?? check_login.test.asp
字號:
<%@LANGUAGE="VBSCRIPT" CODEPAGE="936"%>
<html>
<head>
<title>Untitled Document</title>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
</head>
<%
'On Error Resume Next
Response.Write(Server.URLEncode("""") & " " & Server.HTMLEncode("""") & "<br>")
dim str,login_name,password
login_name = "1' or 1 = 1 or '1' <> '"
password = "1' or 1 = 1 or '1' <> '"
str = "select top 1 * from member where login_name = '" & login_name & "'"
Response.Write(str & "<br>")
str = "select top 1 name from member where (login_name = '" & login_name & "') and (password = '" & password & "')"
Response.Write(str & "<br>")
login_name = "1"" or 1 = 1 or ""1"" <> "" "
password = "1"" or 1 = 1 or ""1"" <> "" "
str = "select top 1 * from member where login_name = """ & login_name & """ and password = """ & password & """"
Response.Write(str & "<br>")
str = "select top 1 * from member where (login_name = """ & login_name & """) and (password = """ & password & """)"
Response.Write(str & "<br>")
Session("rs").Open str,Session("conn")
if not Session("rs").EOF and Session("password") = password then
Session("login_name") = Session("rs")("login_name")
Response.Write("login success!")
else
Response.Write("Invalid login_name!")
end if
'Response.Write(str)
'Response.End()
Session("rs").Close
%>
<body>
<textarea name="textarea"><%= Server.HTMLEncode("'") %></textarea>
</body>
</html>
?? 快捷鍵說明
復制代碼
Ctrl + C
搜索代碼
Ctrl + F
全屏模式
F11
切換主題
Ctrl + Shift + D
顯示快捷鍵
?
增大字號
Ctrl + =
減小字號
Ctrl + -