www.gusucode.com > CC校友录贴吧 CCBar源码程序asp编程 > inc/inc_data_check.asp
<% '=================================================================== '= ASP FILENAME : /inc/inc_data_check.asp '= CREATED TIME : AUG,19,2003 '= LAST MODIFIED: AUG,19,2003 '= VERSION INFO : CCASP Framework Ver 2.0.1 ALL RIGHTS RESERVED BY www.cclinux.com '= DESCRIPTION : 提交至服务器端数据的合法性检测函数 '=================================================================== '=================================================================== '= Function : DataCheck '= Time : Created At 2006-5-5 '= Input : 数据类型,数据项,数据项名称,附加信息 '= Description : 数据合法性检测主函数 '=================================================================== Function DataCheck(strDataType,ByRef strDataStr,ByRef strDataInfo,ByRef strAddInfo) '== strDataStr : 输入项名 '== strDataInfo: 输入项信息 '== strAddInfo : 附加信息,用于指定比如固定长度,包含字符等数据校验的参数 '== DT means DATE_TYPE '== 按错误类型进行分拣和校验 Dim blnErr : blnErr = False Select Case strDataType '== 校验数据项是否符合指定长度 Case "DT_FIX_LENGTH" : blnErr = CheckFixLen(strDataStr,strDataInfo,strAddInfo) '== 校验数据项是否全为阿拉伯数字 Case "DT_INT" : blnErr = CheckInt(strDataStr,strDataInfo,strAddInfo) Case "DT_INT_ZERO" : blnErr = CheckIntZero(strDataStr,strDataInfo,strAddInfo) '== 校验数据项是否在某一数值范围内 Case "DT_INT_AREA" : blnErr = CheckIntArea(strDataStr,strDataInfo,strAddInfo) '== 校验数据项是否全为阿拉伯数字和英文 Case "DT_EN_NUM" : blnErr = CheckEnNum(strDataStr,strDataInfo,strAddInfo) '== 校验数据项是否为中文字符 Case "DT_CHN" : blnErr = CheckCHN(strDataStr,strDataInfo,strAddInfo) '== 校验数据项内部是否包含指定字符串 Case "DT_INC_CHAR" : blnErr = CheckIncChar(strDataStr,strDataInfo,strAddInfo) '== 校验数据项头部是否包含指定字符串 Case "DT_HEAD_INC_CHAR" : blnErr = CheckHeadIncChar(strDataStr,strDataInfo,strAddInfo) '== 校验数据项输入的Email是否合法 Case "DT_EMAIL" : blnErr = CheckEmail(strDataStr,strDataInfo,strAddInfo) '== 校验数据项输入的Url是否合法 Case "DT_URL" : blnErr = CheckUrl(strDataStr,strDataInfo,strAddInfo) '== 校验是否有非法字符 Case "DT_VALID_CHAR" : blnErr = CheckValid(strDataStr,strDataInfo,strAddInfo) '== 校验是否有被禁止的字符 Case "DT_FORBID_CHAR" : blnErr = CheckForbid(strDataStr,strDataInfo,strAddInfo) '== 校验数据集ID Case "DT_ID" : blnErr = CheckId(strDataStr,strDataInfo,strAddInfo) '== 校验数据集正整数取值范围 Case "DT_INT_BETWEEN" blnErr = CheckIntBetween(strDataStr,strDataInfo,strAddInfo) '== 校验是否为正整数 Case "DT_PLUS_INT" blnErr = CheckPlusInt(strDataStr,strDataInfo,strAddInfo) '== 校验数据枚举类型 Case "DT_ENUM" : blnErr = CheckEnum(strDataStr,strDataInfo,strAddInfo) Case "DT_ENUM_MORE" : blnErr = CheckEnumMore(strDataStr,strDataInfo,strAddInfo) Case "DT_ASC" : blnErr = CheckAsc(strDataStr,strDataInfo,strAddInfo) Case Else Response.Redirect "未定义的数据校验类型:" & strDataType Response.End End Select DataCheck = blnErr End Function '=================================================================== '= Function : CheckHeadIncChar '= Time : Created At 2006-5-5 '= Input : 数据项,数据项名称,附加信息 '= Output : 出错处理 '= Description : 校验数据枚举类型(不区分大小写) '=================================================================== Function CheckHeadIncChar(strDataStr,ByRef strDataInfo,ByRef strAddInfo) Dim blnErr : blnErr = False Dim intCharLen intCharLen = Len(Trim(strAddInfo)) If Ucase(Left(Trim(strDataStr),intCharLen)) <> Ucase(Trim(strAddInfo)) Then blnErr = True strDataInfo = strDataInfo & "前部应包含" & Trim(strAddInfo) End If CheckHeadIncChar = blnErr End Function '=================================================================== '= Function : CheckEnum '= Time : Created At 2006-5-5 '= Input : 数据项,数据项名称,附加信息 '= Output : 出错处理 '= Description : 校验数据枚举类型(不区分大小写) '=================================================================== Function CheckEnum(strDataStr,ByRef strDataInfo,ByRef strAddInfo) Const CONST_DIVIDER = "," Dim blnErr : blnErr = False Dim i Dim arrTmp Dim strGetData,strGetAddInfo blnErr = True strGetData = Lcase(Trim(strDataStr)) strGetAddInfo = Lcase(Trim(strAddInfo)) arrTmp = split(strGetAddInfo,CONST_DIVIDER) For i = LBound(arrTmp) To UBound(arrTmp) If arrTmp(i) = strGetData Then blnErr = False Exit For End If Next strDataInfo = strDataInfo & "( " & strDataStr &" )提交值不在允许的范围" CheckEnum = blnErr End Function '=================================================================== '= Function : CheckEnumMore '= Time : Created At 2006-5-5 '= Input : strDataStr : form data '= strDataInfo : form data clew info '= strAddInfo : form data check add info fmt '= fmt: enum data '= OutPut : strDataInfo :form data clew info '= Return : Data check error number '= Description : 校验数据枚举类型(不区分大小写,多选项) '=================================================================== Function CheckEnumMore(strDataStr, strDataInfo,ByRef strAddInfo) Const CONST_DIVIDER = "," Dim blnErr : blnErr = False Dim i,j Dim arrTmp Dim strGetData,strGetAddInfo Dim arrDataCheck strGetData = Split(Lcase(Trim(strDataStr)),",") strGetAddInfo = Lcase(Trim(strAddInfo)) arrTmp = split(strGetAddInfo,CONST_DIVIDER) '== set a flag to every value of form data Redim arrDataCheck(UBound(strGetData)) For j = LBound(strGetData) To UBound(strGetData) arrDataCheck(j) = 1 Next '== check every value is exist For j = LBound(strGetData) To UBound(strGetData) For i = LBound(arrTmp) To UBound(arrTmp) If arrTmp(i) = Trim(strGetData(j)) Then arrDataCheck(j) = 0 Exit For End If Next Next '== check all value is exist For j = LBound(strGetData) To UBound(strGetData) If arrDataCheck(j) = 1 Then blnErr = True Exit For End If Next CheckEnumMore = blnErr End Function '=================================================================== '= Function : CheckInt '= Time : Created At 2006-5-5 '= Input : 数据项,数据项名称,附加信息 '= Output : 出错处理 '= Description : 校验数据项是否全为阿拉伯数字 '=================================================================== Function CheckInt(strDataStr,ByRef strDataInfo,ByRef strAddInfo) Dim blnErr : blnErr = False Dim bolChkFlag bolChkFlag = RegExpCheck(REG_NUMBER, strDataStr) If Not bolChkFlag Then blnErr = True strDataInfo = strDataInfo & "(" & strDataStr & ")" End If strDataInfo = strDataInfo & "必须为整数形式" CheckInt = blnErr End Function '=================================================================== '= Function : CheckPlusInt '= Time : Created At 2006-5-5 '= Input : 数据项,数据项名称,附加信息 '= Output : 出错处理 '= Description : 校验数据项是否全为正整数 '=================================================================== Function CheckPlusInt(strDataStr,ByRef strDataInfo,ByRef strAddInfo) Dim blnErr : blnErr = False Dim bolChkFlag bolChkFlag = RegExpCheck(REG_PLUS_NUMBER, strDataStr) If Not bolChkFlag Then blnErr = True strDataInfo = strDataInfo & "(" & strDataStr & ")" End If strDataInfo = strDataInfo & "必须为正整数形式" CheckPlusInt = blnErr End Function '=================================================================== '= Function : CheckIntZero '= Time : Created At 2006-5-5 '= Input : 数据项,数据项名称,附加信息 '= Output : 出错处理 '= Description : 校验数据项是否全为阿拉伯数字 '=================================================================== Function CheckIntZero(strDataStr,ByRef strDataInfo,ByRef strAddInfo) Const PATTERN_INT = "^[0-9]*[1-9][0-9]*$" Dim blnErr : blnErr = False Dim bolChkFlag If strDataStr = 0 Then CheckIntZero = True Exit Function End If bolChkFlag = RegExpCheck(PATTERN_INT, strDataStr) If Not bolChkFlag Then blnErr = True End If CheckIntZero = blnErr End Function '=================================================================== '= Function : CheckIntArea '= Time : Created At 2006-5-5 '= Input : strDataStr : form data '= strDataInfo : form data clew info '= strAddInfo : form data check add info fmt '= first value | last value | step '= OutPut : strDataInfo :form data clew info '= Return : Data check error number '= Description : 校验数据项是否在某一数值范围内 '=================================================================== Function CheckIntArea(strDataStr,ByRef strDataInfo,ByRef strAddInfo) Const PATTERN_INT = "^[0-9]*[1-9][0-9]*$" Dim blnErr : blnErr = False Dim bolChkFlag Dim arrTmp,i bolChkFlag = RegExpCheck(PATTERN_INT, strDataStr) If Not bolChkFlag Then blnErr = True CheckIntArea = blnErr Exit Function End If arrTmp = Split(strAddInfo,"|") For i = arrTmp(0) To arrTmp(1) Step arrTmp(2) If i = Clng(strDataStr) Then blnErr = False CheckIntArea = blnErr Exit Function End If Next CheckIntArea = blnErr End Function '=================================================================== '= Function : CheckIntBetween '= Time : Created At 2006-5-5 '= Input : strDataStr : form data '= strDataInfo : form data clew info '= strAddInfo : form data check add info fmt '= first value | last value | step '= OutPut : strDataInfo :form data clew info '= Return : Data check error number '= Description : 校验数据项是否在某一数值范围内 '=================================================================== Function CheckIntBetween(strDataStr,ByRef strDataInfo,ByRef strAddInfo) Dim blnErr : blnErr = False Dim arrTmp,strParameter,intMax,intMin '== 输入是否为数字 If CheckInt(strDataStr,strDataInfo,strAddInfo) Then CheckIntBetween = True Exit Function End If strParameter = Split(strAddInfo,",") intMin = Clng(strParameter(0)) intMax = Clng(strParameter(1)) strDataStr = Clng(strDataStr) If strDataStr > intMax Or strDataStr < intMin Then blnErr = True End If strDataInfo = strDataInfo & "输入范围必须在 " & intMin & " -- " & intMax & " 之间" CheckIntBetween = blnErr End Function '=================================================================== '= Function : CheckValid '= Time : Created At 2006-5-5 '= Input : 数据项,数据项名称,附加信息 '= Output : 出错处理 '= Description : 校验数据项是否有非法字符 '=================================================================== Function CheckValid(strDataStr,ByRef strDataInfo,ByRef strAddInfo) Dim blnErr : blnErr = False If Instr(strDataStr,"=")>0 Or Instr(strDataStr,"%")>0 Or Instr(strDataStr,chr(32))>0 Or Instr(strDataStr,"?")