海浩网论坛

 找回密码
 关闭注册
搜索
热搜: 女囚槛 win7
查看: 1121|回复: 1
打印 上一主题 下一主题

万能的海浩阿,懂asp的进来看看吧 [复制链接]

UID
3695
注册时间
2002-1-2
帖子
589
精华
1
跳转到指定楼层
1#
发表于 2012-8-6 15:15:40 |只看该作者 |倒序浏览
网站的一些栏目点击以后,突然弹出这个页面,但是只要把ie的cookie都删掉了就好了,请问是怎么回事阿,应该如何修改

附件: 你需要登录才可以下载或查看附件。没有帐号?关闭注册
分享到: QQ空间QQ空间 腾讯微博腾讯微博 腾讯朋友腾讯朋友
分享分享0 收藏收藏0 支持支持0 反对反对0

UID
3695
注册时间
2002-1-2
帖子
589
精华
1
2#
发表于 2012-8-7 11:12:17 |只看该作者
conn.asp

Dim Conn,ConnStr
On error resume next
Set Conn=Server.CreateObject("Adodb.Connection")
'--------------------------------------------
If DbType = 1 Then
'--------------------------------------------
ConnStr="Provider=Sqloledb;User ID="&DBUser&";Password="&DBPsw&";Initial Catalog="&DBName&";Data Source="&DBServer&";"
'--------------------------------------------
ElseIf DbType = 0 Then
'--------------------------------------------
ConnStr="Provider=Microsoft.Jet.OLEDB.4.0;Data Source="&Server.MapPath(DBPath)
'--------------------------------------------
End If
'--------------------------------------------
Conn.open ConnStr
if err then
   err.clear
   Set Conn = Nothing
   Response.Write "系统错误:数据库连接出错,请检查连接字符串!"
   Response.End
end if
Sub CloseConn()
    On Error Resume Next
        Rs.Close:Set Rs=nothing
        Conn.close:Set Conn=nothing
End sub
'================================================
'ACCESS与SQL SERVER的SQL语句区别判断
'================================================
Dim ItemRecT,ItemRecF
If DbType = 1 Then
'--------------------------------------------
ItemRecT = "ItemRec = 1"
ItemRecF = "ItemRec = 0"
'--------------------------------------------
ElseIf DbType = 0 Then
'--------------------------------------------
ItemRecT = "ItemRec = True"
ItemRecF = "ItemRec = False"
'--------------------------------------------
End If
'================================================
'函名:CheckSql
'作用:防止SQl注入
'================================================
Function CheckSql(Str)
If Str = "" Then
  CheckSql = ""
  Exit Function  
End If
Str = Replace(Str,Chr(0),"", 1, -1, 1)
Str = Replace(Str, """", """, 1, -1, 1)
Str = Replace(Str,"<","&lt;", 1, -1, 1)
Str = Replace(Str,">","&gt;", 1, -1, 1)  
Str = Replace(Str, "script", "script", 1, -1, 0)
Str = Replace(Str, "SCRIPT", "SCRIPT", 1, -1, 0)
Str = Replace(Str, "Script", "Script", 1, -1, 0)
Str = Replace(Str, "script", "Script", 1, -1, 1)
Str = Replace(Str, "object", "object", 1, -1, 0)
Str = Replace(Str, "OBJECT", "OBJECT", 1, -1, 0)
Str = Replace(Str, "Object", "Object", 1, -1, 0)
Str = Replace(Str, "object", "Object", 1, -1, 1)
Str = Replace(Str, "applet", "applet", 1, -1, 0)
Str = Replace(Str, "APPLET", "APPLET", 1, -1, 0)
Str = Replace(Str, "Applet", "Applet", 1, -1, 0)
Str = Replace(Str, "applet", "Applet", 1, -1, 1)
Str = Replace(Str, "[", "[")
Str = Replace(Str, "]", "]")
Str = Replace(Str, """", "", 1, -1, 1)
Str = Replace(Str, "=", "=", 1, -1, 1)
Str = Replace(Str, "’", "’’", 1, -1, 1)
Str = Replace(Str, "select", "select", 1, -1, 1)
Str = Replace(Str, "execute", "&#101xecute", 1, -1, 1)
Str = Replace(Str, "exec", "&#101xec", 1, -1, 1)
Str = Replace(Str, "join", "join", 1, -1, 1)
Str = Replace(Str, "union", "union", 1, -1, 1)
Str = Replace(Str, "where", "where", 1, -1, 1)
Str = Replace(Str, "insert", "insert", 1, -1, 1)
Str = Replace(Str, "delete", "delete", 1, -1, 1)
Str = Replace(Str, "update", "update", 1, -1, 1)
Str = Replace(Str, "like", "like", 1, -1, 1)
Str = Replace(Str, "drop", "drop", 1, -1, 1)
Str = Replace(Str, "create", "create", 1, -1, 1)
Str = Replace(Str, "rename", "rename", 1, -1, 1)
Str = Replace(Str, "count", "count", 1, -1, 1)
Str = Replace(Str, "chr", "chr", 1, -1, 1)
Str = Replace(Str, "mid", "mid", 1, -1, 1)
Str = Replace(Str, "truncate", "truncate", 1, -1, 1)
Str = Replace(Str, "nchar", "nchar", 1, -1, 1)
Str = Replace(Str, "char", "char", 1, -1, 1)
Str = Replace(Str, "alter", "alter", 1, -1, 1)
Str = Replace(Str, "cast", "cast", 1, -1, 1)
Str = Replace(Str, "exists", "exists", 1, -1, 1)
Str = Replace(Str,Chr(13),"<br>", 1, -1, 1)
CheckSql = Replace(Str,"’","’’", 1, -1, 1)
End Function
----------
不知道如何修改?

使用道具 举报

您需要登录后才可以回帖 登录 | 关闭注册

2021 , Hello Everyone ^_^ ^_^ ^_^