📄 saferequest.asp
字号:
<%
'--- 传入参数 ---
'ParaName:参数名称-字符型
'ParaType:参数类型-数字型(1:数字,0:字符)
Function SafeRequest(ParaName,ParaType)
Dim ParaValue
ParaValue=ParaName
If ParaType=1 then
IF ParaValue<>"" Then
If not isNumeric(ParaValue) then
Response.write "<p align='center'><font color='red'>参数错误!"
Response.end
End if
End if
Else
ParaValue=replace(ParaValue,"'","''")
ParaValue=replace(ParaValue,"select","''")
ParaValue=replace(ParaValue,"count","''")
ParaValue=replace(ParaValue,"len","''")
ParaValue=replace(ParaValue,"from","''")
ParaValue=replace(ParaValue,"where","''")
ParaValue=replace(ParaValue,"and","''")
ParaValue=replace(ParaValue,"delete","''")
ParaValue=replace(ParaValue,"values","''")
ParaValue=replace(ParaValue,"insert","''")
ParaValue=replace(ParaValue,"into","''")
ParaValue=replace(ParaValue,"table","''")
ParaValue=replace(ParaValue,"update","''")
ParaValue=replace(ParaValue,"set","''")
End if
SafeRequest=ParaValue
End function
%>⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -