package com.lechun.common;

import com.lechun.enums.OrderConstants;
import java.util.regex.Pattern;
import org.apache.commons.lang.StringEscapeUtils;

/* loaded from: input_file:com/lechun/common/StringFilter.class */
public class StringFilter {
    static String reg = "(?:')|(?:--)|(/\\*(?:.|[\\n\\r])*?\\*/)|(\\b(select|update|and|or|delete|insert|trancate|char|into|substr|ascii|declare|exec|count|master|into|drop|execute)\\b)";
    static Pattern sqlPattern = Pattern.compile(reg, 2);

    public static boolean validSql(String str) {
        return !sqlPattern.matcher(str).find();
    }

    public static String validXss(String str) {
        return StringEscapeUtils.escapeSql(htmlEncode(str));
    }

    public static String htmlEncode(String str) {
        if (str == null) {
            return "";
        }
        StringBuffer stringBuffer = new StringBuffer();
        for (int i = 0; i < str.length(); i++) {
            char charAt = str.charAt(i);
            switch (charAt) {
                case '\n':
                case '\r':
                    break;
                case OrderConstants.Deliver.shunfengly_heb /* 34 */:
                    stringBuffer.append("&quot;");
                    break;
                case '&':
                    stringBuffer.append("&amp;");
                    break;
                case OrderConstants.Deliver.baiduwaimai_bj /* 60 */:
                    stringBuffer.append("&lt;");
                    break;
                case '>':
                    stringBuffer.append("&gt;");
                    break;
                default:
                    stringBuffer.append(charAt);
                    break;
            }
        }
        return stringBuffer.toString();
    }
}
