File Download Tips for asp.net
use http header
protected void Page_Load(object sender, EventArgs e)
{
string format = Convert.ToString(ViewData["format"]);
Response.AddHeader("Content-Disposition", "attachment; filename=" + HttpUtility.UrlEncode("·ÑÓñ¨Ïú±í", Encoding.UTF8) + string.Format(".{0}",format));
//²âÊÔÖз¢ÏÖ£ºÈç¹ûÒªÏëÔÚIEÖÐÖ±½Ó´ò¿ªPDF£¬ÉÏÐдúÂ룬²»ÄÜÓУ¡£¡·ñÔò¼´Ê¹¿Í»§¶ËÓÐÉèÖã¬Ò²»áʹÓà Adobe Reader/Acrobat ´ò¿ª
Response.ContentType = string.Format("application/{0}",format);
Response.Charset = "GB2312";
Response.ContentEncoding = System.Text.Encoding.UTF8;
Response.BinaryWrite(ViewData.Model);
Response.Flush();
//prevent render html to client(critical)
Response.End();
request to doc directly
Response.Redirect(“http://localhost:2222/Docs/abc.doc”, true);
Tips:
ÖÁÓÚ¿Í»§¶ËʹÓÃä¯ÀÀÆ÷´ò¿ª(µ±È»±ØÐëÒªÏàÓ¦µÄä¯ÀÀÆ÷²å¼þÖ§³Ö)£¬»¹ÊÇÏàÓ¦µÄapplication (MS-Word,Adobe Reader),´ò¿ªÇ°ÊÇ·ñÌáʾÏÂÔØ£¬Server¶ËÊÇÎÞ·¨¿ØÖƵģ¬Õâ¸öºÍÓû§ÉèÖÃÓйØϵ¡£¼ûͼ
Ïà¹ØÎĵµ£º
×öÏîÄ¿Ò²ÓÐÒ»¶Îʱ¼äÁË£¬ÔÚ³ÌÐòÖÐÒ²Óöµ½ºÜ¶à°²È«·½ÃæµÄÎÊÌâ¡£Ò²¸Ã×ܽáÒ»ÏÂÁË¡£Õâ¸öÏîÄ¿ÊÇÒ»¸ö CMS ϵͳ¡£ÏµÍ³ÊÇÓà ASP.NET ×öµÄ¡£¿ª·¢µÄʱºò·¢ÏÖ΢Èí×öÁ˺ܶలȫ´ëÊ©£¬Ö»ÊÇÓÐЩÐÂÊÖ³ÌÐòÔ±²»ÖªµÀÔõô¿ªÆô¡£ÏÂÃæÎÒͨ¹ý¼¸¸ö·½Ãæ¼òµ¥½éÉÜ£º
¡¡¡¡1£ºSQL ×¢Èë
¡¡¡¡2£ºXSS
¡¡¡¡3£ºCSRF
¡¡¡¡4£ºÎļþÉÏ´«
SQL ×¢Èë
¡¡¡¡Ò ......
HyperLink Web ·þÎñÆ÷¿Ø¼þ¿ÉÔÚÍøÒ³ÉÏ´´½¨Á´½Ó£¬Ê¹Óû§¿ÉÒÔÔÚÓ¦ÓóÌÐòÖеÄÒ³¼äÒƶ¯¡£
Ò»¡¢±³¾°
ʹÓà HyperLink ¿Ø¼þµÄÖ÷ÒªÓŵãÊÇ¿ÉÒÔÔÚ·þÎñÆ÷´úÂëÖÐÉèÖÃÁ´½ÓÊôÐÔ¡£ÀýÈ磬Äú¿ÉÒÔ¸ù¾ÝÒ³ÃæÖеÄÌõ¼þ¶¯Ì¬¸ü¸ÄÁ´½ÓÎı¾»òÄ¿±êÒ³¡£
°²È«ËµÃ÷£º Ó볬Á´½ÓÏà¹ØÁªµÄ URL ¿ÉÄܻᱻÓû§¶ñÒâ´Û¸ ......
ASP.NET
¹«ÓÐÁùÖÖÑéÖ¤¿Ø¼þ£¬·Ö±ðÈçÏ£º
RequiredFieldValidator
£¨±ØÐë×Ö¶ÎÑéÖ¤£© ÓÃÓÚ¼ì²éÊÇ·ñÓÐÊäÈëÖµ
CompareValidator
£¨±È½ÏÑéÖ¤£© °´É趨±È½ÏÁ½¸öÊäÈë
RangeValidator
£¨·¶Î§ÑéÖ¤£© ÊäÈëÊÇ·ñÔÚÖ¸¶¨·¶Î§
RegularExpressionValidator
£¨ÕýÔò±í´ïʽÑéÖ¤£© ÕýÔò±í´ïʽÑéÖ¤¿Ø¼þ
CustomValid ......
1. ´ò¿ªÐµĴ°¿Ú²¢´«ËͲÎÊý£º
´«ËͲÎÊý£º
response.write("<script>window.open(’*.aspx?id="+this.DropDownList1.SelectIndex+"&id1="+...+"’)</script>")
½ÓÊÕ²ÎÊý£º
string a = Request.QueryString("id");
string b = Request.QueryStrin ......
Button±»µã»÷ºódisableµô¸ÃÒ³ÃæÖÐËùÓеÄButton£¬´Ó¶ø·ÀÖ¹Ìá½»ÑÓʱµ¼ÖµĶà´ÎÌá½»¡£»ùÓÚ֮ǰµÄonceclickbutton½Å±¾.
//ASP.NETÖзÀÖ¹Ò³Ãæ¶à´ÎÌá½»µÄ´úÂë:javascript< script language="javascript"> < !-- function disableOtherSubmit() {
var obj = event.srcElement;
var objs = document.getElement ......
