📄 防止sql注入式攻击.txt

📁 较为详细的介绍了asp自定义的各种函数,方便asp的各种开发.

💻 TXT

字号:

<%
if left(Request.ServerVariables("HTTP_REFERER"),23) <> "http://www.skyeye78.com" then
Response.Redirect "http://www.skyeye78.com"
response.end
end if
Function SafeRequest(ParaName,ParaType)
       '--- 传入参数 ---
       'ParaName:参数名称-字符型
       'ParaType:参数类型-数字型(1表示以上参数是数字，0表示以上参数为字符)

       Dim ParaValue
       ParaValue=Request(ParaName)
       If ParaType=1 then
              If not isNumeric(ParaValue) then
                     Response.write "参数" & ParaName & "必须为数字型！"
                     Response.end
              End if
       Else
              ParaValue=replace(ParaValue,"'","''")
              ParaValue=Replace(ParaValue,"<",vbNullString)
              ParaValue=Replace(ParaValue,">",vbNullString)
              ParaValue=Replace(ParaValue,"""",vbNullString)
              ParaValue=Replace(ParaValue,"'",vbNullString)
              ParaValue=Replace(ParaValue,";",vbNullString)
              ParaValue=Replace(ParaValue,"(",vbNullString)
              ParaValue=Replace(ParaValue,")",vbNullString)
              ParaValue=Replace(ParaValue,"+",vbNullString)
              ParaValue=Replace(ParaValue,"-",vbNullString)
       End if
       SafeRequest=ParaValue
End function
%>

⌨️ 快捷键说明

复制代码 Ctrl + C

搜索代码 Ctrl + F

全屏模式 F11

切换主题 Ctrl + Shift + D

显示快捷键 ?

增大字号 Ctrl + =

减小字号 Ctrl + -