📄 conn.asp
字号:
<%
'########################################
'
'XinYou-pK(CMS)(v1.0)拼客内容管理系统
'
'使用过程中,如有问题,请联系QQ:16129825 E-mail:liuxing99@tom.com
'
'演示地址:http://www.XinYou88.net
'
'程序简单易用,基本设置都有后台设置,不需要专业的知识就可以建立一个拼客网站
'
'如有BUG,请通知一声,谢谢!!!
'
'########################################
%>
<%
dim conn,db
dim connstr
db="Db/#chenxinyou88.mdb" '数据库文件位置
on error resume next
connstr="DBQ="+server.mappath(""&db&"")+";DefaultDir=;DRIVER={Microsoft Access Driver (*.mdb)};"
set conn=server.createobject("ADODB.CONNECTION")
if err then
err.clear
else
conn.open connstr
end if
sub CloseConn()
conn.close
set conn=nothing
end sub
%>
<%
'检测是否有效的数字-----------------
Function IsInteger(Para)
IsInteger=False
If Not (IsNull(Para) Or Trim(Para)="" Or Not IsNumeric(Para)) Then
IsInteger=True
End If
End Function
'检查无效字符----------------------
Function CheckStr(byVal ChkStr)
Dim Str:Str=ChkStr
Str=Trim(Str)
If IsNull(Str) Then
CheckStr = ""
Exit Function
End If
Dim re
Set re=new RegExp
re.IgnoreCase =True
re.Global=True
re.Pattern="(\r\n){3,}"
Str=re.Replace(Str,"$1$1$1")
Set re=Nothing
Str = Replace(Str,"'","''")
Str = Replace(Str, "!!!", "!")
Str = Replace(Str, "★★★", "★")
CheckStr=Str
End Function
'转换HTML代码-----------------------
Function HTMLDecode(reString)
Dim Str:Str=reString
If Not IsNull(Str) Then
Str = Replace(Str, "&", "&")
Str = Replace(Str, ">", ">")
Str = Replace(Str, "<", "<")
Str = Replace(Str, " ", CHR(32))
Str = Replace(Str, " ", CHR(9))
Str = Replace(Str, "    ", CHR(9))
Str = Replace(Str, """, CHR(34))
Str = Replace(Str, "'", CHR(39))
Str = Replace(Str, "", CHR(13))
Str = Replace(Str, "<br>", CHR(10))
HTMLDecode = Str
End If
End Function
'--------SQL防注入定义部份------------------
Fy_In = "or|join|union|like|modify|cast|drop|exec|insert|select|delete|update|count|alter|rename|chr|mid|truncate|char|declare|'"
Fy_Inf = split(Fy_In,"|")
'--------POST部份------------------
If Request.Form<>"" Then
For Each Fy_Post In Request.Form
For Fy_Xh=0 To Ubound(Fy_Inf)
If Instr(LCase(Request.Form(Fy_Post)),Fy_Inf(Fy_Xh))<>0 Then
Response.Write "<Script Language=JavaScript>alert('对不起!\n\n请不要输入非法字符!');history.back();</Script>"
Response.End
End If
Next
Next
End If
'--------GET部份-------------------
If Request.QueryString<>"" Then
For Each Fy_Get In Request.QueryString
For Fy_Xh=0 To Ubound(Fy_Inf)
If Instr(LCase(Request.QueryString(Fy_Get)),Fy_Inf(Fy_Xh))<>0 Then
Response.Write "<Script Language=JavaScript>alert('对不起!\n\n请不要输入非法字符!');history.back();</Script>"
Response.End
End If
Next
Next
End If
%>⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -