📄 function.asp
字号:
<%
'====================================
'检查传递参数中是否含有特殊字符
'====================================
Const badstrs = """,',;,and,exec,insert,select,delete,update,count,*,%,chr,mid,asc,master,truncate,char,declare,net user,xp_cmdshell,/add,drop,from"
Function Checkstr(Str)
If Isnull(Str) Then
CheckStr = ""
Exit Function
End If
Str = Replace(Str,Chr(0),"", 1, -1, 1)
Str = Replace(Str,"<","<", 1, -1, 1)
Str = Replace(Str,">",">", 1, -1, 1)
Str = Replace(Str, "script", "script", 1, -1, 0)
Str = Replace(Str, "SCRIPT", "SCRIPT", 1, -1, 0)
Str = Replace(Str, "Script", "Script", 1, -1, 0)
Str = Replace(Str, "script", "Script", 1, -1, 1)
Str = Replace(Str, "object", "object", 1, -1, 0)
Str = Replace(Str, "OBJECT", "OBJECT", 1, -1, 0)
Str = Replace(Str, "Object", "Object", 1, -1, 0)
Str = Replace(Str, "object", "Object", 1, -1, 1)
Str = Replace(Str, "applet", "applet", 1, -1, 0)
Str = Replace(Str, "APPLET", "APPLET", 1, -1, 0)
Str = Replace(Str, "Applet", "Applet", 1, -1, 0)
Str = Replace(Str, "applet", "Applet", 1, -1, 1)
Str = Replace(Str, "[", "[")
Str = Replace(Str, "]", "]")
Str = Replace(Str, """", "", 1, -1, 1)
Str = Replace(Str, "=", "=", 1, -1, 1)
Str = Replace(Str, "’", "’’", 1, -1, 1)
Str = Replace(Str, "select", "select", 1, -1, 1)
Str = Replace(Str, "execute", "execute", 1, -1, 1)
Str = Replace(Str, "exec", "exec", 1, -1, 1)
Str = Replace(Str, "join", "join", 1, -1, 1)
Str = Replace(Str, "union", "union", 1, -1, 1)
Str = Replace(Str, "where", "where", 1, -1, 1)
Str = Replace(Str, "insert", "insert", 1, -1, 1)
Str = Replace(Str, "delete", "delete", 1, -1, 1)
Str = Replace(Str, "update", "update", 1, -1, 1)
Str = Replace(Str, "like", "like", 1, -1, 1)
Str = Replace(Str, "drop", "drop", 1, -1, 1)
Str = Replace(Str, "create", "create", 1, -1, 1)
Str = Replace(Str, "rename", "rename", 1, -1, 1)
Str = Replace(Str, "count", "count", 1, -1, 1)
Str = Replace(Str, "chr", "chr", 1, -1, 1)
Str = Replace(Str, "mid", "mid", 1, -1, 1)
Str = Replace(Str, "truncate", "truncate", 1, -1, 1)
Str = Replace(Str, "nchar", "nchar", 1, -1, 1)
Str = Replace(Str, "char", "char", 1, -1, 1)
Str = Replace(Str, "alter", "alter", 1, -1, 1)
Str = Replace(Str, "cast", "cast", 1, -1, 1)
Str = Replace(Str, "exists", "exists", 1, -1, 1)
Str = Replace(Str,Chr(13),"<br>", 1, -1, 1)
CheckStr = Replace(Str,"’","’’", 1, -1, 1)
End Function
Function CheckBadStr(StrPara)
dim BadStr
BadStr=""
CheckBadStr=False
if isNull(StrPara) then Exit Function
SqlInject=split(badstrs,",")
For i=0 to ubound(SqlInject)
if Instr(lcase(StrPara),lcase(SqlInject(i)))<>0 then
BadStr=BadStr&SqlInject(i)
response.write reinfo("出错了","链接中出现特殊字符","首页")
response.end
Exit For
end if
next
End Function
'====================================
'过滤特殊字符
'====================================
Function ReplaceStr(byVal ChkStr)
Dim Str:Str=ChkStr
Str=Trim(Str)
If IsNull(Str) Then
ReplaceStr = ""
Exit Function
End If
Str = Replace(Str, "&", "&")
Str = Replace(Str,"'","'")
Str = Replace(Str,"""",""")
Dim re
Set re=new RegExp
re.IgnoreCase =True
re.Global=True
re.Pattern="(w)(here)"
Str = re.replace(Str,"$1here")
re.Pattern="(s)(elect)"
Str = re.replace(Str,"$1elect")
re.Pattern="(i)(nsert)"
Str = re.replace(Str,"$1nsert")
re.Pattern="(c)(reate)"
Str = re.replace(Str,"$1reate")
re.Pattern="(d)(rop)"
Str = re.replace(Str,"$1rop")
