一些常用自定义asp函数

过滤一些简单的特殊符号:

Function GetSafeStr(str)
    GetSafeStr=Replace(Replace(Replace(Replace(Replace(str,"'","‘"),"""","“"),"&",""),"<","<"),">",">")
End Function

function getip()
    Dim strIPAddr
    If Request.ServerVariables("HTTP_X_FORWARDED_FOR") = "" or InStr(Request.ServerVariables("HTTP_X_FORWARDED_FOR"), "unknown") > 0 Then
        strIPAddr = Request.ServerVariables("REMOTE_ADDR")
    ElseIf InStr(Request.ServerVariables("HTTP_X_FORWARDED_FOR"), ",") > 0 Then
        strIPAddr = Mid(Request.ServerVariables("HTTP_X_FORWARDED_FOR"), 1, InStr(Request.ServerVariables("HTTP_X_FORWARDED_FOR"), ",")-1)
    ElseIf InStr(Request.ServerVariables("HTTP_X_FORWARDED_FOR"), ";") > 0 Then
        strIPAddr = Mid(Request.ServerVariables("HTTP_X_FORWARDED_FOR"), 1, InStr(Request.ServerVariables("HTTP_X_FORWARDED_FOR"), ";")-1)
    Else
        strIPAddr = Request.ServerVariables("HTTP_X_FORWARDED_FOR")
    End If
    getIP = Trim(Mid(strIPAddr, 1, 30))
end function

'===============================================================
'函数名:RemoveHTML
'作  用:清除HTML标签
'参  数:strHTML 内容
'返回值:过滤HTML标签后的内容
'===============================================================
function RemoveHTML(strHTML)  
    Dim objRegExp, Match, Matches  
    Set objRegExp = New Regexp  
    
    objRegExp.IgnoreCase = True  
    objRegExp.Global = True  
    '取闭合的<>  
    objRegExp.Pattern = "<.+?>"  
    '进行匹配  
    Set Matches = objRegExp.Execute(strHTML)  
    
    '遍历匹配集合,并替换掉匹配的项目  
    For Each Match in Matches  
        strHtml=Replace(strHTML,Match.Value,"")  
    Next  
    RemoveHTML=strHTML  
    Set objRegExp = Nothing  
End function

Function IIF(Expression,ReturnTrue,ReturnFalse)
If Expression Then
IIF = ReturnTrue
Else
IIF = ReturnFalse
End If
End Function
'函数:全功能安全过滤函数
'参数:请求方式,过滤类型,请求名,值类型,默认值
Function SafeRequest(Requester,FilterType,RequestName,RequestType,DefaultValue)
Dim tmpValue
Select Case Requester
Case 0 : tmpValue = RequestName
Case 1 : tmpValue = Request(RequestName)
Case 2 : tmpValue = Request.Form(RequestName)
Case 3 : tmpValue = Request.QueryString(RequestName)
Case 4 : tmpValue = Request.Cookies(RequestName)
End Select

Select Case RequestType
Case 0
If Not IsNumeric(tmpValue) or Len(tmpValue) <=0 Then
tmpValue = CLng(DefaultValue)
Else
tmpValue = CLng(tmpValue)
End If
Case 1
If tmpValue="" or IsNull(tmpValue) Then tmpValue=DefaultValue
Select Case FilterType
Case 0 : tmpValue = tmpValue
Case 1 : tmpValue = SafeSql(tmpValue)
Case 2 : tmpValue = FilterHtml(tmpValue)
End Select
Case 2
If Not IsDate(tmpValue) or Len(tmpValue) <=0 Then
tmpValue = CDate(DefaultValue)
Else
tmpValue = CDate(tmpValue)
End If
End Select

SafeRequest = tmpValue
End Function

'函数:危险Sql过滤
'参数:Sql
'返回:过滤结果
Function SafeSql(str)
SafeSql = Replace(str, "'", "'")
End Function
'函数:过滤Html标签
'参数:字符串
'返回:过滤后的字符串
Function FilterHtml(str)
If IsNull(str) or str="" Then FilterHtml="" : Exit Function
Dim r
Set r = New RegExp
r.IgnoreCase = True
r.Global = True
r.MultiLine = True

r.Pattern = " <.+?>"
FilterHtml = r.Replace(str,"")
Set r = Nothing
End Function

function IsNumericStr(str)                
    IsNumericStr = true    
    str=LCase(str)            
    strSource ="0123456789"                
    for i=1 to len(str)                
      if InStr(strSource,mid(str,i,1)) <=0 then                
        IsNumericStr = false                
        exit for                
      end if                
    next                
end function

