public class WebHelper { #region ResolveUrl(解析相对Url) /// <summary> /// 解析相对Url /// </summary> /// <param name="relativeUrl">相对Url</param> public static string ResolveUrl(string relativeUrl) { if (string.IsNullOrWhiteSpace(relativeUrl)) return string.Empty; relativeUrl = relativeUrl.Replace("\", "/"); if (relativeUrl.StartsWith("/")) return relativeUrl; if (relativeUrl.Contains("://")) return relativeUrl; return VirtualPathUtility.ToAbsolute(relativeUrl); } #endregion #region HtmlEncode(对html字符串进行编码) /// <summary> /// 对html字符串进行编码 /// </summary> /// <param name="html">html字符串</param> public static string HtmlEncode(string html) { return HttpUtility.HtmlEncode(html); } /// <summary> /// 对html字符串进行解码 /// </summary> /// <param name="html">html字符串</param> public static string HtmlDecode(string html) { return HttpUtility.HtmlDecode(html); } #endregion #region UrlEncode(对Url进行编码) /// <summary> /// 对Url进行编码 /// </summary> /// <param name="url">url</param> /// <param name="isUpper">编码字符是否转成大写,范例,"http://"转成"http%3A%2F%2F"</param> public static string UrlEncode(string url, bool isUpper = false) { return UrlEncode(url, Encoding.UTF8, isUpper); } /// <summary> /// 对Url进行编码 /// </summary> /// <param name="url">url</param> /// <param name="encoding">字符编码</param> /// <param name="isUpper">编码字符是否转成大写,范例,"http://"转成"http%3A%2F%2F"</param> public static string UrlEncode(string url, Encoding encoding, bool isUpper = false) { var result = HttpUtility.UrlEncode(url, encoding); if (!isUpper) return result; return GetUpperEncode(result); } /// <summary> /// 获取大写编码字符串 /// </summary> private static string GetUpperEncode(string encode) { var result = new StringBuilder(); int index = int.MinValue; for (int i = 0; i < encode.Length; i++) { string character = encode[i].ToString(); if (character == "%") index = i; if (i - index == 1 || i - index == 2) character = character.ToUpper(); result.Append(character); } return result.ToString(); } #endregion #region UrlDecode(对Url进行解码) /// <summary> /// 对Url进行解码,对于javascript的encodeURIComponent函数编码参数,应使用utf-8字符编码来解码 /// </summary> /// <param name="url">url</param> public static string UrlDecode(string url) { return HttpUtility.UrlDecode(url); } /// <summary> /// 对Url进行解码,对于javascript的encodeURIComponent函数编码参数,应使用utf-8字符编码来解码 /// </summary> /// <param name="url">url</param> /// <param name="encoding">字符编码,对于javascript的encodeURIComponent函数编码参数,应使用utf-8字符编码来解码</param> public static string UrlDecode(string url, Encoding encoding) { return HttpUtility.UrlDecode(url, encoding); } #endregion #region Session操作 /// <summary> /// 写Session /// </summary> /// <typeparam name="T">Session键值的类型</typeparam> /// <param name="key">Session的键名</param> /// <param name="value">Session的键值</param> public static void WriteSession<T>(string key, T value,int minutes) { if (key.IsEmpty()) return; HttpContext.Current.Session[key] = value; HttpContext.Current.Session.Timeout = minutes; } public static void WriteSession<T>(string key, T value) { if (key.IsEmpty()) return; HttpContext.Current.Session[key] = value; } /// <summary> /// 写Session /// </summary> /// <param name="key">Session的键名</param> /// <param name="value">Session的键值</param> public static void WriteSession(string key, string value,int minutes) { WriteSession<string>(key, value,minutes); } public static void WriteSession(string key, string value) { WriteSession<string>(key, value); } /// <summary> /// 读取Session的值 /// </summary> /// <param name="key">Session的键名</param> public static string GetSession(string key) { if (key.IsEmpty()) return string.Empty; if (HttpContext.Current.Session[key] != null) { return HttpContext.Current.Session[key] as string; } else { return ""; } } /// <summary> /// 删除指定Session /// </summary> /// <param name="key">Session的键名</param> public static void RemoveSession(string key) { if (key.IsEmpty()) return; HttpContext.Current.Session.Contents.Remove(key); } #endregion #region Cookie操作 /// <summary> /// 写cookie值 /// </summary> /// <param name="strName">名称</param> /// <param