简单的asp防注入代码
<%
'on error resume next
'dim sql_injdata
SQL_injdata = "document|script|.src|src|Src|SRC|srC|sRc|rcS|SrC|SRc|and|anD|aND|AND|aDn|And|ANd|AnD|exec|insert|select|delete|update|count|chr|mid|master|truncate|char|declare|or|"
SQL_inj = split(SQL_Injdata,"|")
If Request.Form<>"" Then
For Each Sql_Post In Request.Form
For SQL_Data=0 To Ubound(SQL_inj)
if instr(Request.Form(Sql_Post),Sql_Inj(Sql_DATA))>0 Then
Response.Write ""
Response.Write "非法操作!系统做了如下记录↓
"
"
Response.Write "操作IP:"&Request.ServerVariables("REMOTE_ADDR")&"
"
"
Response.Write "操作时间:"&Now&"
"
"
Response.Write "操作页面:"&Request.ServerVariables("URL")&"
"
"
Response.Write "提交方式:POST
"
"
response.write ""
Response.End
end if
next
next
end if
If Request.QueryString<>"" Then
For Each SQL_Get In Request.QueryString
For SQL_Data=0 To Ubound(SQL_inj)
if instr(Request.QueryString(SQL_Get),Sql_Inj(Sql_DATA))>0 Then
Response.Write ""
Response.Write "非法操作!系统做了如下记录↓
"
"
Response.Write "操作IP:"&Request.ServerVariables("REMOTE_ADDR")&"
"
"
Response.Write "操作时间:"&Now&"
"
"
Response.Write "操作页面:"&Request.ServerVariables("URL")&"
"
"
Response.Write "提交方式:GET
"
"
response.write ""
Response.End
end if
next
Next
End If
%>
如果您的问题还未解决可以联系站长付费协助。
有问题可以加入技术QQ群一起交流学习
本站vip会员 请加入无忧模板网 VIP群(50604020) PS:加入时备注用户名或昵称
普通注册会员或访客 请加入无忧模板网 技术交流群(50604130)
客服微信号:15898888535
声明:本站所有文章资源内容,如无特殊说明或标注,均为采集网络资源。如若内容侵犯了原著者的合法权益,可联系站长删除。
