呀,我调用出错,5555。。
<%
public static String validString(String in) {
if(in==null){return null;}
else{
try {
in=in.replace('\'',' ');
in=in.replaceAll("<","<");
in=in.replaceAll(">",">");
in=in.replaceAll(" ","  ");
in=in.replaceAll("#_#","#__#");
in=in.replaceAll("\n","<br>");
in=in.replaceAll("<!--newLine-->","");
in=in.trim();
return in;
}
catch(Exception e) {
System.out.println(e.toString());
return "null";
}
}
}
public static String outString(String in) {
if(in==null){return null;}
else{
try {
in=in.replaceAll(" ","  ");
in=in.replaceAll("#_#","#__#");
in=in.replaceAll("\n","<br>");
in=in.replaceAll("<!--newLine-->","");
in=in.trim();
return in;
}
catch(Exception e) {
System.out.println(e.toString());
return "null";
}
}
}
%>

调用语句
String Book_Content = request.getParameter("body").validString;
错误:
org.apache.jasper.JasperException: Unable to compile class for JSP

An error occurred at line: 1 in the jsp file: /book/checkform.jsp

Generated servlet error:
[javac] Compiling 1 source file

C:\tomcat\work\Catalina\localhost\_\org\apache\jsp\book\add_005fsave_jsp.java:63: illegal start of expression
public static String validString(String in) {
^
1 error


org.apache.jasper.compiler.DefaultErrorHandler.javacError(DefaultErrorHandler.java:127)
org.apache.jasper.compiler.ErrorDispatcher.javacError(ErrorDispatcher.java:351)
org.apache.jasper.compiler.Compiler.generateClass(Compiler.java:415)
org.apache.jasper.compiler.Compiler.compile(Compiler.java:458)
org.apache.jasper.compiler.Compiler.compile(Compiler.java:439)
org.apache.jasper.JspCompilationContext.compile(JspCompilationContext.java:552)
org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:291)
org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:301)
org.apache.jasper.servlet.JspServlet.service(JspServlet.java:248)
javax.servlet.http.HttpServlet.service(HttpServlet.java:856)

回复
wangkunhong 2004-09-14
还有,如果接收过来的表单有特殊字符,你又不能替换掉,运行到insert into就会出错,咋办。。
回复
wangkunhong 2004-09-14
哎呀。。。。不要笑我嘛,呵呵,谢谢redlaputa(吾心如秋思,爱随雨后归)
回复
pigrain 2004-09-14
赫赫。。。很可爱啊。。做成函数就轻松啦
回复
xiangbo520 2004-09-14
呵呵,楼主很强悍啊!这样的东西都不作成函数。
回复
wangnewton 2004-09-14

同意楼上

或者写一个javabean同意处理应该更好
回复
wangkunhong 2004-09-13
55555就是过滤表单接收过来的特殊字符啊,哪位有没有好的主法啊,教一下啊
回复
加载更多回复
相关推荐
发帖
Web 开发
创建于2007-09-28

8.0w+

社区成员

Java Web 开发
申请成为版主
帖子事件
创建了帖子
2004-09-13 11:01
社区公告
暂无公告