asp Öг£ÓõÄÎļþ´¦Àíº¯Êý
asp Öг£ÓõÄÎļþ´¦Àíº¯Êý ÊÕ²Ø
asp Öд¦ÀíÎļþÉÏ´«ÒÔ¼°É¾³ýʱ³£ÓõÄ×Ô¶¨Ò庯Êý
<%
''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
'ËùÓÐ×Ô¶¨ÒåµÄVBSº¯Êý
''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
function DeleteFile(Filename) 'ɾ³ýÎļþ
if Filename<>"" then
Set fso = server.CreateObject("Scripting.FileSystemObject")
if fso.FileExists(Filename) then
fso.DeleteFile Filename
end if
set fso = nothing
end if
end function
''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
function CreateDIR(byval LocalPath) '½¨Á¢Ä¿Â¼µÄ³ÌÐò£¬Èç¹ûÓж༶Ŀ¼£¬ÔòÒ»¼¶Ò»¼¶µÄ´´½¨
on error resume next
LocalPath = replace(LocalPath,"\","/")
set FileObject = server.createobject("Scripting.FileSystemObject")
patharr = split(LocalPath,"/")
path_level = ubound(patharr)
for i = 0 to path_level
if i=0 then pathtmp=patharr(0) & "/" else pathtmp = pathtmp & patharr(i) & "/"
cpath = left(pathtmp,len(pathtmp)-1)
if not FileObject.FolderExists(cpath) then FileObject.CreateFolder cpath
next
set FileObject = nothing
if err.number<>0 then
CreateDIR = false
err.Clear
else
CreateDIR = true
end if
end function
''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
function SaveRandFileName(byval szFilename) '¸ù¾ÝÔÎļþÃûÉú³ÉеÄËæ»úÎļþÃû
randomize
'ranNum=int(90000*rnd)+10000
'if month(now)<10 then c_month="0" & month(now) else c_month=month(now)
'if day(now)<10 then c_day="0" & day(now) else c_day=day(now)
'if hour(now)<10 then c_hour="0" & hour(now) else c_hour=hour(now)
'if minute(now)<10 then c_minute="0" & minute(now) else c_minute=minute(now)
'if second(now)<10 then c_second="0" & second(now) else c_second=minu
Ïà¹ØÎĵµ£º
1£ºSQL ×¢È룺
½â¾ö·½°¸£º
a. Õâ¸öÎÊÌâÖ÷ÒªÊÇÓÉÓÚ´«ÈëÌØÊâ×Ö·ûÒýÆðµÄÎÒÃÇ¿ÉÒÔÔÚ¶ÔÊäÈëµÄÓû§ÃûÃÜÂë½øÈë¹ýÂËÌØÊâ×Ö·û´¦Àí¡£
b. ʹÓô洢¹ý³Ìͨ¹ý´«Èë²ÎÊýµÄ·½·¨¿É½â¾ö´ËÀàÎÊÌ⣨עÒ⣺ÔÚ´æ´¢¹ý³ÌÖв»¿ÉʹÓÃÆ´½ÓʵÏÖ£¬²»È»ºÍûÓô洢¹ýºÍÊÇÒ»ÑùµÄ£©¡£
2. XSS£¨¿çÕ¾½Å±¾¹¥»÷£©£º
½â¾ö·½°¸£º
¡¡¡¡a. ͨ¹ýÔÚ Page Ö¸Áî»ò Å ......
ÔÚÍøÉÏ¿´µ½ºÜ¶àÕâ·½ÃæµÄ´úÂ룬µ«ÊÇÓÐЩÊDz»ÄÜÓã¬ÓÐЩÊÇÀ¬»ø´úÂëÌ«¶à£¬ÎÒ¼òµ¥µÄÐÞ¸ÄÁËÒ»ÏÂÏÖÔÚÓë´ó¼Ò¹²Ïíһϡ£
<%
Option Explicit
dim databasename '¶¨ÒåÊý¾Ý¿âÃû³Æ
databasename="database.mdb" 'Êý¾Ý¿âÃû³Æ
dim databasepath '¶¨ÒåÊý¾Ý¿â´æ·Å·¾¶
......
Active Server Pages ÌṩÄÚ½¨¶ÔÏó£¬ÕâЩ¶ÔÏóʹÓû§¸üÈÝÒ×ÊÕ¼¯Í¨¹ýä¯ÀÀÆ÷ÇëÇó·¢Ë͵ÄÐÅÏ¢¡¢ÏìÓ¦ä¯ÀÀÆ÷ÒÔ¼°´æ´¢Óû§ÐÅÏ¢£¨ÈçÓû§Ê×Ñ¡Ï¡£±¾ÎļòҪ˵Ã÷ÿһ¸ö¶ÔÏó¡£
Application ¶ÔÏó
¿ÉÒÔʹÓà Application ¶ÔÏóʹ¸ø¶¨Ó¦ÓóÌÐòµÄËùÓÐÓû§¹²ÏíÐÅÏ¢¡£
Request ¶ÔÏó
¿ÉÒÔʹÓà Request ¶ÔÏó·ÃÎÊÈκÎÓà HTTP ÇëÇó ......
Active Server Pages ÌṩÄÚ½¨¶ÔÏó£¬ÕâЩ¶ÔÏóʹÓû§¸üÈÝÒ×ÊÕ¼¯Í¨¹ýä¯ÀÀÆ÷ÇëÇó·¢Ë͵ÄÐÅÏ¢¡¢ÏìÓ¦ä¯ÀÀÆ÷ÒÔ¼°´æ´¢Óû§ÐÅÏ¢£¨ÈçÓû§Ê×Ñ¡Ï¡£±¾ÎļòҪ˵Ã÷ÿһ¸ö¶ÔÏó¡£
Application ¶ÔÏó
¿ÉÒÔʹÓà Application ¶ÔÏóʹ¸ø¶¨Ó¦ÓóÌÐòµÄËùÓÐÓû§¹²ÏíÐÅÏ¢¡£
Request ¶ÔÏó
¿ÉÒÔʹÓà Request ¶ÔÏó·ÃÎÊÈκÎÓà HTTP ÇëÇó ......
