📄 cls_main.asp
字号:
End Function
'================================================
'函数名:CheckInfuse
'作 用:防止SQL注入
'参 数:str ----原字符串
' strLen ----提交字符串长度
'================================================
Public Function CheckInfuse(ByVal str, ByVal strLen)
Dim strUnsafe, arrUnsafe
Dim i
If Trim(str) = "" Then
CheckInfuse = ""
Exit Function
End If
str = Left(str, strLen)
On Error Resume Next
strUnsafe = "'|^|;|and|exec|insert|select|delete|update|count|*|%|chr|mid|master|truncate|char|declare"
If Trim(str) <> "" Then
If Len(str) > strLen Then
Response.Write "<Script Language=JavaScript>alert('安全系统提示↓\n\n您提交的字符数超过了限制!');history.back(-1)</Script>"
CheckInfuse = ""
Response.End
End If
arrUnsafe = Split(strUnsafe, "|")
For i = 0 To UBound(arrUnsafe)
If InStr(1, str, arrUnsafe(i), 1) > 0 Then
Response.Write "<Script Language=JavaScript>alert('安全系统提示↓\n\n请不要在参数中包含非法字符!');history.back(-1)</Script>"
CheckInfuse = ""
Response.End
End If
Next
End If
CheckInfuse = Trim(str)
Exit Function
If Err.Number <> 0 Then
Err.Clear
Response.Write "<Script Language=JavaScript>alert('安全系统提示↓\n\n请不要在参数中包含非法字符!');history.back(-1)</Script>"
CheckInfuse = ""
Response.End
End If
End Function
Public Sub PreventInfuse()
On Error Resume Next
Dim SQL_Nonlicet, arrNonlicet
Dim PostRefer, GetRefer, Sql_DATA
SQL_Nonlicet = "'|;|^|and|exec|insert|select|delete|update|count|*|%|chr|mid|master|truncate|char|declare"
arrNonlicet = Split(SQL_Nonlicet, "|")
If Request.Form <> "" Then
For Each PostRefer In Request.Form
For Sql_DATA = 0 To UBound(arrNonlicet)
If InStr(1, Request.Form(PostRefer), arrNonlicet(Sql_DATA), 1) > 0 Then
Response.Write "<Script Language=JavaScript>alert('安全系统提示↓\n\n请不要在参数中包含非法字符!');history.back(-1)</Script>"
Response.End
End If
Next
Next
End If
If Request.QueryString <> "" Then
For Each GetRefer In Request.QueryString
For Sql_DATA = 0 To UBound(arrNonlicet)
If InStr(1, Request.QueryString(GetRefer), arrNonlicet(Sql_DATA), 1) > 0 Then
Response.Write "<Script Language=JavaScript>alert('安全系统提示↓\n\n请不要在参数中包含非法字符!');history.back(-1)</Script>"
Response.End
End If
Next
Next
End If
End Sub
'================================================
'函数名:ChkQueryStr
'作 用:过虑查询的非法字符
'参 数:str ----原字符串
'返回值:过滤后的字符
'================================================
Public Function ChkQueryStr(ByVal str)
On Error Resume Next
If IsNull(str) Then
ChkQueryStr = ""
Exit Function
End If
str = Replace(str, "!", "")
str = Replace(str, "]", "")
str = Replace(str, "[", "")
str = Replace(str, ")", "")
str = Replace(str, "(", "")
str = Replace(str, "|", "")
str = Replace(str, "+", "")
str = Replace(str, "=", "")
str = Replace(str, "@", "")
str = Replace(str, "'", "''")
str = Replace(str, "%", "")
str = Replace(str, "&", "")
str = Replace(str, "#", "")
str = Replace(str, "^", "")
str = Replace(str, "《", "")
str = Replace(str, "》", "")
str = Replace(str, " ", " ")
str = Replace(str, Chr(37), "")
str = Replace(str, Chr(0), "")
ChkQueryStr = str
End Function
'================================================
'过程名:CheckQuery
'作 用:限制搜索的关键字
'参 数:str ----搜索的字符串
'返回值:True; False
'================================================
Public Function CheckQuery(ByVal str)
Dim FobWords, i, keyword
keyword = str
On Error Resume Next
FobWords = Array(91, 92, 304, 305, 430, 431, 437, 438, 12460, 12461, 12462, 12463, 12464, 12465, 12466, 12467, 12468, 12469, 12470, 12471, 12472, 12473, 12474, 12475, 12476, 12477, 12478, 12479, 12480, 12481, 12482, 12483, 12485, 12486, 12487, 12488, 12489, 12490, 12496, 12497, 12498, 12499, 12500, 12501, 12502, 12503, 12504, 12505, 12506, 12507, 12508, 12509, 12510, 12532, 12533, 65339, 65340)
