|
vkill
金牌会员
     
积分 4103
发帖 1744
注册 2006-1-20 来自 甘肃.临泽
状态 离线
|
『第 16 楼』:
使用 LLM 解释/回答一下
楼上的这些很实用,收下
The things above are very practical, take them
|
|
2006-9-6 03:04 |
|
|
fornever
初级用户
 
积分 98
发帖 35
注册 2006-1-14
状态 离线
|
『第 17 楼』:
使用 LLM 解释/回答一下
经过我实验用set name=| 是不可以的
但是用set /p name=input: 输入后是可以的 ,如图:
然后就可以用if语句一个一个字符判断了,这个的确可以做到我也实验成功了,可以过滤很多敏感字符,再结合findstr的限制就可以达到目的:规定输入为6~12个大写字母,小写字母,数字和符号_,其他符号过滤.要保证每一位都是前面的那些字符.
看我代码:
@setlocal
@set /p user=Input:
::过滤空字符以及不够六个字符的输入
@if "%user%"=="" goto error
@if "%user:~5,1%"=="" goto error
::过滤“|”号
@if "%user:~0,1%"=="|" goto error
@if "%user:~1,1%"=="|" goto error
@if "%user:~2,1%"=="|" goto error
@if "%user:~3,1%"=="|" goto error
@if "%user:~4,1%"=="|" goto error
@if "%user:~5,1%"=="|" goto error
@if "%user:~6,1%"=="|" goto error
@if "%user:~7,1%"=="|" goto error
@if "%user:~8,1%"=="|" goto error
@if "%user:~9,1%"=="|" goto error
@if "%user:~10,1%"=="|" goto error
@if "%user:~11,1%"=="|" goto error
::过滤其他敏感符号同上
::强制有效位为最多12位
@set user=%user:~0,12%
::限制输入字符为大写字母小写字符数字和_号
@echo %user% |findstr "[A-Za-z0-9_]"
@if errorlevel 1 goto error
@goto next
endlocal
:next
@echo succeed!
@goto end
:error
@echo Input error!
:end
但是有个符号 " 引号小弟不知道该怎么 办,怎么也过滤不掉郁闷,而且在输入中文的时候会提示过滤了,但是中文后面如果有英文字母的话就会成功通过过滤
这两点还请教各位大虾!
After my experiment, using `set name=|` is not okay. But using `set /p name=input:` to input and then it is okay, as shown in the figure:
Then you can use the if statement to judge each character one by one. This can indeed be done and I have experimented and succeeded. It can filter out many sensitive characters. Then combined with the limitation of findstr, the purpose can be achieved: it is stipulated that the input is 6-12 uppercase letters, lowercase letters, numbers and the symbol _, and other symbols are filtered. It is necessary to ensure that each bit is the characters mentioned above.
Look at my code:
@setlocal
@set /p user=Input:
:: Filter empty characters and input with less than six characters
@if "%user%"=="" goto error
@if "%user:~5,1%"=="" goto error
:: Filter "|"
@if "%user:~0,1%"=="|" goto error
@if "%user:~1,1%"=="|" goto error
@if "%user:~2,1%"=="|" goto error
@if "%user:~3,1%"=="|" goto error
@if "%user:~4,1%"=="|" goto error
@if "%user:~5,1%"=="|" goto error
@if "%user:~6,1%"=="|" goto error
@if "%user:~7,1%"=="|" goto error
@if "%user:~8,1%"=="|" goto error
@if "%user:~9,1%"=="|" goto error
@if "%user:~10,1%"=="|" goto error
@if "%user:~11,1%"=="|" goto error
:: Filter other sensitive symbols in the same way
:: Force the effective bit to be at most 12 bits
@set user=%user:~0,12%
:: Limit the input characters to uppercase letters, lowercase characters, numbers and _
@echo %user% |findstr ""
@if errorlevel 1 goto error
@goto next
endlocal
:next
@echo succeed!
@goto end
:error
@echo Input error!
:end
But there is a symbol " The little brother of the quotation mark doesn't know what to do, and can't filter it out no matter what. It's depressing. And when inputting Chinese, it will prompt that it is filtered, but if there are English letters after Chinese, it will pass the filter successfully.
These two points are to ask the great gods!
附件
1: 未命名.GIF (2006-9-9 04:44, 12.91 KiB, 下载附件所需积分 1 点
,下载次数: 4)
|
|
2006-9-9 04:44 |
|
|
fornever
初级用户
 
