[求助]关于显示HTML代码问题 - 编程论坛

#2

multiple19022007-11-02 15:07

手工把空格和回车替换回来

#3

永夜的极光2007-11-02 15:31

你用下面这个函数吧，据说server.htmlencode这个东西安全性还是不高

以下内容来自：http://blog.5d.cn/user7/cnbjx/200507/120605.html

' ============================================
' 通用安全字符串输入,彻底替换server.htmlencode
' ============================================
Function HTMLEncode(Str)
If Isnull(Str) Then
HTMLEncode = \"\"
Exit Function
End If
Str = Replace(Str,Chr(0),\"\", 1, -1, 1)
Str = Replace(Str, \"\"\"\", \""\", 1, -1, 1)
Str = Replace(Str,\"<\",\"<\", 1, -1, 1)
Str = Replace(Str,\">\",\">\", 1, -1, 1)
Str = Replace(Str, \"script\", \"script\", 1, -1, 0)
Str = Replace(Str, \"SCRIPT\", \"SCRIPT\", 1, -1, 0)
Str = Replace(Str, \"Script\", \"Script\", 1, -1, 0)
Str = Replace(Str, \"script\", \"Script\", 1, -1, 1)
Str = Replace(Str, \"object\", \"object\", 1, -1, 0)
Str = Replace(Str, \"OBJECT\", \"OBJECT\", 1, -1, 0)
Str = Replace(Str, \"Object\", \"Object\", 1, -1, 0)
Str = Replace(Str, \"object\", \"Object\", 1, -1, 1)
Str = Replace(Str, \"applet\", \"applet\", 1, -1, 0)
Str = Replace(Str, \"APPLET\", \"APPLET\", 1, -1, 0)
Str = Replace(Str, \"Applet\", \"Applet\", 1, -1, 0)
Str = Replace(Str, \"applet\", \"Applet\", 1, -1, 1)
Str = Replace(Str, \"[\", \"[\")
Str = Replace(Str, \"]\", \"]\")
Str = Replace(Str, \"\"\"\", \"\", 1, -1, 1)
Str = Replace(Str, \"=\", \"=\", 1, -1, 1)
Str = Replace(Str, \"'\", \"''\", 1, -1, 1)
Str = Replace(Str, \"select\", \"select\", 1, -1, 1)
Str = Replace(Str, \"execute\", \"&#101xecute\", 1, -1, 1)
Str = Replace(Str, \"exec\", \"&#101xec\", 1, -1, 1)
Str = Replace(Str, \"join\", \"join\", 1, -1, 1)
Str = Replace(Str, \"union\", \"union\", 1, -1, 1)
Str = Replace(Str, \"where\", \"where\", 1, -1, 1)
Str = Replace(Str, \"insert\", \"insert\", 1, -1, 1)
Str = Replace(Str, \"delete\", \"delete\", 1, -1, 1)
Str = Replace(Str, \"update\", \"update\", 1, -1, 1)
Str = Replace(Str, \"like\", \"like\", 1, -1, 1)
Str = Replace(Str, \"drop\", \"drop\", 1, -1, 1)
Str = Replace(Str, \"create\", \"create\", 1, -1, 1)
Str = Replace(Str, \"rename\", \"rename\", 1, -1, 1)
Str = Replace(Str, \"count\", \"count\", 1, -1, 1)
Str = Replace(Str, \"chr\", \"chr\", 1, -1, 1)
Str = Replace(Str, \"mid\", \"mid\", 1, -1, 1)
Str = Replace(Str, \"truncate\", \"truncate\", 1, -1, 1)
Str = Replace(Str, \"nchar\", \"nchar\", 1, -1, 1)
Str = Replace(Str, \"char\", \"char\", 1, -1, 1)
Str = Replace(Str, \"alter\", \"alter\", 1, -1, 1)
Str = Replace(Str, \"cast\", \"cast\", 1, -1, 1)
Str = Replace(Str, \"exists\", \"exists\", 1, -1, 1)
Str = Replace(Str,Chr(13),\"<br>\", 1, -1, 1)
HTMLEncode = Replace(Str,\"'\",\"''\", 1, -1, 1)
End Function

#4

jeanliang2007-11-02 15:36

O_O 谢谢两位！

#5

tianyu1232007-11-02 17:43

学习...

#6

multiple19022007-11-02 21:20

不用谢