1

guns-main/src/main/java/cn/stylefeng/guns/zjxl/cnotroller/ZjxlArticleContentController.java

@@ -5,6 +5,7 @@ import cn.stylefeng.guns.zjxl.model.ZjxlSystemDict;
import cn.stylefeng.guns.zjxl.service.ZjxlArticleContentService;
import cn.stylefeng.guns.zjxl.service.ZjxlSystemDictService;
import cn.stylefeng.guns.zjxlUtil.BaseController;
import cn.stylefeng.guns.zjxlUtil.CodeFilter;
import cn.stylefeng.guns.zjxlUtil.PageUtil;
import com.alibaba.fastjson.JSONObject;
import io.swagger.annotations.Api;
@@ -94,7 +95,7 @@ public class ZjxlArticleContentController extends BaseController {
            articleContent.setArticleContentSubclassify(articleContentSubclassify);
            articleContent.setArticleContentSort(articleContentSort);
            articleContent.setArticleContentIsLine(articleContentIsLine);
            articleContent.setArticleContentContent(articleContentContent);
            articleContent.setArticleContentContent(CodeFilter.unReplace(articleContentContent));
            SimpleDateFormat df = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss");//设置日期格式
            articleContent.setArticleContentCreateTime(df.format(new Date()));// new Date()为获取当前系统时间
@@ -257,7 +258,7 @@ public class ZjxlArticleContentController extends BaseController {
            zjxlArticleContent.setArticleContentTitle(articleContentTitle);
            zjxlArticleContent.setArticleContentCover(articleContentCover);
            zjxlArticleContent.setArticleContentAbstract(articleContentAbstract);
            zjxlArticleContent.setArticleContentContent(articleContentContent);
            zjxlArticleContent.setArticleContentContent(CodeFilter.unReplace(articleContentContent));
            zjxlArticleContent.setArticleContentType(articleContentType);
            zjxlArticleContent.setArticleContentClassify(articleContentClassify);
            zjxlArticleContent.setArticleContentSubclassify(articleContentSubclassify);

guns-main/src/main/java/cn/stylefeng/guns/zjxlUtil/CodeFilter.java

@@ -0,0 +1,109 @@
package cn.stylefeng.guns.zjxlUtil;
/***
 * @ClassName: CodeFilter
 * @Description: 插入的特殊符号做转义
 * @Auther: shi kejing
 * @Date: 2020/11/27 17:52
 */
public class CodeFilter {
    /**
     * to db
     * @param s
     * @return
     */
    public static String toHtml(String s)
    {
        s = Replace(s, "&", "&");
        s = Replace(s, "<", "&lt;");
        s = Replace(s, ">", "&gt;");
        s = Replace(s, "\t", "&nbsp;&nbsp;&nbsp;&nbsp;");
        s = Replace(s, "\r\n", "\n");
        s = Replace(s, "\n", "<br>");
        s = Replace(s, "  ", "&nbsp;&nbsp;");
        s = Replace(s, "'", "&#39;");
        s = Replace(s, "\\", "&#92;");
        if (s == null) s = "";
        if (s != null && !s.equals("")) s = s.trim();
        try
        {
            //if (s != null && !s.equals("")) s = new String(s.getBytes("iso-8859-1"));
        }
        catch(Exception e)
        {
            e.printStackTrace();
        }
        return s;
    }
    /**
     * to front
     * @param s
     * @return
     */
    public static String unHtml(String s)
    {
        s = Replace(s, "&amp;", "&");
        s = Replace(s, "&nbsp;", " ");
        s = Replace(s, "&#39;", "'");
        s = Replace(s, "&lt;", "<");
        s = Replace(s, "&gt;", ">");
        s = Replace(s, "<br>", "\n");
        s = Replace(s, "?D", "—");
        return s;
    }
    private static String Replace(String s, String s1, String s2)
    {
        if(s == null)
        {
            return null;
        }
        StringBuffer stringbuffer = new StringBuffer();
        int i = s.length();
        int j = s1.length();
        int k;
        int l;
        for(k = 0; (l = s.indexOf(s1, k)) >= 0; k = l + j)
        {
            stringbuffer.append(s.substring(k, l));
            stringbuffer.append(s2);
        }
        if(k < i)
        {
            stringbuffer.append(s.substring(k));
        }
        return stringbuffer.toString();
    }
    public static String Replace(String value){
        value = value.replaceAll("<", "& lt;").replaceAll(">", "& gt;");
        value = value.replaceAll("\\(", "& #40;").replaceAll("\\)", "& #41;");
        value = value.replaceAll("'", "& #39;");
        value = value.replaceAll("eval\\((.*)\\)", "");
        value = value.replaceAll("[\\\"\\\'][\\s]*javascript:(.*)[\\\"\\\']", "\"\"");
        return value;
    }
    public static String unReplace(String value){
        value = value.replaceAll("& gt;", ">").replaceAll("& lt;", "<");
        value = value.replaceAll("& #41;", "\\)").replaceAll("& #40;", "\\(");
        value = value.replaceAll("'", "& #39;");
        value = value.replaceAll("eval\\((.*)\\)", "");
        value = value.replaceAll("[\\\"\\\'][\\s]*javascript:(.*)[\\\"\\\']", "\"\"");
        return value;
    }
}