>0 Or Instr(strDataStr,"&")>0 Or Instr(strDataStr,";")>0 Or Instr(strDataStr,",")>0 Or Instr(strDataStr,"'")>0 Or Instr(strDataStr,",")>0 Or Instr(strDataStr,chr(34))>0 Or Instr(strDataStr,chr(9))>0 Or Instr(strDataStr,"")>0 Or Instr(strDataStr,"$")>0 Then blnErr = True End If strDataInfo = strDataInfo & "包含非法字符" CheckValid = blnErr End Function '=================================================================== '= Function : CheckCHN '= Time : Created At 2006-5-5 '= Input : 数据项,数据项名称,附加信息 '= Output : 出错处理 '= Description : 校验数据项是否为中文字符 '=================================================================== Function CheckCHN(strDataStr,ByRef strDataInfo,ByRef strAddInfo) Const PATTERN_CHN = "[\w]" Dim blnErr : blnErr = False Dim bolChkFlag bolChkFlag = RegExpCheck(PATTERN_CHN, strDataStr) If bolChkFlag Then blnErr = True End If strDataInfo = strDataInfo & "必须为中文字符" CheckCHN = blnErr End Function '=================================================================== '= Function : CheckId '= Time : Created At 2006-5-5 '= Input : 数据项,数据项名称,附加信息 '= Output : 出错处理 '= Description : 校验数据项Id是否合法 '=================================================================== Function CheckId(strDataStr,ByRef strDataInfo,ByRef strAddInfo) Const PATTERN_ID = "^[0-9]*[1-9][0-9]*$" Dim blnErr : blnErr = False Dim bolChkFlag bolChkFlag = RegExpCheck(PATTERN_ID, strDataStr) If Not bolChkFlag Then blnErr = True End If strDataInfo = strDataInfo & "ID参数错误" CheckId = blnErr End Function '=================================================================== '= Function : CheckAsc '= Time : Created At 2006-7-20 '= Input : 数据项,数据项名称,附加信息 '= Output : 出错处理 '= Description : 校验数据项是否字母数字下划线是否合法 '=================================================================== Function CheckAsc(strDataStr,ByRef strDataInfo,ByRef strAddInfo) Dim blnErr : blnErr = False Dim bolChkFlag bolChkFlag = RegExpCheck(REG_ASC, strDataStr) If Not bolChkFlag Then blnErr = True End If strDataInfo = strDataInfo & "必须为字母,数字,下划线" CheckAsc = blnErr End Function '=================================================================== '= Function : CheckEmail '= Time : Created At 2006-5-5 '= Input : 数据项,数据项名称,附加信息 '= Output : 出错处理 '= Description : 校验Email地址是否合法 '=================================================================== Function CheckEmail(strDataStr,ByRef strDataInfo,ByRef strAddInfo) Dim blnErr : blnErr = False Dim bolChkFlag bolChkFlag = RegExpCheck(REG_EMAIL, strDataStr) If Not bolChkFlag Then blnErr = True End If strDataInfo = strDataInfo & "必须为Email格式" CheckEmail = blnErr End Function '=================================================================== '= Function : CheckEmail '= Time : Created At 2006-5-5 '= Input : 数据项,数据项名称,附加信息 '= Output : 出错处理 '= Description : 校验Url地址是否合法 '=================================================================== Function CheckUrl(strDataStr,ByRef strDataInfo,ByRef strAddInfo) Dim blnErr : blnErr = False Dim bolChkFlag bolChkFlag = RegExpCheck(REG_URL, strDataStr) If Not bolChkFlag Then blnErr = True End If strDataInfo = strDataInfo & "必须为网址形式" CheckUrl = blnErr End Function '=================================================================== '= Function : CheckFixLen '= Time : Created At 2006-5-5 '= Input : 数据项,数据项名称,附加信息 '= Output : 出错处理 '= Description : 校验数据项是否符合长度要求 '=================================================================== Function CheckFixLen(strDataStr,ByRef strDataInfo,ByRef strAddInfo) '== 数据项长度检测参数表格式(strAddInfo) '== "1|2|3|" '== 第一项为数据长度1应为0-9的字符 '== 第二项为校验方式(Data_Type_Check), 其字符常量为 '== 