构建ASP.NET MVC4+EF5+EasyUI+Unity2.x注入的后台管理系统(12)2014-08-10系统日志和异常的处理②上一讲我们做了日志与异常的结果显示列表,这一节我们讲要把他应用系统中来。首先我们在App.Common类库中创建一个通用类ResultHelper,这个类里面写了,获取一个GUID,获取当前时间,处理字符串等操作,虽然我们目前要用到的一个就是获取GUID但是以后我们可能还要用到别的,所以我都把他放进入了然后在App.Admin创建一个核心文件夹,Core,放入LogHandler这个类是主要是写入日志,避免在每次都要实例化这个类,我把他封装起来,大家一看就知道。然后修改Controller的Create方法,代码如下一一给出。
using System;using System.Web;using System.Text.RegularExpressions;namespace App.Common{public class ResultHelper{/// <summary>/// 创建一个全球唯一的32位ID/// </summary>/// <returns>ID串</returns>public static string NewId{get{string id = DateTime.Now.ToString("yyyyMMddHHmmssfffffff");string guid = Guid.NewGuid().ToString().Replace("-", "");id += guid.Substring(0, 10);return id;}}public static string NewTimeId{get{string id = DateTime.Now.ToString("yyyyMMddHHmmssfffffff");return id;}}/// <summary>/// 截取字符串/// </summary>/// <param name="value">字符串</param>/// <param name="length">剩下长度</param>/// <returns>指定字符串并加...</returns>public static string SubValue(string value, int length){if (value.Length > length){value = value.Substring(0, length); value = value + "..."; return NoHtml(value);}else { return NoHtml(value); }}//还原的时候public static string InputText(string inputString){if ((inputString != null) && (inputString != String.Empty)){inputString = inputString.Trim();//if (inputString.Length > maxLength) //inputString = inputString.Substring(0, maxLength); inputString = inputString.Replace("<br>", "
");inputString = inputString.Replace("&", "&");inputString = inputString.Replace(""", """");inputString = inputString.Replace("<", "<");inputString = inputString.Replace(">", ">");inputString = inputString.Replace("chr(60)", "<");inputString = inputString.Replace("chr(37)", ">");inputString = inputString.Replace(""", """);inputString = inputString.Replace(";", ";");return inputString;}else{return "";}}//添加的时候public static string OutputText(string outputString){if ((outputString != null) && (outputString != String.Empty)){outputString = outputString.Trim();outputString = outputString.Replace("&", "&");outputString = outputString.Replace("""", """);outputString = outputString.Replace("<", "<");outputString = outputString.Replace(">", ">");outputString = outputString.Replace("<", "chr(60)");outputString = outputString.Replace(">", "chr(37)");outputString = outputString.Replace(""", """);outputString = outputString.Replace(";", ";");outputString = outputString.Replace("
", "<br>");return outputString;}else{return "";}}/// <summary>/// 去除HTML标记/// </summary>/// <param name="NoHTML">包括HTML的源码 </param>/// <returns>已经去除后的文字</returns>public static string NoHtml(string Htmlstring){//删除脚本Htmlstring = Regex.Replace(Htmlstring, @"<script[^>]*?>.*?</script>", "", RegexOptions.IgnoreCase);//删除HTMLHtmlstring = Regex.Replace(Htmlstring, @"<(.[^>]*)>", "", RegexOptions.IgnoreCase);Htmlstring = Regex.Replace(Htmlstring, @"([
])[s]+", "", RegexOptions.IgnoreCase);Htmlstring = Regex.Replace(Htmlstring, @"-->", "", RegexOptions.IgnoreCase);Htmlstring = Regex.Replace(Htmlstring, @"<!--.*", "", RegexOptions.IgnoreCase);Htmlstring = Regex.Replace(Htmlstring, @"&(quot|#34);", """, RegexOptions.IgnoreCase);Htmlstring = Regex.Replace(Htmlstring, @"&(amp|#38);", "&", RegexOptions.IgnoreCase);Htmlstring = Regex.Replace(Htmlstring, @"&(lt|#60);", "<", RegexOptions.IgnoreCase);Htmlstring = Regex.Replace(Htmlstring, @"&(gt|#62);", ">", RegexOptions.IgnoreCase);Htmlstring = Regex.Replace(Htmlstring, @"&(nbsp|#160);", " ", RegexOptions.IgnoreCase);Htmlstring = Regex.Replace(Htmlstring, @"&(iexcl|#161);", "xa1", RegexOptions.IgnoreCase);Htmlstring = Regex.Replace(Htmlstring, @"&(cent|#162);", "xa2", RegexOptions.IgnoreCase);Htmlstring = Regex.Replace(Htmlstring, @"&(pound|#163);", "xa3", RegexOptions.IgnoreCase);Htmlstring = Regex.Replace(Htmlstring, @"&(copy|#169);", "xa9", RegexOptions.IgnoreCase);Htmlstring = Regex.Replace(Htmlstring, @"&#(d+);", "", RegexOptions.IgnoreCase);Htmlstring = Regex.Replace(Htmlstring, @"…", "", RegexOptions.IgnoreCase);Htmlstring = Regex.Replace(Htmlstring, @"—", "", RegexOptions.IgnoreCase);Htmlstring = Regex.Replace(Htmlstring, @"“", "", RegexOptions.IgnoreCase);Htmlstring.Replace("<", "");Htmlstring = Regex.Replace(Htmlstring, @"”", "", RegexOptions.IgnoreCase);Htmlstring.Replace(">", "");Htmlstring.Replace("