name="strValue">值</param> public static void WriteCookie(string strName, string strValue) { HttpCookie cookie = HttpContext.Current.Request.Cookies[strName]; if (cookie == null) { cookie = new HttpCookie(strName); } cookie.Value = strValue; HttpContext.Current.Response.AppendCookie(cookie); } /// <summary> /// 写cookie值 /// </summary> /// <param name="strName">名称</param> /// <param name="strValue">值</param> /// <param name="strValue">过期时间(分钟)</param> public static void WriteCookie(string strName, string strValue, int expires) { HttpCookie cookie = HttpContext.Current.Request.Cookies[strName]; if (cookie == null) { cookie = new HttpCookie(strName); } cookie.Value = strValue; cookie.Expires = DateTime.Now.AddMinutes(expires); HttpContext.Current.Response.AppendCookie(cookie); } /// <summary> /// 读cookie值 /// </summary> /// <param name="strName">名称</param> /// <returns>cookie值</returns> public static string GetCookie(string strName) { if (HttpContext.Current.Request.Cookies != null && HttpContext.Current.Request.Cookies[strName] != null && HttpContext.Current.Request.Cookies[strName].Value!=null) { return HttpContext.Current.Request.Cookies[strName].Value.ToString(); } return ""; } /// <summary> /// 删除Cookie对象 /// </summary> /// <param name="CookiesName">Cookie对象名称</param> public static void RemoveCookie(string CookiesName) { HttpCookie objCookie = new HttpCookie(CookiesName.Trim()); objCookie.Expires = DateTime.Now.AddYears(-5); HttpContext.Current.Response.Cookies.Add(objCookie); } #endregion #region GetFileControls(获取客户端文件控件集合) /// <summary> /// 获取有效客户端文件控件集合,文件控件必须上传了内容,为空将被忽略, /// 注意:Form标记必须加入属性 enctype="multipart/form-data",服务器端才能获取客户端file控件. /// </summary> public static List<HttpPostedFile> GetFileControls() { var result = new List<HttpPostedFile>(); var files = HttpContext.Current.Request.Files; if (files.Count == 0) return result; for (int i = 0; i < files.Count; i++) { var file = files[i]; if (file.ContentLength == 0) continue; result.Add(files[i]); } return result; } #endregion #region GetFileControl(获取第一个有效客户端文件控件) /// <summary> /// 获取第一个有效客户端文件控件,文件控件必须上传了内容,为空将被忽略, /// 注意:Form标记必须加入属性 enctype="multipart/form-data",服务器端才能获取客户端file控件. /// </summary> public static HttpPostedFile GetFileControl() { var files = GetFileControls(); if (files == null || files.Count == 0) return null; return files[0]; } #endregion #region HttpWebRequest(请求网络资源) /// <summary> /// 请求网络资源,返回响应的文本 /// </summary> /// <param name="url">网络资源地址</param> public static string HttpWebRequest(string url) { return HttpWebRequest(url, string.Empty, Encoding.GetEncoding("utf-8")); } /// <summary> /// 请求网络资源,返回响应的文本 /// </summary> /// <param name="url">网络资源Url地址</param> /// <param name="parameters">提交的参数,格式:参数1=参数值1&参数2=参数值2</param> public static string HttpWebRequest(string url, string parameters) { return HttpWebRequest(url, parameters, Encoding.GetEncoding("utf-8"), true); } /// <summary> /// 请求网络资源,返回响应的文本 /// </summary> /// <param name="url">网络资源地址</param> /// <param name="parameters">提交的参数,格式:参数1=参数值1&参数2=参数值2</param> /// <param name="encoding">字符编码</param> /// <param name="isPost">是否Post提交</param> /// <param name="contentType">内容类型</param> /// <param name="cookie">Cookie容器</param> /// <param name="timeout">超时时间</param> public static string HttpWebRequest(string url, string parameters, Encoding encoding, bool isPost = false, string contentType = "application/x-www-form-urlencoded", CookieContainer cookie = null, int timeout = 120000) { var request = (HttpWebRequest)WebRequest.Create(url); request.Timeout = timeout; request.CookieContainer = cookie; if (isPost) { byte[] postData = encoding.GetBytes(parameters); request.Method = "POST"; request.ContentType = contentType; request.ContentLength = postData.Length; using (Stream stream = request.GetRequestStream()) { stream.Write(postData, 0, postData.Length); } } var response = (HttpWebResponse)request.GetResponse(); string result; using (Stream stream = response.GetResponseStream()) { if (stream == null) return string.Empty; using (var reader = new StreamReader(stream, encoding)) { result = reader.ReadToEnd(); } } return result; } #endregion #region 去除HTML标记 /// <summary> /// 去除HTML标记 /// </summary> /// <param name="NoHTML">包括HTML的源码 </param> /// <returns>已经去除后的文字</returns> public static string NoHtml(string Htmlstring) { //删除脚本 Htmlstring = Regex.Replace(Htmlstring, @"<script[^>]*?