aspÎļþÏÂÔØ
<%
If Not IsNull(Request("fileName")) Then r = DownLoadFile(Request("fileName"))
Function DownLoadFile(fileName)
Dim s,fso,f,fLen
fileName = Server.MapPath(fileName)
'create stream
Set s = Server.CreateObject("ADODB.Stream")
s.Open()
s.Type = 1
Set fso = Server.CreateObject("Scripting.FileSystemObject")
If Not fso.FileExists(fileName) Then Response.Write "Îļþ²»´æÔÚ" : Response.End
Set f = fso.GetFile(fileName)
fLen = f.Size
s.LoadfromFile(fileName)
'clear the buffer
Response.Buffer = True
Response.Clear()
Response.AddHeader"Content-Disposition","attachment;filename=" & f.name
Response.AddHeader"Content-Length",fLen
Response.CharSet = "UTF-8"
Response.ContentType = "application/octet-stream"
'output the file to the browser
Response.BinaryWrite s.Read
Response.Flush
s.Close
Set s = Nothing
Set fso = Nothing
End Function
%>
Ïà¹ØÎĵµ£º
·ÅÈëconn.aspÖÐ(¾Ü¾ø¹¥»÷ ÍòÄÜAsp·À×¢Èë´úÂë)
·ÅÈëconn.aspÖÐ(¾Ü¾ø¹¥»÷ ÍòÄÜAsp·À×¢Èë´úÂë)
µÚÒ»ÖÖ£º
squery=lcase(Request.ServerVariables("QUERY_STRING"))
sURL=lcase(Request.ServerVariables("HTTP_HOST"))
SQL_injdata =":|;|>|<|--|sp_|xp_|\|dir|cmd|^|(|)|+|$|'|copy|format|and|exec| ......
4.1 ³£ÓõÄHTML¿Ø¼þ
4.1.1 ±íµ¥¿Ø¼þ
ÓÃÓÚ½ÓÊÕ¿Í»§¶ËµÄÊäÈ룬²¢½«ÊäÈëµÄ½á¹ûÌá½»¸ø·þÎñÆ÷´¦Àí
1.HtmlForm¿Ø¼þ
ËùÓеÄWeb Form¿Ø¼þ±ØÐë°üº¬ÔÚÒ»¶ÔHtmlForm¿Ø¼þ±êÇ©ÖÐ
<Form
Id = "¿Ø¼þ±êʶ"
Runat = "Server"
Method = "Post | Get"
Action = "ÒªÖ´ÐÐ ......
<input name="total" type="text" value="<%=webcounter%>" size="12" onbeforepaste="clipboarddata.setdata('text',clipboarddata.getdata('text').replace(/[^\d]/g,''))"
onkeydown="subOnKeyDown()"
onkeyup="value=value.replace(/[^\d]/g,'')"/>
ʹÓúó Èç¹ûÊäÈëΪ·ÇÊý×Ö ......
VBSÀ³¬³öIntegerÀàÐ͵ÄÈ¡Öµ·¶Î§£¬¸ÃÀàÐ͵ÄÈ¡Öµ·¶Î§Îª-32,768 µ½ 32,767 Ö®¼äµÄÕûÊý¡£
³ö´íµÄ¸ùÔ´£º
ÔÚASPÀÓÐʱºòΪÁË·ÂÖ¹×¢È룬ËùÒÔÔÚ½ÓÊÕ²ÎÊýµÄʱºòÖ±½ÓʹÓÃCintº¯Êý°Ñ½Ó¹ýÀ´µÄ²ÎÊýת»»ÎªInteger£¨Êý×Ö£©ÀàÐÍ£¬Õâ¾Í´æÔÚÒ»¸öDZÔÚÎÊÌ⣬µ±Ò³Ãæ½ÓÊÕµÄij¸ö²ÎÊý£¨Request("xxx")£©³¬¹ýÈ¡Öµ·¶Î§Ê±£¨¿É¼òµ¥Àí½âΪ5λÊý×Ö£ ......
Try
Dim Path As String = Server.MapPath("~/Download/") 'Îļþ·¾¶
Path = Path & "file.txt" 'ÎļþµÄÃû³Æ
......