", "");Htmlstring = HttpContext.Current.Server.HtmlEncode(Htmlstring).Trim();return Htmlstring;}/// <summary>/// 格式化文本(防止SQL注入)/// </summary>/// <param name="str"></param>/// <returns></returns>public static string Formatstr(string html){System.Text.RegularExpressions.Regex regex1 = new System.Text.RegularExpressions.Regex(@"<script[sS]+</script *>", System.Text.RegularExpressions.RegexOptions.IgnoreCase);System.Text.RegularExpressions.Regex regex2 = new System.Text.RegularExpressions.Regex(@" href *= *[sS]*script *:", System.Text.RegularExpressions.RegexOptions.IgnoreCase);System.Text.RegularExpressions.Regex regex3 = new System.Text.RegularExpressions.Regex(@" on[sS]*=", System.Text.RegularExpressions.RegexOptions.IgnoreCase);System.Text.RegularExpressions.Regex regex4 = new System.Text.RegularExpressions.Regex(@"<iframe[sS]+</iframe *>", System.Text.RegularExpressions.RegexOptions.IgnoreCase);System.Text.RegularExpressions.Regex regex5 = new System.Text.RegularExpressions.Regex(@"<frameset[sS]+</frameset *>", System.Text.RegularExpressions.RegexOptions.IgnoreCase);System.Text.RegularExpressions.Regex regex10 = new System.Text.RegularExpressions.Regex(@"select", System.Text.RegularExpressions.RegexOptions.IgnoreCase);System.Text.RegularExpressions.Regex regex11 = new System.Text.RegularExpressions.Regex(@"update", System.Text.RegularExpressions.RegexOptions.IgnoreCase);System.Text.RegularExpressions.Regex regex12 = new System.Text.RegularExpressions.Regex(@"delete", System.Text.RegularExpressions.RegexOptions.IgnoreCase);html = regex1.Replace(html, ""); //过滤<script></script>标记html = regex2.Replace(html, ""); //过滤href=javascript: (<A>) 属性html = regex3.Replace(html, " _disibledevent="); //过滤其它控件的on...事件html = regex4.Replace(html, ""); //过滤iframehtml = regex10.Replace(html, "s_elect");html = regex11.Replace(html, "u_pudate");html = regex12.Replace(html, "d_elete");html = html.Replace(""", "’");html = html.Replace(" ", " ");return html;}/// <summary>/// 检查SQL语句合法性/// </summary>/// <param name="sql"></param>/// <returns></returns>public static bool ValidateSQL(string sql, ref string msg){if (sql.ToLower().IndexOf("delete") > 0){msg = "查询参数中含有非法语句DELETE";return false;}if (sql.ToLower().IndexOf("update") > 0){msg = "查询参数中含有非法语句UPDATE";return false;}if (sql.ToLower().IndexOf("insert") > 0){msg = "查询参数中含有非法语句INSERT";return false;}return true;}//获取当前时间public static DateTime NowTime{get{return DateTime.Now;}}/// <summary>/// 将日期转换成字符串/// </summary>/// <param name="dt">日期</param>/// <returns>字符串</returns>public static string DateTimeConvertString(DateTime? dt){if (dt == null){return "";}else{return Convert.ToDateTime(dt.ToString()).ToShortDateString();}}/// <summary>/// 将字符串转换成日期/// </summary>/// <param name="str">字符串</param>/// <returns>日期</returns>public static DateTime? StringConvertDatetime(string str){if (str == null){return null ;}else{try{return Convert.ToDateTime(str);}catch {return null;}}}public static string GetUserIP(){if (System.Web.HttpContext.Current.Request.ServerVariables["HTTP_VIA"] != null)return System.Web.HttpContext.Current.Request.ServerVariables["HTTP_X_FORWARDED_FOR"].Split(new char[] { "," })[0];elsereturn System.Web.HttpContext.Current.Request.ServerVariables["REMOTE_ADDR"];}}}ResultHelper 
易网时代-编程资源站