ASPÍøÕ¾×ÜÊDZ»×¢Èë´úÂë - Web ¿ª·¢ / ASP
ASPÍøÕ¾×ÜÊDZ»×¢Èë´úÂ룬ȥµô £¬²»ÐУ¬ËùÓÐÎļþ¼Ð¸Ä³ÉÖ»¶ÁȨÏÞ£¬²»ÐС£
°ï¶¥
Õ¾µã¶àÁË¡£ÎÒÒ²¾³£Óöµ½ÕâÖÖÎÊÌâ
¹À¼ÆÊÇ ÉÏ´« ÓÐÎÊÌâ
ÖªµÀ·ÀSQL×¢Èë¹¥»÷Â𣿣¿Äã¿ÉÒÔÁ˽âÏ£¬ÕâЩ¶¼ÊÇÍøÕ¾°²È«±ØÐë×öµÄ
±êÌâÓеãÀ×ÈË.
д³ÌÐòûÓа²È«Òâʶ,ɶÓïÑÔ¶¼Ò»¸öÄñÑù.
sql·À×¢´úÂë
VB code:
<%
Dim Query_Badword,Form_Badword,i,Err_Message,Err_Web,name
'------¶¨Ò岿·Ý Í·----------------------------------------------------------------------
Err_Message = 1 '´¦Àí·½Ê½£º1=ÌáʾÐÅÏ¢,2=תÏòÒ³Ãæ,3=ÏÈÌáʾÔÙתÏò
Err_Web = "Err.Asp" '³ö´íʱתÏòµÄÒ³Ãæ
Query_Badword="'¡Îand¡Îselect¡Îupdate¡Îchr¡Îdelete¡Î%20from¡Î;¡Îinsert¡Îmid¡Îmaster.¡Îset¡Îchr(37)¡Î="
'ÔÚÕⲿ·Ý¶¨Òåget·Ç·¨²ÎÊý,ʹÓÃ"¡Î"ºÅ¼ä¸ô
Form_Badword="'¡Î%¡Î&¡Î*¡Î(¡Î)¡Î=" 'ÔÚÕⲿ·Ý¶¨Òåpost·Ç·¨²ÎÊý,ʹÓÃ"¡Î"ºÅ¼ä¸ô
'------¶¨Ò岿·Ý β-----------------------------------------------------------------------
'
On Error Resume Next
'----- ¶Ô get query Öµ µÄ¹ýÂË.
if request.QueryString<>"" then
Chk_badword=split(Query_Badword,"¡Î")
FOR EACH Query_Name IN Request.QueryString
for i=0 to ubound(Chk_badword)
If Instr(LCase(request.QueryString(Query_Name)),Chk_badword(i))<>0 Then
Select Case Err_Message
Case "1"
Re
Ïà¹ØÎÊ´ð£º
aspÐéÄâÖ÷»úʵÏÖα¾²Ì¬µÄ·½·¨£º
1¡¢ ÖØдurl²ÎÊý
Step1: ½¨Á¢Ç°Ì¨Îļþindex.asp£¬ÐÞ¸Äurl²ÎÊýÐÎʽ¡£ÓÉÓÚ¶ÁÈ¡Êý¾Ý¿âÖеļǼ²»ÊÇרÌâµÄÖص㣬¹ÊÖ±½Ó¸ø³ö:
<!--#include file="config.asp" -->
&l ......
C# code:
SqlConnection conn = CsDB.sqlcon();
SqlDataAdapter da = new SqlDataAdapter("select fwCoding from bjmuma_fwCoding where OrderNumber='" + Order + & ......
Microsoft JET Database Engine '80040e07'
±ê×¼±í´ïʽÖÐÊý¾ÝÀàÐͲ»Æ¥Åä¡£
\wwwroot\update.asp, line 20
--------------------------------------------------------------------------------
Ho ......
ÎÒÏëʵÏÖÒ»¸öЧ¹ûÊÇ£ºÄÜ°ÑÒ³Ãæ·Ö³É¼¸¸ö´ó¿é£¬µãÏ´ó¿éÉϵÄ+±ãÕ¹¿ª£¬µãÏÂ-±ãÕÛµþ¡£
Õâ¸öÓÐʲô¿Ø¼þ¿ÉÒÔÓò»£¬Çë¸ßÊÖ²»Áߴͽ̣¡
ÓÃjs´úÂëÀ´ ¿ØÖÆ divµÄ¶¯×÷´Ó¶øÄÜʵÏÖ
js¿ØÖÆdivÏÔʾ/Òþ²ØÁË
VS2008×Ô´ø·â×°Á ......
ÔõÑù½«ASP³ÌÐòת»»Îª.NET³ÌÐò ?
ÕÒ¸öÈ«²Å·Òë¡£
ÊÖ¶¯È¥Ð´
¸Ð¾õд¹ýaspµÄ£¬À´Ð´asp.net£¬ÉÏÊÖÓ¦¸Ã¿ìµã¡£
¸üÄÜÀí½âasp.netµÄһЩÄÚ²¿¼¼Êõ
asp.net¶¼±»·â×°ÁË
ÎÒÊÇ×ö.NetµÄ£¬¶ÔASPһֱû½Ó´¥µ½£¬ºÜÄ°Éú¡£
¹« ......
