28,391
社区成员
发帖
与我相关
我的任务
分享
Function replacestr(str)
replacestr=replace(str,"'","")
replacestr=replace(replacestr,"]","")
replacestr=replace(replacestr,"[","")
replacestr=replace(replacestr,";","")
replacestr=replace(replacestr,":","")
replacestr=replace(replacestr,"or","")
replacestr=replace(replacestr,"and","")
replacestr=replace(replacestr,"","")
End Function
'*************************************************************
'判断是否为数字
'*************************************************************
Function ChkNum(Str)
ChkNum=true
if not IsNumeric(Str) then
ChkNum=false
end if
End Function
'*************************************************************
'*************************************************************
Private sub checkREFERER()
server1=Cstr(Request.ServerVariables("HTTP_REFERER"))
server2=Cstr(Request.ServerVariables("SERVER_NAME"))
if mid(server1,8,len(server2))<>server2 then
response.Write("请不要从外部提交数据!更多问题请联系管理员")
response.End()
end if
end sub
'*************************************************************
'防止SQL注入攻击,检测request("xxxx"后面的参考是否为数字型 主要用于检测id)
'*************************************************************
Function Chkrequest(Para)
If Not (IsNull(Para) Or Trim(Para)="" Or Not IsNumeric(Para)) Then
Chkrequest=int(Para)
Else
response.Write("服务器处理URL时出错,请联系管理员")
response.End()
End If
End Function