/// <summary>
/// 数据绑定
/// </summary>
private void DataListBind(TemplateDB XmlDB)
{
TemplateFormat xf = new TemplateFormat(this);
xf.TemplateName = XmlDB.Name;
Hashtable Puts = new Hashtable();
String ContentHTML = ViewTemplate(XmlDB, "View_Template.html", Puts, xf);
//动态模块的配置
if (!String.IsNullOrEmpty(ContentHTML) && ContentHTML.IndexOf("[DynamicModules]", StringComparison.CurrentCultureIgnoreCase) >= 0)
{
//获取动态模块和动态项
Puts = GetDynamics(Puts);
ContentHTML = Common.ReplaceNoCase(ContentHTML, "[DynamicModules]", ViewTemplate(GetTemplateDB("DynamicModules"), "View_Template.html", Puts, xf));
}
liContentHTML.Text = ContentHTML;
}
/// <summary>
/// 数据项绑定
/// </summary>
private void DataItemBind(TemplateDB XmlDB)
{
String ContentHTML = String.Empty;
TemplateFormat xf = new TemplateFormat(this);
xf.TemplateName = XmlDB.Name;
Hashtable Puts = new Hashtable();
if (DataItem != null && DataItem.ID > 0)
{
if (DataItem.Status == (Int32)EnumStatus.Published && IsPublishTime(DataItem) || (Preview && DataItem.Status == (Int32)EnumStatus.Draft))
{
//判断角色权限及区域权限
if (IsPreRoleView(DataItem.Per_AllUsers, DataItem.Per_Roles) && IsPreJurisdictionView(DataItem.Per_AllJurisdictions, DataItem.Per_Jurisdictions))
{
//数据项
Puts.Add("DataItem", DataItem);
//当前文档关联的文件集
Puts.Add("DownloadFiles", GetDownloadFiles(DataItem));
//详情模板调用
ContentHTML = ViewTemplate(XmlDB, "View_Template_Detail.html", Puts, xf);
//动态模块的配置
if (!String.IsNullOrEmpty(ContentHTML) && ContentHTML.IndexOf("[DynamicModules]", StringComparison.CurrentCultureIgnoreCase) >= 0)
{
//获取动态模块和动态项
Puts = GetDynamics(Puts);
ContentHTML = Common.ReplaceNoCase(ContentHTML, "[DynamicModules]", ViewTemplate(GetTemplateDB("DynamicModules"), "View_Template.html", Puts, xf));
}
}
else
{
//无权限访问
ContentHTML = "你无当前数据的访问权限";
Response.Redirect(new TemplateFormat(this).GoUiUrl(UIToken));
}
}
else
{
//无法访问
ContentHTML = "无法访问内容或未到开始时间";
Response.Redirect(new TemplateFormat(this).GoUiUrl(UIToken));
}
}
else
{
ContentHTML = "内容没有找到";
Response.Redirect(new TemplateFormat(this).GoUiUrl(UIToken));
}
liContentHTML.Text = ContentHTML;
}
/// <summary>
/// 批量改名
/// 由于之前导入文件会把多加一个.zip的名称
/// 暂时不删除
/// </summary>
public void BatchReNames()
{
Int32 ReName = WebHelper.GetIntParam(Request, "rename", 0);
if (ReName > 0)
{
Int32 RecordCount = 0;
QueryParam qp = new QueryParam();
if (Visibility >= 0)
{
qp.Where.Add(new SearchParam(Playngo_ClientZone_Files._.Extension1, Visibility, SearchType.Equal));
}
qp.Where.Add(new SearchParam(Playngo_ClientZone_Files._.FileName, ".zip.zip", SearchType.Like));
List <Playngo_ClientZone_Files> Files = Playngo_ClientZone_Files.FindAll(qp, out RecordCount);
if (Files != null && Files.Count > 0)
{
foreach (var file in Files)
{
//得到新的文件名称和路径