积分 98
发帖 35
注册 2006-1-14
状态 离线
|
『第 18 楼』:
使用 LLM 解释/回答一下
...... 没有人回复吗?
没有人会吗
斑竹给个答案啊
...... No one replies?
No one will?
Moderator, give an answer ah
|
|
2006-9-9 23:11 |
|
|
fornever
初级用户
 
积分 98
发帖 35
注册 2006-1-14
状态 离线
|
『第 19 楼』:
使用 LLM 解释/回答一下
难道真的没有人会吗?!
Could it be that really no one knows how to do it?!
|
|
2006-9-10 01:02 |
|
|
namejm
荣誉版主
       batch fan
积分 5226
发帖 1737
注册 2006-3-10 来自 成都
状态 离线
|
『第 20 楼』:
使用 LLM 解释/回答一下
Originally posted by fornever at 2006-9-9 04:45:
经过我实验用set name=| 是不可以的
但是用set /p name=input: 输入后是可以的 ,如图:
然后就可以用if语句一个一个字符判断了,这个的确可以做到我也实验戠...
虽然在CMD命令行下输入是可以的,但是用在批处理中还是会出错。困惑中。
Originally posted by fornever at 2006-9-9 04:45:
It is not possible to use set name=| through my experiment.
But it is possible after inputting with set /p name=input:, as shown in the figure:
Then you can use the if statement to judge each character one by one, which I have indeed experimented with...
Although it is possible to input in the CMD command line, it will still cause errors when used in batch processing. Confused.
|

尺有所短,寸有所长,学好CMD没商量。
考虑问题复杂化,解决问题简洁化。 |
|
2006-9-10 23:03 |
|
|
3742668
荣誉版主
      
积分 2013
发帖 718
注册 2006-2-18
状态 离线
|
『第 21 楼』:
使用 LLM 解释/回答一下
Well,在批处理中赋值|到变量并非不可实现:
@echo off
set "str=^|"
echo %str%
pause
关于过滤字符,信手写出下面的代码, 希望能对需要的朋友有所帮助:
@echo off
:start
setlocal
cls
set /p var=请输入字符:
call :filter "%var%"
endlocal
goto start
:filter
setlocal
set "str=%~1★"
set "str=%str:|=%"
set "str=%str:&=%"
set "str=%str:"=%"
echo 过滤以后的字符为: %str:~0,-1%
pause
endlocal
goto :eof
似乎可以过滤掉|,||,&,&&,",大家自行测试更改。
Well,Assigning | to a variable in batch is not impossible:
@echo off
set "str=^|"
echo %str%
pause
Regarding filtering characters, the following code is written casually, hoping to be helpful to friends in need:
@echo off
:start
setlocal
cls
set /p var=Please enter characters:
call :filter "%var%"
endlocal
goto start
:filter
setlocal
set "str=%~1★"
set "str=%str:|=%"
set "str=%str:&=%"
set "str=%str:"=%"
echo The filtered characters are: %str:~0,-1%
pause
endlocal
goto :eof
It seems that |, ||, &, &&, " can be filtered out. You can test and change it yourself.
|
|
2006-9-10 23:43 |
|
|
namejm
荣誉版主
       batch fan
积分 5226
发帖 1737
注册 2006-3-10 来自 成都
状态 离线
|
『第 22 楼』:
使用 LLM 解释/回答一下
3742668版主的代码用call来调用就可以过滤掉了,一时还真想不到
第一种情况如果不加转义字符的话,在批处理中无法通过,但是却可以在CMD命令行下成功运行,我对这点还是挺纳闷的。
The code of moderator 3742668 can be filtered out by using call for calling. I really can't think of it for a while :D
In the first case, if no escape characters are added, it can't pass in the batch processing, but it can run successfully in the CMD command line. I'm still quite puzzled about this point.
|

