以下是本人在.net写的过程中总结
//验证用户输入的字符串中时候只含有数字或字母,汉字
bool IsValidString(string strIn)
{
return Regex.IsMatch(strIn,@"^[A-Za-z0-9/u4e00-/u9fa5]+$");
}
//验证电子邮件
bool IsValidEmail(string strIn)
{
return
Regex.IsMatch(strIn,@"^([/w-/.]+)@((/[[0-9]{1,3}/.[0-9]{1,3}/.[0-9]{1,3}/.)|(([/w-]+/.)+))([a-zA-Z]{2,4}|[0-9]{1,3})(/]?)$");
}
//验证用户输入的字符串中时候只含有数字或字母
bool IsValidString(string strIn)
{
return Regex.IsMatch(strIn,@"^[A-Za-z0-9]+$");
}
/// <summary>
/// 判断密码
/// </summary>
/// <param name="PassWord"></param>
/// <returns></returns>
public static bool IsValidPassWord(string PassWord)
{
return Regex.IsMatch(PassWord, @"^(/w){6,20}$");
}
/// <summary>
/// 判断电话/传真
/// </summary>
/// <param name="Tel"></param>
/// <returns></returns>
public static bool IsValidTel(string Tel)
{
return Regex.IsMatch(Tel, @"^[+]{0,1}(/d){1,3}[ ]?([-]?((/d)|[ ]){1,12})+$");
}
/// <summary>
/// 判断手机
/// </summary>
/// <param name="Mobil"></param>
/// <returns></returns>
public static bool IsValidMobil(string Mobil)
{
return Regex.IsMatch(Mobil, @"^(/d)+[-]?(/d){6,12}$");
}
/// <summary>
/// 邮政编码
/// </summary>
/// <param name="Zip"></param>
/// <returns></returns>
public static bool IsValidZip(string Zip)
{
return Regex.IsMatch(Zip, @"^[a-z0-9 ]{3,12}$");
}
/// <summary>
/// 判断日期
/// </summary>
/// <param name="Date"></param>
/// <returns></returns>
public static bool IsValidDate(string Date)
{
bool bValid=Regex.IsMatch(Date, @"^[12]{1}(/d){3}[-][01]?(/d){1}[-][0123]?(/d){1}$");
return (bValid && Date.CompareTo("1753-01-01")>=0);
}
//判断整型
/*public static bool IsValidInt(string Int)
{
return Regex.IsMatch(Int, @"^[1-9]{1}[0-9]{0,6}$");
}*/
/// <summary>
/// 判断只能输字母
/// </summary>
/// <param name="EnName"></param>
/// <returns></returns>
public static bool IsValidEnName(string EnName)
{
return Regex.IsMatch(EnName, @"[a-zA-Z]");
}
//去除输入的字符串中不合法的<>/"'%;()&
private string SanitizeInput(string input)
{
Regex badCharReplace = new Regex(@"^([<>""'%;()&])$");
string goodChars = badCharReplace.Replace(input, "");
return goodChars;
}
//用正则表达式过滤脚本
public string wipeScript(string html)
{
System.Text.RegularExpressions.Regex regex1 = new
System.Text.RegularExpressions.Regex(@"<script[/s/S]+</script
*>",System.Text.RegularExpressions.RegexOptions.IgnoreCase);
System.Text.RegularExpressions.Regex regex2 = new
System.Text.RegularExpressions.Regex(@" href *= *[/s/S]*script
*:",System.Text.RegularExpressions.RegexOptions.IgnoreCase);
System.Text.RegularExpressions.Regex regex3 = new
System.Text.RegularExpressions.Regex(@"
on[/s/S]*=",System.Text.RegularExpressions.RegexOptions.IgnoreCase);
System.Text.RegularExpressions.Regex regex4 = new
System.Text.RegularExpressions.Regex(@"<iframe[/s/S]+</iframe
*>",System.Text.RegularExpressions.RegexOptions.IgnoreCase);
System.Text.RegularExpressions.Regex regex5 = new
System.Text.RegularExpressions.Regex(@"<frameset[/s/S]+</frameset
*>",System.Text.RegularExpressions.RegexOptions.IgnoreCase);
html = regex1.Replace(html, ""); //过滤<script></script>标记
html = regex2.Replace(html, ""); //过滤href=javascript: (<A>) 属性
html = regex3.Replace(html, " _disibledevent="); //过滤其它控件的on...事件
html = regex4.Replace(html, ""); //过滤iframe
html = regex5.Replace(html, ""); //过滤frameset
return html;
}
//对输入的字符串是否含有<script></script>判断
public bool IsValidScript(string html)
{
return Regex.IsMatch(html,@"<script[/s/S]+</script *>");
}
//对输入的字符串是否含有href=javascript: (<A>)字符判断
public bool IsValidJavascript(string html)
{
return Regex.IsMatch(html,@" href *= *[/s/S]*script *:");
}
//对输入的字符串是否含有on...事件判断
public bool IsValidOn(string html)
{
return Regex.IsMatch(html,@" on[/s/S]*=");
}
//对输入的字符串是否含有iframe判断
public bool IsValidiframe(string html)
{
return Regex.IsMatch(html,@"<iframe[/s/S]+</iframe *>");
}
//对输入的字符是否含有frameset判断
public bool IsValidFrameset(string html)
{
return Regex.IsMatch(html,@"<frameset[/s/S]+</frameset *>");
} 但是好像.net对这些有自己的判断
过滤html脚本
string s = @"<span class='lframe-t-text'>今日<BR><font color='red'>热门新闻</font></span><div>adfadf</div>";
s = System.Text.RegularExpressions.Regex.Replace(s, "<[^>]+>", "");
Response.Write(s);