cls_main.asp

网络上经典的图片程序

	'参  数：str   ----原字符串
	'        strlen  ----显示字符长度
	'================================================
	Public Function GotTopic(ByVal str, ByVal strLen)
		Dim l, t, c, i
		Dim strTemp
		On Error Resume Next
		str = Trim(str)
		str = Replace(str, " ", " ")
		str = Replace(str, ">", ">")
		str = Replace(str, "&lt;", "<")
		str = Replace(str, "&#62;", ">")
		str = Replace(str, "&#60;", "<")
		str = Replace(str, "&#39;", "'")
		str = Replace(str, "&quot;", Chr(34))
		str = Replace(str, vbNewLine, "")
		l = Len(str)
		t = 0
		For i = 1 To l
			c = Abs(Asc(Mid(str, i, 1)))
			If c > 255 Then
				t = t + 2
			Else
				t = t + 1
			End If
			If t >= strLen Then
				strTemp = Left(str, i) & ".."
				Exit For
			Else
				strTemp = str & ""
			End If
		Next
		GotTopic = CheckTopic(strTemp)
	End Function
	Public Function CheckTopic(ByVal strContent)
		Dim re
		On Error Resume Next
		Set re = New RegExp
		re.IgnoreCase = True
		re.Global = True
		re.Pattern = "(<s+cript(.+?)<\/s+cript>)"
		strContent = re.Replace(strContent, "")
		re.Pattern = "(<iframe(.+?)<\/iframe>)"
		strContent = re.Replace(strContent, "")
		re.Pattern = "(&#62;)"
		strContent = re.Replace(strContent, "&gt;")
		re.Pattern = "(&#60;)"
		strContent = re.Replace(strContent, "&lt;")
		Set re = Nothing
		strContent = Replace(strContent, ">", "&gt;")
		strContent = Replace(strContent, "<", "&lt;")
		strContent = Replace(strContent, "'", "&#39;")
		strContent = Replace(strContent, Chr(34), "&quot;")
		strContent = Replace(strContent, "%", "％")
		strContent = Replace(strContent, vbNewLine, "")
		CheckTopic = Trim(strContent)
	End Function
	'================================================
	'函数名：ReadTopic
	'作  用：显示字符串长度
	'参  数：str   ----原字符串
	'        strlen  ----显示字符长度
	'================================================
	Public Function ReadTopic(ByVal str, ByVal strLen)
		Dim l, t, c, i
		On Error Resume Next
		str = Replace(str, "&nbsp;", " ")
		If Len(str) < strLen Then
			str = str & String(strLen - Len(str), ".")
		Else
			str = str
		End If
		l = Len(str)
		t = 0
		For i = 1 To l
			c = Abs(Asc(Mid(str, i, 1)))
			If c > 255 Then
				t = t + 2
			Else
				t = t + 1
			End If
			If t >= strLen Then
				ReadTopic = Left(str, i) & "..."
				Exit For
			Else
				ReadTopic = str & "..."
			End If
		Next
	End Function
	'================================================
	'函数名：strLength
	'作  用：计字符串长度
	'参  数：str   ----字符串
	'================================================
	Public Function strLength(ByVal str)
		On Error Resume Next
		If IsNull(str) Or str = "" Then
			strLength = 0
			Exit Function
		End If
		Dim WINNT_CHINESE
		WINNT_CHINESE = (Len("例子") = 2)
		If WINNT_CHINESE Then
			Dim l, t
			Dim i, c
			l = Len(str)
			t = l
			For i = 1 To l
				c = Asc(Mid(str, i, 1))
				If c < 0 Then c = c + 65536
				If c > 255 Then t = t + 1
			Next
			strLength = t
		Else
			strLength = Len(str)
		End If
	End Function
	'=================================================
	'函数名：isInteger
	'作  用：判断数字是否整型
	'参  数：para ----参数
	'=================================================
	Public Function isInteger(ByVal para)
		On Error Resume Next
		Dim str
		Dim l, i
		If IsNull(para) Then
			isInteger = False
			Exit Function
		End If
		str = CStr(para)
		If Trim(str) = "" Then
			isInteger = False
			Exit Function
		End If
		l = Len(str)
		For i = 1 To l
			If Mid(str, i, 1) > "9" Or Mid(str, i, 1) < "0" Then
				isInteger = False
				Exit Function
			End If
		Next
		isInteger = True
		If Err.Number <> 0 Then Err.Clear
	End Function
	Public Function CutString(ByVal str, ByVal strLen)
		'On Error Resume Next
		
