JavaScript.Encode手动解码
JS.Encode是在JS代码进行编码之后形成的“乱码”,此乱码除无法阅读之外,仍能够良好的执行。
往往在网页上有JS加密代码的解码方法,但是由于代码中存在转义字符,无法正确的进行解码。
---------------------------------------------------------------------------------------------
|
JAVAScript使用以下八种转义字符。这些字符都是以一个反斜线(\)开始。当JAVAScript的解释器(Interpreter)看到反斜线时,就会特别注意,表现出程序员所要表达的意思。 | |||||||||||||||||||||||||||
|
-------------------------------------------------------------------------------------------------
在JS加密代码解密之前,要替换掉掉代码中的转移字符,
例如:
\\ ------- \
\t ------- Tab键
等等。
然后即可正确的解码。
转自http://www.cnblogs.com/ljhong/archive/2008/08/25/1275460.html
1.内闭式(RUNAT SERVER方式)
这种方式是目前大多数人使用的一种,通过事件驱动来实现文件上传处理,Form及File Field需设置为Runat Server
/// <summary>
/// 上传文件
/// </summary>
/// <param name="filepathLevel">上传文件的路径层</param>
/// <param name="filepath">根目录下文件存在的路径</param>
/// <param name="filename">文件名称,默认null</param>
/// <param name="fileFormat">文件格式(以,分隔)</param>
/// <param name="maxAmount">文件大小(MB计算)</param>
/// <param name="fud">上传组件名</param>
/// <param name="fileIsExists">是否必需上传</param>
/// <returns></returns>
public static string FileUpload(string filepathLevel, string filepath, string filename, string fileFormat, int maxAmount, FileUpload fud,bool fileIsExists)
{
bool formatStatus = false;
string eorrStr = "";
string strText = null;
string tmpfilepath = System.Web.HttpContext.Current.Server.MapPath(filepathLevel) + filepath;
string tmpfilename;
if (filename == null) ///默认名称
{ tmpfilename = DateTime.Now.ToString("yyyyMMddhhmmss") + DateTime.Now.Millisecond.ToString(); }
else
{ tmpfilename = filename; }
///---------------------------创建文件夹---------------------------
//HttpContext.Current.Server.MapPath(相对路径):把相对路径转为服务器上的绝对路径。File.Exists(绝对路径):检查是否存在绝对路径指向的文件或目录。
if (!File.Exists(tmpfilepath))
{
System.IO.Directory.CreateDirectory(tmpfilepath); //System.IO.Directory.CreateDirectory(文件夹绝对路径):建立绝对路径文件夹。
}
///------------------------------写入上传文件--------------------------------
if (fud.HasFile)
{
try
{
string[] strTpye = fud.FileName.Split('.');
if (strTpye.Length > 1)
{
int i_split = strTpye.Length - 1;
string format = strTpye[i_split];
string[] sArray = fileFormat.Split(',');
foreach (string i in sArray)
{
if (format.ToLower() == i.ToString())
{
formatStatus = true;
break;
}
}
///------------------判断文件格式--------------------
if (formatStatus == false)
{
eorrStr += "只能上传" + fileFormat + "格式文件";
}
///------------------判断大小--------------------
int tmpmaxAmount = maxAmount * 1024 * 1024;
if (fud.PostedFile.ContentLength > tmpmaxAmount)
{
eorrStr += "上传不能超过" + maxAmount + "MB";
}
///------------------写入文件--------------------
if (eorrStr == "")
{
string savepath = tmpfilepath + tmpfilename + "." + format;
if (!File.Exists(savepath)) //不存在就写入
{
fud.SaveAs(tmpfilepath + tmpfilename + "." + format);
}
strText = filepath + tmpfilename + "." + format;
}
}
else
{
eorrStr += "只能上传" + fileFormat + "格式文件";
}
// 显示文件信息
//str += "<br/>Saved As: " + FileUpload1.PostedFile.FileName;
//str += "<br/>File Type: " + FileUpload1.PostedFile.ContentType;
//str += "<br/>File Length (bytes): " + FileUpload1.PostedFile.ContentLength;
//str += "<br/>PostedFile File Name: " + FileUpload1.PostedFile.FileName;
// fud.SaveAs(filepath + FileUpload1.FileName);
//str += "Uploading file: " + FileUpload1.FileNam