尺有所短,寸有所长,学好CMD没商量。
考虑问题复杂化,解决问题简洁化。 |
|
2006-9-11 00:42 |
|
|
fornever
初级用户
 
积分 98
发帖 35
注册 2006-1-14
状态 离线
|
『第 23 楼』:
使用 LLM 解释/回答一下
Originally posted by namejm at 2006-9-10 23:03:
虽然在CMD命令行下输入是可以的,但是用在批处理中还是会出错。困惑中。
批处理中如果在 set /p user=input:下面跟上if 语句判断的话是通过的,如果没有IF的话也是不通过的,....想不通
而 set "str=|" 我在命令行下和批处理中都是通过的,难道和补丁有关>?
这个是我的补丁信息:
安装了 111 个修补程序。
: File 1
: File 1
: File 1
: File 1
: File 1
: File 1
: File 1
: File 1
: File 1
: File 1
: File 1
: File 1
: File 1
: File 1
: File 1
: File 1
: File 1
: File 1
: File 1
: File 1
: File 1
: File 1
: File 1
: File 1
: File 1
: File 1
: File 1
: File 1
: File 1
: File 1
: File 1
: File 1
: File 1
: File 1
: File 1
: File 1
: File 1
: File 1
: File 1
: File 1
: File 1
: File 1
: File 1
: File 1
: File 1
: File 1
: File 1
: File 1
: File 1
: File 1
: File 1
: File 1
: File 1
: File 1
: Q147222
: S867460 - Update
: KB917734_WMP9
: KB834707 - Update
: KB873339 - Update
: KB885835 - Update
: KB885836 - Update
: KB886185 - Update
: KB886677 - Update
: KB887472 - Update
: KB888302 - Update
: KB890046 - Update
: KB890859 - Update
: KB891781 - Update
: KB893756 - Update
: KB893803v2 - Updat
: KB894391 - Update
: KB896358 - Update
: KB896423 - Update
: KB896424 - Update
: KB896428 - Update
: KB898461 - Update
: KB899587 - Update
: KB899589 - Update
: KB899591 - Update
: KB900485 - Update
: KB900725 - Update
: KB901017 - Update
: KB901190 - Update
: KB901214 - Update
: KB904706 - Update
: KB905414 - Update
: KB905749 - Update
: KB908519 - Update
: KB908531 - Update
: KB910437 - Update
: KB911280 - Update
: KB911562 - Update
: KB911567 - Update
: KB911927 - Update
: KB912919 - Update
: KB913580 - Update
: KB914388 - Update
: KB914389 - Update
: KB916595 - Update
: KB917159 - Update
: KB917344 - Update
: KB917422 - Update
: KB917953 - Update
: KB918439 - Update
: KB918899 - Update
: KB920214 - Update
: KB920670 - Update
: KB920683 - Update
: KB921398 - Update
: KB921883 - Update
: KB922616 - Update
Last edited by fornever on 2006-9-11 at 09:28 ]
Originally posted by namejm at 2006-9-10 23:03:
Although it works when entered in the CMD command line, it still causes errors when used in batch processing. I'm confused.
In batch processing, if you follow "set /p user=input:" with an if statement for judgment, it works, but if there's no IF, it also doesn't work.... I can't figure it out
And "set "str=|" " works both in the command line and in batch processing. Could it be related to patches>?
Here is my patch information:
Installed 111 patches.
: File 1
: File 1
: File 1
: File 1
: File 1
: File 1
: File 1
: File 1
: File 1
: File 1
: File 1
: File 1
: File 1
: File 1
: File 1
: File 1
: File 1
: File 1
: File 1
: File 1
: File 1
: File 1
: File 1
: File 1
: File 1
: File 1
: File 1
: File 1
: File 1
: File 1
: File 1
: File 1
: File 1
: File 1
: File 1
: File 1
: File 1
: File 1
: File 1
: File 1
: File 1
: File 1
: File 1
: File 1
: File 1
: File 1
: File 1
: File 1
: File 1
: File 1
: File 1
: File 1
: File 1
: File 1
: Q147222
: S867460 - Update
: KB917734_WMP9
: KB834707 - Update
: KB873339 - Update
: KB885835 - Update
: KB885836 - Update
: KB886185 - Update
: KB886677 - Update
: KB887472 - Update
: KB888302 - Update
: KB890046 - Update
: KB890859 - Update
: KB891781 - Update
: KB893756 - Update
: KB893803v2 - Updat
: KB894391 - Update
: KB896358 - Update
: KB896423 - Update
: KB896424 - Update
: KB896428 - Update
: KB898461 - Update
: KB899587 - Update
: KB899589 - Update
: KB899591 - Update
: KB900485 - Update
: KB900725 - Update
: KB901017 - Update
: KB901190 - Update
: KB901214 - Update
: KB904706 - Update
: KB905414 - Update
: KB905749 - Update
: KB908519 - Update
: KB908531 - Update
: KB910437 - Update
: KB911280 - Update
: KB911562 - Update
: KB911567 - Update
: KB911927 - Update
: KB912919 - Update
: KB913580 - Update
: KB914388 - Update
: KB914389 - Update
: KB916595 - Update
: KB917159 - Update
: KB917344 - Update
: KB917422 - Update
: KB917953 - Update
: KB918439 - Update
: KB918899 - Update
: KB920214 - Update
: KB920670 - Update
: KB920683 - Update
: KB921398 - Update
: KB921883 - Update
: KB922616 - Update
Last edited by fornever on 2006-9-11 at 09:28 ]
|
|
2006-9-11 09:06 |
|
|
fornever
初级用户
 
