checkfile
If Request.QueryString<>"" Then
For Each Fy_Get In Request.QueryString
For Fy_Xh=0 To Ubound(Fy_Inf)
If Instr(LCase(Request.QueryString(Fy_Get)),Fy_Inf(Fy_Xh))<>0 Then
Response.Write "非法操作!本站已经给您做了如下记录↓<br>"
Response.Write "操作IP:"&Request.ServerVariables("REMOTE_ADDR")&"<br>"
if Request.ServerVariables("HTTP_X_FORWARDED_FOR")=null or Request.ServerVariables("HTTP_X_FORWARDED_FOR")="" then
Response.Write "操作IP:"&Request.ServerVariables("REMOTE_ADDR")&"<br>"
else
Response.Write "操作 IP:" &Request.ServerVariables("HTTP_X_FORWARDED_FOR") &"<br>"
end if
Response.Write "操作时间:"&Now&"<br>"
Response.Write "操作页面:"&Request.ServerVariables("URL")&"<br>"
Response.Write "提交方式:GET<br>"
Response.Write "提交参数:"&Fy_Get&"<br>"
Response.Write "提交数据:"&Request.QueryString(Fy_Get)
txtRecord Request.ServerVariables("REMOTE_ADDR"),Request.ServerVariables("HTTP_X_FORWARDED_FOR"),now,Request.ServerVariables("URL"),"GET",Fy_Get,Request.QueryString(Fy_Get)
Response.End
End If
Next
Next
End If
function txtRecord(daliIP,neibuIP,lczNow,lczPage,lczPostOrGet,lczCanshu,lczData)
if neibuIP="" or neibuIP=null then
neibuIP=daliIP
end if
dim fso,stream
path=server.MapPath("fangzhu.txt")
set fso=server.CreateObject("Scripting.filesystemobject")
if not fso.fileexists(path) then
set stream=fso.createtextfile(path,true)
stream.writeline("操作IP 操作IP1 操作时间 操作页面 提交方式 提交参数 提交数据")
set stream=nothing
end if
Set filelcz = fso.GetFile(path)
Set ts = filelcz.OpenAsTextStream(8, -2)
ts.writeline daliIP&" "&neibuIP&" "&lczNow&" "&lczPage&" "&lczPostOrGet&" "&lczCanshu&" "&lczData
ts.close
set ts=nothing
set filelcz=nothing
set fos=nothing
end function
%>
给你一个防蛀的程序吧 建立一个 fangzhu.txt 文件
大家帮忙看看代码有没有问题
<%
on error resume next
dim WrForm(10),iyzcode,From_url,Serv_url,facelist_rs
if CheckStr(request("action")) = "new" then
From_url = Cstr(Request.ServerVariables("HTTP_REFERER"))
Serv_url = Cstr(Request.ServerVariables("SERVER_NAME"))
if mid(From_url,8,len(Serv_url)) <> Serv_url then
response.write ("<br><br>禁止外部提交!3秒钟后返回!<br><br><a href='index.asp'>返回</a> <meta http-equiv='refresh' content='3;url=index.asp'>")
response.redirect ("index.asp")
response.end
end if
if mid(From_url,8,len(Serv_url)) <> Serv_url then
session("imsg") = "13"
response.redirect ("msg.asp")
response.end
end if
iyzcode = cint(trim(request("yzcode")))
if iyzcode <> cint(Session("Foosun")) then
session("imsg") = "14"
response.redirect("msg.asp")
response.end
end if
WrForm(0) = CheckStr(trim(request("name")))
WrForm(1) = CheckStr(trim(request("qq")))
if CheckStr(HTMLEncode(trim(request("homeurl")))) = "" then
WrForm(2) = "http://"
else
WrForm(2) = CheckStr(HTMLEncode(trim(request("homeurl"))))
end if
WrForm(3) = CheckStr(trim(request("mail")))
WrForm(4) = CheckStr(HTMLEncode(trim(request("content"))))
WrForm(5) = CheckStr(request("face"))
WrForm(6) = cstr(now())
WrForm(7) = Request.ServerVariables("HTTP_X_FORWARDED_FOR")
If WrForm(7) = "" Then WrForm(7) = Request.ServerVariables("REMOTE_ADDR")
if CheckStr(request("show")) = "on" then
WrForm(8) = False
else
WrForm(8) = True
end if
WrForm(9) = trim(Request("fromm"))
strconn = "insert into ebook(fname,fqq,fhomeurl,fmail,fcontent,fface,ftime,fip,fshow,ffrom) values('" & WrForm(0) & "','" & WrForm(1) & "','" & WrForm(2) & "','" & WrForm(3) & "','" & WrForm(4) & "','" & WrForm(5) & "','" & WrForm(6) & "','" & WrForm(7) & "'," & WrForm(8) & ",'" & WrForm(9) & "')"
conn.execute (strconn)
if err.number = 0 then
response.redirect ("index.asp")
response.end
else
session("imsg") = "2"
response.redirect ("msg.asp")
response.end
end if
end if
set facelist_rs = conn.execute("select * from face")
%>