?? sqlchk.asp
字號:
<%
'----------------------------------
'-- SQLSHK.ASP 防止SQL注入攻擊 --
'--------定義部份------------------
Dim Jx_Post,Jx_Get,Jx_In,Jx_Inf,Jx_Xh,Jx_db,Jx_dbstr
'自定義需要過濾的字串,用 "|" 分隔
Jx_In = "'|;|and|exec|insert|select|delete|update|count|*|%|chr|mid|master|truncate|char|declare"
'----------------------------------
Jx_Inf = split(Jx_In,"|")
'--------POST部份------------------
If Request.Form<>"" Then
For Each Jx_Post In Request.Form
For Jx_Xh=0 To Ubound(Jx_Inf)
If Instr(LCase(Request.Form(Jx_Post)),Jx_Inf(Jx_Xh))<>0 Then
Response.Write "<Script Language=JavaScript>"
Response.Write "alert('請不要在參數(shù)中包含非法字符嘗試注入!');"
Response.write "javascript:history.go(-1);"&Chr(13)
Response.Write "</Script>"
Response.End
End If
Next
Next
End If
'--------GET部份-------------------
If Request.QueryString<>"" Then
For Each Jx_Get In Request.QueryString
For Jx_Xh=0 To Ubound(Jx_Inf)
If Instr(LCase(Request.QueryString(Jx_Get)),Jx_Inf(Jx_Xh))<>0 Then
Response.Write "<Script Language=JavaScript>"
Response.Write "alert('請不要在參數(shù)中包含非法字符嘗試注入!');"
Response.write "javascript:history.go(-1);"&Chr(13)
Response.Write "</Script>"
Response.End
End If
Next
Next
End If
'----------------------------------
%>?? 快捷鍵說明
復(fù)制代碼
Ctrl + C
搜索代碼
Ctrl + F
全屏模式
F11
切換主題
Ctrl + Shift + D
顯示快捷鍵
?
增大字號
Ctrl + =
減小字號
Ctrl + -