C#对于字符串的处理类(剪裁、过滤危险字符、替换sql中有问题符号等)
2013年10月21日
⁄ 综合
⁄ 共 3595字 ⁄ 字号
小 中 大
-
using System;
-
using System.Collections.Generic;
-
using System.Linq;
-
using System.Text;
-
using System.Text.RegularExpressions;
-
-
namespace BIReportCenter.Utility
-
{
-
public class StringHelper
-
{
-
#region String length formatter
-
-
-
-
-
public static string Trim(string stringTrim, int maxLength)
-
{
-
return Trim(stringTrim, maxLength, "...");
-
}
-
-
-
-
-
-
-
-
public static string Trim(string rawString, int maxLength, string appendString)
-
{
-
if (string.IsNullOrEmpty(rawString) || rawString.Length <= maxLength)
-
{
-
return rawString;
-
}
-
else
-
{
-
int rawStringLength = Encoding.UTF8.GetBytes(rawString).Length;
-
if (rawStringLength <= maxLength * 2)
-
return rawString;
-
}
-
-
int appendStringLength = Encoding.UTF8.GetBytes(appendString).Length;
-
StringBuilder checkedStringBuilder = new StringBuilder();
-
int appendedLenth = 0;
-
for (int i = 0; i < rawString.Length; i++)
-
{
-
char _char = rawString[i];
-
checkedStringBuilder.Append(_char);
-
-
appendedLenth += Encoding.Default.GetBytes(new char[] { _char }).Length;
-
-
if (appendedLenth >= maxLength * 2 - appendStringLength)
-
break;
-
}
-
-
return checkedStringBuilder.ToString() + appendString;
-
}
-
-
-
#endregion
-
-
#region 特殊字符
-
-
-
-
-
-
-
public static bool IsSafeSqlString(string str)
-
{
-
return !Regex.IsMatch(str, @"[-|;|,|\/|\(|\)|\[|\]|\}|\{|%|@|\*|!|\']");
-
}
-
-
-
-
-
-
public static string StripSQLInjection(string sql)
-
{
-
if (!string.IsNullOrEmpty(sql))
-
{
-
-
string pattern1 = @"(\%27)|(\')|(\-\-)";
-
-
-
string pattern2 = @"((\%27)|(\'))\s*((\%6F)|o|(\%4F))((\%72)|r|(\%52))";
-
-
-
string pattern3 = @"\s+exec(\s|\+)+(s|x)p\w+";
-
-
sql = Regex.Replace(sql, pattern1, string.Empty, RegexOptions.IgnoreCase);
-
sql = Regex.Replace(sql, pattern2, string.Empty, RegexOptions.IgnoreCase);
-
sql = Regex.Replace(sql, pattern3, string.Empty, RegexOptions.IgnoreCase);
-
}
-
return sql;
-
}
-
-
public static string SQLSafe(string Parameter)
-
{
-
Parameter = Parameter.ToLower();
-
Parameter = Parameter.Replace("'", "");
-
Parameter = Parameter.Replace(">", ">");
-
Parameter = Parameter.Replace("<", "<");
-
Parameter = Parameter.Replace("\n", "<br>");
-
Parameter = Parameter.Replace("\0", "·");
-
return Parameter;
-
}
-
-