积分 98
发帖 35
注册 2006-1-14
状态 离线
|
『第 24 楼』:
使用 LLM 解释/回答一下
RE 3742668:
小弟新手,你代码中很多不很理解
call :filter "%var%"
call到了 filter标签并用 var变量作为参数,可 在filter标签下并未有用到var变量啊?
set "str=%~1★"
还有上面一句的意思
谢谢!
RE 3742668:
Little brother is a newbie, many things in your code are not very understandable
call :filter "%var%"
call to the filter label and use the var variable as a parameter, but the var variable is not used under the filter label?
set "str=%~1★"
And what does the above sentence mean
Thank you!
|
|
2006-9-11 09:45 |
|
|
fornever
初级用户
 
积分 98
发帖 35
注册 2006-1-14
状态 离线
|
『第 25 楼』:
使用 LLM 解释/回答一下
我还有一个发现
就斑竹的代码我实验后,发现在输入字符时如果在把"&写在前面 ,那"&后面的所有字符都会忽略......能解释一下吗?
I also have a discovery. After I experimented with the moderator's code, I found that if you put "&" at the front when entering characters, then all characters after "&" will be ignored... Can you explain it?
|
|
2006-9-11 09:49 |
|
|
9527
银牌会员
     努力做坏人
积分 1185
发帖 438
注册 2006-8-28 来自 北京
状态 离线
|
『第 26 楼』:
使用 LLM 解释/回答一下
@echo off
:start
setlocal
cls
set /p var=请输入字符:
call :filter "%var%"
endlocal
goto start
:filter
setlocal
set "str=%~1★"
set "str=%str:|=%"
set "str=%str:&=%"
set "str=%str:"=%"
echo 过滤以后的字符为: %str:~0,-1%
pause
endlocal
goto :eof
我来废话几句,call :filter "%var%" 这句是CALL调用过程执行相应代码,“%var%“ 是作为 %1 参数传递给执行代码的,版主主要是过滤掉了 | & “ 这三个字符,之所以用%str:~0,-1%来显示是因为开始的一句set "str=%~1★",把最后的那个五角星去掉而已.........
@echo off
:start
setlocal
cls
set /p var=Please enter characters:
call :filter "%var%"
endlocal
goto start
:filter
setlocal
set "str=%~1★"
set "str=%str:|=%"
set "str=%str:&=%"
set "str=%str:"=%"
echo The filtered characters are: %str:~0,-1%
pause
endlocal
goto :eof
I'll babble a few words. The line call :filter "%var%" is using CALL to invoke the procedure to execute the corresponding code. "%var%" is passed as the %1 parameter to the executed code. The moderator mainly filters out the three characters | & ", and the reason for using %str:~0,-1% to display is because the first line set "str=%~1★" removes the last five-pointed star...
|