Rem 判断发言是否来自外部
'ChkPost=false 来自外部提交(非法)
'ChkPost=true  合法提交表单
'*************************************************************************************************
function ChkPost()
dim server_v1,server_v2
chkpost=false
server_v1=LCase(Cstr(Request.ServerVariables("HTTP_REFERER")))
server_v2=LCase(Cstr(Request.ServerVariables("SERVER_NAME")))
if mid(server_v1,8,len(server_v2)) <>server_v2 then
chkpost=false
else
chkpost=true
end if
end function

<%
Function GoRed(Str,keyword)
'***************************************
'GoRed函数 Str,搜索出来的内容,keyword 要替换的关键字
'***************************************
    Dim RegObj
    Set RegObj= New RegExp '定义新的正则表达式
  With RegObj
  .Global = True
  .IgnoreCase = True
  .Pattern="([.\n]*)("&Keyword&")([.\n]*)"
  GoRed=.Replace(Str,"$1 <font color='red'>$2 </font>$3")
  End With
  Set RegObj=Nothing
End Function
str="Fditffdsdads"
response.write str&"<br>"
response.write GoRed(str,"f")
%>

输出的结果是:F dit f f dsdads


<%
'此文件可以对整站提交文字进行过滤
'编写者:逸风
'编写日期:2008-6-4
'函数说明:对非法字符进行过滤
'这个函数将过滤所有非中文字符
function ClearString(str)
   dim re,str1,str2,i
   set re = new regexp
   re.Pattern = "^[\u4e00-\u9fa5\s\n\r\t]+$"
   for i=1 to len(str)
     str1 = mid(str,i,1)
     clearString = re.Test(str1)
     if clearString=true then
     str2 = str2&str1
     end if
   next
   str=str2
   ClearString = str
end function
function KillKey(str)
    KillKey=str
end function
'编写者:逸风
'编写日期:2008-6-4
'函数说明:对非法字符进行过滤
'这个函数将过滤所有非中文字符

function SearchKey(str)
Key="这里是非法字符 嘎嘎`~~CSDN也屏蔽的"
KeyArray=split(Key,",")
K=ubound(KeyArray)
str2=ClearString(str)
for i=0 to K
    if Instr(str2,KeyArray(i)) then
        response.Write("<font color=red>您所提交的信息中包含非法字符,请您返回后仔细检查所填写的内容然后再次提交您的信息!</font><a href='javascript:history.go(-1);'>返回</a><br/><font color=#0000FF>感谢您的支持!</font><br/>非法字符:" & KeyArray(i))
        response.End()
    end if
next
SearchKey=str
end function
function urldecode(encodestr)   'encodestr就是要解码的字符串
Dim newstr,havechar,lastchar,i,char_c,next_1_c,next_1_Num
newstr=""
havechar=false
lastchar=""
for i=1 to len(encodestr)
   char_c=mid(encodestr,i,1)
   if char_c="+" then
    newstr=newstr & " "
   elseif char_c="%" then
    next_1_c=mid(encodestr,i+1,2)
    next_1_num=cint("&H" & next_1_c)
  
    if havechar then
     havechar=false
     newstr=newstr & chr(cint("&H" & lastchar & next_1_c))
    else
     if abs(next_1_num)<=127 then
      newstr=newstr & chr(next_1_num)
     else
      havechar=true
      lastchar=next_1_c
     end if
    end if
    i=i+2
   else
    newstr=newstr & char_c
   end if
next
urldecode=newstr
end function

TempStr1=urldecode(request.QueryString)
TempStr2=urldecode(request.Form)
'查询提交的信息 如有非法字符 直接终止程序运行
SearchKey(TempStr1)
SearchKey(TempStr2)
%>


引用通告: 查看所有引用 | 我要引用此文章
Tags: 一些常用自定义asp函数
收藏到网摘:
评论: 0 | 引用: 0 | 查看次数: -
发表评论
昵 称:
密 码: 游客发言不需要密码.
内 容:
验证码: 验证码
选 项:
虽然发表评论不用注册,但是为了保护您的发言权,建议您注册帐号.