如何替换字符串中的未知字符? 通配符?
[英]How do I replace unknown characters in a string? Wildcard?
问题描述
I have a string .. let's say: 
我有一个字符串..可以说:
string MyString = "SELECT Stuff FROM Table WHERE Code = "Foo" AND DATE=20120101";
I want to replace 20120101 with a ? 我想将20120101替换为? . 。 But, the 20120101 string I search for won't always be the same. 但是,我搜索的20120101字符串并不总是相同的。 It will always start with a 2 , and always contain 8 characters. 它始终以2开头,并且始终包含8个字符。 It may be 20121225, 20130510, etc. 可能是20121225、20130510等。
Can I use wildcards somehow? 我可以以某种方式使用通配符吗? As in: 如:
string Fixed = MyString.Replace("2*******", "?");
What I'm looking for is this result: 我正在寻找的是这个结果:
MyString = "SELECT Stuff FROM Table WHERE Code = "Foo" AND DATE=?";
5 个解决方案
解决方案1
4 2013-01-30 16:50:46
You can use RegEx: 您可以使用RegEx:
Regex.Replace(input,@"DATE=""\d*""", "?");
However, if this is a SQL query, it would be better to use a parameterized query to avoid SQL injection attacks and so forth. 但是,如果这是SQL查询,则最好使用参数化查询来避免SQL注入攻击等。 It's the industry standard way of doing these kinds of things. 这是做这些事情的行业标准方法。
解决方案2
3 已采纳 2013-01-30 17:19:23
string Fixed = Regex.Replace( MyString, @"DATE=2\d{7}", "DATE=?" );
或者,使用正向后看
Replace( MyString, @"(?<=DATE=)2\d{7}", "?" );
解决方案3
1 2013-01-30 17:00:07
A regex that matches the entire string would probably be ideal for preventing SQL injection attacks. 与整个字符串匹配的正则表达式可能是防止SQL注入攻击的理想选择。 To accomplish this you will use the start of line ( ^ ) and end of line ( $ ) characters. 为此,您将使用行首( ^ )和行尾( $ )字符。
This will match something which is 5 or 6 digits long, and capture everything besides the first. 这将匹配5或6位数字的长度,并捕获除第一个数字外的所有内容。
^([0-9])([0-9]{4,5})$
If you want to capture something that starts with 2, and is always 6 digits long; 如果要捕获以2开头且始终为6位数长的内容; you could use 2 instead of the character class: 您可以使用2代替字符类:
^(2)([0-9]{5})$
This technique will not allow you to use the replace method directly, you will need to extract the capture groups 1 and 2, replace all the characters in group 2 with ?, and then concatenate them. 此技术不允许您直接使用replace方法,您需要提取捕获组1和2,将捕获组2中的所有字符替换为?,然后将它们连接起来。 Something like: 就像是:
matcher.group(1) + Regex.replace(m.group(2) , ".", "?")
Again, not carefully matching the entire string will result in SQL injection. 同样,不仔细匹配整个字符串将导致SQL注入。
The input, (DELETE * FROM Users Where 1=1) 200000 , would match these regex, and be merrily inserted into your SQL query as: (DELETE * FROM Users Where 1=1) 2????? 输入(DELETE * FROM Users Where 1=1) 200000将与这些正则表达式匹配,并以下列方式愉快地插入您的SQL查询: (DELETE * FROM Users Where 1=1) 2?????
解决方案4
0 2013-01-30 16:55:47
You could use the Regex replace method: 您可以使用Regex替换方法:
string oldstring = "20120101";
string newstring = Regex.Replace(oldstring, @"^2[0-9]{7}", "?");
解决方案5
0 2013-01-30 17:07:15
So is this what you are looking for? 那是您要找的东西吗?
string MyString = "SELECT Stuff FROM Table WHERE Code = {0} AND DATE={1}";
This will allow you to use the same string with whatever you want in {0} and {1} with something like: 这将使您可以对{0}和{1}中的任何内容使用相同的字符串,例如:
String.Format(MyString, codeString, dateString);
You can reuse the query string with whichever parameters you'd like. 您可以根据需要使用任何参数重复使用查询字符串。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.