标签:rop summary 数据库 cmdshell insert ignore stat spec replace
直接操作下面代码即可获取你想要的:
/// <summary> /// 去除HTML标记 /// </summary> /// <param name="NoHTML">包括HTML的源码 </param> /// <param name="isClearSpechars">去除特殊字符 </param> /// <returns>已经去除后的文字</returns> public static string NoHTML(string htmlstring, bool isClearSpechars = true) { if (String.IsNullOrEmpty(htmlstring)) { return string.Empty; } //删除脚本 htmlstring = Regex.Replace(htmlstring, @"<script[^>]*?>.*?</script>", "", RegexOptions.IgnoreCase); //删除HTML htmlstring = Regex.Replace(htmlstring, @"<(.[^>]*)>", "", RegexOptions.IgnoreCase); htmlstring = Regex.Replace(htmlstring, @"([\r\n])[\s]+", "", RegexOptions.IgnoreCase); htmlstring = Regex.Replace(htmlstring, @"-->", "", RegexOptions.IgnoreCase); htmlstring = Regex.Replace(htmlstring, @"<!--.*", "", RegexOptions.IgnoreCase); htmlstring = Regex.Replace(htmlstring, @"&(quot|#34);", "\"", RegexOptions.IgnoreCase); htmlstring = Regex.Replace(htmlstring, @"&(amp|#38);", "&", RegexOptions.IgnoreCase); htmlstring = Regex.Replace(htmlstring, @"&(lt|#60);", "<", RegexOptions.IgnoreCase); htmlstring = Regex.Replace(htmlstring, @"&(gt|#62);", ">", RegexOptions.IgnoreCase); htmlstring = Regex.Replace(htmlstring, @"&(nbsp|#160);", " ", RegexOptions.IgnoreCase); htmlstring = Regex.Replace(htmlstring, @"&(iexcl|#161);", "\xa1", RegexOptions.IgnoreCase); htmlstring = Regex.Replace(htmlstring, @"&(cent|#162);", "\xa2", RegexOptions.IgnoreCase); htmlstring = Regex.Replace(htmlstring, @"&(pound|#163);", "\xa3", RegexOptions.IgnoreCase); htmlstring = Regex.Replace(htmlstring, @"&(copy|#169);", "\xa9", RegexOptions.IgnoreCase); htmlstring = Regex.Replace(htmlstring, @"&#(\d+);", "", RegexOptions.IgnoreCase); htmlstring = Regex.Replace(htmlstring, "xp_cmdshell", "", RegexOptions.IgnoreCase); //删除与数据库相关的词--可以根据个人要求进行删除添加 htmlstring = Regex.Replace(htmlstring, "select", "", RegexOptions.IgnoreCase); htmlstring = Regex.Replace(htmlstring, "insert", "", RegexOptions.IgnoreCase); htmlstring = Regex.Replace(htmlstring, "delete from", "", RegexOptions.IgnoreCase); htmlstring = Regex.Replace(htmlstring, "count‘‘", "", RegexOptions.IgnoreCase); htmlstring = Regex.Replace(htmlstring, "drop table", "", RegexOptions.IgnoreCase); htmlstring = Regex.Replace(htmlstring, "truncate", "", RegexOptions.IgnoreCase); htmlstring = Regex.Replace(htmlstring, "asc", "", RegexOptions.IgnoreCase); htmlstring = Regex.Replace(htmlstring, "mid", "", RegexOptions.IgnoreCase); htmlstring = Regex.Replace(htmlstring, "char", "", RegexOptions.IgnoreCase); htmlstring = Regex.Replace(htmlstring, "xp_cmdshell", "", RegexOptions.IgnoreCase); htmlstring = Regex.Replace(htmlstring, "exec master", "", RegexOptions.IgnoreCase); htmlstring = Regex.Replace(htmlstring, "net localgroup administrators", "", RegexOptions.IgnoreCase); htmlstring = Regex.Replace(htmlstring, "and", "", RegexOptions.IgnoreCase); htmlstring = Regex.Replace(htmlstring, "net user", "", RegexOptions.IgnoreCase); htmlstring = Regex.Replace(htmlstring, "or", "", RegexOptions.IgnoreCase); htmlstring = Regex.Replace(htmlstring, "net", "", RegexOptions.IgnoreCase); htmlstring = Regex.Replace(htmlstring, "*", "", RegexOptions.IgnoreCase); htmlstring = Regex.Replace(htmlstring, "-", "", RegexOptions.IgnoreCase); htmlstring = Regex.Replace(htmlstring, "delete", "", RegexOptions.IgnoreCase); htmlstring = Regex.Replace(htmlstring, "drop", "", RegexOptions.IgnoreCase); htmlstring = Regex.Replace(htmlstring, "script", "", RegexOptions.IgnoreCase); if (isClearSpechars) { //特殊的字符 htmlstring = htmlstring.Replace("<", ""); htmlstring = htmlstring.Replace(">", ""); htmlstring = htmlstring.Replace("*", ""); htmlstring = htmlstring.Replace("-", ""); htmlstring = htmlstring.Replace("?", ""); htmlstring = htmlstring.Replace("‘", "‘‘"); htmlstring = htmlstring.Replace(",", ""); htmlstring = htmlstring.Replace("/", ""); htmlstring = htmlstring.Replace(";", ""); htmlstring = htmlstring.Replace("*/", ""); htmlstring = htmlstring.Replace("\r\n", ""); } htmlstring = System.Web.HttpUtility.HtmlEncode(htmlstring).Trim(); return htmlstring; }
标签:rop summary 数据库 cmdshell insert ignore stat spec replace
原文地址:https://www.cnblogs.com/yueyongsheng/p/12622417.html