Beispiel #1
0
 public override bool IsValid(object value)
 {
     if (null == value)
     {
         return(true);
     }
     return(!GValidator.HasInjectionData(value.ToString()));// this.Values.Any(item => value.ToString() == item);
 }
Beispiel #2
0
        /// <summary>
        /// 处理用户提交的请求
        /// </summary>
        private void StartProcessRequest()
        {
            try
            {
                string getkeys = "";

                if (System.Web.HttpContext.Current.Request.QueryString != null)
                {
                    for (int i = 0; i < System.Web.HttpContext.Current.Request.QueryString.Count; i++)
                    {
                        getkeys = System.Web.HttpContext.Current.Request.QueryString.Keys[i];
                        if (GValidator.HasInjectionData(System.Web.HttpContext.Current.Request.QueryString[getkeys]))
                        {
                            System.Web.HttpContext.Current.Response.Redirect("~/Main/ErrorPage?p=出现错误,输入参数包含非法字符串");
                        }
                    }
                }
                if (System.Web.HttpContext.Current.Request.Form != null)
                {
                    for (int i = 0; i < System.Web.HttpContext.Current.Request.Form.Count; i++)
                    {
                        getkeys = System.Web.HttpContext.Current.Request.Form.Keys[i];
                        if (getkeys == "__VIEWSTATE")
                        {
                            continue;
                        }
                        if (GValidator.HasInjectionData(System.Web.HttpContext.Current.Request.Form[getkeys]))
                        {
                            System.Web.HttpContext.Current.Response.Redirect("~/Main/ErrorPage?p=出现错误,输入参数包含非法字符串");
                        }
                    }
                }
                if (System.Web.HttpContext.Current.Request.Cookies != null)
                {
                    for (int i = 0; i < System.Web.HttpContext.Current.Request.Cookies.Count; i++)
                    {
                        getkeys = System.Web.HttpContext.Current.Request.Cookies.Keys[i];
                        if (getkeys == "__VIEWSTATE")
                        {
                            continue;
                        }
                        if (GValidator.HasInjectionData(System.Web.HttpContext.Current.Request.Cookies[getkeys].Value))
                        {
                            System.Web.HttpContext.Current.Response.Redirect("~/Main/ErrorPage?p=出现错误,包含非法字符串");
                        }
                    }
                }
            }
            catch
            {
                // 错误处理: 处理用户提交信息!
            }
        }
Beispiel #3
0
 public ValInjectionAttribute()
 {
     this.RexValue = GValidator.GetInjectionRegexString();
 }