}
catch (Exception ex)
{
eorrStr += "<b>Error:</b>Unable to save :" + fud.FileName + "<br/>" + ex.Message;
}
}
else
{
if (fileIsExists == true) ///必需上传文件
{
eorrStr = "No file uploaded.";
}
}
if (eorrStr != "")
{ JScript.Alert(eorrStr); }
return strText;
}
2.开放式(Submit Form方式)
该方式可以支持由其他页面提交,自由性较大,代码如下:
<form name="form1" action="Save.aspx" method="post" enctype="multipart/form-data">
<INPUT type="file" id="File1" name="File1">
<input type="submit" name="submit" value="保存">
</form>
save.aspx
private void Page_Load(object sender, System.EventArgs e)
{
if( Request.Files.Count == 0 ) {
Response.Write("<script>alert('请选择上传文件!');</script>");
Response.End();
return;
}
System.Web.HttpPostedFile file = Request.Files[0];
String fileName = Request["fileName"];
String save_path = "./attached/";
String ext = System.IO.Path.GetExtension( file.FileName ).ToLower();
Response.Write(ext);
if( !System.IO.Directory.Exists( Server.MapPath( save_path ) ) )
System.IO.Directory.CreateDirectory( Server.MapPath( save_path ) );
if( ext == ".jpg" || ext == ".gif" || ext == ".bmp" || ext == ".png" ) {
file.SaveAs( Server.MapPath( save_path + fileName ) );
Response.Write("<script type=\"text/javascript\">parent.KindInsertImage('" + save_path + fileName + "','" + Request["imgWidth"] + "','" + Request["imgHeight"] + "','" + Request["imgBorder"] + "');</script>'");
Response.End();
}
else {
Response.Write("<script>alert('文件格式不支持!');</script>");
Response.End();
}
}
只需弄清楚 HttpPostedFile和HttpFileCollection这两个对像,写批量文件上传就不是一件难事了。
转载请注明来自"菩提树下的杨过"-http://www.cnblogs.com/yjmyzz/archive/2008/08/22/1274395.html
1.利用代码加解密
//加密web.Config中的指定节
private void ProtectSection(string sectionName)
{
Configuration config = WebConfigurationManager.OpenWebConfiguration(Request.ApplicationPath);
ConfigurationSection section = config.GetSection(sectionName);
if (section != null && !section.SectionInformation.IsProtected)
{
section.SectionInformation.ProtectSection("DataProtectionConfigurationProvider");
config.Save();
}
}
//解密web.Config中的指定节
private void UnProtectSection(string sectionName)
{
Configuration config = WebConfigurationManager.OpenWebConfiguration(Request.ApplicationPath);
ConfigurationSection section = config.GetSection(sectionName);
if (section != null && section.SectionInformation.IsProtected)
{
section.SectionInformation.UnprotectSection();
config.Save();
}
}
示例:
protected void btnEncrypt_Click(object sender, EventArgs e)
{
ProtectSection("connectionStrings");
}
变化:
加密前:
<connectionStrings>
<add name="connStr" connectionString="Data Source=server;Initial Catalog=Lib;User ID=sa;password=***"
providerName="System.Data.SqlClient" />
</connectionStrings>
加密后:
<connectionStrings configProtectionProvider="DataProtectionConfigurationProvider">
<EncryptedData>
<CipherData>
<CipherValue>AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAYzAtjjJo0km/XdUrGFh3YAQAAAACAAAAAAADZgAAqAAAABAAAAD5H0RB6uSYHCk33lo9x5VHAAAAAASAAACgAAAAEAAAALS6KNeUNySZfZ/0tpmh7YWAAQAA85NFHJH
oVx1aW5pTaFfLtTo5J9lWoBR76IYIinLiIjcTeJ4tuAstgCspZlK9NMgzyWmWbbNbb8Z8canVCUpdKF0xmTBTpVih08TtODLszcUpCsJGvEgxuDPi6JtKjG/nT+UvpRp154TNnm04LP/iq1InDxePW2tEViHIiooEXARX8FLY00R
FBaUgarrfi5Fppu4usqavdnj7oqwFEbp3MXOaWY6m9qyVzNsf2G1UwBrivsrM4hZUcr1hy/S87co63ioWie8QDVgGuaTEaSyklC9STyvRsLU6A/QxalCHY4VoRjzNS/27vGoin+c3AJ587wMKJyJBiV08DyzoGM7elAlg8yTAeHv