For i = 1 To UBound(FobWords, 1)
If InStr(keyword, ChrW(FobWords(i))) > 0 Then
CheckQuery = False
Exit Function
End If
Next
FobWords = Array("~", "!", "@", "#", "$", "%", "^", "&", "*", "(", ")", "_", "+", "=", "`", "[", "]", "{", "}", ";", ":", """", "'", "<", ">", ".", "/", "\", "|", "?", "about", "after", "all", "also", "an", "and", "another", "any", "are", "as", "at", "be", "because", "been", "before", "being", "between", "both", "but", "by", "came", "can", "come", "could", "did", "do", "each", "for", "from", "get", "got", "had", "has", "have", "he", "her", "here", "him", "himself", "his", "how", "if", "in", "into", "is", "it", "like", "make", "many", "me", "might", "more", "most", "much", "must", "my", "never", "now", "of", "on", "only", "or", "other", "our", "out", "over", "said", "same", "see", "should", "since", "some", "still", "such", "take", "than", "that", "the", "their", "them", "then", "there", "these", "they", "this")
keyword = Left(keyword, 100)
keyword = Replace(keyword, "!", " ")
keyword = Replace(keyword, "]", " ")
keyword = Replace(keyword, "[", " ")
keyword = Replace(keyword, ")", " ")
keyword = Replace(keyword, "(", " ")
keyword = Replace(keyword, " ", " ")
keyword = Replace(keyword, "-", " ")
keyword = Replace(keyword, "/", " ")
keyword = Replace(keyword, "+", " ")
keyword = Replace(keyword, "=", " ")
keyword = Replace(keyword, ",", " ")
keyword = Replace(keyword, "'", " ")
For i = 0 To UBound(FobWords, 1)
If keyword = FobWords(i) Then
CheckQuery = False
Exit Function
End If
Next
CheckQuery = True
End Function
'================================================
'函数名:IsValidStr
'作 用:判断字符串中是否含有非法字符
'参 数:str ----原字符串
'返回值:False,True -----布尔值
'================================================
Public Function IsValidStr(ByVal str)
IsValidStr = False
On Error Resume Next
If IsNull(str) Then Exit Function
If Trim(str) = Empty Then Exit Function
Dim ForbidStr, i
ForbidStr = "and|chr|:|=|%|&|$|#|@|+|-|*|/|\|<|>|;|,|^|" & Chr(32) & "|" & Chr(34) & "|" & Chr(39) & "|" & Chr(9)
ForbidStr = Split(ForbidStr, "|")
For i = 0 To UBound(ForbidStr)
If InStr(1,str, ForbidStr(i),1) > 0 Then
IsValidStr = False
Exit Function
End If
Next
IsValidStr = True
End Function
'================================================
'函数名:IsValidPassword
'作 用:判断密码中是否含有非法字符
'参 数:str ----原字符串
'返回值:False,True -----布尔值
'================================================
Public Function IsValidPassword(ByVal str)
IsValidPassword = False
On Error Resume Next
If IsNull(str) Then Exit Function
If Trim(str) = Empty Then Exit Function
Dim ForbidStr, i
ForbidStr = "*|^|;|,|" & Chr(32) & "|" & Chr(34) & "|" & Chr(39) & "|" & Chr(9)
ForbidStr = Split(ForbidStr, "|")
For i = 0 To UBound(ForbidStr)
If InStr(1, str, ForbidStr(i), 1) > 0 Then
IsValidPassword = False
Exit Function
End If
Next
IsValidPassword = True
End Function
'================================================
'函数名:IsValidChar
'作 用:判断字符串中是否含有非法字符和中文
'参 数:str ----原字符串
'返回值:False,True -----布尔值
'================================================
Public Function IsValidChar(ByVal str)
IsValidChar = False
On Error Resume Next
If IsNull(str) Then Exit Function
If Trim(str) = Empty Then Exit Function
Dim ValidStr
Dim i, l, s, c
ValidStr = "ABCDEFGHIJKLMNOPQRSTUVWXYZ.-_:~\/0123456789"
l = Len(str)
s = UCase(str)
For i = 1 To l
c = Mid(s, i, 1)
If InStr(ValidStr, c) = 0 Then
IsValidChar = False
Exit Function
End If
Next
IsValidChar = True
End Function
'================================================
'函数名:FormatDate
'作 用:格式化日期
'参 数:DateAndTime ----原日期和时间
' para ----日期格式
'返回值:格式化后的日期
