一个asp放注入函数
sub aspsql()
SQL_injdata = "'|;|and|exec|insert|select|delete|update|count|*|%|chr|mid|master|truncate|char|declare"
SQL_inj = split(SQL_Injdata,"|")
If Request.Form<>"" Then
For Each Sql_Post In Request.Form
For SQL_Data=0 To Ubound(SQL_inj)
if instr(Request.Form(Sql_Post),Sql_Inj(Sql_DATA))>0 Then
response.write "<mce:script language='javascript'><!--
"
response.write "alert('网站安全提示:请不要在参数中包含非法字符!');"
response.write "location.href='javascript:history.go(-1)';"
response.write "
// --></mce:script>"
response.end
end if
next
next
end if
If Request.QueryString<>"" Then
For Each SQL_Get In Request.QueryString
For SQL_Data=0 To Ubound(SQL_inj)
if instr(Request.QueryString(SQL_Get),Sql_Inj(Sql_DATA))>0 Then
response.write "<mce:script language='javascript'><!--
"
response.write "alert('网站安全提示:请不要在参数中包含非法字符!');"
response.write "location.href='javascript:history.go(-1)';"
response.write "
// --></mce:script>"
response.end
end if
next
Next
end If
end sub
相关文档:
VISTA+IIS+ASP架站
1. VISTA裝IIS
1-1. 控制面板中“程序和功能”的位 ......
<head runat="server">
<title></title>
<meta http-equiv="Expires" CONTENT="0">
<meta http-equiv="Cache-Control" CONTENT="no-cache">
<meta http-equiv="Pragma" CONTENT="no-cache">
<script language="JavaScript"> ......
<%
'asp多风格分页类
'使用范例
'==========================================================================
'Set test = New Page '创建啦
'test.CurrentPage=1 '自己去读取拉,当前的页数
'test.temp="{N1}{N2}{N3} {N4}"'这里是显示的模版,自己可以定义,至于标签,可以自己去那个类里找
'test.Exec "S ......
<!--#include file="config.asp" -->
<!--#include file="Fun.asp" -->
<%
'数据库管理类
class Datas
'备份
public sub Bk()
Set fso=server.createobject("scripting.filesystemobject")
fso.CopyFile Server.MapPath(SiteDataPath),Server.MapPath(SiteDataBakPath)
......