re.Pattern="(a)(lter)"
Str = re.replace(Str,"$1lter")
re.Pattern="(d)(elete)"
Str = re.replace(Str,"$1elete")
re.Pattern="(u)(pdate)"
Str = re.replace(Str,"$1pdate")
Set re=Nothing
ReplaceStr=Str
End Function
'====================================
'恢复特殊字符
'====================================
Function UnReplaceStr(ByVal Str)
If IsNull(Str) Then
UnReplaceStr = ""
Exit Function
End If
Str = Replace(Str,"'","'")
Str = Replace(Str,""","""")
Dim re
Set re=new RegExp
re.IgnoreCase =True
re.Global=True
re.Pattern="(w)(here)"
str = re.replace(str,"$1here")
re.Pattern="(s)(elect)"
str = re.replace(str,"$1elect")
re.Pattern="(i)(nsert)"
str = re.replace(str,"$1nsert")
re.Pattern="(c)(reate)"
str = re.replace(str,"$1reate")
re.Pattern="(d)(rop)"
str = re.replace(str,"$1rop")
re.Pattern="(a)(lter)"
str = re.replace(str,"$1lter")
re.Pattern="(d)(elete)"
str = re.replace(str,"$1elete")
re.Pattern="(u)(pdate)"
str = re.replace(str,"$1pdate")
Set re=Nothing
Str = Replace(Str, "&", "&")
UnReplaceStr=Str
End Function
'====================================
'检查字符串长度
'====================================
Function CheckStringLength(action,txtname,txt,length)
txt=trim(txt)
x = len(txt)
y = 0
for ii = 1 to x
if asc(mid(txt,ii,1))>0 and asc(mid(txt,ii,1))<=255 then
y = y + 1
else
y = y + 2
end if
Next
if y>length Then
response.redirect "admin_main.asp?action="&action&"&txtname='"&txtname&"'&length='"&length&"'"
end if
End Function
'====================================
'显示分页函数
'====================================
function fy(obj)
if rs.pagecount=0 or rs.pagecount=1 then
response.write "1"
elseif rs.pagecount>=2 then
if page_no<=4 and rs.pagecount<=7 then
for a=1 to rs.pagecount
if session("page_no")=a then
response.write ""&a&"|"
else
response.write "<a href="&obj&"page_no="&a&">"&a&"</a>|"
end if
next
elseif page_no<=4 and rs.pagecount>7 then
for a=1 to 7
if session("page_no")=a then
response.write ""&a&"|"
else
response.write "<a href="&obj&"page_no="&a&">"&a&"</a>|"
end if
next
response.write "<a href="&obj&"page_no="&rs.pagecount&" title=最后一页>>></a>"
elseif page_no>4 and rs.pagecount<=7 then
for a=1 to rs.pagecount
if session("page_no")=a then
response.write ""&a&"|"
else
response.write "<a href="&obj&"page_no="&a&">"&a&"</a>|"
end if
next
elseif page_no>4 and rs.pagecount>7 and page_no+3<=rs.pagecount then
response.write "<a href="&obj&"page_no=1 title=第一页><<</a>"
for a=page_no-3 to page_no+3
if session("page_no") then
response.write ""&a&"|"
else
response.write "<a href="&obj&"page_no="&a&">"&a&"</a>|"
end if
next
response.write "<a href="&obj&"page_no="&rs.pagecount&" title=最后一页>>></a>"
elseif page_no+3>rs.pagecount then
response.write "<a href="&obj&"page_no=1 title=第一页><<</a>"
for a=rs.pagecount-6 to rs.pagecount
if session("page_no")=a then
response.write ""&a&"|"
else
response.write "<a href="&obj&"page_no="&a&">"&a&"</a>|"
end if
next
end if
end if
end Function
'====================================
'日历
'====================================
Sub Calendar(C_Year,C_Month,C_Day)
ReDim Link_Days(2,0)
Dim Link_Count
Link_Count=0
Dim This_Year,This_Month,This_Day,RS_Month,Link_TF
IF C_Year=Empty Then C_Year=Year(Now())
IF C_Month=Empty Then C_Month=Month(Now())
IF C_Day=Empty Then C_Day=0
C_Year=Cint(C_Year)
C_Month=Cint(C_Month)
C_Day=Cint(C_Day)
This_Year=C_Year
This_Month=C_Month
This_Day=C_Day
