| 以下是引用片段 : 以下为引用的内容 : #Region /// 过滤 html, JS, CSS 代码 /// <summary> /// 过滤 html, js, css 代码 /// </summary> /// <paramname = "html"> 参数传入 </param> /// <Returns> </returns> publicstaticstringcheckstr (stringhtml) { System.Text.RegularExpressions.RegExRegEx1 = newsystem.text.RegularExpressions.Regex (@"<Script [/s/s]+</script*>", System.Text.RegularExpressions.RegExoptions.ignorecase); System.text.RegularExpressions.RegExRegEx2 = newsystem.text.RegularexPressions.Regex (@"href*=*[/s/s]*skrip*:", System.Text.RegularExpressions.RegExoptions.ignorecase); System.Text.RegularExpressions.RegExRegEx3 = newsystem.text.RegularExpressions.Regex (@"No [/S/S/S]*=", System.Text.RegularExpressions.RegExoptions.ignorecase); System.text.RegularExpressions.RegExRegEx4 = newsystem.text.regularexpressions.regex (@"<iframe [/s/s]+</iframe*>", systex.text.regularexpressions.regexoptions.ignorecase); System.text.RegularExpressions.RegExRegEx5 = newsystem.text.RegularexPressions.Regex (@"<frameset [/s/s]+</frameset*>", Systex.Text.RegularexPressions.RegExOptions.ignorecase); System.Text.RegularExpressions.RegExRegEx6 = newsystem.text.RegularExpressions.Regex (@"/<img [^/>]+/>", System.Text.RegularExpressions.RegExOptions.ignorecase); System.text.RegularExpressions.RegExRegEx7 = newsystem.text.RegularexPressions.Regex (@"</p>", System.Text.RegularexPressions.RegExOptions.ignorecase); System.text.RegularExpressions.RegExRegEx8 = newsystem.text.RegularexPressions.Regex (@"<p>", System.Text.RegularexPressions.RegExOptions.ignorecase); System.text.RegularExpressions.RegExRegEx9 = newsystem.text.regularexpressions.Regex (@"<[^>]*>", System.Text.RegularExpressions.RegExoptions.ignorecase); html = regex1.replace (html, ""); // 过滤 <script> </cript> 标记 html = regex2.replace (html, ""); // 过滤 href = javascript :( <a>) 属性 html = regex3.replace (html, "_ disibledEvent ="); // 过滤其它控件的 on ... 事件 html = regex4.replace (html, ""); // 过滤 iframe html = regex5.replace (html, ""); // 过滤 frameset html = regex6.replace (html, ""); // 过滤 frameset html = regex7.replace (html, ""); // 过滤 frameset html = regex8.replace (html, ""); // 过滤 frameset html = regex9.replace (html, ""); html = html.replace ("", ""); html = html.replace ("</strong>", ""); html = html.replace ("<strong>", ""); returnhtml; } #endregion #region /// 过滤 p/p 代码 /// <summary> /// 过滤 p/p 代码 /// </summary> /// <paramname = "html"> 参数传入 </param> /// <Returns> </returns> publicstaticstringInputStr (stringhtml) { html = html.replace (@"/<img [^/>]+/>", ""); html = html.replace (@"<p>", ""); html = html.replace (@"</p>", ""); returnhtml; } #endregion /// <summary> /// 截取字符串 /// </summary> /// <paramname = "str"> </param> /// <paramname = "length"> </param> /// <Returns> </returns> protectedStringgetLength (stringstr, intlength) { stringstrr = str; if (str.length> length) { strr = str.substring (0, panjang)+"..."; } returnstrr; } |