標籤:mvc攔截器 mvc過濾器 mvc actionfilterattribute攔截器過濾器
該過濾攔截器動態攔截字串和實體類檢查是否有關鍵字,對字串和動態實體類進行修改很再提交。
第一步:新的攔截器類名並繼承ActionFilterAttribute :CustomerFilterAttribute:ActionFilterAttribute
第二步:在方法OnActionExecuting中實現
第三步:在對應的Action或者類上方加上[CustomerFilter]即可實現對該Action或者類進行攔截控制過濾。
完整代碼如下:
using System;
using System.Collections.Generic;
using System.Linq;
using System.Reflection;
using System.Security.Policy;
using System.Text;
using System.Web;
using System.Web.Mvc;
using System.Reflection;
namespace SaaS.Admin.Base
{
/// <summary>
/// 全域過濾器
/// </summary>
public class CustomerFilterAttribute:ActionFilterAttribute
{
/// <summary>
/// 在執行操作Action方法前執行調用
/// </summary>
/// <param name="filterContext"></param>
public override void OnActionExecuting(ActionExecutingContext filterContext)
{
base.OnActionExecuting(filterContext);
var parameters = filterContext.ActionDescriptor.GetParameters();
foreach (var parameter in parameters)
{
if (parameter.ParameterType == typeof(string))
{
//擷取字串參數原值
var orginalValue = filterContext.ActionParameters[parameter.ParameterName] as string;
//使用過濾演算法處理字串
if (!string.IsNullOrEmpty(orginalValue) && orginalValue!="")
{
var filteredValue = HtmlEscapeCode(orginalValue);
////將處理後值賦給參數
filterContext.ActionParameters[parameter.ParameterName] = filteredValue;
}
}
else if (parameter.ParameterName =="model")
{
//擷取字串參數原值
var value = filterContext.ActionParameters[parameter.ParameterName];
if (value.GetType().IsClass && value.GetType().Name != "String")//檢查是否是類,並且不是字串類型
{
object objClass = value;//擷取字串參數原值
PropertyInfo[] infos = objClass.GetType().GetProperties();//擷取原對象的所有公用屬性
#region 動態建立新執行個體【動態建立新的實體類執行個體】
System.Type tt = System.Type.GetType(value.ToString());//擷取指定名稱的類型
object ff = Activator.CreateInstance(tt, null);//建立指定類型執行個體
PropertyInfo[] fields = ff.GetType().GetProperties();//擷取指定對象的所有公用屬性
object obj = Activator.CreateInstance(tt, null);//建立新指定類型的執行個體【動態建立新的執行個體】
#endregion
foreach (PropertyInfo info in infos)
{
if (info.CanRead)
{
//Console.WriteLine(info.Name + "=" + info.GetValue(objClass, null));
if (info.PropertyType.Name == "String")
{
//擷取值
string orginalValue =Convert.ToString(info.GetValue(objClass, null));
if (!string.IsNullOrEmpty(orginalValue) || orginalValue!="")
{
//檢查過濾特殊字元
var filteredValue = HtmlEscapeCode(orginalValue);
//將處理後值賦給參數
info.SetValue(obj, filteredValue, null);
//給實體物件賦新值
filterContext.ActionParameters[parameter.ParameterName] = obj;
}
}
else
{
object orginalValue = info.GetValue(objClass, null);//擷取值
info.SetValue(obj, orginalValue,null);//給對象賦新值
filterContext.ActionParameters[parameter.ParameterName] = obj;//給實體類對象賦值
}
}
}
}
}
}
}
/// <summary>
/// 在執行操作Action方法後執行調用
/// </summary>
/// <param name="filterContext"></param>
public override void OnActionExecuted(ActionExecutedContext filterContext)
{
base.OnActionExecuted(filterContext);
var controllerName = filterContext.RouteData.Values["controller"];
var actionName = filterContext.RouteData.Values["action"];
}
//過濾關鍵字
public string HtmlEscapeCode(string html)
{
var strhtml = html.Replace("javascript", "")
.Replace("vbscript", "")
.Replace("jscript", "")
.Replace("script", "")
.Replace("eval", "")
.Replace("<", "<")
.Replace(">", ">")
.Replace("\‘", "'")
.Replace("\"", """)
.Replace("&", "&")
.Replace("#", "#");
return strhtml;
}
}
}
例如:如:對基類BaseController 進行控制
using System;
using System.Collections;
using System.Collections.Generic;
using System.Linq;
using System.Web.Mvc;
using Microsoft.Practices.ServiceLocation;
using SaaS.Contracts.SaaS.Intern;
using SaaS.Framework.IIdentity;
using SaaS.Models.Domain.Enums;
namespace SaaS.Admin.Base
{
/// <summary>
/// 基礎Controller
/// </summary>
[CustomerFilter]
public class BaseController : Controller
{
/// <summary>
/// 彈出成功提示
/// </summary>
/// <param name="message">成功訊息</param>
/// <param name="url">跳轉路徑</param>
/// <returns></returns>
protected ActionResult SuccessResult(string message, string url)
{
TempData["SuccessResult"] = message;
return Redirect(url);
}
}
}
MVC攔截器,MVC過濾器,MVC ActionFilterAttribute攔截器過濾器,OnActionExecuting
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
