public override bool IsValid(object value)
{
if (null == value)
{
return(true);
}
return(!GValidator.HasInjectionData(value.ToString()));// this.Values.Any(item => value.ToString() == item);
}
/// <summary>
/// 处理用户提交的请求
/// </summary>
private void StartProcessRequest()
{
try
{
string getkeys = "";
if (System.Web.HttpContext.Current.Request.QueryString != null)
{
for (int i = 0; i < System.Web.HttpContext.Current.Request.QueryString.Count; i++)
{
getkeys = System.Web.HttpContext.Current.Request.QueryString.Keys[i];
if (GValidator.HasInjectionData(System.Web.HttpContext.Current.Request.QueryString[getkeys]))
{
System.Web.HttpContext.Current.Response.Redirect("~/Main/ErrorPage?p=出现错误,输入参数包含非法字符串");
}
}
}
if (System.Web.HttpContext.Current.Request.Form != null)
{
for (int i = 0; i < System.Web.HttpContext.Current.Request.Form.Count; i++)
{
getkeys = System.Web.HttpContext.Current.Request.Form.Keys[i];
if (getkeys == "__VIEWSTATE")
{
continue;
}
if (GValidator.HasInjectionData(System.Web.HttpContext.Current.Request.Form[getkeys]))
{
System.Web.HttpContext.Current.Response.Redirect("~/Main/ErrorPage?p=出现错误,输入参数包含非法字符串");
}
}
}
if (System.Web.HttpContext.Current.Request.Cookies != null)
{
for (int i = 0; i < System.Web.HttpContext.Current.Request.Cookies.Count; i++)
{
getkeys = System.Web.HttpContext.Current.Request.Cookies.Keys[i];
if (getkeys == "__VIEWSTATE")
{
continue;
}
if (GValidator.HasInjectionData(System.Web.HttpContext.Current.Request.Cookies[getkeys].Value))
{
System.Web.HttpContext.Current.Response.Redirect("~/Main/ErrorPage?p=出现错误,包含非法字符串");
}
}
}
}
catch
{
// 错误处理: 处理用户提交信息!
}
}
public ValInjectionAttribute()
{
this.RexValue = GValidator.GetInjectionRegexString();
}