28,404
社区成员
发帖
与我相关
我的任务
分享我用ASP写的系统被攻击了。。高手请帮帮忙,请进!
我用ASP写的,挂在服务器上的,人家可以通过系统进入我的服务器改我服务器里的东西。。。这是怎么搞的啊??我的数据库已经有密码了啊!是不是ASP的什么该过滤的没有过滤啊?怎么做才行呢??高手请指教,,55555谢谢了!
...全文
请发表友善的回复…
发表回复
xietonginfo 2005-10-12
- 打赏
- 举报
服务器断验证。。这个,,还能怎么实现呢??
xietonginfo 2005-10-12
- 打赏
- 举报
呵呵还能说的明白一点呢???感觉很抽象啊。。。服务器端怎么验证哦?
jspadmin 2005-10-12
- 打赏
- 举报
你可以根据需要,修改,总之,不要依赖客户端验证,要在服务器端验证
jspadmin 2005-10-12
- 打赏
- 举报
晕啊,你不会只是用客户端验证吧?也就是你上面那个页面验证用户注册时的合法性吧?这个没什么用的,就算你检查再严格,人家如果外部提交,你这个验证就完全失效了,关键在于接受注册信息的页面要进行验证,最好用下面这段代码来检验SQL参数的合法性。(把下面的代码保存为SQLcheck.asp,然后在接受表单页面包含进去,然后在需要获得提交的信息时,用name=saferequest(name)代替name=request.form("name") 来接受数据)
<%
Function SafeRequest(ParaName,ParaType)
'--- 传入参数 ---
'ParaName:参数名称-字符型
'ParaType:参数类型-数字型(1表示以上参数是数字,0表示以上参数为字符)
Dim ParaValue
ParaValue=Trim(Request(ParaName))
If ParaValue<>"" Then
If ParaType=1 then
If not isNumeric(ParaValue) then
Response.write "参数" & ParaName & "必须为数字型!"
Response.End
End if
Else
ParaValue=replace(ParaValue,"'","''")
End if
End If
SafeRequest=ParaValue
End function
%>
<%
Function SafeRequest(ParaName,ParaType)
'--- 传入参数 ---
'ParaName:参数名称-字符型
'ParaType:参数类型-数字型(1表示以上参数是数字,0表示以上参数为字符)
Dim ParaValue
ParaValue=Trim(Request(ParaName))
If ParaValue<>"" Then
If ParaType=1 then
If not isNumeric(ParaValue) then
Response.write "参数" & ParaName & "必须为数字型!"
Response.End
End if
Else
ParaValue=replace(ParaValue,"'","''")
End if
End If
SafeRequest=ParaValue
End function
%>
xietonginfo 2005-10-12
- 打赏
- 举报
Sub CheckValue2()
if document.form2.corpid.value="" then
alert ("请输入您的会员代号!")
window.event.returnvalue=false
document.form2.corpid.focus()
exit sub
end if
if check_idstr(document.form2.corpid.value)=false then
alert ("请正确输入!")
window.event.returnvalue=false
document.form2.corpid.focus()
exit sub
end if
if check_pwdstr(document.form2.cpwd.value)=false then
alert("请输入您的密码!")
window.event.returnvalue=false
document.form2.cpwd.focus()
Exit Sub
End If
If check_pwdstr(document.form2.rcpwd.value)="" Then
alert("请输入您的确认密码!")
window.event.returnvalue=false
document.form2.rcpwd.focus()
Exit Sub
End If
If document.form2.rcpwd.value<>document.form2.cpwd.value Then
alert("您的密码和确认密码不一致!")
window.event.returnvalue=false
document.form2.rcpwd.focus()
Exit Sub
End If
if check_chinaeng(document.form2.c_question.value)=false then
alert("请输入查询密码问题!")
window.event.returnvalue=false
document.form2.c_question.focus()
Exit Sub
End If
if check_chinaeng(document.form2.c_answer.value)=false or len(document.form2.c_answer.value)<8 then
alert("请输入查询密码答案!")
window.event.returnvalue=false
document.form2.c_answer.focus()
Exit Sub
End If
if document.form2.nation.value="" then
alert("请输入国籍!")
