asp.netÈçºÎ·ÀÖ¹Ö±½ÓÊäÈëurl´ò¿ªÍøÒ³ÄØ£¿
ÎÒÓÐÒ»¸öÍøÒ³ÊÇҪʵÏÖÏñ°Ù¶ÈÖªµÀ£¬ÄǸöÑ¡Ôñ×î¼Ñ»Ø¸´µÄ¹¦ÄÜ
Ïë·¨ÄؾÍÊÇ°´ ×î¼Ñ»Ø¸´°´Å¥ È»ºó°ÑÄǸö»Ø¸´µÄid´«ÁíÒ»¸öÒ³Ãæ½øÐÐÊý¾Ý¿âµÄ¸üвÙ×÷
µ«ÊÇÓиöÎÊÌâ¾ÍÊÇÔõô·ÀÖ¹Óû§Ö±½ÓÊäÈëÍøÖ·À´²Ù×÷ÄØ
лл
¼Ó¸ösession Åж¨¡£¡£¡£¡£
ÄãÓÃform´«Öµ²»¾ÍÐÐÁË
ÔÚjsÀïÅжÏdocument.referrerÊDz»ÊÇÀ´×ÔÄãµÄÒ³Ãæ
ÓÃCookieÅжÏÕâÑù»¹¿ÉÒÔÉ趨¶à³¤Ê±¼äÄÚ²»ÓÃÖظ´µÇ½
²»Òª´ÓurlÉÏÖ±½Ó´«Id,Äã¿ÉÒÔPostµ½·þÎñÆ÷.
·þÎñÆ÷ÅжÏÒ»ÏÂReferer.
<form name="form1" action="·þÎñÆ÷" method="post">
<input type="hidden" value="" name="id"/>
</form>
µã»÷×î¼Ñ»Ø¸´Ê±,Ö´ÐÐjs
document.form1.id= ÎÊÌâId
document.form1.submit() Ìá½»
°´ ×î¼Ñ»Ø¸´°´Å¥ ¸³ÖµÒ»¸ösessionÓÃÀ´±êʶ£¬
È»ºó°ÑÄǸö»Ø¸´µÄid´«ÁíÒ»¸öÒ³Ãæ
page_loadµÄʱºòÅжÏÕâ¸ö±êʶµÄsession
Èç¹ûÓоÍÊÇÀ´×ÔÄǸöÒ³ÃæµÄ
Ïà¹ØÎÊ´ð£º
select top 12 * from Product where [id] not in (select top 12 [id] from Product)
ÕâÑù¿ÉÒÔ·ÖÒ³£¬µ«ÊÇÎÒÔÚºóÃæÏë¼Ó¸öÌõ¼þ
select top 12 * from Product where [id] not in (select top 12 [id] from Prod ......
ÔÚµ¯³ö¿òÖеã»÷Ò»¸ö°´Å¥£¬Ôõôµ÷תµ½ÁíÒ»¸öä¯ÀÀÆ÷£¬²¢ÇÒÔÚ¸Ãä¯ÀÀÆ÷´ò¿ªÁ½¸öÒ³Ãæ
ÄãµÄÒâ˼Ӧ¸ÃÊÇ
response.write("<script>alert('È·ÈÏ'); window.location.href('xxxx.aspx'); </script>"); ......
ÇëÎÊһϣ¬ASP.NETÎÒÓÃÒ»¸ö²ãÖзÅÁËÒ»¸öÈÕÀú¿Ø¼þ£¬ÔÚµãÒ»¸ö°´Å¥Ê±£¬ÏÔʾÕâ¸ö²ã£¿ÏÖÔÚÎÊÌâÊÇÎÒÔڵ㰴ťʱ£¬ÎÒÏë°Ñ²ãÏÔʾÔÚ°´Å¥µÄÏ·½£¿¾ÍÏñÏÂÀÈÕÆڿؼþÒ»Ñù£¬ÎÒÓÃÊǵÄASP.NET C#
ÎÒÓÐÕâôһ¸öÈÕÆڿؼþ£¬£¡µã»÷¿ÉÒÔÑ ......
ÎÒÔÚ×Ô¼ºµÄ»úÆ÷ÉÏдµÄAsp.net³ÌÐò£¬ÔÚ±ðÈ˵ĻúÆ÷ÉÏÔõôÈñð·ÃÎÊ¡£
°Ñ´úÂë·Åµ½Ò»¸öÖ§³Ö.NETµÄ¿Õ¼äÉÏ ¸øÈËÓòÃû¾Í¿ÉÒÔ·ÃÎÊÁË
btµÄ×ö·¨.µãµ÷ÊԺ󲻶¯..
±ðÈËÓà http://ÄãµÄIP:¿´Ò»Ïµ÷ÊÔÓõĶ˿Ú/
¼´¿É·ÃÎÊ
ip+ ......
