InputStream inputStream = TestTb.class.getClassLoader()
.getResourceAsStream("properties/test.properties");
Properties p = new Properties();
try {
p.load(inputStream);
inputStream.close();
} catch (IOException e1) {
e1.printStackTrace();
}
String[] fileHtmlTotext = new String[] {};
//System.out.println("FileHtmlToText:" + p.getProperty("FileHtmlToText")+ "
FileSQLParam:" + p.getProperty("FileSQLParam"));
String readHtmlTotextStr = p.getProperty("FileHtmlToText");
String readSQLParamStr = p.getProperty("FileSQLParam");
// fileHtmlTotext = readSQLParamStr.split("\|");
// for (int i = 0; i < fileHtmlTotext.length; i++) {
// System.out.println(fileHtmlTotext[i]);
// }
String userName = "<scrip>alert('asasas');</script>";
String password = "<span>asdfasdfasd</span>";
userName = StringEscapeUtils.escapeHtml3(userName);
password = StringEscapeUtils.escapeHtml4(password);
System.out.println("用escapeJavaScript方法转义之后的字符串为:"+StringEscapeUtils.unescapeEcmaScript(userName));
String sql = "userName="+ userName + "password =" + password;
System.out.println(sql);