window.event.returnvalue=false
document.form2.nation.focus()
Exit Sub
End If
if check_chinaeng(document.form2.corpcontactor.value)=false then
alert("请输入联系人姓名!")
window.event.returnvalue=false
document.form2.corpcontactor.focus()
Exit Sub
End If
if check_chinaeng(document.form2.corpname.value)=false then
alert("请输入您的单位名称!")
window.event.returnvalue=false
document.form2.corpname.focus()
Exit Sub
End If
if document.form2.qydm.value="" then
alert("请输入您的企业代码!")
window.event.returnvalue=false
document.form2.qydm.focus()
Exit Sub
End If
if document.form2.corpemail.value<>"" then
if check_emailstr(document.form2.corpemail.value)=false then
alert("请正确输入e_mail!")
window.event.returnvalue=false
document.form2.corpemail.focus()
Exit Sub
end if
end if
if check_chinaeng(document.form2.corpaddress.value)=false then
alert("请输入公司地址!")
window.event.returnvalue=false
document.form2.corpaddress.focus()
Exit Sub
end if
if isnumeric(document.form2.corpzip.value)=false or len(document.form2.corpzip.value)<>6 then
alert("请输入您公司的邮编!")
window.event.returnvalue=false
document.form2.corpzip.focus()
Exit Sub
End If
if document.form2.corptel1.value="" then
alert("请填写联系电话区号!")
window.event.returnvalue=false
document.form2.corptel1.focus()
Exit Sub
End If
if isnumeric(document.form2.corptel1.value)=false then
alert("请正确填写电话区号!")
window.event.returnvalue=false
document.form2.corptel1.select
Exit Sub
End If
if instr(document.form2.corptel1.value,".")<>0 then
alert("请正确填写电话区号!")
window.event.returnvalue=false
document.form2.corptel1.select
Exit Sub
End If
if cint(document.form2.corptel1.value)<0 then
alert("请正确填写电话区号!")
window.event.returnvalue=false
document.form2.corptel1.select
Exit Sub
End If
if len(document.form2.corptel1.value)<>3 and len(document.form2.corptel1.value)<>4 then
alert("请正确填写电话区号!")
window.event.returnvalue=false
document.form2.corptel1.select
Exit Sub
End If
if document.form2.corptel2.value="" then
alert("请填写电话号码!")
window.event.returnvalue=false
document.form2.corptel2.focus()
Exit Sub
End If
if isnumeric(document.form2.corptel2.value)=false then
alert("请正确填写电话号码!")
window.event.returnvalue=false
document.form2.corptel2.select
Exit Sub
End If
if instr(document.form2.corptel2.value,".")<>0 then
alert("请正确填写电话号码!")
window.event.returnvalue=false
document.form2.corptel2.select
Exit Sub
End If
if cdbl(document.form2.corptel2.value)<0 then
alert("请正确填写电话号码!")
window.event.returnvalue=false
document.form2.corptel2.select
Exit Sub
End If
if len(document.form2.corptel2.value)<>5 and len(document.form2.corptel2.value)<>6 and len(document.form2.corptel2.value)<>7 and len(document.form2.corptel2.value)<>8 then
alert("请正确填写电话号码!")
window.event.returnvalue=false
document.form2.corptel2.select
Exit Sub
End If
if (document.form2.corpfax1.value)<>"" then
if isnumeric(document.form2.corpfax1.value)=false then
alert("请正确填写传真区号!")
window.event.returnvalue=false
document.form2.corpfax1.select
Exit Sub
End If
if instr(document.form2.corpfax1.value,".")<>0 then
alert("请正确填写传真区号!")
window.event.returnvalue=false
document.form2.corpfax1.select
Exit Sub
End If
if cint(document.form2.corpfax1.value)<0 then
alert("请正确填写传真区号!")
window.event.returnvalue=false
document.form2.corpfax1.select
Exit Sub
End If
if len(document.form2.corpfax1.value)<>3 and len(document.form2.corpfax1.value)<>4 then
alert("请正确填写传真区号!")
window.event.returnvalue=false
document.form2.corpfax1.select
Exit Sub
End If
End If
if (document.form2.corpfax2.value)<>"" then
if isnumeric(document.form2.corpfax2.value)=false then
alert("请正确填写传真号码!")
window.event.returnvalue=false
document.form2.corpfax2.select
Exit Sub
End If
if instr(document.form2.corpfax2.value,".")<>0 then
alert("请正确填写传真号码!")
window.event.returnvalue=false
document.form2.corpfax2.select
Exit Sub
End If
if cdbl(document.form2.corpfax2.value)<0 then
alert("请正确填写传真号码!")
window.event.returnvalue=false
document.form2.corpfax2.select
Exit Sub
End If
if len(document.form2.corpfax2.value)<>5 and len(document.form2.corpfax2.value)<>6 and len(document.form2.corpfax2.value)<>7 and len(document.form2.corpfax2.value)<>8 then
alert("请正确填写传真号码!")
window.event.returnvalue=false
document.form2.corpfax2.select
Exit Sub
End If
End If
End Sub
</script>
if document.form2.corpid.value="" then
alert ("请输入您的会员代号!")
window.event.returnvalue=false
document.form2.corpid.focus()
exit sub
end if
if check_idstr(document.form2.corpid.value)=false then
alert ("请正确输入!")
window.event.returnvalue=false
document.form2.corpid.focus()
exit sub
end if
if check_pwdstr(document.form2.cpwd.value)=false then
alert("请输入您的密码!")
window.event.returnvalue=false
document.form2.cpwd.focus()
Exit Sub
End If
If check_pwdstr(document.form2.rcpwd.value)="" Then
alert("请输入您的确认密码!")
window.event.returnvalue=false
document.form2.rcpwd.focus()
Exit Sub
End If
If document.form2.rcpwd.value<>document.form2.cpwd.value Then
alert("您的密码和确认密码不一致!")
window.event.returnvalue=false
document.form2.rcpwd.focus()
Exit Sub
End If
if check_chinaeng(document.form2.c_question.value)=false then
alert("请输入查询密码问题!")
window.event.returnvalue=false
document.form2.c_question.focus()
Exit Sub
End If
if check_chinaeng(document.form2.c_answer.value)=false or len(document.form2.c_answer.value)<8 then
alert("请输入查询密码答案!")
window.event.returnvalue=false
document.form2.c_answer.focus()
Exit Sub
End If
if document.form2.nation.value="" then
alert("请输入国籍!")
window.event.returnvalue=false
document.form2.nation.focus()
Exit Sub
End If
if check_chinaeng(document.form2.corpcontactor.value)=false then
alert("请输入联系人姓名!")
window.event.returnvalue=false
document.form2.corpcontactor.focus()
Exit Sub
End If
if check_chinaeng(document.form2.corpname.value)=false then
alert("请输入您的单位名称!")
window.event.returnvalue=false
document.form2.corpname.focus()
Exit Sub
End If
if document.form2.qydm.value="" then
alert("请输入您的企业代码!")
window.event.returnvalue=false
document.form2.qydm.focus()
Exit Sub
End If
if document.form2.corpemail.value<>"" then
if check_emailstr(document.form2.corpemail.value)=false then
alert("请正确输入e_mail!")
window.event.returnvalue=false
document.form2.corpemail.focus()
Exit Sub
end if
end if
if check_chinaeng(document.form2.corpaddress.value)=false then
alert("请输入公司地址!")
window.event.returnvalue=false
document.form2.corpaddress.focus()
Exit Sub
end if
if isnumeric(document.form2.corpzip.value)=false or len(document.form2.corpzip.value)<>6 then
alert("请输入您公司的邮编!")
window.event.returnvalue=false
document.form2.corpzip.focus()
Exit Sub
End If
if document.form2.corptel1.value="" then
alert("请填写联系电话区号!")
window.event.returnvalue=false
document.form2.corptel1.focus()
Exit Sub
End If
if isnumeric(document.form2.corptel1.value)=false then
alert("请正确填写电话区号!")
window.event.returnvalue=false
document.form2.corptel1.select
Exit Sub
End If
if instr(document.form2.corptel1.value,".")<>0 then
alert("请正确填写电话区号!")
