/********************************************** * 类作用: HTML格式辅助类 * 作者:开优网络 * http://www.kaiu.net ***********************************************/ using System; using System.Collections.Generic; using System.Text; using System.Text.RegularExpressions; namespace Svnhost.Common { public class HtmlUtils { /// <summary> /// 替换回车换行符为html换行符 /// </summary> public static string StrFormat(string str) { string str2; if (str == null) { str2 = ""; } else { str = str.Replace("\r\n", "<br />"); str = str.Replace("\n", "<br />"); str2 = str; } return str2; } public static string GetRealIP() { string ip = Request.GetIP(); return ip; } /// <summary> /// 改正sql语句中的转义字符 /// </summary> public static string mashSQL(string str) { string str2; if (str == null) { str2 = ""; } else { str = str.Replace("\'", "'"); str2 = str; } return str2; } /// <summary> /// 替换sql语句中的有问题符号 /// </summary> public static string ChkSQL(string str) { string str2; if (str == null) { str2 = ""; } else { str = str.Replace("'", "''"); str2 = str; } return str2; } /// <summary> /// 替换html字符 /// </summary> public static string EncodeHtml(string strHtml) { if (strHtml != "") { strHtml = strHtml.Replace(",", "&def"); strHtml = strHtml.Replace("'", "&dot"); strHtml = strHtml.Replace(";", "&dec"); return strHtml; } return ""; } /// <summary> /// 为脚本替换特殊字符串 /// </summary> /// <param name="str"></param> /// <returns></returns> public static string ReplaceStrToScript(string str) { str = str.Replace("\\", "\\\\"); str = str.Replace("'", "\\'"); str = str.Replace("\"", "\\\""); return str; } /// <summary> /// 移除Html标记 /// </summary> /// <param name="content"></param> /// <returns></returns> public static string RemoveHtml(string content) { string regexstr = @"<[^>]*>"; return Regex.Replace(content, regexstr, string.Empty, RegexOptions.IgnoreCase); } /// <summary> /// 过滤HTML中的不安全标签 /// </summary> /// <param name="content"></param> /// <returns></returns> public static string RemoveUnsafeHtml(string content) { content = Regex.Replace(content, @"(\<|\s+)o([a-z]+\s?=)", "$1$2", RegexOptions.IgnoreCase); content = Regex.Replace(content, @"(script|frame|form|meta|behavior|style)([\s|:|>])+", "$1.$2", RegexOptions.IgnoreCase); return content; } /// <summary> /// 从HTML中获取文本,保留br,p,img /// </summary> /// <param name="HTML"></param> /// <returns></returns> public static string GetTextFromHTML(string HTML) { System.Text.RegularExpressions.Regex regEx = new System.Text.RegularExpressions.Regex(@"</?(?!br|/?p|img)[^>]*>", System.Text.RegularExpressions.RegexOptions.IgnoreCase); return regEx.Replace(HTML, ""); } } }