标签:write close fun att amp SQ create rip cti
<% ‘************** ASPSecurity SQL 防注入************** ‘ Copyright 2006 ‘ Create:2006-4-06 ‘ Update:2006-6-01 ‘*************************************************** If Request.Form<>"" Then StopInjection(Request.Form) If Request.QueryString<>"" Then StopInjection(Request.QueryString) If Request.Cookies<>"" Then StopInjection(Request.Cookies) Function StopInjection(values) For Each N_Get In values Dim L_Get, L_Get2 For Each L_Get In values L_Get2 = values(L_Get) Set regEx = New RegExp regEx.IgnoreCase = True regEx.Global = True regEx.Pattern = "(\bselect\b|\sand\s|‘|\sdeclare\s)" If regEx.Test(L_Get2) Then Alert() response.End() End If Set regEx = Nothing Next Next End Function Sub Alert() Dim str str = "<"&"Script Language=JavaScript"&">" str = str & "alert(‘== 雷客图ASP站长安全助手检测到了危险字符,已经禁止本次提交 ==\n‘);window.close();" str = str & "<"&"/Script"&">" response.write str End Sub %>
标签:write close fun att amp SQ create rip cti
原文地址:https://www.cnblogs.com/klmyoil/p/9190804.html