第三项为数据长度2应为0-9的字符(为可选项) '== "DTC_FIX_LEN" 必为此固定长度 '== "DTC_FIX_LEN_NULL" 必为此固定长度或为空 '== "DTC_LESS_LEN" 小于等于此长度 '== "DTC_MORE_LEN" 大于等于此长度 '== "DTC_LESS_MORE_LEN" 在此区间之内(包括分界值) Dim intDataLen,intParaLen,intMOreDataLen Dim strParameter,strMoreLen Dim strFlag Dim blnErr : blnErr = False strParameter = Split(strAddInfo,"|") '== 取得数据项长度信息 'blnErr = CheckInt(strParameter(0),strDataInfo,strAddInfo) intDataLen = CLng(strParameter(0)) '== 取得数据项长度校验的方式 strFlag = strParameter(1) If strFlag = "DTC_FIX_LEN" Or strFlag = "DTC_FIX_LEN_NULL" Or strFlag = "DTC_FIX_LEN_NULL" Or strFlag = "DTC_LESS_LEN" Or strFlag = "DTC_MORE_LEN" Or strFlag = "DTC_LESS_MORE_LEN" Then '== 固定长度 If strFlag = "DTC_FIX_LEN" Then If Len(strDataStr) <> intDataLen Then blnErr = True strDataInfo = strDataInfo & "(" & intDataLen & "位)" CheckFixLen = blnErr Exit Function End If End If If strFlag = "DTC_FIX_LEN_NULL" Then If Len(strDataStr) <> intDataLen And Len(strDataStr) <> 0 Then blnErr = True strDataInfo = strDataInfo & "(" & intDataLen & "位或为空)" CheckFixLen = blnErr Exit Function End If End If If strFlag = "DTC_LESS_LEN" Then If Len(strDataStr) > intDataLen Then blnErr = True strDataInfo = strDataInfo & "(<=" & intDataLen & "位)" CheckFixLen = blnErr Exit Function End If End If If strFlag = "DTC_MORE_LEN" Then If Len(strDataStr) < intDataLen Then blnErr = True strDataInfo = strDataInfo & "(>=" & intDataLen & "位)" CheckFixLen = blnErr Exit Function End If End If If strFlag = "DTC_LESS_MORE_LEN" Then intMoreDataLen = CLng(strParameter(2)) If Len(strDataStr) > intMoreDataLen Or Len(strDataStr) < intDataLen Then blnErr = True strDataInfo = strDataInfo & "长度错误(>=" & intDataLen & "位,<=" & intMoreDataLen &"位)" CheckFixLen = blnErr Exit Function End If End If Else Response.Write strAddInfo & "长度校验参数2(校验方式)设置不正确" Response.End End If CheckFixLen = blnErr End Function '=================================================================== '= Function : GetParameterAll '= Time : Created At 2006-5-5 '= Input : 附加信息,参数变量数组,应该取得的参数个数,数据项名称 '= Output : 以数组形式表达的有关参数信息 '= Description : 分解获取数据项校验的附加信息的所有有关信息 '=================================================================== Function GetParameterAll(strAddInfo,Byref strParameter,intParaNum,strDataInfo) '== 数据项附加项(strAddInfo)格式: "xxx|xxxxx|xxxx|" '== 其中分隔符"|"可以自己定义 Const ADDINFO_DIVIDER = "|" '== 附加信息数据分隔符(可自定义) Dim i,intPos,intGetNum Dim arrTmp(10) '== 暂存参数的数组 intGetNum = 1 '== 实际取到的参数个数 intParaLen = Len(Trim(strAddInfo)) FOr i = 1 To intParaLen intPos = Instr(i,strAddInfo,ADDINFO_DIVIDER,0) If intPos <> 0 Then arrTmp(intGetNum) = Mid(strAddInfo,i,intPos-i) i = intPos intGetNum = intGetNum + 1 '== 只取intParaNum个有效参数 If intGetNum > intParaNum Then Exit FOr End If End If Next If intGetNum = intParaNum + 1 Then '== 取一个参数 If intGetNum = 2 Then strParameter = Array(arrTmp(1)) End If '== 取两个参数 If intGetNum = 3 Then strParameter = Array(arrTmp(1),arrTmp(2)) End If '== 取三个参数 If intGetNum = 4 Then strParameter = Array(arrTmp(1),arrTmp(2),arrTmp(3)) End If '== 取四个参数 If intGetNum = 5 Then strParameter = Array(arrTmp(1),arrTmp(2),arrTmp(3),arrTmp(4)) End If '== 取五个参数 If intGetNum = 6 Then strParameter = Array(arrTmp(1),arrTmp(2),arrTmp(3),arrTmp(4),arrTmp(5)) End If Else Response.Write strAddInfo & "长度校验参数不正确" Response.End End If End Function '=================================================================== '= Function : GetParameterSingle '= Time : Created At 2006-5-5 '= Input : 附加信息,参数变量数组,应该取得的参数序数,数据项名称 '= Output : 以变量表达的有关参数信息 '= Description : 分解获取数据项校验的附加信息的特定项有关信息 '=================================================================== Function GetParameterSingle(strAddInfo,ByRef strParameter,intParaNum,strDataInfo) '== 数据项附加项(strAddInfo)格式: "xxx|xxxxx|xxxx|" '== 其中分隔符"|"可以自己定义 Const ADDINFO_DIVIDER = "|" '== 附加信息数据分隔符(可自定义) Dim i,intPos,intGetNum,intParaLen intGetNum = 1 '== 实际取到的参数个数 intParaLen = Len(Trim(strAddInfo)) FOr i = 1 To intParaLen intPos = Instr(i,strAddInfo,ADDINFO_DIVIDER,0) If intPos <> 0 Then If intGetNum = intParaNum Then strParameter = Mid(strAddInfo,i,intPos-i) Exit Function End If i = intPos intGetNum = intGetNum + 1 End If Next If intGetNum = 1 Then Response.Write strAddInfo & "长度校验参数3(固定长度2)设置不正确" Response.End End If End Function '=================================================================== '= Function : RegExpCheck '= Time : Created At 2006-5-5 '= Input : 匹配模式(strPattern),被匹配字符串(strCheckString) '= Return : 用布尔值来表示匹配结果 '= Description : 正则表达式校验 '=================================================================== Function RegExpCheck(strPattern,strCheckString) Dim objRegExp,bolFlag Set objRegExp = New RegExp '建立正则表达式 objRegExp.Pattern = strPattern '设置模式 objRegExp.IgnoreCase = True '设置是否区分字符大小写 bolFlag = objRegExp.Test(strCheckString) Set objRegExp = Nothing RegExpCheck = bolFlag End Function '=================================================================== '= Function : ServerDataCheck '= Time : Created At 2006-4-20 '= Input : 匹配模式(strPattern),被匹配字符串(strCheckString) '= Return : Error Id '= Description : 服务器端数据校验整体函数 '=================================================================== Function ServerDataCheck(arrDataChk) Dim strOutJs Dim i Dim blnErr : blnErr = False Dim formValue Dim strInfo ServerDataCheck = True '== 是否进行客户端数据校验 If GBL_blnServerDataCheck = False Then ServerDataCheck = 0 Exit Function End If For i = LBound(arrDataChk) To UBound(arrDataChk) '== 非法字符校验 'strOutJs = strOutJs & CheckValidity(arrDataChk(i)(1),arrDataChk(i)(2)) '== 取得要校验的表单值 formValue = Trim(Request(arrDataChk(i)(1))) '== 信息描述 strInfo = arrDataChk(i)(2) Select Case arrDataChk(i)(0) Case "DT_FIX_LENGTH" : blnErr = DataCheck("DT_FIX_LENGTH",formValue,strInfo,arrDataChk(i)(3) & "|DTC_LESS_MORE_LEN|" & arrDataChk(i)(4) & "|") Case "DT_CONTENT" : blnErr = DataCheck("DT_FIX_LENGTH",formValue,strInfo,arrDataChk(i)(3) & "|DTC_LESS_MORE_LEN|" & arrDataChk(i)(4) & "|") Case "DT_ID" : blnErr = DataCheck("DT_ID",formValue,strInfo,NULL) Case "DT_INT_BETWEEN": blnErr = DataCheck("DT_INT_BETWEEN",formValue,strInfo,arrDataChk(i)(3) & "," & arrDataChk(i)(4) ) Case "DT_PLUS_INT" : blnErr = DataCheck("DT_PLUS_INT",formValue,strInfo,NULL) Case "DT_ENUM": blnErr = DataCheck("DT_ENUM",formValue,strInfo,arrDataChk(i)(3)) Case "DT_EMAIL": blnErr = DataCheck("DT_EMAIL",formValue,strInfo,NULL) Case "DT_URL": blnErr = DataCheck("DT_URL",formValue,strInfo,NULL) Case "DT_ASC": blnErr = DataCheck("DT_ASC",formValue,strInfo,NULL) End Select '== 如有错误,立即返回 If blnErr = True Then Exit For End If Next '== 置异常流 If blnErr = True Then ServerDataCheck = False Call GBL_objException.catchErr(E_DATA_PUB,strInfo) End If End Function %>