自己的字符过滤

public class StringFilter {

  /**
    * 过滤<, >,\n 字符的方法。
    * &＃64;param input 需要过滤的字符
    * &＃64;return 完成过滤以后的字符串
    */
  public static String filterHtml(String input) {

    input &＃61; input.replaceAll("&", "&");
    input &＃61; input.replaceAll("<", "<");
    input &＃61; input.replaceAll(">", ">");
    input &＃61; input.replaceAll(" ", " ");
    input &＃61; input.replaceAll("&＃39;", "&＃39;");
    input &＃61; input.replaceAll("\"", """);
    
    return input.replaceAll("\n", "
");
  }
}

public class SuperFilter {
  private Object obj; // 传入的对象
  private List Methodname &＃61; new ArrayList(); // 方法名 与get 方法对象
  private Map map &＃61; new HashMap(); // key 为
  // 方法名列表的
  // 每个值 value
  // 为封装了与方法名对应的get
  // set
  // 方法的对象
  private List getList &＃61; new ArrayList(); // get 方法列表
  private List setList &＃61; new ArrayList();// set 方法列表

  public SuperFilter(Object obj, Class cla) {
    this.obj &＃61; obj;
    String style &＃61; cla.getName();
    MethodSorter(obj, style);
    MethodFilter();
  }

  public SuperFilter(Object obj, String style) {
    this.obj &＃61; obj;
    MethodSorter(obj, style);
    MethodFilter();
  }

  private void MethodSorter(Object o, String name) {
    Method methods[] &＃61; null;
    try {
      methods &＃61; Class.forName(name).getDeclaredMethods();
    } catch (SecurityException e) {
      e.printStackTrace();
    } catch (ClassNotFoundException e) {
      e.printStackTrace();
    }
    for (int i &＃61; 0; i       Method m &＃61; methods[i];
      if (m.getName().startsWith("get")) {
        getList.add(m);
        String tempname &＃61; m.getName();
        Methodname.add(tempname.substring(3));
      }
      if (m.getName().startsWith("set")) {
        setList.add(m);
      }

    }

    for (int i &＃61; 0; i       String temp &＃61; Methodname.get(i);
      for (int m &＃61; 0; m         Method met &＃61; setList.get(m);
        if (met.getName().endsWith(temp)) {

          map.put(temp, new Mobj(getList.get(i), met));

        }
      }
    }

  }

  public void MethodFilter() {
    for (int i &＃61; 0; i       Mobj mobj &＃61; map.get(Methodname.get(i));
      Method methodget &＃61; mobj.getGetMethod();
      Method methodset &＃61; mobj.getSetMethod();

      try {
        if (String.class.isInstance(methodget.invoke(obj, null))) {

          String temp &＃61; (String) methodget.invoke(obj, null);
        //  System.out.println("~~~~~~~~~~~~~~~~~~");
          System.out.println(temp);
        //  System.out.println("~~~~~~~~~~~~~~~~~~");
          String tempAfterFilter &＃61; StringFilter.filterHtml(temp);
          methodset.invoke(obj, tempAfterFilter);

        }
      } catch (IllegalArgumentException e) {
        e.printStackTrace();
      } catch (IllegalAccessException e) {
        e.printStackTrace();
      } catch (InvocationTargetException e) {
        e.printStackTrace();
      }

    }

  }

  protected class Mobj {
    Method getMethod;
    Method setMethod;

    public Mobj(Method getMethod, Method setMethod) {
      this.getMethod &＃61; getMethod;
      this.setMethod &＃61; setMethod;
    }

    public Method getSetMethod() {
      return setMethod;
    }

    public void setSetMethod(Method setMethod) {
      this.setMethod &＃61; setMethod;
    }

    public Method getGetMethod() {
      return getMethod;
    }

    public void setGetMethod(Method getMethod) {
      this.getMethod &＃61; getMethod;
    }

  }

}

public ActionForward execute(ActionMapping mapping, ActionForm form,
      HttpServletRequest request, HttpServletResponse response) {
// 传入的form 表单 转换为对应类型    
    Login loginForm &＃61; (Login) form;

// 进行过滤
    new SuperFilter(loginForm,loginForm.getClass());
  ...................      return mapping.getInputForward();
    


  }
}