这个函数是必需要的,很多黑客来捣乱,黑掉数据库,会注入大量的病毒js,在存储和展示文本数据的时候,使用此函数过滤一下,可避免不少麻烦
clearhtml代码
'清除HTML代码function clearhtml(content) content=replacehtml("&#[^>]*;","",content) content=replacehtml("?MARQUEE[^>]*>","",content) content=replacehtml("?OBJECT[^>]*>","",content) content=replacehtml("?PARAM[^>]*>","",content) content=replacehtml("?EMBED[^>]*>","",content) content=replacehtml("?TABLE[^>]*>","",content) content=replacehtml(" ","",content) content=replacehtml("?TR[^>]*>","",content) content=replacehtml("?TH[^>]*>","",content) content=replacehtml("?P[^>]*>","",content) content=replacehtml("?A[^>]*>","",content) content=replacehtml("?IMG[^>]*>","",content) content=replacehtml("?TBODY[^>]*>","",content) content=replacehtml("?LI[^>]*>","",content) content=replacehtml("?SPAN[^>]*>","",content) content=replacehtml("?DIV[^>]*>","",content) content=replacehtml("?TH[^>]*>","",content) content=replacehtml("?TD[^>]*>","",content) content=replacehtml("?SCRIPT[^>]*>","",content) content=replacehtml("(javascript|jscript|vbscript|vbs):","",content) content=replacehtml("on(mouse|exit|error|click|key)","",content) content=replacehtml("<\\?xml[^>]*>","",content) content=replacehtml("<\/?[a-z]+:[^>]*>","",content) content=replacehtml("?FONT[^>]*>","",content) content=replacehtml("?H[^>]*>","",content) content=replacehtml("?U[^>]*>","",content) content=replacehtml("?I[^>]*>","",content) content=replacehtml("?CENTER[^>]*>","",content) content=replacehtml("?CENTER[^>]*>","",content) content=replacehtml("?NOBR[^>]*>","",content) content=replacehtml("?CLK[^>]*>","",content) content=replacehtml("?MUTI[^>]*>","",content) content=replacehtml("? option[^>]*>","",content) content=replacehtml("?O[^>]*>","",content) content=replacehtml("?STRONG[^>]*>","",content) clearhtml=contentend function
function replacehtml(patrn,strng,content) if isnull(content) then content="" end if set regex=new regexp regex.pattern=patrn regex.ignorecase=true regex.global=true replacehtml=regex.replace(content,strng)end function