check.asp
復制代碼 代碼如下:
<%
''''''''''''''''''''''''''''''''''''
Function ReplaceText(fString,patrn,replStr)
Set regEx = New RegExp ' 建立正則表達式。
regEx.Pattern = patrn ' 設置模式。
regEx.IgnoreCase = True ' 設置是否區分大小寫。
regEx.Global = True ' 設置全局可用性。
ReplaceText = regEx.Replace(""&fString&"",""&replStr&"") ' 作替換。
Set regEx=nothing
End Function
''''''''''''''''''''''''''''''''''''
''''''''''''''''''''''''''''''''''''
Function HTMLEncode(fString)
fString=Trim(fString)
fString=Replace(fString,CHR(9),"")
fString=Replace(fString,CHR(13),"")
fString=Replace(fString,CHR(22),"")
fString=Replace(fString,CHR(38),"&") '“&”
fString=Replace(fString,CHR(32)," ") '“ ”
fString=Replace(fString,CHR(34),""") '“"”
fString=Replace(fString,CHR(37),"%") '“%”
fString=Replace(fString,CHR(39),"'") '“'”
fString=Replace(fString,CHR(42),"*") '“*”
fString=Replace(fString,CHR(43),"+") '“+”
fString=Replace(fString,CHR(44),",") '“,”
fString=Replace(fString,CHR(45)&CHR(45),"--") '“--”
fString=Replace(fString,CHR(92),"\") '“\”
'fString=Replace(fString,CHR(95),"_") '“_”
fString=Replace(fString,CHR(40),"(") '“(”
fString=Replace(fString,CHR(41),")") '“)”
fString=Replace(fString,CHR(60),"<") '“<”
fString=Replace(fString,CHR(62),">") '“>”
fString=Replace(fString,CHR(123),"{") '“{”
fString=Replace(fString,CHR(125),"}") '“}”
fString=Replace(fString,CHR(59),";") '“;”
fString=Replace(fString,CHR(10),"<br>")
fString=ReplaceText(fString,"([])([a-z0-9]*);","$1$2;")
fString=ReplaceText(fString,"(fuck|shit)",string(len("&$1&"),"*"))
if IsSqlDataBase=0 then '過濾片假名(日文字符)[\u30A0-\u30FF] by yuzi
fString=escape(fString)
fString=ReplaceText(fString,"%u30([A-F][0-F])","0$1;")
fString=unescape(fString)
end if
HTMLEncode=fString
End Function
''''''''''''''''''''''''''''''''''''
''''''''''''''''''''''''''''''''''''
Function RequestInt(fString)
RequestInt=Request(fString)
if IsNumeric(RequestInt) then
RequestInt=int(RequestInt)
else
RequestInt=0
end if
End Function
''''''''''''''''''''''''''''''''''''
UserName=HTMLEncode(unescape(Request.QueryString("UserName")))
UserNameLength=RequestInt("UserNameLength")
If len(UserName)<>UserNameLength Then
response.write "用戶名非法!"
Else
response.write "用戶名合法!"
End If
%>
HTMLEncode 函數是將用戶名轉換成合法字符的必須步驟。
RequestInt 函數主要根據輸入有效字符的個數判斷用戶名是否包含空格。
調用方法:check.asp?UserName=用戶名&UserNameLength=用戶名長度
check.asp一般用於Ajax判斷