>.*?</script>", "", RegexOptions.IgnoreCase); //删除HTML Htmlstring = Regex.Replace(Htmlstring, @"<(.[^>]*)>", "", RegexOptions.IgnoreCase); Htmlstring = Regex.Replace(Htmlstring, @"([ ])[s]+", "", RegexOptions.IgnoreCase); Htmlstring = Regex.Replace(Htmlstring, @"-->", "", RegexOptions.IgnoreCase); Htmlstring = Regex.Replace(Htmlstring, @"<!--.*", "", RegexOptions.IgnoreCase); Htmlstring = Regex.Replace(Htmlstring, @"&(quot|#34);", """, RegexOptions.IgnoreCase); Htmlstring = Regex.Replace(Htmlstring, @"&(amp|#38);", "&", RegexOptions.IgnoreCase); Htmlstring = Regex.Replace(Htmlstring, @"&(lt|#60);", "<", RegexOptions.IgnoreCase); Htmlstring = Regex.Replace(Htmlstring, @"&(gt|#62);", ">", RegexOptions.IgnoreCase); Htmlstring = Regex.Replace(Htmlstring, @"&(nbsp|#160);", " ", RegexOptions.IgnoreCase); Htmlstring = Regex.Replace(Htmlstring, @"&(iexcl|#161);", "xa1", RegexOptions.IgnoreCase); Htmlstring = Regex.Replace(Htmlstring, @"&(cent|#162);", "xa2", RegexOptions.IgnoreCase); Htmlstring = Regex.Replace(Htmlstring, @"&(pound|#163);", "xa3", RegexOptions.IgnoreCase); Htmlstring = Regex.Replace(Htmlstring, @"&(copy|#169);", "xa9", RegexOptions.IgnoreCase); Htmlstring = Regex.Replace(Htmlstring, @"&#(d+);", "", RegexOptions.IgnoreCase); Htmlstring = Regex.Replace(Htmlstring, @"…", "", RegexOptions.IgnoreCase); Htmlstring = Regex.Replace(Htmlstring, @"—", "", RegexOptions.IgnoreCase); Htmlstring = Regex.Replace(Htmlstring, @"“", "", RegexOptions.IgnoreCase); Htmlstring.Replace("<", ""); Htmlstring = Regex.Replace(Htmlstring, @"”", "", RegexOptions.IgnoreCase); Htmlstring.Replace(">", ""); Htmlstring.Replace(" ", ""); Htmlstring = HttpContext.Current.Server.HtmlEncode(Htmlstring).Trim(); return Htmlstring; } #endregion #region 格式化文本(防止SQL注入) /// <summary> /// 格式化文本(防止SQL注入) /// </summary> /// <param name="str"></param> /// <returns></returns> public static string Formatstr(string html) { System.Text.RegularExpressions.Regex regex1 = new System.Text.RegularExpressions.Regex(@"<script[sS]+</script *>", System.Text.RegularExpressions.RegexOptions.IgnoreCase); System.Text.RegularExpressions.Regex regex2 = new System.Text.RegularExpressions.Regex(@" href *= *[sS]*script *:", System.Text.RegularExpressions.RegexOptions.IgnoreCase); System.Text.RegularExpressions.Regex regex3 = new System.Text.RegularExpressions.Regex(@" on[sS]*=", System.Text.RegularExpressions.RegexOptions.IgnoreCase); System.Text.RegularExpressions.Regex regex4 = new System.Text.RegularExpressions.Regex(@"<iframe[sS]+</iframe *>", System.Text.RegularExpressions.RegexOptions.IgnoreCase); System.Text.RegularExpressions.Regex regex5 = new System.Text.RegularExpressions.Regex(@"<frameset[sS]+</frameset *>", System.Text.RegularExpressions.RegexOptions.IgnoreCase); System.Text.RegularExpressions.Regex regex10 = new System.Text.RegularExpressions.Regex(@"select", System.Text.RegularExpressions.RegexOptions.IgnoreCase); System.Text.RegularExpressions.Regex regex11 = new System.Text.RegularExpressions.Regex(@"update", System.Text.RegularExpressions.RegexOptions.IgnoreCase); System.Text.RegularExpressions.Regex regex12 = new System.Text.RegularExpressions.Regex(@"delete", System.Text.RegularExpressions.RegexOptions.IgnoreCase); html = regex1.Replace(html, ""); //过滤<script></script>标记 html = regex2.Replace(html, ""); //过滤href=javascript: (<A>) 属性 html = regex3.Replace(html, " _disibledevent="); //过滤其它控件的on...事件 html = regex4.Replace(html, ""); //过滤iframe html = regex10.Replace(html, "s_elect"); html = regex11.Replace(html, "u_pudate"); html = regex12.Replace(html, "d_elete"); html = html.Replace("'", "’"); html = html.Replace(" ", " "); return html; } #endregion }