一个asp替换函数img里面多余的代码
编程学习 2021-07-05 10:58www.dzhlxh.cn编程入门
一个asp替换函数img里面多余的代码
<%
Response.Write(Server.HTMLEncode(FixImg("<img onclick=""if(this.width>screen.width-461) window.open('qq/20082181405371.jpg');"" alt="""" border=""0"" src=""qq/20082181405371.jpg"" />")))
%>
<%
'功能:将IMG代码格式化为<img src="XXX" />格式.
Function FixImg(sString)
Dim sReallyDo, regEx, iReallyDo
Dim oMatches, cMatch
Dim tStartTime, tEndTime
If IsNull(sString) Then
FixImg = ""
Exit Function
End If
sReallyDo = sString
On Error Resume Next
sReallyDo = Replace(sReallyDo, vbCr, " ")
sReallyDo = Replace(sReallyDo, vbLf, " ")
sReallyDo = Replace(sReallyDo, vbTab, " ")
sReallyDo = Replace(sReallyDo, "<img ", vbCrLf & "<img ", 1, -1, 1)
sReallyDo = Replace(sReallyDo, "/>", " />", 1, -1, 1)
sReallyDo = ReplaceAll(sReallyDo, "= ", "=", True)
sReallyDo = ReplaceAll(sReallyDo, "> ", ">", True)
sReallyDo = Replace(sReallyDo, "><", ">" & vbCrLf & "<")
sReallyDo = Trim(sReallyDo)
On Error GoTo 0
Set regEx = New RegExp
regEx.IgnoreCase = True
regEx.Global = True
'//去除onclick,onload等脚本
regEx.Pattern = "\s[on].+?=([\""|\'])(.*?)\1"
sReallyDo = regEx.Replace(sReallyDo, "")
'//将SRC不带引号的图片地址加上引号
regEx.Pattern = "<img.*?\ssrc=([^\""\'\s][^\""\'\s>]*).*?>"
sReallyDo = regEx.Replace(sReallyDo, "<img src=""$1"" />")
'//正则匹配图片SRC地址
regEx.Pattern = "<img.*?\ssrc=([\""\'])([^\""\']+?)\1.*?>"
sReallyDo = regEx.Replace(sReallyDo, "<img src=""$2"" />")
FixImg = sReallyDo
End Function
%>
<%
'功能:返回字符串,其中指定数目的某子字符串 全部 被替换为另一个子字符串。
'来源:http://jorkin.reallydo.com/article.asp?id=406
'需要Bint函数:http://jorkin.reallydo.com/article.asp?id=395
Function ReplaceAll(sExpression, sFind, sReplaceWith, bAll)
If IsNull(sExpression) Then ReplaceAll = "" : Exit Function
If (StrComp(bAll, "True", 1) = 0) Or (CBool(Bint(bAll)) = True) Then
Do While InStr( 1, sExpression, sFind, 1) > 0
sExpression = Replace(sExpression, sFind, sReplaceWith, 1, -1, 1)
If InStr( 1, sReplaceWith , sFind , 1) >0 Then Exit Do
Loop
Else
Do While InStr(sExpression, sFind) > 0
sExpression = Replace(sExpression, sFind, sReplaceWith)
If InStr(sReplaceWith, sFind ) > 0 Then Exit Do
Loop
End If
ReplaceAll = sExpression
End Function
%>
<%
'功能:只取数字
'来源:http://jorkin.reallydo.com/article.asp?id=395
Function Bint(Str)
Str = Trim(Str)
If Str = "" Or IsNull(Str) Or Not IsNumeric(Str) Then Str = "0"
Bint = Round(Str, 0)
End Function
%>
Response.Write(Server.HTMLEncode(FixImg("<img onclick=""if(this.width>screen.width-461) window.open('qq/20082181405371.jpg');"" alt="""" border=""0"" src=""qq/20082181405371.jpg"" />")))
%>
<%
'功能:将IMG代码格式化为<img src="XXX" />格式.
Function FixImg(sString)
Dim sReallyDo, regEx, iReallyDo
Dim oMatches, cMatch
Dim tStartTime, tEndTime
If IsNull(sString) Then
FixImg = ""
Exit Function
End If
sReallyDo = sString
On Error Resume Next
sReallyDo = Replace(sReallyDo, vbCr, " ")
sReallyDo = Replace(sReallyDo, vbLf, " ")
sReallyDo = Replace(sReallyDo, vbTab, " ")
sReallyDo = Replace(sReallyDo, "<img ", vbCrLf & "<img ", 1, -1, 1)
sReallyDo = Replace(sReallyDo, "/>", " />", 1, -1, 1)
sReallyDo = ReplaceAll(sReallyDo, "= ", "=", True)
sReallyDo = ReplaceAll(sReallyDo, "> ", ">", True)
sReallyDo = Replace(sReallyDo, "><", ">" & vbCrLf & "<")
sReallyDo = Trim(sReallyDo)
On Error GoTo 0
Set regEx = New RegExp
regEx.IgnoreCase = True
regEx.Global = True
'//去除onclick,onload等脚本
regEx.Pattern = "\s[on].+?=([\""|\'])(.*?)\1"
sReallyDo = regEx.Replace(sReallyDo, "")
'//将SRC不带引号的图片地址加上引号
regEx.Pattern = "<img.*?\ssrc=([^\""\'\s][^\""\'\s>]*).*?>"
sReallyDo = regEx.Replace(sReallyDo, "<img src=""$1"" />")
'//正则匹配图片SRC地址
regEx.Pattern = "<img.*?\ssrc=([\""\'])([^\""\']+?)\1.*?>"
sReallyDo = regEx.Replace(sReallyDo, "<img src=""$2"" />")
FixImg = sReallyDo
End Function
%>
<%
'功能:返回字符串,其中指定数目的某子字符串 全部 被替换为另一个子字符串。
'来源:http://jorkin.reallydo.com/article.asp?id=406
'需要Bint函数:http://jorkin.reallydo.com/article.asp?id=395
Function ReplaceAll(sExpression, sFind, sReplaceWith, bAll)
If IsNull(sExpression) Then ReplaceAll = "" : Exit Function
If (StrComp(bAll, "True", 1) = 0) Or (CBool(Bint(bAll)) = True) Then
Do While InStr( 1, sExpression, sFind, 1) > 0
sExpression = Replace(sExpression, sFind, sReplaceWith, 1, -1, 1)
If InStr( 1, sReplaceWith , sFind , 1) >0 Then Exit Do
Loop
Else
Do While InStr(sExpression, sFind) > 0
sExpression = Replace(sExpression, sFind, sReplaceWith)
If InStr(sReplaceWith, sFind ) > 0 Then Exit Do
Loop
End If
ReplaceAll = sExpression
End Function
%>
<%
'功能:只取数字
'来源:http://jorkin.reallydo.com/article.asp?id=395
Function Bint(Str)
Str = Trim(Str)
If Str = "" Or IsNull(Str) Or Not IsNumeric(Str) Then Str = "0"
Bint = Round(Str, 0)
End Function
%>
上一篇:几种另类的ASP后门
下一篇:无服务器做任意二级米子站