		Dim HtmlStr, l, re, strContent		
		HtmlStr = str
		
		Set re = New RegExp
		re.IgnoreCase = True
		re.Global = True
		re.Pattern = "\[br\]"
		HtmlStr = re.Replace(HtmlStr, "")
		re.Pattern = "\[align=right\](.*)\[\/align\]"
		HtmlStr = re.Replace(HtmlStr, "")
		re.Pattern = "([\f\n\r\t\v])"
		HtmlStr = re.Replace(HtmlStr, "")
		re.Pattern = "<(.[^>]*)>"
		HtmlStr = re.Replace(HtmlStr, "")
		Set re = Nothing
		HtmlStr = Replace(HtmlStr, "&nbsp;", "")
		HtmlStr = Replace(HtmlStr, "&quot;", Chr(34))
		HtmlStr = Replace(HtmlStr, "&#39;", Chr(39))
		HtmlStr = Replace(HtmlStr, "&#123;", Chr(123))
		HtmlStr = Replace(HtmlStr, "&#125;", Chr(125))
		HtmlStr = Replace(HtmlStr, "&#36;", Chr(36))
		HtmlStr = Replace(HtmlStr, vbCrLf, "")
		HtmlStr = Replace(HtmlStr, "====", "")
		HtmlStr = Replace(HtmlStr, "----", "")
		HtmlStr = Replace(HtmlStr, "////", "")
		HtmlStr = Replace(HtmlStr, "\\\\", "")
		HtmlStr = Replace(HtmlStr, "####", "")
		HtmlStr = Replace(HtmlStr, "@@@@", "")
		HtmlStr = Replace(HtmlStr, "****", "")
		HtmlStr = Replace(HtmlStr, "~~~~", "")
		HtmlStr = Replace(HtmlStr, "≡≡≡", "")
		HtmlStr = Replace(HtmlStr, "++++", "")
		HtmlStr = Replace(HtmlStr, "::::", "")
		HtmlStr = Replace(HtmlStr, " ", "")

		HtmlStr = Replace(HtmlStr, "&gt;", ">")
		HtmlStr = Replace(HtmlStr, "&lt;", "<")
		l = Len(HtmlStr)
		If l >= strLen Then
			strContent = Left(HtmlStr, strLen) & "..."
		Else
			strContent = HtmlStr & " "
		End If
		strContent = Replace(strContent, Chr(34), "&quot;")
		strContent = Replace(strContent, Chr(39), "&#39;")
		strContent = Replace(strContent, Chr(36), "&#36;")
		strContent = Replace(strContent, Chr(123), "&#123;")
		strContent = Replace(strContent, Chr(125), "&#125;")
		strContent = Replace(strContent, ">", "&gt;")
		strContent = Replace(strContent, "<", "&lt;")
		CutString = strContent
	End Function
	'================================================
	'函数名：CheckInfuse
	'作  用：防止SQL注入
	'参  数：str   ----原字符串
	'        strLen  ----提交字符串长度
	'================================================
	Public Function CheckInfuse(ByVal str, ByVal strLen)
		Dim strUnsafe, arrUnsafe
		Dim i
		
		If Trim(str) = "" Then
			CheckInfuse = ""
			Exit Function
		End If
		str = Left(str, strLen)
		
		On Error Resume Next
		strUnsafe = "'|^|;|and|exec|insert|select|delete|update|count|*|%|chr|mid|master|truncate|char|declare"
		If Trim(str) <> "" Then
			If Len(str) > strLen Then
				Response.Write "<Script Language=JavaScript>alert('安全系统提示↓\n\n您提交的字符数超过了限制！');history.back(-1)</Script>"
				CheckInfuse = ""
				Response.End
			End If
			arrUnsafe = Split(strUnsafe, "|")
			For i = 0 To UBound(arrUnsafe)
				If InStr(1, str, arrUnsafe(i), 1) > 0 Then
					Response.Write "<Script Language=JavaScript>alert('安全系统提示↓\n\n请不要在参数中包含非法字符！');history.back(-1)</Script>"
					CheckInfuse = ""
					Response.End
				End If
			Next
		End If
		CheckInfuse = Trim(str)
		Exit Function
		If Err.Number <> 0 Then
			Err.Clear
			Response.Write "<Script Language=JavaScript>alert('安全系统提示↓\n\n请不要在参数中包含非法字符！');history.back(-1)</Script>"
			CheckInfuse = ""
			Response.End
		End If
	End Function
	Public Sub PreventInfuse()
		On Error Resume Next
		Dim SQL_Nonlicet, arrNonlicet
		Dim PostRefer, GetRefer, Sql_DATA
		
		SQL_Nonlicet = "'|;|^|and|exec|insert|select|delete|update|count|*|%|chr|mid|master|truncate|char|declare"
		arrNonlicet = Split(SQL_Nonlicet, "|")
		If Request.Form <> "" Then
			For Each PostRefer In Request.Form
				For Sql_DATA = 0 To UBound(arrNonlicet)
					If InStr(1, Request.Form(PostRefer), arrNonlicet(Sql_DATA), 1) > 0 Then
					Response.Write "<Script Language=JavaScript>alert('安全系统提示↓\n\n请不要在参数中包含非法字符！');history.back(-1)</Script>"
					Response.End
					End If
				Next
			Next
		End If

