Ò׽ؽØͼÈí¼þ¡¢µ¥Îļþ¡¢Ãâ°²×°¡¢´¿ÂÌÉ«¡¢½ö160KB

Ò»¸öasp·Å×¢È뺯Êý

 sub aspsql()
SQL_injdata = "'|;|and|exec|insert|select|delete|update|count|*|%|chr|mid|master|truncate|char|declare"
SQL_inj = split(SQL_Injdata,"|")
If Request.Form<>"" Then
For Each Sql_Post In Request.Form
For SQL_Data=0 To Ubound(SQL_inj)
if instr(Request.Form(Sql_Post),Sql_Inj(Sql_DATA))>0 Then
response.write "<mce:script language='javascript'><!--
"
response.write "alert('ÍøÕ¾°²È«Ìáʾ£ºÇë²»ÒªÔÚ²ÎÊýÖаüº¬·Ç·¨×Ö·û£¡');"
response.write "location.href='javascript:history.go(-1)';"
response.write "
// --></mce:script>"
response.end
end if
next
next
end if
If Request.QueryString<>"" Then
For Each SQL_Get In Request.QueryString
For SQL_Data=0 To Ubound(SQL_inj)
if instr(Request.QueryString(SQL_Get),Sql_Inj(Sql_DATA))>0 Then
response.write "<mce:script language='javascript'><!--
"
response.write "alert('ÍøÕ¾°²È«Ìáʾ£ºÇë²»ÒªÔÚ²ÎÊýÖаüº¬·Ç·¨×Ö·û£¡');"
response.write "location.href='javascript:history.go(-1)';"
response.write "
// --></mce:script>"
response.end
end if
next
Next
end If
end sub


Ïà¹ØÎĵµ£º

ASP.NETÒ³ÃæÉúÃüÖÜÆÚºÍasp.netÓ¦ÓóÌÐòÉúÃüÖÜÆÚ

Ò³ÃæÉúÃüÖÜÆÚ
Ò³ ÃæÉúÃüÖÜÆÚÖ´ÐÐһϵÁв½Ö裺ҳÃæµÄ³õʼ»¯¡¢ÊµÀý»¯¿Ø¼þ¡¢»¹Ô­ºÍά»¤×´Ì¬¡¢ÔËÐÐʼþ´¦Àí³ÌÐò´úÂë¡¢³ÊÏÖ¡£ÎªÁËÔÚºÏÊʵĽ׶ÎÖ´ÐÐËùÐèµÄ´úÂ룬ËùÒÔÒª¶ÔÒ³ÃæÉúÃü ÖÜÆڷdz£ÊìϤ¡£ÔÚÒ³ÉúÃüÖÜÆڵĸ÷¸ö½×¶Î£¬Ò³Ãæ»áÖð¸öÒý·¢¶¨ÒåµÄʼþ£¬Í¨¹ý¶Ô´úÂ뿪·¢£¬ÔÚÒ³ÃæµÄÉúÃüʼþÖÐÖ´ÐÐÎÒÃÇËùÐèÒªµÄ³ÌÐò
Ò³ÉúÃüÖÜÆڽ׶Î
1¡ ......

ASPͨ¹ýcookieʵÏÖ×Ô¶¯¼ÇסÃÜÂëµÄ¹¦ÄÜ

 ASPͨ¹ýcookieʵÏÖ×Ô¶¯¼ÇסÃÜÂëµÄ¹¦ÄÜ
°ÑÒÔÏ´úÂë¼ÓÈëÑéÖ¤Ò³£º
<%if Trim(Cstr(request.QueryString("check")))="true" then ‘ÓÃÀ´ÅжÏÊÇ·ñÓÐÑ¡Ôñ¼ÇסÃÜÂë
Response.Cookies("UserCookie")("username") = Trim(Cstr(request.Form("username")))
Response.Cookies("UserCookie")("passwords") = trim ......

asp½«tableÉú³ÉexcelÎļþxls

 <%@LANGUAGE="VBSCRIPT" CODEPAGE="936"%>
<%
if request("action")=1 then
 Response.ContentType="application/ms-excel"
 Response.AddHeader "content-disposition","attachment;filename=www.xls"
end if
%>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//E ......

asp³£Óú¯Êý

1.·Å×¢È뺯Êý
sub aspsql()
SQL_injdata = "'|;|and|exec|insert|select|delete|update|count|*|%|chr|mid|master|truncate|char|declare"
SQL_inj = split(SQL_Injdata,"|")
If Request.Form<>"" Then
For Each Sql_Post In Request.Form
For SQL_Data=0 To Ubound(SQL_inj)
if instr(Request.Form(Sql_Post) ......
© 2009 ej38.com All Rights Reserved. ¹ØÓÚE½¡ÍøÁªÏµÎÒÃÇ | Õ¾µãµØͼ | ¸ÓICP±¸09004571ºÅ