using System;
using System.Collections.Generic;
using System.Text;
using System.Web;
namespace CP.Common
{
public class WRequest
{
/// <summary>
/// 过滤请求中可能存在的xxs漏洞..
/// </summary>
/// <param name="str"></param>
/// <returns></returns>
private static string GetXXString(string str)
{
if (string.IsNullOrEmpty(str))
return "";
string xxs = "--|javascript:|onkey|onchange|onfocus|onblur|onclick|select|update|delete|write|document|alert|script|.wma|.rm|.meta|param|iframe|.swf|.wmv|.asx|.mp3|.mp2|.avi|http-equiv|refresh|.css|position|absolute|z-index|window|cookie";
string[] strs = xxs.Split('|');
if (strs != null && strs.Length > 0)
{
for (int i = 0; i < strs.Length; i++)
{
if (str.IndexOf(strs[i], StringComparison.CurrentCultureIgnoreCase) != -1)
str = str.Replace(strs[i], "");
}
}
return str;
}
/// <summary>
/// 根据request.url获取其中的某个参数
/// </summary>
/// <param name="key"></param>
/// <returns></returns>
private static string GetQueryUrlParam(string key)
{
if (System.Web.HttpContext.Current != null)
{
string query = HttpContext.Current.Request.Url.Query;
if (!string.IsNullOrEmpty(query))
{
int index = 0;
index = query.IndexOf(key + "=");
if (index >= 0)
{
query = query.Substring(key.Length + 1 + index);
index = query.IndexOf('&');
if (index >= 0)
query = query.Substring(0, index);
return query;
}
}
}
return string.Empty;
}
/// <summary>
/// 判断当前页面是否接收到了Post请求
/// </summary>
/// <returns>是否接收到了Post请求</returns>
public static bool IsPost()
{
return HttpContext.Current.Request.HttpMethod.Equals("POST");
}
/// <summary>
/// 判断当前页面是否接收到了Get请求
/// </summary>
/// <returns>是否接收到了Get请求</returns>
public static bool IsGet()
{
return HttpContext.Current.Request.HttpMethod.Equals("GET");
}
/// <summary>
/// 返回指定的服务器变量信息
/// </summary>
/// <param name="strName">服务器变量名</param>
/// <returns>服务器变量信息</returns>
public static string GetServerString(string strName)
{
if (HttpContext.Current.Request.ServerVariables[strName] == null)
return "";
return HttpContext.Current.Request.ServerVariables[strName].ToString();
}
/// <summary>
/// 是否是站内请求.
/// </summary>
/// <returns></returns>
public static bool IsLocationRequest()
{
string truehost = "8200.cn";
Uri referrer = HttpContext.Current.Request.UrlReferrer;
if (referrer != null && !string.IsNullOrEmpty(referrer.ToString()))
{
string rhost = referrer.Host;
//string host = HttpContext.Current.Request.Url.Host;
//验证主机头是否一样
if (rhost.IndexOf(truehost, StringComparison.CurrentCultureIgnoreCase) == -1)
return false;
}
else
{
return false;
}
return true;
}
/// <summary>
/// 返回上一个页面的地址
/// </summary>
/// <returns>上一个页面的地址</returns>
public static string GetUrlReferrer()
{
string retVal = string.Empty;
try
{
retVal = HttpContext.Current.Request.UrlReferrer.ToString();
}
catch { }
if (retVal == null)
return "";
return retVal;
}
/// <summary>
/// 得到当前完整主机头
/// </summary>
/// <returns></returns>
public static string GetCurrentFullHost()
{
HttpRequest request = System.Web.HttpContext.Current.Request;
if (!request.Url.IsDefaultPort)
return string.Format("{0}:{1}", request.Url.Host, request.Url.Port.ToString());
return request.Url.Host;
}
/// <summary>
/// 得到主机头
/// </summary>
/// <returns></returns>
public static string GetHost()
{
return HttpContext.Current.Request.Url.Host;
}
/// <summary>
/// 端口号
/// </summary>
/// <returns></returns>
public static string GetPort()
{
return HttpContext.Current.Request.Url.Port.ToString();
}
/// <summary>
/// 获取当前请求的原始 URL(URL 中域信息之后的部分,包括查询字符串(如果存在))
/// </summary>
/// <returns>原始 URL</returns>
public static string GetRawUrl()
{
return HttpContext.Current.Request.RawUrl;
}
/// <summary>
/// 判断当前访问是否来自浏览器软件
/// </summary>
/// <returns>当前访问是否来自浏览器软件</returns>
public static bool IsBrowserGet()
{
string[] BrowserName = { "ie", "opera", "netscape", "mozilla", "konqueror", "firefox" };
string curBrowser = HttpContext.Current.Request.Browser.Type.ToLower();
for (int i = 0; i < BrowserName.Length; i++)
{
if (curBrowser.IndexOf(BrowserName[i]) >= 0)
return true;
}
return false;
}
/// <summary>
/// 判断是否来自搜索引擎链接
/// </summary>
/// <returns>是否来自搜索引擎链接</returns>
public static bool IsSearchEnginesGet()
{
if (HttpContext.Current.Request.UrlReferrer == null)
return false;
string[] SearchEngine = { "google", "yahoo", "msn", "baidu", "sogou", "sohu", "sina", "163", "lycos", "tom", "yisou", "iask", "soso", "gougou", "zhongsou", "yodao", "youdao", "360" };
string tmpReferrer = HttpContext.Current.Request.UrlReferrer.ToString().ToLower();
for (int i = 0; i < SearchEngine.Length; i++)
{
if (tmpReferrer.IndexOf(SearchEngine[i], StringComparison.CurrentCultureIgnoreCase) >= 0)
return true;
}
return false;
}
/// <summary>
/// 获得当前完整Url地址
/// </summary>
/// <returns>当前完整Url地址</returns>
public static string GetUrl()
{
return HttpContext.Current.Request.Url.ToString();
}
/// <summary>
/// 获得指定Url参数的值
/// </summary>
/// <param name="strName">Url参数</param>
/// <returns>Url参数的值</returns>
public static string GetQueryString(string strName)
{
return GetQueryString(strName, false);
}
/// <summary>
/// 获得指定Url参数的值
/// </summary>
/// <param name="strName">Url参数</param>
/// <param name="sqlSafeCheck">是否进行sql安全测试</param>
/// <returns>Url参数的值</returns>
public static string GetQueryString(string strName, bool SafeCheck)
{
if (HttpContext.Current.Request.QueryString[strName] == null)
return "";
if (SafeCheck && !Utils.IsSafeSqlString(HttpContext.Current.Request.QueryString[strName]))
return "unsafe string";
return GetXXString(HttpContext.Current.Request.QueryString[strName]);
}
/// <summary>
/// 获得当前页面的名称
/// </summary>
/// <returns>当前页面的名称</returns>
public static string GetPageName()
{
string[] urlArr = HttpContext.Current.Request.Url.AbsolutePath.Split('/');
return urlArr[urlArr.Length - 1].ToLower();
}
/// <summary>
/// 返回表单或Url参数的总个数
/// </summary>
/// <returns></returns>
public static int GetParamCount()
{
return HttpContext.Current.Request.Form.Count + HttpContext.Current.Request.QueryString.Count;
}
/// <summary>
/// 获得指定表单参数的值
/// </summary>
/// <param name="strName">表单参数</param>
/// <returns>表单参数的值</returns>
public static string GetFormString(string strName)
{
return GetFormString(strName, false);
}
/// <summary>
/// 获得指定表单参数的值
/// </summary>
/// <param name="strName">表单参数</param>4
/// <param name="sqlSafeCheck">是否进行SQL安全检查</param>
/// <returns>表单参数的值</returns>
public static string GetFormString(string strName, bool sqlSafeCheck)
{
if (HttpContext.Current.Request.Form[strName] == null)
return "";
if (sqlSafeCheck && !Utils.IsSafeSqlString(HttpContext.Current.Request.Form[strName]))
return "unsafe string";
return GetXXString(HttpContext.Current.Request.Form[strName]);
}
/// <summary>
/// 获得Url或表单参数的值, 先判断Url参数是否为空字符串, 如为True则返回表单参数的值
/// </summary>
/// <param name="strName">参数</param>
/// <returns>Url或表单参数的值</returns>
public static string GetString(string strName)
{
return GetString(strName, false);
}
/// <summary>
/// 获得Url或表单参数的值, 先判断Url参数是否为空字符串, 如为True则返回表单参数的值
/// </summary>
/// <param name="strName">参数</param>
/// <param name="sqlSafeCheck">是否进行SQL安全检查</param>
/// <returns>Url或表单参数的值</returns>
public static string GetString(string strName, bool sqlSafeCheck)
{
if ("".Equals(GetQueryString(strName)))
return GetFormString(strName, sqlSafeCheck);
