ASPÖ±½ÓÉú³ÉhtmlµÄ´úÂë
´Ë·½·¨¿ÉÒÔ²»ÐèҪרÃÅÖÆ×÷Ä£°åÎļþ£¬Ö»ÐèÕý³£ÔËÐеĶ¯Ì¬Ò³Ãæ¼´¿É£¬¾ßÌå·½·¨ÈçÏ£¬×îÖÕʹÓüû×îºóÒ»¸öº¯Êý£º
Function getHTTPPage(url) ‘Ê×Ò³Éú³É¿ªÊ¼
dim Http
set Http=server.createobject("MSXML2.XMLHTTP")
Http.open "GET",url,false
Http.send()
if Http.readystate<>4 then
exit function
end if
getHTTPPage=bytesToBSTR(Http.responseBody,"GB2312")
set http=nothing
if err.number<>0 then err.Clear
end function
Function BytesToBstr(body,Cset)
dim objstream
set objstream = Server.CreateObject("adodb.stream")
objstream.Type = 1
objstream.Mode =3
objstream.Open
objstream.Write body
objstream.Position = 0
objstream.Type = 2
objstream.Charset = Cset
BytesToBstr = objstream.ReadText
objstream.Close
set objstream = nothing
End Function
Function CreateStatic(txtURL,FileName)
sText = getHTTPPage(txtURL)
Set FileObject=Server.CreateObject("Scripting.FileSystemObject")
Set openFile=FileObject.OpenTextfile(server.mapPath(Filename),2,true) ‘trueΪ²»´æÔÚ×ÔÐн¨Á¢
openFile.writeline(sText)
Set OpenFile=nothing
End Function
Function CreateIndex()
Response.Write("Ê×Ò³Éú³ÉÖУ¬ÇëÉÔºó...")
Response.Flush()
TxtUrl = "http://"&Request.ServerVariables("SERVER_NAME")&"/Default.asp"
FilePath = "/Default.html"
Call CreateStatic(TxtUrl,FilePath)
Response.Write(" ")
End Function
Ïà¹ØÎĵµ£º
<%
'true=ÊÇÓʼþ;false=²»ÊÇ;
Function validate(ByVal str)
Dim temp,reg
Set reg = new regexp
reg.ignorecase=true
reg.global=true
reg.pattern = "^\w+([-+.]\w+)*@\w+([-.]\w+)*\.\w+([-.]\w+)*$"
validate = reg.test(Trim(str))
Set reg = Nothing
End Function
'************************ ......
using System;
using System.Data;
using System.Configuration;
using System.Linq;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.HtmlControls;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Xml.Linq;
namespace W ......
ÏÖÔڱȽÏÁ÷ÐеÄSQL×¢È빤¾ßµÄ¹¤×÷·½Ê½ÊÇͨ¹ýGETºÍPOSTÀ´Íê³É¾ßÌåµÄ×¢Èë¡£ÎÒÃÇ¿ÉÒÔ½«×¢ÈëʱËùÓõ½µÄÒ»ÇзûºÅ¹ýÂ˵ô¡£ÄÇôÎÒÃÇ¿ÉÒÔͨ¹ý¼òµ¥µÄÅжÏÓï¾äÀ´´ïµ½Ä¿µÄ¡£ÎÒÃÇÏÈÀ´¹ýÂËGET°É¡£
´úÂëÈçÏ£º
dim sql_injdata SQL_inj SQL_Get
SQL_injdata = "’|and|exec|insert|select|delete|update|count|*|%|chr|mid|mast ......
protected void Button1_Click(object sender, EventArgs e)
{
GridViewRow gvr = (sender as Button).NamingContainer as GridViewRow; //»ñµÃÈÝÆ÷
if(gvr != null)
{
int index = gvr.RowIndex;//index¾ ......
ASPÓë´æ´¢¹ý³Ì
ASPÓë´æ´¢¹ý³Ì(Stored Procedures)µÄÎÄÕ²»ÉÙ£¬µ«ÊÇÎÒ»³ÒÉ×÷ÕßÃÇÊÇ·ñÕæÕýʵ¼ù¹ý¡£ÎÒÔÚ³õѧʱ²éÔĹý´óÁ¿Ïà¹Ø×ÊÁÏ£¬·¢ÏÖÆäÖÐÌṩµÄºÜ¶à·½·¨Êµ¼Ê²Ù×÷ÆðÀ´²¢²»ÊÇÄÇô»ØÊ¡£¶ÔÓÚ¼òµ¥µÄÓ¦Óã¬ÕâЩ×ÊÁÏÒ²ÐíÊÇÓаïÖúµÄ£¬µ«½öÏÞÓÚ´Ë£¬ÒòΪËüÃǸù±¾¾ÍÊÇǧƪһÂÉ£¬»¥Ïà³Ï®£¬ÉÔ΢¸´ÔÓµãµÄÓ¦Ó㬾ÍÈ«¶¼ÓïÑɲ»ÏêÁË ......