我今后在论坛的目标就是做个超级坏人!!! |
|
2006-9-11 20:57 |
|
|
zyyuser
新手上路

积分 2
发帖 1
注册 2006-1-12
状态 离线
|
『第 27 楼』:
使用 LLM 解释/回答一下
%Var:a=b%
把环境变量Var里的所有a替换为b
%Var:a=b%
Replace all occurrences of "a" with "b" in the environment variable Var
|
|
2006-9-12 23:08 |
|
|
namejm
荣誉版主
       batch fan
积分 5226
发帖 1737
注册 2006-3-10 来自 成都
状态 离线
|
『第 28 楼』:
使用 LLM 解释/回答一下
今天楼主告诉我说,如果"和&连在一起的话,会把&及其之后的字符全部过滤掉,看来3742668版主的代码还有考虑不周的地方,特修改如下,可以避免这个问题:
@echo off
:start
setlocal
cls
set /p var=请输入字符:
set "var=%var:"=%"
call :filter "%var%"
endlocal
goto start
:filter
setlocal
set "str=%~1★"
set "str=%str:|=%"
set "str=%str:&=%"
set "str=%str:"=%"
echo 过滤以后的字符为: %str:~0,-1%
pause
endlocal
goto :eof
Last edited by namejm on 2006-9-13 at 10:11 ]
Today the LZ told me that if "and & are connected together, it will filter out all characters after &. It seems that there are still places that need to be considered in the code of moderator 3742668. The modification is as follows, which can avoid this problem:
@echo off
:start
setlocal
cls
set /p var=Please enter characters:
set "var=%var:"=%"
call :filter "%var%"
endlocal
goto start
:filter
setlocal
set "str=%~1★"
set "str=%str:|=%"
set "str=%str:&=%"
set "str=%str:"=%"
echo The filtered characters are: %str:~0,-1%
pause
endlocal
goto :eof
Last edited by namejm on 2006-9-13 at 10:11 ]
|

尺有所短,寸有所长,学好CMD没商量。
考虑问题复杂化,解决问题简洁化。 |
|
2006-9-13 10:10 |
|
|
fornever
初级用户
 
积分 98
发帖 35
注册 2006-1-14
状态 离线
|
『第 29 楼』:
使用 LLM 解释/回答一下
先要谢谢NAMEJM兄的无私帮助!
现在回想自己有些愚笨了,虽然最后和自己的最初设想有些出入,不过总算有解决办法了.
对于我的方法,其实主要是引号的问题,其他字符都可以顺利检查到.如果还按照我的初衷的话只需要在前面加一句set "var=%var:"=%"就可以搞定引号了.不过是做不到提示了,而是直接通过不过对字符做了处理(过滤了引号).这样的话只要用echo 说明出来就可以了.回头看自己的代码写出来后会是多么的臃肿,汗!
那结论就是了,如果你想要凝练的代码,那只用set "var=%var:"=%"过滤掉敏感字符,(主要是findstr语句敏感)然后用findstr "[A-Za-z0-9_]"加if errorlevel就可以直接限制了,不用去想剩下字符的情况了(有N多的符号,制表符什么的).
如果你想要出现错误有提示的话就用set /p var=input:后面家if "%var%"=="|" goto error 的语句跳转就好了.
就这些了吧,我想不起来了.还有什么情况大家一起来讨论哈!
解铃还需系铃人,哈哈!
First, thank you very much to Brother NAMEJM for his selfless help!
Now I recall that I was a bit foolish. Although it ended up being a bit different from my initial idea, there is finally a solution.
For my method, actually it's mainly a problem with quotation marks, and other characters can be checked smoothly. If I still followed my original intention, I just needed to add a line at the front "set "var=%var:"=%" to handle the quotation marks. But then there would be no prompts, but it would just pass through while processing the characters (filtering out the quotation marks). In this case, I could just use echo to explain it. Looking back, my code would be so bloated when written out, sigh!
So the conclusion is that if you want concise code, just use set "var=%var:"=%" to filter out sensitive characters (mainly sensitive to the findstr statement), and then use findstr "" plus if errorlevel to directly restrict, without having to think about the situations of the remaining characters (there are many symbols, tabs, etc.).
If you want to have prompts when there's an error, just use set /p var=input: followed by the statement if "%var%"=="|" goto error to jump.
That's all. I can't think of anything else. Let's discuss together if there are any other situations! Untying the bell still requires the person who tied it, haha!
|
|
2006-9-15 10:20 |
|
|
yangxixing
初级用户
 
积分 25
发帖 16
注册 2006-10-12
状态 离线
|
|
2007-11-22 23:13 |
|
|