一聚教程网:一个值得你收藏的教程网站

热门教程

asp sql防注入程序与关键词屏蔽程序

时间:2022-07-02 23:11:13 编辑:袖梨 来源:一聚教程网

dim sql_injdata
SQL_injdata = "exec|insert|select|delete|update|count|*|mid|master|truncate|char|declare"
SQL_inj = split(SQL_Injdata,"|")

If Request.QueryString<>"" Then
 For Each SQL_Get In Request.QueryString
  For SQL_Data=0 To Ubound(SQL_inj)
   if instr(Request(SQL_Get),Sql_Inj(Sql_DATA))>0 Then %>
   
   <%end if
  next
 Next
End If

function kill_keyword(txt)
 execc = "select * from kill_keyword"
 set rscc = server.createobject("adodb.recordset")
 rscc.open execc,conn,3,3
 for ic=1 to rscc.recordcount
  headk = ""
  killx = ""
  kill = rscc("keyword")
  if len(kill)>1 then
   headk = left(kill,1)
   for jc=1 to len(kill)-1
    killx = killx + "*"
   next
  else
   headk=""
   killx="*"
  end if

  txt = replace(txt,kill,headk + killx)
  rscc.movenext
 next
 kill_keyword = txt
end function

热门栏目