/// <summary> /// 去除非法字符,防止SQL注入,并截取指定位数的字符 /// </summary> /// <param name="content">内容</param> /// <param name="maxLength">截取长度</param> /// <returns></returns> public static string InputText(string content, int maxLength = 0) { if (VerifyDataHelper.IsNullOrWhiteSpace(content)) { return(string.Empty); } StringBuilder retVal = new StringBuilder(); content = content.Trim(); if (content.Length > maxLength && maxLength > 0) { content = content.Substring(0, maxLength); } for (int i = 0; i < content.Length; i++) { switch (content[i]) { case '"': retVal.Append("""); break; case '<': retVal.Append("<"); break; case '>': retVal.Append(">"); break; default: retVal.Append(content[i]); break; } } retVal.Replace("'", " "); return(retVal.ToString()); }
/// <summary> /// 把元素以参数名称升序排序,并按照指定的格式拼接成新的字符串 /// 【常用于:百度/支付宝-生成加密Sign】 /// </summary> /// <param name="parameters">数据源</param> /// <param name="concatSymbol">连接符</param> /// <param name="separatorSymbol">分隔符</param> /// <param name="passNullKey">是否跳过Key为空的数据</param> /// <param name="passNullValue">是否跳过Value为空的数据</param> /// <param name="notInKeys">需要跳过处理Keys</param> /// <returns>拼接完成的字符串</returns> public static string SortedJoinString(Dictionary <string, object> parameters, string concatSymbol = "=", string separatorSymbol = "&", bool passNullKey = true, bool passNullValue = false, List <string> notInKeys = null) { try { if (parameters == null || parameters.Count <= 0) { throw new Exception("Dictionary Is Null"); } var sortedParams = new SortedDictionary <string, object>(parameters); var iterator = sortedParams.GetEnumerator(); var basestring = new List <string>(); while (iterator.MoveNext()) { var key = iterator.Current.Key; var value = iterator.Current.Value; if (passNullKey && VerifyDataHelper.IsNullOrWhiteSpace(key)) { continue; } if (passNullValue && value == null) { continue; } if (notInKeys == null || !notInKeys.Contains(key)) { basestring.Add(key + concatSymbol + value); } } return(string.Join(separatorSymbol, basestring)); } catch { return(string.Empty); } }