String NewFileName = Common.ReplaceNoCase(file.FileName, ".zip.zip", ".zip");
String NewFilePath = Common.ReplaceNoCase(file.FilePath, ".zip.zip", ".zip");
var NewFileInfo = new FileInfo(MapPath(String.Format("{0}{1}", PortalSettings.HomeDirectory, NewFilePath)));
//得到老的文件路径
var OldFileInfo = new FileInfo(MapPath(String.Format("{0}{1}", PortalSettings.HomeDirectory, file.FilePath)));
//需要将存储的文件更名
OldFileInfo.MoveTo(NewFileInfo.FullName);
//需要移除掉重复的文件名
file.FileName = NewFileName;
//需要移除掉路径中重复的文件名
file.FilePath = NewFilePath;
//保存当前的修改
file.Update();
}
}
}
}
/// <summary>
/// 屏蔽XSS攻击关键字符串
/// </summary>
/// <param name="Str"></param>
/// <returns>返回过滤之后的字符串</returns>
public static string LostXSS(string Str)
{
string Re_Str = Str;
if (!String.IsNullOrEmpty(Str))
{
string Pattern = "<\\/*[^<>]*>";
Re_Str = Regex.Replace(HttpUtility.HtmlDecode(Str), Pattern, "");
Re_Str = (Re_Str.Replace("\r\n", "")).Replace("\r", "");
Re_Str = Common.ReplaceNoCase(Re_Str, "<", "");
Re_Str = Common.ReplaceNoCase(Re_Str, ">", "");
Re_Str = Common.ReplaceNoCase(Re_Str, "javascript", "");
Re_Str = Common.ReplaceNoCase(Re_Str, "script", "");
Re_Str = Common.ReplaceNoCase(Re_Str, "cookie", "");
Re_Str = Common.ReplaceNoCase(Re_Str, "iframe", "");
Re_Str = Common.ReplaceNoCase(Re_Str, "expression", "");
//关于一些JS事件的过滤
Re_Str = Common.ReplaceNoCase(Re_Str, "onabort", ""); //图像加载被中断
Re_Str = Common.ReplaceNoCase(Re_Str, "onblur", ""); // 元素失去焦点
Re_Str = Common.ReplaceNoCase(Re_Str, "onchange", ""); // 用户改变域的内容
Re_Str = Common.ReplaceNoCase(Re_Str, "onclick", ""); // 鼠标点击某个对象
Re_Str = Common.ReplaceNoCase(Re_Str, "ondblclick", ""); // 鼠标双击某个对象
Re_Str = Common.ReplaceNoCase(Re_Str, "onerror", ""); // 当加载文档或图像时发生某个错误
Re_Str = Common.ReplaceNoCase(Re_Str, "onfocus", ""); // 元素获得焦点
Re_Str = Common.ReplaceNoCase(Re_Str, "onkeydown", ""); // 某个键盘的键被按下
Re_Str = Common.ReplaceNoCase(Re_Str, "onkeypress", ""); // 某个键盘的键被按下或按住
Re_Str = Common.ReplaceNoCase(Re_Str, "onkeyup", ""); // 某个键盘的键被松开
Re_Str = Common.ReplaceNoCase(Re_Str, "onload", ""); // 某个页面或图像被完成加载
Re_Str = Common.ReplaceNoCase(Re_Str, "onmousedown", ""); // 某个鼠标按键被按下
Re_Str = Common.ReplaceNoCase(Re_Str, "onmousemove", ""); // 鼠标被移动
Re_Str = Common.ReplaceNoCase(Re_Str, "onmouseout", ""); // 鼠标从某元素移开
Re_Str = Common.ReplaceNoCase(Re_Str, "onmouseover", ""); // 鼠标被移到某元素之上
Re_Str = Common.ReplaceNoCase(Re_Str, "onmouseup", ""); // 某个鼠标按键被松开
Re_Str = Common.ReplaceNoCase(Re_Str, "onreset", ""); // 重置按钮被点击
Re_Str = Common.ReplaceNoCase(Re_Str, "onresize", ""); // 窗口或框架被调整尺寸
Re_Str = Common.ReplaceNoCase(Re_Str, "onselect", ""); // 文本被选定
Re_Str = Common.ReplaceNoCase(Re_Str, "onsubmit", ""); // 提交按钮被点击
Re_Str = Common.ReplaceNoCase(Re_Str, "onunload", ""); // 用户退出页面
}
return(Re_Str);
}