系統日志和異常的處理②
上一講我們做了日志與異常的結果顯示列表,這一節我們講要把他應用系統中來。
首先我們在App.Common類庫中創建一個通用類ResultHelper,這個類裡面寫了,獲取一個GUID,獲取當前時間,處理字符串等操作,雖然我們目前要用到的一個就是獲取GUID但是以後我們可能還要用到別的,所以我都把他放進入了
然後在App.Admin創建一個核心文件夾,Core,放入LogHandler這個類是主要是寫入日志,避免在每次都要實例化這個類,我把他封裝起來,大家一看就知道。
然後修改Controller的Create方法,代碼如下一一給出。
using System;
using System.Web;
using System.Text.RegularExpressions;
namespace App.Common
{
public class ResultHelper
{
/// <summary>
/// 創建一個全球唯一的32位ID
/// </summary>
/// <returns>ID串</returns>
public static string NewId
{
get
{
string id = DateTime.Now.ToString("yyyyMMddHHmmssfffffff");
string guid = Guid.NewGuid().ToString().Replace("-", "");
id += guid.Substring(0, 10);
return id;
}
}
public static string NewTimeId
{
get
{
string id = DateTime.Now.ToString("yyyyMMddHHmmssfffffff");
return id;
}
}
/// <summary>
/// 截取字符串
/// </summary>
/// <param name="value">字符串</param>
/// <param name="length">剩下長度</param>
/// <returns>指定字符串並加...</returns>
public static string SubValue(string value, int length)
{
if (value.Length > length)
{
value = value.Substring(0, length); value = value + "..."; return NoHtml(value);
}
else { return NoHtml(value); }
}
//還原的時候
public static string InputText(string inputString)
{
if ((inputString != null) && (inputString != String.Empty))
{
inputString = inputString.Trim();
//if (inputString.Length > maxLength)
//inputString = inputString.Substring(0, maxLength);
inputString = inputString.Replace("<br>", "\n");
inputString = inputString.Replace("&", "&");
inputString = inputString.Replace("'", "''");
inputString = inputString.Replace("<", "<");
inputString = inputString.Replace(">", ">");
inputString = inputString.Replace("chr(60)", "<");
inputString = inputString.Replace("chr(37)", ">");
inputString = inputString.Replace("\"", """);
inputString = inputString.Replace(";", ";");
return inputString;
}
else
{
return "";
}
}
//添加的時候
public static string OutputText(string outputString)
{
if ((outputString != null) && (outputString != String.Empty))
{
outputString = outputString.Trim();
outputString = outputString.Replace("&", "&");
outputString = outputString.Replace("''", "'");
outputString = outputString.Replace("<", "<");
outputString = outputString.Replace(">", ">");
outputString = outputString.Replace("<", "chr(60)");
outputString = outputString.Replace(">", "chr(37)");
outputString = outputString.Replace(""", "\"");
outputString = outputString.Replace(";", ";");
outputString = outputString.Replace("\n", "<br>");
return outputString;
}
else
{
return "";
}
}
/// <summary>
/// 去除HTML標記
/// </summary>
/// <param name="NoHTML">包括HTML的源碼 </param>
/// <returns>已經去除後的文字</returns>
public static string NoHtml(string Htmlstring)
{
//刪除腳本
Htmlstring = Regex.Replace(Htmlstring, @"<script[^>]*?>.*?</script>", "", RegexOptions.IgnoreCase);
//刪除HTML
Htmlstring = Regex.Replace(Htmlstring, @"<(.[^>]*)>", "", RegexOptions.IgnoreCase);
Htmlstring = Regex.Replace(Htmlstring, @"([\r\n])[\s]+", "", RegexOptions.IgnoreCase);
Htmlstring = Regex.Replace(Htmlstring, @"-->", "", RegexOptions.IgnoreCase);
Htmlstring = Regex.Replace(Htmlstring, @"<!--.*", "", RegexOptions.IgnoreCase);
Htmlstring = Regex.Replace(Htmlstring, @"&(quot|#34);", "\"", RegexOptions.IgnoreCase);
Htmlstring = Regex.Replace(Htmlstring, @"&(amp|#38);", "&", RegexOptions.IgnoreCase);
Htmlstring = Regex.Replace(Htmlstring, @"&(lt|#60);", "<", RegexOptions.IgnoreCase);
Htmlstring = Regex.Replace(Htmlstring, @"&(gt|#62);", ">", RegexOptions.IgnoreCase);
Htmlstring = Regex.Replace(Htmlstring, @"&(nbsp|#160);", " ", RegexOptions.IgnoreCase);
Htmlstring = Regex.Replace(Htmlstring, @"&(iexcl|#161);", "\xa1", RegexOptions.IgnoreCase);
Htmlstring = Regex.Replace(Htmlstring, @"&(cent|#162);", "\xa2", RegexOptions.IgnoreCase);
Htmlstring = Regex.Replace(Htmlstring, @"&(pound|#163);", "\xa3", RegexOptions.IgnoreCase);
Htmlstring = Regex.Replace(Htmlstring, @"&(copy|#169);", "\xa9", RegexOptions.IgnoreCase);
