hzhost·Àasp¹¥»÷º¯Êý
hzhost·Àasp¹¥»÷º¯Êý
Function SafeRequest(ParaName)
Dim ParaValue
ParaValue=Request(ParaName)
if IsNumeric(ParaValue) then
SafeRequest=ParaValue
exit Function
else
ParaValuetemp=lcase(ParaValue)
tempvalue="select
|insert |delete from|'|count(|drop table|update |truncate
|asc(|mid(|char(|xp_cmdshell|exec master|net localgroup
administrators|net user| or | and |%20from"
temps=split(tempvalue,"|")
for mycount=0 to ubound(temps)
if Instr(ParaValuetemp,temps(mycount)) > 0 then
call errorpage(-2,"·Ç·¨ÇëÇ󣡣¡£¡")
response.end
end if
next
SafeRequest=ParaValue
end if
End function
'=================
Ïà¹ØÎĵµ£º
±¾»úip[¿Í»§¶Ë]:
request.servervariables("remote_addr")
´ÓÄĸöÒ³Ãæתµ½µ±Ç°Ò³ÃæµÄ£º
Request.ServerVariables("HTTP_REFERER")
µÃµ½±¾Ò³µØÖ·£º
<%="http://" + Request.ServerVariables("SERVER_NAME") + ":" + Request.ServerVariables("SERVER_PORT") + reques ......
'---------------------------------------------------------------------------------------------------1.asp
<!--#include file="function.asp" -->
<%if Request.Cookies("venshop")("user_name")<>"" then%>'µ±Óû§µÇ¼ʱ¿ÉÒÔÖ´ÐÐthen
<script>
function checkAll(){
&nbs ......
<%
Function Zodiac(birth)
If IsDate(birth) Then
birthyear = Year(birthday)
ZodiacList = Array("ºï", "¼¦", "¹·", "Öí", "Êó", "Å£", "»¢", "ÍÃ", "Áú", "Éß", "Âí", "Ñò")&nbs ......
<input type="submit" name=""byt id="byt" value="ÏÖ½ðÏúÊÛÌá½»" >
ÀýÈ磺±íµ¥ÖÐÓÐÒ»¸öÃûΪ byt µÄ°´Å¥£¬ÒªÇóÍøÒ³´ò¿ª1Ãëºó£¬×Ô¶¯µã»÷°´Å¥£¬
·½·¨£º°ÑÈçÏ´úÂë¼ÓÔÚ</form>ºó¡£
<script language="javascript">
function window.onload()
{
setTimeout("document.form1.byt.click()",1 ......
ºÜ¶àSOHOER¶¼Ï£ÍûÓиö×Ô¼ºµÄÍøÕ¾,¶ø¶ÔÍøÕ¾½¨ÉèÒ»ÎÞËùÖª,»òÕßÒ»Öª°ë½â.½ñÌìÎÒÏȽ²³ÌÐò·½ÃæµÄÇø±ð,ÏàÐźܶàÈËÅöµ½ÁËÓÐЩ¹«Ë¾Ëµphp±ÈAsp,Asp.Net¶¼ÒªºÃ,»òÕßAsp±ÈÆäËûÓïÑÔ¶¼ÒªºÃ¡£Æäʵ,³ÌÐòµÄÓÅÂÔÓëÍøÕ¾¿ª·¢ÈËÔ±µÄ¾Ñé\¼¼ÊõˮƽÏà¹Ø£¬¶øÓïÑÔ±¾Éí²¢Ã»ÓÐʲôÓÅÂÔÖ®·Ö.¾Ñé¶àµÄ³ÌÐòÔ±,²»¹ÜʹÓõÄÄ ......
