Asp³£ÓÃͨÓú¯ÊýÖ®Cookie·ÀÂÒÂë
'º¯ÊýÃû£ºCodeCookie
'×÷ ÓãºCookie·ÀÂÒÂëдÈëʱÓÃ
'²Î Êý£ºstr ---- ×Ö·û´®
'·µ»ØÖµ£ºÕûÀíºóµÄ×Ö·û´®
'ʾ Àý£º
'**************************************************
Public Function CodeCookie(str)
If isNumeric(str) Then str=Cstr(str)
Dim newstr
newstr=""
For i=1 To Len(str)
newstr=newstr & ascw(mid(str,i,1))
If i<> Len(str) Then newstr= newstr & "a"
Next
CodeCookie=newstr
End Function
'**************************************************
'º¯ÊýÃû£ºDecodeCookie
'×÷ ÓãºCookie·ÀÂÒÂë¶Á³öʱÓÃ
'²Î Êý£ºstr ---- ×Ö·û´®
'·µ»ØÖµ£ºÕûÀíºóµÄ×Ö·û´®
'ʾ Àý£º
'**************************************************
Public Function DecodeCookie(str)
DecodeCookie=""
Dim newstr
newstr=Split(str,"a")
For i = LBound(newstr) To UBound(newstr)
DecodeCookie= DecodeCookie & chrw(newstr(i))
Next
End Function
Ïà¹ØÎĵµ£º
Javascript µÄ±äÁ¿ÉùÃ÷¹æÔò
1¡¢±äÁ¿ÃûÒÔÓ¢ÎÄ×Öĸ¿ªÍ·£»
2¡¢³¤¶È²»Äܳ¬¹ý255×Ö½Ú£»
3¡¢Ö®¼ä²»ÄÜÓпոñ£»
4¡¢²»ÄÜ°üº¬ Javascript µÄÔËËã·û£»
5¡¢²»ÄÜʹÓà Javascript µÄ±£Áô×Ö£»
6¡¢Çø·Ö´óСд¡£
Javascript µÄÁ÷³Ì¿ØÖÆÓï¾ä
ÓëVBSCRIPT Ïàͬ£¬ Javascript µÄÁ÷³Ì¿ØÖÆÓï¾äÓë·ÖΪÌõ¼þÓï¾äºÍÑ»·Óï¾ä¡£
ʵÀ ......
Active Server Pages ÌṩÄÚ½¨¶ÔÏó£¬ÕâЩ¶ÔÏóʹÓû§¸üÈÝÒ×ÊÕ¼¯Í¨¹ýä¯ÀÀÆ÷ÇëÇó·¢Ë͵ÄÐÅÏ¢¡¢ÏìÓ¦ä¯ÀÀÆ÷ÒÔ¼°´æ´¢Óû§ÐÅÏ¢£¨ÈçÓû§Ê×Ñ¡Ï¡£±¾ÎļòҪ˵Ã÷ÿһ¸ö¶ÔÏó¡£
Application ¶ÔÏó
¿ÉÒÔʹÓà Application ¶ÔÏóʹ¸ø¶¨Ó¦ÓóÌÐòµÄËùÓÐÓû§¹²ÏíÐÅÏ¢¡£
Request ¶ÔÏó
¿ÉÒÔʹÓà Request ¶ÔÏó·ÃÎÊÈκÎÓà HTTP Çë ......
1£ºSQL ×¢È룺
½â¾ö·½°¸£º
a. Õâ¸öÎÊÌâÖ÷ÒªÊÇÓÉÓÚ´«ÈëÌØÊâ×Ö·ûÒýÆðµÄÎÒÃÇ¿ÉÒÔÔÚ¶ÔÊäÈëµÄÓû§ÃûÃÜÂë½øÈë¹ýÂËÌØÊâ×Ö·û´¦Àí¡£
b. ʹÓô洢¹ý³Ìͨ¹ý´«Èë²ÎÊýµÄ·½·¨¿É½â¾ö´ËÀàÎÊÌ⣨עÒ⣺ÔÚ´æ´¢¹ý³ÌÖв»¿ÉʹÓÃÆ´½ÓʵÏÖ£¬²»È»ºÍûÓô洢¹ýºÍÊÇÒ»ÑùµÄ£©¡£
2. XSS£¨¿çÕ¾½Å±¾¹¥»÷£©£º
½â¾ö·½°¸£º
¡¡¡¡a. ͨ¹ýÔÚ Page Ö¸Áî»ò Å ......
µ÷ÊÔ³ÌÐòºÍ×ö³ÌÐòµÄʱºò£¬ºÃ¶àÖظ´µÄ´úÂëÒ»Ö±ÊäÈëºÜÂé·³£¬Ò²ºÜûÓÐЧÂÊ£¬·â×°Ò»¸ö×Ô¼ºµÄAsp°ü°ü£¬Í¦ÓÐÓеÄ
ÏÂÔظö¾«¼ò°æµÄVB6.0£¬Ð½¨ ActiveX dll£¬ÒÔÏÂÊÇ·â×°µÄ´úÂ룬ÖØÒª²¿·Ö¶¼ÓÐ×¢ÊÍ£¬²»¶®¿ÉÒÔ¸úÌû
Option Explicit
Public Resp As Response, Requ As Request, Appl As Application, Serv As Server, Sess As Sessio ......
Active Server Pages ÌṩÄÚ½¨¶ÔÏó£¬ÕâЩ¶ÔÏóʹÓû§¸üÈÝÒ×ÊÕ¼¯Í¨¹ýä¯ÀÀÆ÷ÇëÇó·¢Ë͵ÄÐÅÏ¢¡¢ÏìÓ¦ä¯ÀÀÆ÷ÒÔ¼°´æ´¢Óû§ÐÅÏ¢£¨ÈçÓû§Ê×Ñ¡Ï¡£±¾ÎļòҪ˵Ã÷ÿһ¸ö¶ÔÏó¡£
Application ¶ÔÏó
¿ÉÒÔʹÓà Application ¶ÔÏóʹ¸ø¶¨Ó¦ÓóÌÐòµÄËùÓÐÓû§¹²ÏíÐÅÏ¢¡£
Request ¶ÔÏó
¿ÉÒÔʹÓà Request ¶ÔÏó·ÃÎÊÈκÎÓà HTTP ÇëÇó ......
