safe_info.asp
来自「一个诚信信息港门户网 功能: 系统设置 企业会员 个人」· ASP 代码 · 共 139 行
ASP
139 行
<%
'过滤SQL非法字符并格式化html代码
function Replace_Text(fString)
if isnull(fString) then
Replace_Text=""
exit function
else
fString=trim(fString)
fString=replace(fString,"'","''")
fString=replace(fString,";",";")
fString=replace(fString,"--","—")
fString=server.htmlencode(fString)
Replace_Text=fString
end if
end function
'会员发布的各种信息过滤
'Function Replace_Text(fString)
'If Not IsNull(fString) Then
'fString = trim(fString)
'fString = replace(fString, ";", ";") '分号过滤
'fString = replace(fString, "--", "——") '--过滤
'fString = replace(fString, "%20", "") '特殊字符过滤
'fString = replace(fString, "==", "") '==过滤
'fString = replace(fString, ">", ">")
'fString = replace(fString, "<", "<")
'fString = Replace(fString, CHR(32), " ") '
'fString = Replace(fString, CHR(9), " ") '
'fString = Replace(fString, CHR(34), """)
'fString = Replace(fString, CHR(39), "'") '单引号过滤
'fString = Replace(fString, CHR(13), "")
'fString = Replace(fString, CHR(10) & CHR(10), "</P><P> ")
'fString = Replace(fString, CHR(10), "<BR> ")
'Replace_Text = fString
'End If
'End Function
'过滤SQL非法字符
Function checkStr(Chkstr)
dim Str:Str=Chkstr
if isnull(Str) then
checkStr = ""
exit Function
else
Str=replace(Str,"'","")
Str=replace(Str,";","")
Str=replace(Str,"--","")
checkStr=Str
end if
End Function
'检测传递的参数是否为数字型
Function Chkrequest(Para)
Chkrequest=False
If Not (IsNull(Para) Or Trim(Para)="" Or Not IsNumeric(Para)) Then
Chkrequest=True
End If
End Function
'检测传递的参数是否为日期型
Function Chkrequestdate(Para)
Chkrequestdate=False
If Not (IsNull(Para) Or Trim(Para)="" Or Not IsDate(Para)) Then
Chkrequestdate=True
End If
End Function
'得到当前页面的地址
Function GetUrl()
On Error Resume Next
Dim strTemp
If LCase(Request.ServerVariables("HTTPS")) = "off" Then
strTemp = "http://"
Else
strTemp = "https://"
End If
strTemp = strTemp & CheckStr(Request.ServerVariables("SERVER_NAME"))
If Request.ServerVariables("SERVER_PORT") <> 80 Then strTemp = strTemp & ":" & CheckStr(Request.ServerVariables("SERVER_PORT"))
strTemp = strTemp & CheckStr(Request.ServerVariables("URL"))
If Trim(Request.QueryString) <> "" Then strTemp = strTemp & "?" & CheckStr(Trim(Request.QueryString))
GetUrl = strTemp
End Function
'Function CheckReferer() '检查用户是否在浏览器里输入了本页的地址
' Dim sReferer, Icheck
' CheckReferer = True
' sReferer = Request.ServerVariables("HTTP_REFERER")
' ServerIP = Request.ServerVariables("LOCAL_ADDR")
' Icheck = InStr(sReferer, "ServerIP")
' If Icheck = 0 Then
' CheckReferer = False
' End If
'End Function
'日期格式化
Function FormatDate(DT,tp)
dim Y,M,D
Y=Year(DT)
M=month(DT)
D=Day(DT)
if M<10 then M="0"&M
if D<10 then D="0"&D
select case tp
case 1 FormatDate=Y&"年"&M&"月"&D&"日"
case 2 FormatDate=Y&"-"&M&"-"&D
end select
End Function
'不允许外部提交数据的选择
Function ChkPost()
dim HTTP_REFERER,SERVER_NAME
dim server_v1,server_v2
chkpost=false
SERVER_NAME=CheckStr(Request.ServerVariables("SERVER_NAME"))
HTTP_REFERER=CheckStr(Request.ServerVariables("HTTP_REFERER"))
server_v1=Cstr(HTTP_REFERER)
server_v2=Cstr(SERVER_NAME)
if mid(server_v1,8,len(server_v2))<>server_v2 then
chkpost=false
else
chkpost=true
end if
End Function
'构造上传图片文件名随机数
function MakedownName()
dim fname
fname = now()
fname = replace(fname,"-","")
fname = replace(fname," ","")
fname = replace(fname,":","")
fname = replace(fname,"PM","")
fname = replace(fname,"AM","")
fname = replace(fname,"上午","")
fname = replace(fname,"下午","")
fname = int(fname) + int((10-1+1)*Rnd + 1)
MakedownName=fname
end function
%>⌨️ 快捷键说明
复制代码Ctrl + C
搜索代码Ctrl + F
全屏模式F11
增大字号Ctrl + =
减小字号Ctrl + -
显示快捷键?