window.event.returnvalue=false
document.form2.corptel1.select
Exit Sub
End If
if cint(document.form2.corptel1.value)<0 then
alert("请正确填写电话区号!")
window.event.returnvalue=false
document.form2.corptel1.select
Exit Sub
End If
if len(document.form2.corptel1.value)<>3 and len(document.form2.corptel1.value)<>4 then
alert("请正确填写电话区号!")
window.event.returnvalue=false
document.form2.corptel1.select
Exit Sub
End If
if document.form2.corptel2.value="" then
alert("请填写电话号码!")
window.event.returnvalue=false
document.form2.corptel2.focus()
Exit Sub
End If
if isnumeric(document.form2.corptel2.value)=false then
alert("请正确填写电话号码!")
window.event.returnvalue=false
document.form2.corptel2.select
Exit Sub
End If
if instr(document.form2.corptel2.value,".")<>0 then
alert("请正确填写电话号码!")
window.event.returnvalue=false
document.form2.corptel2.select
Exit Sub
End If
if cdbl(document.form2.corptel2.value)<0 then
alert("请正确填写电话号码!")
window.event.returnvalue=false
document.form2.corptel2.select
Exit Sub
End If
if len(document.form2.corptel2.value)<>5 and len(document.form2.corptel2.value)<>6 and len(document.form2.corptel2.value)<>7 and len(document.form2.corptel2.value)<>8 then
alert("请正确填写电话号码!")
window.event.returnvalue=false
document.form2.corptel2.select
Exit Sub
End If
if (document.form2.corpfax1.value)<>"" then
if isnumeric(document.form2.corpfax1.value)=false then
alert("请正确填写传真区号!")
window.event.returnvalue=false
document.form2.corpfax1.select
Exit Sub
End If
if instr(document.form2.corpfax1.value,".")<>0 then
alert("请正确填写传真区号!")
window.event.returnvalue=false
document.form2.corpfax1.select
Exit Sub
End If
if cint(document.form2.corpfax1.value)<0 then
alert("请正确填写传真区号!")
window.event.returnvalue=false
document.form2.corpfax1.select
Exit Sub
End If
if len(document.form2.corpfax1.value)<>3 and len(document.form2.corpfax1.value)<>4 then
alert("请正确填写传真区号!")
window.event.returnvalue=false
document.form2.corpfax1.select
Exit Sub
End If
End If
if (document.form2.corpfax2.value)<>"" then
if isnumeric(document.form2.corpfax2.value)=false then
alert("请正确填写传真号码!")
window.event.returnvalue=false
document.form2.corpfax2.select
Exit Sub
End If
if instr(document.form2.corpfax2.value,".")<>0 then
alert("请正确填写传真号码!")
window.event.returnvalue=false
document.form2.corpfax2.select
Exit Sub
End If
if cdbl(document.form2.corpfax2.value)<0 then
alert("请正确填写传真号码!")
window.event.returnvalue=false
document.form2.corpfax2.select
Exit Sub
End If
if len(document.form2.corpfax2.value)<>5 and len(document.form2.corpfax2.value)<>6 and len(document.form2.corpfax2.value)<>7 and len(document.form2.corpfax2.value)<>8 then
alert("请正确填写传真号码!")
window.event.returnvalue=false
document.form2.corpfax2.select
Exit Sub
End If
End If
End Sub
</script>
xietonginfo 2005-10-12
- 打赏
- 举报
是这段代码。。呵呵上面的不对,是这段,。大家看看有什么非法的没有过滤啊????
