| 以下是引用片段: 以下为引用的内容: #region///过滤html,js,css代码 ///<summary> ///过滤html,js,css代码 ///</summary> ///<paramname="html">参数传入</param> ///<returns></returns> publicstaticstringcheckstr(stringhtml) { system.text.regularexpressions.regexregex1=newsystem.text.regularexpressions.regex(@"<script[/s/s]+</script*>",system.text.regularexpressions.regexoptions.ignorecase); system.text.regularexpressions.regexregex2=newsystem.text.regularexpressions.regex(@"href*=*[/s/s]*script*:",system.text.regularexpressions.regexoptions.ignorecase); system.text.regularexpressions.regexregex3=newsystem.text.regularexpressions.regex(@"no[/s/s]*=",system.text.regularexpressions.regexoptions.ignorecase); system.text.regularexpressions.regexregex4=newsystem.text.regularexpressions.regex(@"<iframe[/s/s]+</iframe*>",system.text.regularexpressions.regexoptions.ignorecase); system.text.regularexpressions.regexregex5=newsystem.text.regularexpressions.regex(@"<frameset[/s/s]+</frameset*>",system.text.regularexpressions.regexoptions.ignorecase); system.text.regularexpressions.regexregex6=newsystem.text.regularexpressions.regex(@"/<img[^/>]+/>",system.text.regularexpressions.regexoptions.ignorecase); system.text.regularexpressions.regexregex7=newsystem.text.regularexpressions.regex(@"</p>",system.text.regularexpressions.regexoptions.ignorecase); system.text.regularexpressions.regexregex8=newsystem.text.regularexpressions.regex(@"<p>",system.text.regularexpressions.regexoptions.ignorecase); system.text.regularexpressions.regexregex9=newsystem.text.regularexpressions.regex(@"<[^>]*>",system.text.regularexpressions.regexoptions.ignorecase); html=regex1.replace(html,"");//过滤<script></script>标记 html=regex2.replace(html,"");//过滤href=javascript:(<a>)属性 html=regex3.replace(html,"_disibledevent=");//过滤其它控件的on...事件 html=regex4.replace(html,"");//过滤iframe html=regex5.replace(html,"");//过滤frameset html=regex6.replace(html,"");//过滤frameset html=regex7.replace(html,"");//过滤frameset html=regex8.replace(html,"");//过滤frameset html=regex9.replace(html,""); html=html.replace("",""); html=html.replace("</strong>",""); html=html.replace("<strong>",""); returnhtml; } #endregion #region///过滤p/p代码 ///<summary> ///过滤p/p代码 ///</summary> ///<paramname="html">参数传入</param> ///<returns></returns> publicstaticstringinputstr(stringhtml) { html=html.replace(@"/<img[^/>]+/>",""); html=html.replace(@"<p>",""); html=html.replace(@"</p>",""); returnhtml; } #endregion ///<summary> ///截取字符串 ///</summary> ///<paramname="str"></param> ///<paramname="length"></param> ///<returns></returns> protectedstringgetlength(stringstr,intlength) { stringstrr=str; if(str.length>length) { strr=str.substring(0,length)+"..."; } returnstrr; } |