Dim To_Day,To_Month,To_Year
To_Day=Cint(Day(Now()))
To_Month=Cint(Month(Now()))
To_Year=Cint(Year(Now()))
SQL="SELECT content_year,content_month,content_day FROM blog_Content WHERE content_year="&C_Year&" AND content_month="&C_Month&" ORDER BY content_day"
Set RS_Month=Server.CreateObject("ADODB.RecordSet")
RS_Month.Open SQL,db,1,1
SQLQueryNums=SQLQueryNums+1
Dim the_Day
the_Day=0
Do While NOT RS_Month.EOF
IF RS_Month("content_day")<>the_Day Then
the_Day=RS_Month("content_day")
ReDim PreServe Link_Days(2,Link_Count)
Link_Days(0,Link_Count)=RS_Month("content_month")
Link_Days(1,Link_Count)=RS_Month("content_day")
Link_Days(2,Link_Count)="index.asp?log_Year="&RS_Month("content_year")&"&log_Month="&RS_Month("content_month")&"&log_Day="&RS_Month("content_day")
Link_Count=Link_Count+1
End IF
RS_Month.MoveNext
Loop
RS_Month.Close
Set RS_Month=Nothing
Dim Month_Name(12)
Month_Name(0)=""
Month_Name(1)="1"
Month_Name(2)="2"
Month_Name(3)="3"
Month_Name(4)="4"
Month_Name(5)="5"
Month_Name(6)="6"
Month_Name(7)="7"
Month_Name(8)="8"
Month_Name(9)="9"
Month_Name(10)="10"
Month_Name(11)="11"
Month_Name(12)="12"
Dim Month_Days(12)
Month_Days(0)=""
Month_Days(1)=31
Month_Days(2)=28
Month_Days(3)=31
Month_Days(4)=30
Month_Days(5)=31
Month_Days(6)=30
Month_Days(7)=31
Month_Days(8)=31
Month_Days(9)=30
Month_Days(10)=31
Month_Days(11)=30
Month_Days(12)=31
If IsDate("February 29, " & This_Year) Then Month_Days(2)=29
Dim Start_Week
Start_Week=WeekDay(C_Month&"-1-"&C_Year)-1
Dim Next_Month,Next_Year,Pro_Month,Pro_Year
Next_Month=C_Month+1
Next_Year=C_Year
IF Next_Month>12 then
Next_Month=1
Next_Year=Next_Year+1
End IF
Pro_Month=C_Month-1
Pro_Year=C_Year
IF Pro_Month<1 then
Pro_Month=12
Pro_Year=Pro_Year-1
End IF
Response.Write "<table width=100% border=0 align=center cellpadding=2 cellspacing=1><tr><td colspan=7 align=center><a href=index.asp?log_Year="&C_Year-1&" title=上一年><span class=arrow>7</span></a><a href=index.asp?log_Year="&Pro_Year&"&log_Month="&Pro_Month&" title=上一月><span class=arrow>3</span></a> <strong>"&C_Year&" - "&Month_Name(C_Month)&"</strong> <a href=index.asp?log_Year="&Next_Year&"&log_Month="&Next_Month&" title=下一月><span class=arrow>4</span></a><a href=index.asp?log_Year="&C_Year+1&" title=下一年><span class=arrow>8</span></a></td></tr><tr class=calendar-week>"
Response.Write("<td>日</td><td>一</td><td>二</td><td>三</td><td>四</td><td>五</td><td>六</td></tr><tr>")
Dim i,j,k,l,m
For i=0 TO Start_Week-1
Response.Write("<td> </td>")
Next
Dim This_BGColor
j=1
While j<=month_Days(This_Month)
For k=start_Week To 6
This_BGColor="calendar"
IF j=To_Day AND This_Year=To_Year AND This_Month=To_Month Then This_BGColor="calendar-today"
this_daylink="daylink"
IF j=This_Day Then This_BGColor="calendar-thisday"
this_daylink="thisdaylink"
Response.Write("<td class="""&This_BGColor&""">")
Link_TF="Flase"
For l=0 TO Ubound(Link_Days,2)
IF Link_Days(0,l)<>"" Then
IF Link_Days(0,l)=This_Month AND Link_Days(1,l)=j Then
If j=to_day and this_year=to_year And this_month=to_month then
Response.Write("<a href="""&Link_Days(2,l)&""" class="""&this_daylink&""">")
ElseIf j=this_day Then
Response.Write("<a href="""&Link_Days(2,l)&""" class="""&this_daylink&""">")
Else
Response.Write("<a href="""&Link_Days(2,l)&""">")
End if
Link_TF="True"
End IF
End IF
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -