データベースを挿入する前に特殊文字をエスケープ
2722 ワード
public class CodeFilter {
/**
* to db
* @param s
* @return
*/
public static String toHtml(String s)
{
s = Replace(s, "&", "&");
s = Replace(s, "<", "<");
s = Replace(s, ">", ">");
s = Replace(s, "\t", " ");
s = Replace(s, "\r
", "
");
s = Replace(s, "
", "<br>");
s = Replace(s, " ", " ");
s = Replace(s, "'", "'");
s = Replace(s, "\\", "\");
if (s == null) s = "";
if (s != null && !s.equals("")) s = s.trim();
try
{
//if (s != null && !s.equals("")) s = new String(s.getBytes("iso-8859-1"));
}
catch(Exception e)
{
e.printStackTrace();
}
return s;
}
/**
* to front
* @param s
* @return
*/
public static String unHtml(String s)
{
s = Replace(s, "&", "&");
s = Replace(s, " ", " ");
s = Replace(s, "'", "'");
s = Replace(s, "<", "<");
s = Replace(s, ">", ">");
s = Replace(s, "<br>", "
");
s = Replace(s, "?D", "—");
return s;
}
private static String Replace(String s, String s1, String s2)
{
if(s == null)
{
return null;
}
StringBuffer stringbuffer = new StringBuffer();
int i = s.length();
int j = s1.length();
int k;
int l;
for(k = 0; (l = s.indexOf(s1, k)) >= 0; k = l + j)
{
stringbuffer.append(s.substring(k, l));
stringbuffer.append(s2);
}
if(k < i)
{
stringbuffer.append(s.substring(k));
}
return stringbuffer.toString();
}
}