HtmlEncode(防注入攻击) 

function  HtmlEncode(str)
  {
      var s = "";
      if (str.length == 0) return "";
      s = str.replace(/&/g, "&");
      s = s.replace(/</g, "&lt;");
      s = s.replace(/>/g, "&gt;");
      s = s.replace(/ /g,"&nbsp;");
      s = s.replace(/\'/g, "&#39;");
      s = s.replace(/\"/g, "&quot;");
      //s = s.replace(/\n/g, "<br>");
      return s;  
  }

 

 

 

posted @ 2013-05-22 21:10  xyun  阅读(300)  评论(0)    收藏  举报