<script language=vbScript>
function check_idstr(true_str)
check_idstr=true
len_str=len(true_str)
if len_str<2 or len_str>20 then
check_idstr=false
else
for i=1 to len(true_str)
len_str=len(true_str)
str=left(true_str,1)
if instr(1,"!@#$%^&*() -+=|\<>.,?/':;",str)<>0 then
check_idstr=false
else
true_str=right(true_str,len_str-1)
End If
next
end if
end function
function check_pwdstr(pwd_str)
check_pwdstr=true
len_pwdstr=len(pwd_str)
if len_pwdstr<6 or len_pwdstr>10 then
check_pwdstr=false
else
for i=1 to len(pwd_str)
len_pwdstr=len(pwd_str)
str=left(pwd_str,1)
if instr(1,"0123456789abcdefghijklmnopqrstuvwxyz",str)=0 then
check_pwdstr=false
else
pwd_str=right(pwd_str,len_pwdstr-1)
End If
next
end if
end function
function check_chinaeng(name_str)
check_chinaeng=true
len_str=len(name_str)
if len_str=0 then
check_chinaeng=false
else
for i=1 to len(name_str)
len_str=len(name_str)
str=left(name_str,1)
if instr(1,"!@#$%^&*()-+=|\<>.,?/':;",str)<>0 then
check_chinaeng=false
else
name_str=right(name_str,len_str-1)
End If
next
end if
end function
function check_phonestr(phone_str)
check_phonestr=true
for i=1 to len(phone_str)
len_phone=len(phone_str)
str=left(phone_str,1)
if instr(1,"0123456789-()/",str)=0 then
check_phonestr=false
else
phone_str=right(phone_str,len_phone-1)
end If
next
end function
function check_emailstr(email_str)
check_emailstr=true
if left(email_str,1)="@" or left(email_str,1)="." or right(email_str,1)="." or right(email_str,1)="@" or instr(1,email_str,"@.")<>0 or instr(1,email_str,"@")=0 or instr(1,email_str,".")=0 then
check_emailstr=false
end if
for i=1 to len(email_str)
len_email=len(email_str)
str=left(email_str,1)
if instr(1,"0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ_-@.",str)=0 then
check_emailstr=false
else
email_str=right(email_str,len_email-1)
End If
next
end function
<script language=vbScript>
function check_idstr(true_str)
check_idstr=true
len_str=len(true_str)
if len_str<2 or len_str>20 then
check_idstr=false
else
for i=1 to len(true_str)
len_str=len(true_str)
str=left(true_str,1)
if instr(1,"!@#$%^&*() -+=|\<>.,?/':;",str)<>0 then
check_idstr=false
else
true_str=right(true_str,len_str-1)
End If
next
end if
end function
function check_pwdstr(pwd_str)
check_pwdstr=true
len_pwdstr=len(pwd_str)
if len_pwdstr<6 or len_pwdstr>10 then
check_pwdstr=false
else
for i=1 to len(pwd_str)
len_pwdstr=len(pwd_str)
str=left(pwd_str,1)
if instr(1,"0123456789abcdefghijklmnopqrstuvwxyz",str)=0 then
check_pwdstr=false
else
pwd_str=right(pwd_str,len_pwdstr-1)
End If
next
end if
end function
function check_chinaeng(name_str)
check_chinaeng=true
len_str=len(name_str)
if len_str=0 then
check_chinaeng=false
else
for i=1 to len(name_str)
len_str=len(name_str)
str=left(name_str,1)
if instr(1,"!@#$%^&*()-+=|\<>.,?/':;",str)<>0 then
check_chinaeng=false
else
name_str=right(name_str,len_str-1)
End If
next
end if
end function
function check_phonestr(phone_str)
check_phonestr=true
for i=1 to len(phone_str)
len_phone=len(phone_str)
str=left(phone_str,1)
if instr(1,"0123456789-()/",str)=0 then
check_phonestr=false
else
phone_str=right(phone_str,len_phone-1)
end If
next
end function
function check_emailstr(email_str)
check_emailstr=true
if left(email_str,1)="@" or left(email_str,1)="." or right(email_str,1)="." or right(email_str,1)="@" or instr(1,email_str,"@.")<>0 or instr(1,email_str,"@")=0 or instr(1,email_str,".")=0 then
check_emailstr=false
end if
for i=1 to len(email_str)
len_email=len(email_str)
str=left(email_str,1)
if instr(1,"0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ_-@.",str)=0 then
check_emailstr=false
else
email_str=right(email_str,len_email-1)
End If
next
end function
jspadmin 2005-10-12
- 打赏
- 举报
这位也是被人黑了,在这个帖子的讨论里,有很多关于安全方面的知识,读读吧
http://community.csdn.net/Expert/topic/4297/4297785.xml?temp=.4929315
http://community.csdn.net/Expert/topic/4297/4297785.xml?temp=.4929315
xietonginfo 2005-10-12
- 打赏
- 举报
我问人家,人家也没有告诉我攻击的方法,就说。。他是通过我那个系统进入。说我的代码在注册的时候有些东西没有过滤掉??