'================================================
Public Function GetYMD(Cnext)
On Error Resume Next
Dim y, m, d
y=CStr(year(date()))
m=CStr(month(date()))
d=CStr(day(date()))
if len(d)=1 then d="0"&d
if len(m)=1 then m="0"&m
if IsNumeric(Cnext) then
GetYMD=y&m&d
else
GetYMD=y&Cnext&m&Cnext&d
end if
End Function
Public Function GetHMS(Cnext)
On Error Resume Next
Dim h, mi, s
h=CStr(Hour(now()))
mi=CStr(Minute(now()))
s=CStr(Second(now()))
If Len(h) = 1 Then h = "0" & h
if len(mi) = 1 then mi = "0" & mi
if len(s) = 1 then s = "0" & s
if IsNumeric(Cnext) then
GetHMS=h&mi&s
else
GetHMS=h&Cnext&mi&Cnext&s
end if
End Function
Public Function FormatDate(DateAndTime, para)
On Error Resume Next
Dim y, m, d, h, mi, s, strDateTime
FormatDate = DateAndTime
If Not IsNumeric(para) Then Exit Function
If Not IsDate(DateAndTime) Then Exit Function
y = CStr(Year(DateAndTime))
m = CStr(Month(DateAndTime))
If Len(m) = 1 Then m = "0" & m
d = CStr(Day(DateAndTime))
If Len(d) = 1 Then d = "0" & d
h = CStr(Hour(DateAndTime))
If Len(h) = 1 Then h = "0" & h
mi = CStr(Minute(DateAndTime))
If Len(mi) = 1 Then mi = "0" & mi
s = CStr(Second(DateAndTime))
If Len(s) = 1 Then s = "0" & s
we=weekday(DateAndTime)
select case we
case 2: weekstr="星期一"
case 3: weekstr="星期二"
case 4: weekstr="星期三"
case 5: weekstr="星期四"
case 6: weekstr="星期五"
case 7: weekstr="星期六"
case 1: weekstr="星期日"
end select
Select Case para
Case "1":strDateTime = y & "-" & m & "-" & d & " " & h & ":" & mi & ":" & s
Case "2":strDateTime = y & "-" & m & "-" & d
Case "3":strDateTime = y & "/" & m & "/" & d
Case "4":strDateTime = y & "年" & m & "月" & d & "日"
Case "5":strDateTime = m & "-" & d
Case "6":strDateTime = m & "/" & d
Case "7":strDateTime = m & "月" & d & "日"
Case "8":strDateTime = y & "年" & m & "月"
Case "9":strDateTime = y & "-" & m
Case "10":strDateTime = y & "/" & m
Case "11":strDateTime = y & "年" & m & "月" & d & "日 " &weekstr
Case Else
strDateTime = DateAndTime
End Select
FormatDate = strDateTime
End Function
'================================================
'函数名:ReadFontMode
'作 用:读取字体模式
'参 数:str ----原字符串
' vColor -----颜色的值
' vFont -----字体的值
'返回值:新字符串
'================================================
Public Function ReadFontMode(str, vColor, vFont)
Dim FontStr, tColor
Dim ColorStr, arrColor
If IsNull(str) Then
ReadFontMode = ""
Exit Function
End If
ReadFontMode = str
On Error Resume Next
If Not IsNumeric(vColor) Then Exit Function
If Not IsNumeric(vFont) Then Exit Function
Select Case CInt(vFont)
Case 1
FontStr = "<b>" & str & "</b>"
Case 2
FontStr = "<em>" & str & "</em>"
Case 3
FontStr = "<u>" & str & "</u>"
Case 4
FontStr = "<b><em>" & str & "</em></b>"
Case 5
FontStr = "<b><u>" & str & "</u></b>"
Case 6
FontStr = "<em><u>" & str & "</u></em>"
Case 7
FontStr = "<b><em><u>" & str & "</u></em></b>"
Case Else
FontStr = str
End Select
ReadFontMode = FontStr
ColorStr="red,green,"
If vColor = "" Or vColor = 0 Then Exit Function
ColorStr = "," & InitTitleColor
arrColor = Split(ColorStr, ",")
If vColor > UBound(arrColor) Then Exit Function
tColor = Trim(arrColor(vColor))
ReadFontMode = "<font color=" & tColor & ">" & FontStr & "</font>"
End Function
Public Function StrColor(str, vColor)
StrColor = "<font color=" & vColor & ">" & str & "</font>"
End Function
'=============================================================
'================================================
'函数名:GetImageUrl
'作 用:获取图片URL
'================================================
Public Function GetImageUrl(ByVal url, ByVal ChannelDir)
On Error Resume Next
Dim strTempUrl, strImageUrl
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -