MVC攔截器,MVC過濾器,MVC ActionFilterAttribute攔截器過濾器,OnActionExecuting
阿新 • • 發佈:2020-09-16
using System; using System.Collections.Generic; using System.Linq; using System.Reflection; using System.Security.Policy; using System.Text; using System.Web; using System.Web.Mvc; namespace SaaS.Admin.Base { /// <summary> /// 全域性過濾器 /// </summary> public class CustomerFilterAttribute : ActionFilterAttribute { /// <summary> /// 在執行操作Action方法前執行呼叫 /// </summary> /// <param name="filterContext"></param> public override void OnActionExecuting(ActionExecutingContext filterContext) { base.OnActionExecuting(filterContext); var parameters = filterContext.ActionDescriptor.GetParameters(); foreach (var parameter in parameters) { if (parameter.ParameterType == typeof(string)) { //獲取字串引數原值 var orginalValue = filterContext.ActionParameters[parameter.ParameterName] as string; //使用過濾演算法處理字串 if (!string.IsNullOrEmpty(orginalValue) && orginalValue != "") { var filteredValue = HtmlEscapeCode(orginalValue); ////將處理後值賦給引數 filterContext.ActionParameters[parameter.ParameterName] = filteredValue; } } else if (parameter.ParameterName == "model") { //獲取字串引數原值 var value = filterContext.ActionParameters[parameter.ParameterName]; if (value.GetType().IsClass && value.GetType().Name != "String")//檢查是否是類,並且不是字串型別 { object objClass = value;//獲取字串引數原值 PropertyInfo[] infos = objClass.GetType().GetProperties();//獲取原物件的所有公共屬性 #region 動態建立新例項【動態建立新的實體類例項】 System.Type tt = System.Type.GetType(value.ToString());//獲取指定名稱的型別 object ff = Activator.CreateInstance(tt, null);//建立指定型別例項 PropertyInfo[] fields = ff.GetType().GetProperties();//獲取指定物件的所有公共屬性 object obj = Activator.CreateInstance(tt, null);//建立新指定型別的例項【動態建立新的例項】 #endregion foreach (PropertyInfo info in infos) { if (info.CanRead) { //Console.WriteLine(info.Name + "=" + info.GetValue(objClass, null)); if (info.PropertyType.Name == "String") { //獲取值 string orginalValue = Convert.ToString(info.GetValue(objClass, null)); if (!string.IsNullOrEmpty(orginalValue) || orginalValue != "") { //檢查過濾特殊字元 var filteredValue = HtmlEscapeCode(orginalValue); //將處理後值賦給引數 info.SetValue(obj, filteredValue, null); //給實體物件賦新值 filterContext.ActionParameters[parameter.ParameterName] = obj; } } else { object orginalValue = info.GetValue(objClass, null);//獲取值 info.SetValue(obj, orginalValue, null);//給物件賦新值 filterContext.ActionParameters[parameter.ParameterName] = obj;//給實體類物件賦值 } } } } } } } /// <summary> /// 在執行操作Action方法後執行呼叫 /// </summary> /// <param name="filterContext"></param> public override void OnActionExecuted(ActionExecutedContext filterContext) { base.OnActionExecuted(filterContext); var controllerName = filterContext.RouteData.Values["controller"]; var actionName = filterContext.RouteData.Values["action"]; } //過濾關鍵字 public string HtmlEscapeCode(string html) { var strhtml = html.Replace("javascript", "") .Replace("vbscript", "") .Replace("jscript", "") .Replace("script", "") .Replace("eval", "") .Replace("<", "<") .Replace(">", ">") .Replace("\'", "'") .Replace("\"", """) .Replace("&", "&") .Replace("#", "#"); return strhtml; } } }