28,406
社区成员
发帖
与我相关
我的任务
分享传递参数中包含点时无法就收 如SMC-2009310517.X-1
如果是SMC-2009310517的话可以正常接收,如果有.x就不行了
我的接收这样写的<%
id=Trim(Request.QueryString("num1"))
id=ReplaceBadChar(id)
sql="select * from num1 where num='"&id&"'"
set rs=conn.execute(sql)
if rs.eof then
response.Write("查询无数据显示!")
end if
%>
另外Post 接收 和Get就收在带点这个问题上有没有区别?高手指教一下谢谢!
我的接收这样写的<%
id=Trim(Request.QueryString("num1"))
id=ReplaceBadChar(id)
sql="select * from num1 where num='"&id&"'"
set rs=conn.execute(sql)
if rs.eof then
response.Write("查询无数据显示!")
end if
%>
另外Post 接收 和Get就收在带点这个问题上有没有区别?高手指教一下谢谢!
...全文
请发表友善的回复…
发表回复
lzp4881 2009-10-26
- 打赏
- 举报
ReplaceBadChar()贴出来
lzp4881 2009-10-26
- 打赏
- 举报
ReplaceBadChar=replace(replace(replace(replace(replace(replace(replace(strChar,"'",""),"*",""),"?",""),"(",""),")","")," <",""),".","")
这里已经把.替换掉了,当然接收不到值喽
这里已经把.替换掉了,当然接收不到值喽
zhaobao11 2009-10-26
- 打赏
- 举报
function ReplaceBadChar(strChar)
if strChar="" then
ReplaceBadChar=""
else
ReplaceBadChar=replace(replace(replace(replace(replace(replace(replace(strChar,"'",""),"*",""),"?",""),"(",""),")",""),"<",""),".","")
ReplaceBadChar=replace(ReplaceBadChar," ","")
ReplaceBadChar=replace(ReplaceBadChar,";","")
ReplaceBadChar=LCase(ReplaceBadChar)
ReplaceBadChar=replace(ReplaceBadChar,"or","")
ReplaceBadChar=replace(ReplaceBadChar,"and","")
ReplaceBadChar=replace(ReplaceBadChar,"not","")
ReplaceBadChar=replace(ReplaceBadChar,"select","")
ReplaceBadChar=replace(ReplaceBadChar,"drop","")
ReplaceBadChar=replace(ReplaceBadChar,"delete","")
ReplaceBadChar=replace(ReplaceBadChar,"update","")
ReplaceBadChar=replace(ReplaceBadChar,"insert","")
ReplaceBadChar=replace(ReplaceBadChar,"count","")
ReplaceBadChar=replace(ReplaceBadChar,"exec","")
ReplaceBadChar=replace(ReplaceBadChar,"truncate","")
ReplaceBadChar=replace(ReplaceBadChar,"net","")
ReplaceBadChar=replace(ReplaceBadChar,"asc","")
ReplaceBadChar=replace(ReplaceBadChar,"char","")
ReplaceBadChar=replace(ReplaceBadChar,"mid","")
end if
end function
'*********************************************************
Function HTMLEncode(Str)
Str=Replace(Str,"<","<")
Str=Replace(Str,">",">")
Str=Replace(Str," "," ")
Str=Replace(Str,Chr(10),"<br>")
HTMLEncode=Str
End Function
'*********************************************************
function nohtml(str)
dim re
Set re=new RegExp
re.IgnoreCase =true
re.Global=True
re.Pattern="(\<.[^\<]*\>)"
str=re.replace(str," ")
re.Pattern="(\<\/[^\<]*\>)"
str=re.replace(str," ")
nohtml=str
set re=nothing
end function
if strChar="" then
ReplaceBadChar=""
else
ReplaceBadChar=replace(replace(replace(replace(replace(replace(replace(strChar,"'",""),"*",""),"?",""),"(",""),")",""),"<",""),".","")
ReplaceBadChar=replace(ReplaceBadChar," ","")
ReplaceBadChar=replace(ReplaceBadChar,";","")
ReplaceBadChar=LCase(ReplaceBadChar)
ReplaceBadChar=replace(ReplaceBadChar,"or","")
ReplaceBadChar=replace(ReplaceBadChar,"and","")
ReplaceBadChar=replace(ReplaceBadChar,"not","")
ReplaceBadChar=replace(ReplaceBadChar,"select","")
ReplaceBadChar=replace(ReplaceBadChar,"drop","")
ReplaceBadChar=replace(ReplaceBadChar,"delete","")
ReplaceBadChar=replace(ReplaceBadChar,"update","")
ReplaceBadChar=replace(ReplaceBadChar,"insert","")
ReplaceBadChar=replace(ReplaceBadChar,"count","")
ReplaceBadChar=replace(ReplaceBadChar,"exec","")
ReplaceBadChar=replace(ReplaceBadChar,"truncate","")
ReplaceBadChar=replace(ReplaceBadChar,"net","")
ReplaceBadChar=replace(ReplaceBadChar,"asc","")
ReplaceBadChar=replace(ReplaceBadChar,"char","")
ReplaceBadChar=replace(ReplaceBadChar,"mid","")
end if
end function
'*********************************************************
Function HTMLEncode(Str)
Str=Replace(Str,"<","<")
Str=Replace(Str,">",">")
Str=Replace(Str," "," ")
Str=Replace(Str,Chr(10),"<br>")
HTMLEncode=Str
End Function
'*********************************************************
function nohtml(str)
dim re
Set re=new RegExp
re.IgnoreCase =true
re.Global=True
re.Pattern="(\<.[^\<]*\>)"
str=re.replace(str," ")
re.Pattern="(\<\/[^\<]*\>)"
str=re.replace(str," ")
nohtml=str
set re=nothing
end function
