PackageCn.com.hbivt.util; Public classStringUtils {//filter the characters submitted through the page form Private StaticString[][] filterchars={{"<", "<"},{">", ">"},{"", " "},{"\" "," " "},{" & ", "&"}, {"/", "& #47;"},{"\", "& #92;"},{"\ n", "<br>"}}; //filter the characters processed and submitted through JavaScript scripts Private Staticstring[][] filterscriptchars={{"\ n", "\ ' +\ ' \\n\ ' +\ '"}, {"\ r", "},{" \ "," \ ' +\ ' \\\\\ ' +\ ' "}, {"\ '", "\ ' +\ ' \\\ ' \ ' +\ '"}}; /*** Connect strings with special characters *@paramstrings array of strings to concatenate *@paramspilit_sign Connection Characters *@returnConnection String*/ Public Staticstring Stringconnect (string[] strings,string spilit_sign) {string str=""; for(inti=0;i<strings.length;i++) {str+=strings[i]+spilit_sign; } returnstr; } /*** Filter the special characters in the string *@paramStr to filter the string *@returnFiltered String*/ Public Staticstring Stringfilter (String str) {string[] Str_arr=stringspilit (str, ""); for(inti=0;i<str_arr.length;i++){ for(intj=0;j<filterchars.length;j++){ if(filterchars[j][0].equals (Str_arr[i]) str_arr[i]=filterchars[j][1]; } } return(Stringconnect (Str_arr, "") . Trim (); } /*** Filter special characters in the script (including carriage return (\ n) and line break (\ r)) *@paramStr to filter the string *@returnFiltered String * 2004-12-21 yan*/ Public Staticstring Stringfilterscriptchar (String str) {string[] Str_arr=stringspilit (str, ""); for(inti=0;i<str_arr.length;i++){ for(intj = 0; J < Filterscriptchars.length; J + +) { if(filterscriptchars[j][0].equals (Str_arr[i]) str_arr[i]= Filterscriptchars[j][1]; } } return(Stringconnect (Str_arr, "") . Trim (); } /*** Split String *@paramstr to split the string *@paramspilit_sign the split flag of a String *@returnthe resulting string array after splitting*/ Public Staticstring[] Stringspilit (String str,string spilit_sign) {string[] spilit_string=Str.split (spilit_sign); if(Spilit_string[0].equals ("") ) {string[] new_string=NewString[spilit_string.length-1]; for(inti=1;i<spilit_string.length;i++) New_string[i-1]=Spilit_string[i]; returnnew_string; } Else returnspilit_string; } /*** String Character set conversion *@paramstr to convert the string *@returnconverted string*/ Public Staticstring Stringtranscharset (String str) {string New_str=NULL; Try{new_str=NewString (Str.getbytes ("iso-8859-1"), "GBK"); } Catch(Exception e) {e.printstacktrace (); } returnNew_str; } /*** Test String processing class *@paramargs Console input parameters*/ Public Static voidMain (string[] args) {//test String FilteringString t_str1= "; System.out.println ("Before filtering:" +t_str1); System.out.println ("After filtering:" +Stringutils.stringfilter (T_STR1)); //Test Merge StringString[] t_str_arr1={"pg_1", "pg_2", "Pg_3"}; String T_STR2=stringutils.stringconnect (T_STR_ARR1, ","); System.out.println (T_STR2); //Test Split stringString[] T_str_arr2=stringutils.stringspilit (T_STR2, ","); for(inti=0;i<t_str_arr2.length;i++) {System.out.println (t_str_arr2[i]); } } }
Filter special characters in Java to prevent SQL injection