sing System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Collections;
using System.Text.RegularExpressions;
namespace BIReportCenter.Utility
{
public class StringHelper
{
#region String length formatter
///
/// 對字元串進行裁剪
///
public static string Trim(string stringTrim, int maxLength)
{
return Trim(stringTrim, maxLength, "...");
}
///
/// 對字元串進行裁剪(區分單位元組及雙位元組字元)
///
/// 需要裁剪的字元串
/// 裁剪的長度,按雙位元組計數
/// 如果進行了裁剪需要附加的字元
public static string Trim(string rawString, int maxLength, string appendString)
{
if (string.IsNullOrEmpty(rawString) || rawString.Length <= maxLength)
{
return rawString;
}
else
{
int rawStringLength = Encoding.UTF8.GetBytes(rawString).Length;
if (rawStringLength <= maxLength * 2)
return rawString;
}
int appendStringLength = Encoding.UTF8.GetBytes(appendString).Length;
StringBuilder checkedStringBuilder = new StringBuilder();
int appendedLenth = 0;
for (int i = 0; i < rawString.Length; i++)
{
char _char = rawString[i];
checkedStringBuilder.Append(_char);
appendedLenth += Encoding.Default.GetBytes(new char[] { _char }).Length;
if (appendedLenth >= maxLength * 2 - appendStringLength)
break;
}
return checkedStringBuilder.ToString() + appendString;
}
#endregion
#region 特殊字元
///
/// 檢測是否有Sql危險字元
///
/// 要判斷字元串
/// 判斷結果
public static bool IsSafeSqlString(string str)
{
return !Regex.IsMatch(str, @"[-|;|,|\/|\(|\)|\[|\]|\}|\{|%|@|\*|!|\']");
}
///
/// 删除SQL注入特殊字元
/// 解然 20070622加入對輸入參數sql為Null的判斷
///
public static string StripSQLInjection(string sql)
{
if (!string.IsNullOrEmpty(sql))
{
//過濾 ' --
string pattern1 = @"(\%27)|(\')|(\-\-)";
//防止執行 ' or
string pattern2 = @"((\%27)|(\'))\s*((\%6F)|o|(\%4F))((\%72)|r|(\%52))";
//防止執行sql server 内部存儲過程或擴充存儲過程
string pattern3 = @"\s+exec(\s|\+)+(s|x)p\w+";
sql = Regex.Replace(sql, pattern1, string.Empty, RegexOptions.IgnoreCase);
sql = Regex.Replace(sql, pattern2, string.Empty, RegexOptions.IgnoreCase);
sql = Regex.Replace(sql, pattern3, string.Empty, RegexOptions.IgnoreCase);
}
return sql;
}
public static string SQLSafe(string Parameter)
{
Parameter = Parameter.ToLower();
Parameter = Parameter.Replace("'", "");
Parameter = Parameter.Replace(">", ">");
Parameter = Parameter.Replace("
Parameter = Parameter.Replace("\n", "
");
Parameter = Parameter.Replace("\0", "·");
return Parameter;
}
///
/// 清除xml中的不合法字元
///
///
/// 無效字元:
/// 0x00 - 0x08
/// 0x0b - 0x0c
/// 0x0e - 0x1f
///
public static string CleanInvalidCharsForXML(string input)
{
if (string.IsNullOrEmpty(input))
return input;
else
{
StringBuilder checkedStringBuilder = new StringBuilder();
Char[] chars = input.ToCharArray();
for (int i = 0; i < chars.Length; i++)
{
int charValue = Convert.ToInt32(chars[i]);
if ((charValue >= 0x00 && charValue <= 0x08) || (charValue >= 0x0b && charValue <= 0x0c) || (charValue >= 0x0e && charValue <= 0x1f))
continue;
else
checkedStringBuilder.Append(chars[i]);
}
return checkedStringBuilder.ToString();
//string result = checkedStringBuilder.ToString();
//result = result.Replace("", "");
//return Regex.Replace(result, @"[\?-\\ \ \-\\?-\?]", delegate(Match m) { int code = (int)m.Value.ToCharArray()[0]; return (code > 9 ? "" + code.ToString() : "" + code.ToString()) + ";"; });
}
}
///
/// 改正sql語句中的轉義字元
///
public static string mashSQL(string str)
{
return (str == null) ? "" : str.Replace("\'", "'");
}
///
/// 替換sql語句中的有問題符号
///
public static string ChkSQL(string str)
{
return (str == null) ? "" : str.Replace("'", "''");
}
///
/// 判斷是否有非法字元
///
///
/// 傳回TRUE表示有非法字元,傳回FALSE表示沒有非法字元。
public static bool CheckBadStr(string strString)
{
bool outValue = false;
if (strString != null && strString.Length > 0)
{
ArrayList bidStrlist = new ArrayList();
bidStrlist.Add("xp_cmdshell");
bidStrlist.Add("truncate");
bidStrlist.Add("net user");
bidStrlist.Add("exec");
bidStrlist.Add("net localgroup");
bidStrlist.Add("select");
bidStrlist.Add("asc");
bidStrlist.Add("char");
bidStrlist.Add("mid");
bidStrlist.Add("insert");
bidStrlist.Add("order");
bidStrlist.Add("exec");
bidStrlist.Add("delete");
bidStrlist.Add("drop");
bidStrlist.Add("truncate");
bidStrlist.Add("1=1");
bidStrlist.Add("1=2");
string tempStr = strString.ToLower();
for (int i = 0; i < bidStrlist.Length; i++)
{
if (tempStr.IndexOf(bidStrlist[i].ToString()) > -1)
{
outValue = true;
break;
}
}
}
return outValue;
}
#endregion
#region Tools
///
/// 去掉最後一個逗号
///
/// 要做處理的字元串
/// 去掉最後一個逗号的字元串
public static string DelLastComma(string String)
{
if (String.IndexOf(",") == -1)
{
return String;
}
return String.Substring(0, String.LastIndexOf(","));
}
///
/// 删除最後一個字元
///
///
///
public static string ClearLastChar(string str)
{
return (str == "") ? "" : str.Substring(0, str.Length - 1);
}
///
/// html編碼
///
///
///
public static string html_text(string chr)
{
if (chr == null)
return "";
chr = chr.Replace("'", "''");
chr = chr.Replace("
chr = chr.Replace(">", ">");
return (chr);
}
///
/// html解碼
///
///
///
public static string text_html(string chr)
{
if (chr == null)
return "";
chr = chr.Replace("
chr = chr.Replace(">", ">");
return (chr);
}
public static bool JustifyStr(string strValue)
{
bool flag = false;
char[] str = "^<>'=&*, ".ToCharArray(0, 8);
for (int i = 0; i < 8; i++)
{
if (strValue.IndexOf(str[i]) != -1)
{
flag = true;
break;
}
}
return flag;
}
public static string CheckOutputString(string key)
{
string OutputString = string.Empty;
OutputString = key.Replace("
", "\n").Replace("", ">").Replace(" ", " ");
return OutputString;
}
#endregion
}
}