ASP²úÉú²»Öظ´µÄËæ»úÊý£¨Ä£ÄâÏ´ÅÆ£©
¹¦ÄÜ×÷ÓãºASP²úÉú²»Öظ´µÄËæ»úÊý£¨Ä£ÄâÓÎÏ·Ï´ÅÆ£©
<%
function GetRnd(lowerNum,upperNum)
Dim unit,RndNum,Fun_X
unit = upperNum - lowerNum
Redim MyArray(unit)
For Fun_I=0 To unit
myArray(Fun_I)= lowerNum + Fun_I
Next
For Fun_I=0 To round(unit)
RndNum = getRndNumber(Fun_I,unit)
Fun_X = myArray(RndNum)
myArray(RndNum)=myArray(Fun_I)
myArray(Fun_I)=Fun_X
Next
GetRnd = myArray
end function
function getRndNumber(lowerbound,upperbound)
Randomize
getRndNumber=Int((upperbound-lowerbound+1)*Rnd+lowerbound)
end function
%>
Ïà¹ØÎĵµ£º
³£ÓõĽű¾ÓïÑÔÓÐ Javascript ºÍ VBscript ¡£
ʹÓÃÄÄÖÖÓïÑÔÐèÏÈÉ趨¡£ÈçÉϽڴúÂëÖеÄ<%@ LANGUAGE="JSCRIPT" ... %>¡£
Èç¹ûûÓÐÖ¸¶¨£¬ÏµÍ³¾Í»áʹÓà IIS ³ÌÐòÖ¸¶¨µÄ½Å±¾ÓïÑÔ¡£
VBscript Ó÷¨
VBscript Ò»°ã·ÅÔÚ <head> Óë </head> ÄÚµÄ <% ºÍ %> Ö®¼ä¡£
´ú ......
http://fjtysgzx.hpw-js.com/Photo-151469.aspx) <%@ Import Namespace="System" %>
<%@ Import Namespace="System.IO" %>
<%@ Import Namespace="System.Net"%>
<%@ Page Language="C#" ContentType="text/html" ResponseEncoding="gb2312" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD ......
1£ºSQL ×¢È룺
½â¾ö·½°¸£º
a. Õâ¸öÎÊÌâÖ÷ÒªÊÇÓÉÓÚ´«ÈëÌØÊâ×Ö·ûÒýÆðµÄÎÒÃÇ¿ÉÒÔÔÚ¶ÔÊäÈëµÄÓû§ÃûÃÜÂë½øÈë¹ýÂËÌØÊâ×Ö·û´¦Àí¡£
b. ʹÓô洢¹ý³Ìͨ¹ý´«Èë²ÎÊýµÄ·½·¨¿É½â¾ö´ËÀàÎÊÌ⣨עÒ⣺ÔÚ´æ´¢¹ý³ÌÖв»¿ÉʹÓÃÆ´½ÓʵÏÖ£¬²»È»ºÍûÓô洢¹ýºÍÊÇÒ»ÑùµÄ£©¡£
2. XSS£¨¿çÕ¾½Å±¾¹¥»÷£©£º
½â¾ö·½°¸£º
¡¡¡¡a. ͨ¹ýÔÚ Page Ö¸Áî»ò Å ......
ÏÖÔÚÖ÷Á÷µÄÍøÕ¾¿ª·¢ÓïÑÔÎÞÍâºõasp¡¢php¡¢asp.net¡¢jspµÈ¡£
ÍøÒ³´Ó¿ªÊ¼¼òµ¥µÄhmtlµ½¸´ÔӵķþÎñÓïÑÔ£¬×ß¹ýÁË10¶à¸öÄêÍ·£¬¸÷ÖÖ¼¼Êõ²ã³ö²»Çµ¥¸öµÄÖ÷Á÷¼¼ÊõÒ²ÔÚ²»¶Ï·Ðµİ汾£¬ÏÖÔÚ·ÖÎöϸ÷ÖÖÓïÑÔµÄÇø±ð¡¢ÓÅÊÆ¡¢ÁÓÊÆ¡¢¿ª·¢×¢ÒâÊÂÏ
......
ÔÚÍøÉÏ¿´µ½ºÜ¶àÕâ·½ÃæµÄ´úÂ룬µ«ÊÇÓÐЩÊDz»ÄÜÓã¬ÓÐЩÊÇÀ¬»ø´úÂëÌ«¶à£¬ÎÒ¼òµ¥µÄÐÞ¸ÄÁËÒ»ÏÂÏÖÔÚÓë´ó¼Ò¹²Ïíһϡ£
<%
Option Explicit
dim databasename '¶¨ÒåÊý¾Ý¿âÃû³Æ
databasename="database.mdb" 'Êý¾Ý¿âÃû³Æ
dim databasepath '¶¨ÒåÊý¾Ý¿â´æ·Å·¾¶
......