VMLOEFcTUwsCG0f2rwhi3fZYUyykczYsfHXLEXdbJ+YRiBxYWP6xzffIdyWzrawxaIfnPq/pw6e2Vrwt6tJthDImu0tzXdwupbJVdy4T5vQvy4Fw3SB9lmbSZQacekaXcViBdX7Tejx7TTpDs36RdAOf8WcVMJH4FFAAAACjQFCa
OcSfbD2LXX4YP506vHDXw</CipherValue>
</CipherData>
</EncryptedData>
</connectionStrings>
注意:
加密后,仍然可以按以前的操作来读取,不需要额外的解决操作,因为
<connectionStrings configProtectionProvider="DataProtectionConfigurationProvider">
这里已经指定了用何种方式解密,asp.net会自动处理
2.利用aspnet_regiis.exe工具加解密
先创建RSA容器:
%windir%\Microsoft.NET\Framework\v2.0.50727\aspnet_regiis.exe -pc "JimmyKeys" -exp
注:上面的JimmyKeys为容器名,可随便取
为了方便在多台机器上部署config加密文件(比如服务器镜象情况),可将容器导出到xml文件
%windir%\Microsoft.NET\Framework\v2.0.50727\aspnet_regiis.exe -px "JimmyKeys" "d:\document\rsa\rsa.xml" -pri
删除容器命令
%windir%\Microsoft.NET\Framework\v2.0.50727\aspnet_regiis.exe -pz "JimmyKeys" -exp
导出后,当然还可以将其导回:
%windir%\Microsoft.NET\Framework\v2.0.50727\aspnet_regiis.exe -pi "JimmyKeys" "d:\document\rsa\rsa.xml"
有关RSA的详细操作,可参见http://msdn.microsoft.com/zh-cn/library/yxw286t2(VS.80).aspx
现在可以正式加密/解密了
加密:
aspnet_regiis.exe -pef "connectionStrings" "D:\website\abc.com\"
解密:
aspnet_regiis.exe -pdf "connectionStrings" "D:\website\abc.com\"
加密前:
<connectionStrings>
<add name="connStr" connectionString="Data Source=server;Initial Catalog=Lib;User ID=sa;password=***"
providerName="System.Data.SqlClient" />
</connectionStrings>
加密后:
<connectionStrings configProtectionProvider="RsaProtectedConfigurationProvider">
<EncryptedData Type="http://www.w3.org/2001/04/xmlenc#Element"
xmlns="http://www.w3.org/2001/04/xmlenc#">
<EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc" />
<KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
<EncryptedKey xmlns="http://www.w3.org/2001/04/xmlenc#">
<EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5" />
<KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
<KeyName>Rsa Key</KeyName>
</KeyInfo>
<CipherData>
<CipherValue>breSi2wD4X4CAKh0puzhYtyltmR3cp9JfEE8Yw03NeWGZCOoEvDuxAceKLEsmYx8r/tI5NsZxOmY20pQzD1KvGELzz4rhkEPE9LKTAwyKNhqzMPFoRnjsdGTvs6JhrvVat9rdvgKbfTvVLXuvpXgSeNB0T6XJWq
/vOIU7KTyFjk=</CipherValue>
</CipherData>
</EncryptedKey>
</KeyInfo>
<CipherData>
<CipherValue>c4HD+EfJl//pv4eEzT938aWYhLyPBUt8lbNWf4Y4c6tewWLNBTwgYXtxPh6TnF8ne6s9H5C/AwXy/3JECuNEd8YGOO+RDhxw8NySd8vUc53+iUiHW5TLs/aoIvy8k1yOfLWGKFFWPtoX4F4gMTS+MAmhkiHQ46p
H2VyjyprNsl8LE2pGNjDOJnDeGYq+wkn2iw968+qjuTCibGJn6h6iGYGHYmkYUrgRzfo3iIZu+eCWE2IqCP+s58eQRjU3MxJ2BqeUU9HaKy4=</CipherValue>
</CipherData>
</EncryptedData>
</connectionStrings>
同样,这种方式加密后,aspx读取节点时也无需任何解密处理,代码不用做任何修改
注意:并不是所有的节点都能加密,ASP.NET 2.0仅支持对Web.config的部分配置节进行加密,以下配置节中的数据是不能进行加密的:
• <processModel>
• <runtime>
• <mscorlib>
• <startup>
• <system.runtime.remoting>
• <configProtectedData>
• <satelliteassemblies>
• <cryptographySettings>
• <cryptoNameMapping>
• <cryptoClasses>
另外,除了AppSettings和ConnectionStrings以外的其它节点,可以这样写:
aspnet_regiis.exe -pef "system.serviceModel/behaviors" "d:\website\cntvs\"
即对<system.serviceModel>下的<behaviors>节点加密,这一节点同样适用于代码方式加密,经过多次尝试,似乎除了AppSettings和ConnectionStrings以外的其它节点,只能支持二级节点。
象以下写法:
aspnet_regiis.exe -pef "system.serviceModel/behaviors/endpointBehaviors" "d:\website\cntvs"
运行时会报错:
未找到配置节“system.serviceModel/behaviors/endpointBehaviors”。