		If Request.QueryString <> "" Then
			For Each GetRefer In Request.QueryString
				For Sql_DATA = 0 To UBound(arrNonlicet)
					If InStr(1, Request.QueryString(GetRefer), arrNonlicet(Sql_DATA), 1) > 0 Then
					Response.Write "<Script Language=JavaScript>alert('安全系统提示↓\n\n请不要在参数中包含非法字符！');history.back(-1)</Script>"
					Response.End
					End If
				Next
			Next
		End If
	End Sub
	'================================================
	'函数名：ChkQueryStr
	'作  用：过虑查询的非法字符
	'参  数：str   ----原字符串
	'返回值：过滤后的字符
	'================================================
	Public Function ChkQueryStr(ByVal str)
		On Error Resume Next
		If IsNull(str) Then
			ChkQueryStr = ""
			Exit Function
		End If
		str = Replace(str, "!", "")
		str = Replace(str, "]", "")
		str = Replace(str, "[", "")
		str = Replace(str, ")", "")
		str = Replace(str, "(", "")
		str = Replace(str, "|", "")
		str = Replace(str, "+", "")
		str = Replace(str, "=", "")
		str = Replace(str, "@", "")
		str = Replace(str, "'", "''")
		str = Replace(str, "%", "")
		str = Replace(str, "&", "")
		str = Replace(str, "#", "")
		str = Replace(str, "^", "")
		str = Replace(str, "《", "")
		str = Replace(str, "》", "")
		str = Replace(str, "&nbsp;", " ")
		str = Replace(str, Chr(37), "")
		str = Replace(str, Chr(0), "")
		ChkQueryStr = str
	End Function
	'================================================
	'过程名：CheckQuery
	'作  用：限制搜索的关键字
	'参  数：str ----搜索的字符串
	'返回值：True; False
	'================================================
	Public Function CheckQuery(ByVal str)
		Dim FobWords, i, keyword
		keyword = str
		On Error Resume Next
		FobWords = Array(91, 92, 304, 305, 430, 431, 437, 438, 12460, 12461, 12462, 12463, 12464, 12465, 12466, 12467, 12468, 12469, 12470, 12471, 12472, 12473, 12474, 12475, 12476, 12477, 12478, 12479, 12480, 12481, 12482, 12483, 12485, 12486, 12487, 12488, 12489, 12490, 12496, 12497, 12498, 12499, 12500, 12501, 12502, 12503, 12504, 12505, 12506, 12507, 12508, 12509, 12510, 12532, 12533, 65339, 65340)
		For i = 1 To UBound(FobWords, 1)
			If InStr(keyword, ChrW(FobWords(i))) > 0 Then
				CheckQuery = False
				Exit Function
			End If
		Next
		FobWords = Array("~", "!", "@", "#", "$", "%", "^", "&", "*", "(", ")", "_", "+", "=", "`", "[", "]", "{", "}", ";", ":", """", "'", "<", ">", ".", "/", "\", "|", "?", "about", "after", "all", "also", "an", "and", "another", "any", "are", "as", "at", "be", "because", "been", "before", "being", "between", "both", "but", "by", "came", "can", "come", "could", "did", "do", "each", "for", "from", "get", "got", "had", "has", "have", "he", "her", "here", "him", "himself", "his", "how", "if", "in", "into", "is", "it", "like", "make", "many", "me", "might", "more", "most", "much", "must", "my", "never", "now", "of", "on", "only", "or", "other", "our", "out", "over", "said", "same", "see", "should", "since", "some", "still", "such", "take", "than", "that", "the", "their", "them", "then", "there", "these", "they", "this")
		keyword = Left(keyword, 100)
		keyword = Replace(keyword, "!", " ")
		keyword = Replace(keyword, "]", " ")
		keyword = Replace(keyword, "[", " ")
		keyword = Replace(keyword, ")", " ")
		keyword = Replace(keyword, "(", " ")
		keyword = Replace(keyword, "　", " ")
		keyword = Replace(keyword, "-", " ")
		keyword = Replace(keyword, "/", " ")
		keyword = Replace(keyword, "+", " ")
		keyword = Replace(keyword, "=", " ")
		keyword = Replace(keyword, ",", " ")
		keyword = Replace(keyword, "'", " ")
		For i = 0 To UBound(FobWords, 1)
			If keyword = FobWords(i) Then
				CheckQuery = False
				Exit Function
			End If
		Next
		CheckQuery = True
	End Function
	'================================================
	'函数名：IsValidStr
	'作  用：判断字符串中是否含有非法字符
	'参  数：str   ----原字符串
	'返回值：False,True -----布尔值
	'================================================
	Public Function IsValidStr(ByVal str)
		IsValidStr = False
		On Error Resume Next
		If IsNull(str) Then Exit Function
		If Trim(str) = Empty Then Exit Function
		Dim ForbidStr, i
		ForbidStr = "and|chr|:|=|%|&|$|#|@|+|-|*|/|\|<|>|;|,|^|" & Chr(32) & "|" & Chr(34) & "|" & Chr(39) & "|" & Chr(9)
		ForbidStr = Split(ForbidStr, "|")
		For i = 0 To UBound(ForbidStr)
			If InStr(1,str, ForbidStr(i),1) > 0 Then
				IsValidStr = False
				Exit Function
			End If