public sealed class SecurityDB
...{
判断是否服务器端提交#region 判断是否服务器端提交 /**//// <summary>
/// 判断是否服务器端提交 /// </summary>
/// <returns></returns> public static bool Judge_ThisSubmit() ...{ string text1 = HttpContext.Current.Request.ServerVariables["HTTP_REFERER"]; string text2 = HttpContext.Current.Request.ServerVariables["SERVER_NAME"]; string text3 = string.Empty; if (text1 != null) ...{ text3 = text1.Substring(7, text2.Length);//根据网站地址确定 } if (text3 != text2) ...{ return false; } return true; } #endregion MD5_ByteEncrypt#region MD5_ByteEncrypt /**//// <summary> /// 加密处理用户密码 /// </summary> /// <param name="encryptString">需要加密的字符串</param> /// <returns>加密后的字符串</returns> public static string MD5_ByteEncrypt(string encryptString) ...{ Byte[] clearBytes = new UnicodeEncoding().GetBytes(encryptString); Byte[] hashedBytes = ((HashAlgorithm)CryptoConfig.CreateFromName("MD5")).ComputeHash(clearBytes); return BitConverter.ToString(hashedBytes); } public static string pwdSecurity(string pwd) ...{ return FormsAuthentication.HashPasswordForStoringInConfigFile(pwd, "md5").ToLower(); } #endregion DES_Encrypt#region DES_Encrypt /**//// <summary> /// 加密。注意:sKey输入密码的时候,必须使用英文字符,区分大小写,且字符数量是8个,不能多也不能少,否则出错。 /// </summary> ///<param name="pToEncrypt">加密字符串</param> ///<param name="sKey">密钥</param> public static string DES_Encrypt(string pToEncrypt, string sKey) ...{ DESCryptoServiceProvider des = new DESCryptoServiceProvider(); //把字符串放到byte数组中 //原来使用的UTF8编码,我改成Unicode编码了,不行 byte[] inputByteArray = Encoding.Default.GetBytes(pToEncrypt); //byte[] inputByteArray=Encoding.Unicode.GetBytes(pToEncrypt); //建立加密对象的密钥和偏移量 //原文使用ASCIIEncoding.ASCII方法的GetBytes方法 //使得输入密码必须输入英文文本 des.Key = ASCIIEncoding.ASCII.GetBytes(sKey); des.IV = ASCIIEncoding.ASCII.GetBytes(sKey); MemoryStream ms = new MemoryStream(); CryptoStream cs = new CryptoStream(ms, des.CreateEncryptor(), CryptoStreamMode.Write); //Write the byte array into the crypto stream //(It will end up in the memory stream) cs.Write(inputByteArray, 0, inputByteArray.Length); cs.FlushFinalBlock(); //Get the data back from the memory stream, and into a string StringBuilder ret = new StringBuilder(); foreach (byte b in ms.ToArray()) ...{ //Format as hex ret.AppendFormat("{0:X2}", b); } return ret.ToString(); } #endregion DES_Decrypt#region DES_Decrypt /**//// <summary> /// 解密。 /// </summary> /// <param name="pToDecrypt">解密字符串</param> /// <param name="sKey">密钥</param> public static string DES_Decrypt(string pToDecrypt, string sKey) ...{ DESCryptoServiceProvider des = new DESCryptoServiceProvider(); //Put the input string into the byte array byte[] inputByteArray = new byte[pToDecrypt.Length / 2]; for (int x = 0; x < pToDecrypt.Length / 2; x++) ...{ int i = (Convert.ToInt32(pToDecrypt.Substring(x * 2, 2), 16)); inputByteArray[x] = (byte)i; } //建立加密对象的密钥和偏移量,此值重要,不能修改 des.Key = ASCIIEncoding.ASCII.GetBytes(sKey); des.IV = ASCIIEncoding.ASCII.GetBytes(sKey); MemoryStream ms = new MemoryStream(); CryptoStream cs = new CryptoStream(ms, des.CreateDecryptor(), CryptoStreamMode.Write); //Flush the data through the crypto stream into the memory stream cs.Write(inputByteArray, 0, inputByteArray.Length); cs.FlushFinalBlock(); //Get the decrypted data back from the memory stream //建立StringBuild对象,CreateDecrypt使用的是流对象,必须把解密后的文本变成流对象 StringBuilder ret = new StringBuilder(); return System.Text.Encoding.Default.GetString(ms.ToArray()); } #endregion FilterSQL-Html#region FilterSQL-Html /**//// <summary> /// 过滤SQL/Html /// </summary> /// <param name="text"></param> /// <returns></returns> public static string FilterSQL(string text) ...{ string validSql = ""; if (text != null) ...{ text = text.Replace(""", """); //text = text.Replace(";", "'';''"); //text = text.Replace("'", "''"); //text = text.Replace("--", "''--''"); //text = text.Replace("%25", ""); //text = text.Replace("%0a", ""); //text = text.Replace("%22", ""); //text = text.Replace("%27", ""); //text = text.Replace("%5c", ""); //text = text.Replace("%2f", ""); //text = text.Replace("%3c", ""); //text = text.Replace("%3e", ""); //text = text.Replace("%26", ""); text = text.Replace("<", "<"); text = text.Replace(">", ">"); validSql = text; } return validSql; } public static string FilterTestHtml(string text) ...{ string validSql = ""; if (text != null) ...{ text = text.Replace(" ", " "); text = text.Replace("&", "&"); text = text.Replace(" ", "<br>"); //text = text.Replace(" ","<br>"); //text = text.Replace(" ","<br>"); //text = text.Replace(""","""); //text = text.Replace(";","'';''"); //text = text.Replace("--","''--''"); //text = text.Replace("--","''--''"); //text = text.Replace("<","<"); // = text.Replace(">",">"); validSql = text; } return validSql; } public static string UnFilterTestHtml(string text) ...{ string validSql = ""; if (text != null) ...{ text = text.Replace(" ", " "); text = text.Replace("<br>", " "); //text = text.Replace(">",">"); validSql = text; } return validSql; } SQL简单过滤#region SQL简单过滤 public static string Text_FSQL(string text) ...{ string validSql = ""; if (text != null) ...{ text = text.Replace("--", "——"); text = text.Replace("'", "‘"); validSql = text; } return validSql; } #endregion #endregion MD5加密保存小写#region MD5加密保存小写 /**//// <summary> /// MD5加密 保存 /// </summary> /// <param name="pwd">用于加密的字段</param> /// <param name="IFLower">是否转化为小写</param> /// <returns></returns> public static string pwdSecurity(string pwd, bool IFLower) ...{ if (IFLower) ...{ return FormsAuthentication.HashPasswordForStoringInConfigFile(pwd, "md5").ToLower(); } else ...{ return FormsAuthentication.HashPasswordForStoringInConfigFile(pwd, "md5"); } } #endregion
}
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