Htmlstring = Regex.Replace(Htmlstring, @"&#(\d+);", "", RegexOptions.IgnoreCase);
Htmlstring = Regex.Replace(Htmlstring, @"…", "", RegexOptions.IgnoreCase);
Htmlstring = Regex.Replace(Htmlstring, @"—", "", RegexOptions.IgnoreCase);
Htmlstring = Regex.Replace(Htmlstring, @"“", "", RegexOptions.IgnoreCase);
Htmlstring.Replace("<", "");
Htmlstring = Regex.Replace(Htmlstring, @"”", "", RegexOptions.IgnoreCase);
Htmlstring.Replace(">", "");
Htmlstring.Replace("\r\n", "");
Htmlstring = HttpContext.Current.Server.HtmlEncode(Htmlstring).Trim();
return Htmlstring;
}
/// <summary>
/// 格式化文本(防止SQL注入)
/// </summary>
/// <param name="str"></param>
/// <returns></returns>
public static string Formatstr(string html)
{
System.Text.RegularExpressions.Regex regex1 = new System.Text.RegularExpressions.Regex(@"<script[\s\S]+</script *>", System.Text.RegularExpressions.RegexOptions.IgnoreCase);
System.Text.RegularExpressions.Regex regex2 = new System.Text.RegularExpressions.Regex(@" href *= *[\s\S]*script *:", System.Text.RegularExpressions.RegexOptions.IgnoreCase);
System.Text.RegularExpressions.Regex regex3 = new System.Text.RegularExpressions.Regex(@" on[\s\S]*=", System.Text.RegularExpressions.RegexOptions.IgnoreCase);
System.Text.RegularExpressions.Regex regex4 = new System.Text.RegularExpressions.Regex(@"<iframe[\s\S]+</iframe *>", System.Text.RegularExpressions.RegexOptions.IgnoreCase);
System.Text.RegularExpressions.Regex regex5 = new System.Text.RegularExpressions.Regex(@"<frameset[\s\S]+</frameset *>", System.Text.RegularExpressions.RegexOptions.IgnoreCase);
System.Text.RegularExpressions.Regex regex10 = new System.Text.RegularExpressions.Regex(@"select", System.Text.RegularExpressions.RegexOptions.IgnoreCase);
System.Text.RegularExpressions.Regex regex11 = new System.Text.RegularExpressions.Regex(@"update", System.Text.RegularExpressions.RegexOptions.IgnoreCase);
System.Text.RegularExpressions.Regex regex12 = new System.Text.RegularExpressions.Regex(@"delete", System.Text.RegularExpressions.RegexOptions.IgnoreCase);
html = regex1.Replace(html, ""); //過濾<script></script>標記
html = regex2.Replace(html, ""); //過濾href=javascript: (<A>) 屬性
html = regex3.Replace(html, " _disibledevent="); //過濾其它控件的on...事件
html = regex4.Replace(html, ""); //過濾iframe
html = regex10.Replace(html, "s_elect");
html = regex11.Replace(html, "u_pudate");
html = regex12.Replace(html, "d_elete");
html = html.Replace("'", "’");
html = html.Replace(" ", " ");
return html;
}
/// <summary>
/// 檢查SQL語句合法性
/// </summary>
/// <param name="sql"></param>
/// <returns></returns>
public static bool ValidateSQL(string sql, ref string msg)
{
if (sql.ToLower().IndexOf("delete") > 0)
{
msg = "查詢參數中含有非法語句DELETE";
return false;
}
if (sql.ToLower().IndexOf("update") > 0)
{
msg = "查詢參數中含有非法語句UPDATE";
return false;
}
if (sql.ToLower().IndexOf("insert") > 0)
{
msg = "查詢參數中含有非法語句INSERT";
return false;
}
return true;
}
//獲取當前時間
public static DateTime NowTime
{
get
{
return DateTime.Now;
}
}
/// <summary>
/// 將日期轉換成字符串
/// </summary>
/// <param name="dt">日期</param>
/// <returns>字符串</returns>
public static string DateTimeConvertString(DateTime? dt)
{
if (dt == null)
{
return "";
}
else
{
return Convert.ToDateTime(dt.ToString()).ToShortDateString();
}
}
/// <summary>
/// 將字符串轉換成日期
/// </summary>
/// <param name="str">字符串</param>
/// <returns>日期</returns>
public static DateTime? StringConvertDatetime(string str)
{
if (str == null)
{
return null ;
}
else
{
try
{
return Convert.ToDateTime(str);
}
catch {
return null;
}
}
}
public static string GetUserIP()
{
if (System.Web.HttpContext.Current.Request.ServerVariables["HTTP_VIA"] != null)
return System.Web.HttpContext.Current.Request.ServerVariables["HTTP_X_FORWARDED_FOR"].Split(new char[] { ',' })[0];
else
return System.Web.HttpContext.Current.Request.ServerVariables["REMOTE_ADDR"];
}
}
}
ResultHelper
