复制代码 代码如下:
<%
''''''''''''''''''''''''''''''''''''
Function ReplaceText(fString,patrn,replStr)
Set regEx = New RegExp ' 建立正则表达式。
regEx.Pattern = patrn ' 设置模式。
regEx.IgnoreCase = True ' 设置是否区分大小写。
regEx.Global = True ' 设置全局可用性。
ReplaceText = regEx.Replace(""&fString&"",""&replStr&"") ' 作替换。
Set regEx=nothing
End Function
''''''''''''''''''''''''''''''''''''
''''''''''''''''''''''''''''''''''''
Function HTMLEncode(fString)
fString=Trim(fString)
fString=Replace(fString,CHR(9),"")
fString=Replace(fString,CHR(13),"")
fString=Replace(fString,CHR(22),"")
fString=Replace(fString,CHR(38),"&") '“&”
fString=Replace(fString,CHR(32)," ") '“ ”
fString=Replace(fString,CHR(34),""") '“"”
fString=Replace(fString,CHR(37),"%") '“%”
fString=Replace(fString,CHR(39),"'") '“'”
fString=Replace(fString,CHR(42),"*") '“*”
fString=Replace(fString,CHR(43),"+") '“+”
fString=Replace(fString,CHR(44),",") '“,”
fString=Replace(fString,CHR(45)&CHR(45),"--") '“--”
fString=Replace(fString,CHR(92),"\") '“\”
'fString=Replace(fString,CHR(95),"_") '“_”
fString=Replace(fString,CHR(40),"(") '“(”
fString=Replace(fString,CHR(41),")") '“)”
fString=Replace(fString,CHR(60),"<") '“<”
fString=Replace(fString,CHR(62),">") '“>”
fString=Replace(fString,CHR(123),"{") '“{”
fString=Replace(fString,CHR(125),"}") '“}”
fString=Replace(fString,CHR(59),";") '“;”
fString=Replace(fString,CHR(10),"
")
fString=ReplaceText(fString,"([])([a-z0-9]*);","$1$2;")
fString=ReplaceText(fString,"(fuck|shit)",string(len("&$1&"),"*"))
if IsSqlDataBase=0 then '过滤片假名(日文字符)[\u30A0-\u30FF] by yuzi
fString=escape(fString)
fString=ReplaceText(fString,"%u30([A-F][0-F])","0$1;")
fString=unescape(fString)
end if
HTMLEncode=fString
End Function
''''''''''''''''''''''''''''''''''''
''''''''''''''''''''''''''''''''''''
Function RequestInt(fString)
RequestInt=Request(fString)
if IsNumeric(RequestInt) then
RequestInt=int(RequestInt)
else
RequestInt=0
end if
End Function
''''''''''''''''''''''''''''''''''''
UserName=HTMLEncode(unescape(Request.QueryString("UserName")))
UserNameLength=RequestInt("UserNameLength")
If len(UserName)<>UserNameLength Then
response.write "用户名非法!"
Else
response.write "用户名合法!"
End If
%>
HTMLEncode 函数是将用户名转换成合法字符的必须步骤。
RequestInt 函数主要根据输入有效字符的个数判断用户名是否包含空格。
调用方法:check.asp?UserName=用户名&UserNameLength=用户名长度
check.asp一般用于Ajax判断