[求助]关于显示HTML代码问题
我知道如果想在文本框里显示HTML代码就是加server.htmlencode但是这样话会把空格和换行都转换成HTML
请问有什么方法能显示HTML,又能实现空格和换行的功能呢?急需帮忙,谢谢~~
手工把空格和回车替换回来
你用下面这个函数吧,据说server.htmlencode这个东西安全性还是不高
以下内容来自:http://blog.5d.cn/user7/cnbjx/200507/120605.html
' ============================================
' 通用安全字符串输入,彻底替换server.htmlencode
' ============================================
Function HTMLEncode(Str)
If Isnull(Str) Then
HTMLEncode = \"\"
Exit Function
End If
Str = Replace(Str,Chr(0),\"\", 1, -1, 1)
Str = Replace(Str, \"\"\"\", \""\", 1, -1, 1)
Str = Replace(Str,\"<\",\"<\", 1, -1, 1)
Str = Replace(Str,\">\",\">\", 1, -1, 1)
Str = Replace(Str, \"script\", \"script\", 1, -1, 0)
Str = Replace(Str, \"SCRIPT\", \"SCRIPT\", 1, -1, 0)
Str = Replace(Str, \"Script\", \"Script\", 1, -1, 0)
Str = Replace(Str, \"script\", \"Script\", 1, -1, 1)
Str = Replace(Str, \"object\", \"object\", 1, -1, 0)
Str = Replace(Str, \"OBJECT\", \"OBJECT\", 1, -1, 0)
Str = Replace(Str, \"Object\", \"Object\", 1, -1, 0)
Str = Replace(Str, \"object\", \"Object\", 1, -1, 1)
Str = Replace(Str, \"applet\", \"applet\", 1, -1, 0)
Str = Replace(Str, \"APPLET\", \"APPLET\", 1, -1, 0)
Str = Replace(Str, \"Applet\", \"Applet\", 1, -1, 0)
Str = Replace(Str, \"applet\", \"Applet\", 1, -1, 1)
Str = Replace(Str, \"[\", \"[\")
Str = Replace(Str, \"]\", \"]\")
Str = Replace(Str, \"\"\"\", \"\", 1, -1, 1)
Str = Replace(Str, \"=\", \"=\", 1, -1, 1)
Str = Replace(Str, \"'\", \"''\", 1, -1, 1)
Str = Replace(Str, \"select\", \"select\", 1, -1, 1)
Str = Replace(Str, \"execute\", \"execute\", 1, -1, 1)
Str = Replace(Str, \"exec\", \"exec\", 1, -1, 1)
Str = Replace(Str, \"join\", \"join\", 1, -1, 1)
Str = Replace(Str, \"union\", \"union\", 1, -1, 1)
Str = Replace(Str, \"where\", \"where\", 1, -1, 1)
Str = Replace(Str, \"insert\", \"insert\", 1, -1, 1)
Str = Replace(Str, \"delete\", \"delete\", 1, -1, 1)
Str = Replace(Str, \"update\", \"update\", 1, -1, 1)
Str = Replace(Str, \"like\", \"like\", 1, -1, 1)
Str = Replace(Str, \"drop\", \"drop\", 1, -1, 1)
Str = Replace(Str, \"create\", \"create\", 1, -1, 1)
Str = Replace(Str, \"rename\", \"rename\", 1, -1, 1)
Str = Replace(Str, \"count\", \"count\", 1, -1, 1)
Str = Replace(Str, \"chr\", \"chr\", 1, -1, 1)
Str = Replace(Str, \"mid\", \"mid\", 1, -1, 1)
Str = Replace(Str, \"truncate\", \"truncate\", 1, -1, 1)
Str = Replace(Str, \"nchar\", \"nchar\", 1, -1, 1)
Str = Replace(Str, \"char\", \"char\", 1, -1, 1)
Str = Replace(Str, \"alter\", \"alter\", 1, -1, 1)
Str = Replace(Str, \"cast\", \"cast\", 1, -1, 1)
Str = Replace(Str, \"exists\", \"exists\", 1, -1, 1)
Str = Replace(Str,Chr(13),\"<br>\", 1, -1, 1)
HTMLEncode = Replace(Str,\"'\",\"''\", 1, -1, 1)
End Function