else
return GetQueryString(strName, sqlSafeCheck);
}
/// <summary>
/// 获得指定Url参数的int类型值
/// </summary>
/// <param name="strName">Url参数</param>
/// <returns>Url参数的int类型值</returns>
public static int GetQueryInt(string strName)
{
return Utils.StrToInt(HttpContext.Current.Request.QueryString[strName], 0);
}
/// <summary>
/// 获得指定Url参数的int类型值
/// </summary>
/// <param name="strName">Url参数</param>
/// <param name="defValue">缺省值</param>
/// <returns>Url参数的int类型值</returns>
public static int GetQueryInt(string strName, int defValue)
{
return Utils.StrToInt(HttpContext.Current.Request.QueryString[strName], defValue);
}
/// <summary>
/// 获得指定表单参数的int类型值
/// </summary>
/// <param name="strName">表单参数</param>
/// <param name="defValue">缺省值</param>
/// <returns>表单参数的int类型值</returns>
public static int GetFormInt(string strName, int defValue)
{
return Utils.StrToInt(HttpContext.Current.Request.Form[strName], defValue);
}
/// <summary>
/// 获得指定Url或表单参数的int类型值, 先判断Url参数是否为缺省值, 如为True则返回表单参数的值
/// </summary>
/// <param name="strName">Url或表单参数</param>
/// <param name="defValue">缺省值</param>
/// <returns>Url或表单参数的int类型值</returns>
public static int GetInt(string strName, int defValue)
{
if (GetQueryInt(strName, defValue) == defValue)
return GetFormInt(strName, defValue);
else
return GetQueryInt(strName, defValue);
}
/// <summary>
/// 获得指定Url参数的float类型值
/// </summary>
/// <param name="strName">Url参数</param>
/// <param name="defValue">缺省值</param>
/// <returns>Url参数的int类型值</returns>
public static float GetQueryFloat(string strName, float defValue)
{
return Utils.StrToFloat(HttpContext.Current.Request.QueryString[strName], defValue);
}
/// <summary>
/// 获得指定表单参数的float类型值
/// </summary>
/// <param name="strName">表单参数</param>
/// <param name="defValue">缺省值</param>
/// <returns>表单参数的float类型值</returns>
public static float GetFormFloat(string strName, float defValue)
{
return Utils.StrToFloat(HttpContext.Current.Request.Form[strName], defValue);
}
/// <summary>
/// 获得指定Url或表单参数的float类型值, 先判断Url参数是否为缺省值, 如为True则返回表单参数的值
/// </summary>
/// <param name="strName">Url或表单参数</param>
/// <param name="defValue">缺省值</param>
/// <returns>Url或表单参数的int类型值</returns>
public static float GetFloat(string strName, float defValue)
{
if (GetQueryFloat(strName, defValue) == defValue)
return GetFormFloat(strName, defValue);
else
return GetQueryFloat(strName, defValue);
}
/// <summary>
/// 获得当前页面客户端的IP
/// </summary>
/// <returns>当前页面客户端的IP</returns>
public static string GetIP()
{
string result = HttpContext.Current.Request.ServerVariables["REMOTE_ADDR"];
if (string.IsNullOrEmpty(result))
result = HttpContext.Current.Request.ServerVariables["HTTP_X_FORWARDED_FOR"];
if (string.IsNullOrEmpty(result))
result = HttpContext.Current.Request.UserHostAddress;
if (string.IsNullOrEmpty(result) || !Utils.IsIP(result))
return "127.0.0.1";
return result;
}
/// <summary>
/// 获取浏览器类型
/// </summary>
/// <returns></returns>
public static string GetBrowse()
{
string b = string.Empty;
string ua = HttpContext.Current.Request.UserAgent.ToString().ToLower();
if (ua.Contains("firefox"))
{
b = "firefox";
}
else if (ua.Contains("msie"))
{
b = "ie";
}
else if (ua.Contains("gecko") && !ua.Contains("firefox")&&!ua.Contains("safari"))
{
b = "ie11";
}
else if (ua.Contains("safari"))
{
b = "safari";
}
else if (ua.Contains("chrome"))
{
b = "chrome";
}
else
{
b = "unknow";
}
return b;
}
/// <summary>
/// 保存用户上传的文件
/// </summary>
/// <param name="path">保存路径</param>
public static void SaveRequestFile(string path)
{
if (HttpContext.Current.Request.Files.Count > 0)
{
HttpContext.Current.Request.Files[0].SaveAs(path);
}
}
}
}