package kd.bos.util;

import java.util.regex.Pattern;
import org.apache.commons.io.FilenameUtils;

/* loaded from: input_file:kd/bos/util/SecurityUtils.class */
public class SecurityUtils {
    public static boolean containsSqlInjection(String str) {
        boolean z = false;
        if (StringUtils.isNotEmpty(str)) {
            z = Pattern.compile("\\b(and|exec|insert|select|drop|grant|alter|delete|update|count|chr|mid|master|truncate|char|declare|or)\\b|(\\*|;|\\+|'|%)").matcher(str).find();
        }
        return z;
    }

    public static String htmlEncode(String str) {
        String[] split = "&@<@>@\"@'@/".split("@");
        String[] split2 = "&amp;@&lt;@&gt;@&quot;@&#x27;@&#x2F;".split("@");
        String str2 = str;
        try {
            if (StringUtils.isNotEmpty(str)) {
                for (int i = 0; i < split.length; i++) {
                    str2 = str.replaceAll(split[i], split2[i]);
                }
            }
        } catch (NullPointerException e) {
            DisCardUtil.discard();
        }
        return str2;
    }

    public static String htmlEncode0(String str) {
        String[] split = "&@<@>@\"@'@/".split("@");
        String[] split2 = "&amp;@&lt;@&gt;@&quot;@&#x27;@&#x2F;".split("@");
        String str2 = str;
        try {
            if (StringUtils.isNotEmpty(str)) {
                for (int i = 0; i < split.length; i++) {
                    str2 = str2.replaceAll(split[i], split2[i]);
                }
            }
        } catch (NullPointerException e) {
            DisCardUtil.discard();
        }
        return str2;
    }

    public static String normalize(String str) {
        String str2 = str;
        if (str != null) {
            str2 = str.replace("../", "#").replace("..\\", "#");
        }
        return FilenameUtils.normalize(str2);
    }
}