jspadmin 2005-10-12
- 打赏
- 举报
给你几篇文章参考下,看看你的程序是否有下面文章所说的漏洞
http://www.pifoo.com/blog/user1/1/archives/2005/16.shtml
SQL注入漏洞http://www.pifoo.com/blog/user1/1/archives/2005/233.shtml
浅谈web服务器安全http://www.pifoo.com/blog/user1/1/archives/2005/257.shtml
http://www.pifoo.com/blog/user1/1/archives/2005/16.shtml
SQL注入漏洞http://www.pifoo.com/blog/user1/1/archives/2005/233.shtml
浅谈web服务器安全http://www.pifoo.com/blog/user1/1/archives/2005/257.shtml
xietonginfo 2005-10-12
- 打赏
- 举报
这个是注册的那个页面~~~~~~~~
<html>
<head>
<title>---b2b会员注册</title>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
</head>
<STYLE type=text/css>TD {
FONT-FAMILY: "宋体"; FONT-SIZE: 9pt
}
BODY {
FONT-FAMILY: "宋体"; FONT-SIZE: 9pt
}
SELECT {
FONT-FAMILY: "宋体"; FONT-SIZE: 9pt
}
A {
COLOR: #000000; FONT-FAMILY: "宋体"; FONT-SIZE: 9pt; TEXT-DECORATION: none
}
A:hover {
COLOR:#FA9229; FONT-FAMILY: "宋体"; FONT-SIZE: 9pt; TEXT-DECORATION: underline
}
.title1 {
COLOR: white; FONT-FAMILY: "宋体"; FONT-SIZE: 9pt; TEXT-DECORATION: none
}
.title1:hover {
COLOR: white; FONT-FAMILY: "宋体"; FONT-SIZE: 9pt; text-decortion: none
}
.title2 {
COLOR: red; FONT-FAMILY: "宋体"; FONT-SIZE: 9pt; TEXT-DECORATION: none
}
.title2:hover {
COLOR: red; FONT-FAMILY: "宋体"; FONT-SIZE: 9pt; text-decortion: none
}
</STYLE>
<body bgcolor="#FFFFFF" leftmargin="0" topmargin="0" marginwidth="0" marginheight="0" onload="javascript:document.userinfo.userid.focus()">
<!--#include file="../../templates01/b2bheader.dwt"--> <script language="VBScript">
function islength(val)
if len(val.value)>0 then
islength=true
else
alert "不能为空!"
window.event.returnvalue=false
val.select
isLength=false
end if
end function
function isAlpha(val)
if islength(val) then
isNot="'~!@#$ %^&*()=+[{]}\|;:'',<.>/?"
invalid=false
if instr(val.value,chr(34)) > 0 then
invalid=true
else
for i=1 to len(val.value)
for x=1 to len (isNot)
a=mid(val.value,i,1)
b=mid( isnot,x,1)
if a=b then
invalid=true
end if
next
next
end if
if not invalid then
isAlpha=true
else
alert "请使用汉字、英文字母,数字或下划线组合,勿用特殊字符!"
window.event.returnvalue=false
val.select
isAlpha=false
end if
end if
end function
function check_emailstr(email_str)
check_emailstr=true
if left(email_str,1)="@" or left(email_str,1)="." or right(email_str,1)="." or right(email_str,1)="@" or instr(1,email_str,"@.")<>0 or instr(1,email_str,"@")=0 or instr(1,email_str,".")=0 then
check_emailstr=false
end if
for i=1 to len(email_str)
len_email=len(email_str)
str=left(email_str,1)
if instr(1,"0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ_-@.",str)=0 then
check_emailstr=false
else
email_str=right(email_str,len_email-1)
End If
next
end function
function check_phonestr(phone_str)
check_phonestr=true
for i=1 to len(phone_str)
len_phone=len(phone_str)
str=left(phone_str,1)
if instr(1,"0123456789/()-",str)=0 then
check_phonestr=false
else
phone_str=right(phone_str,len_phone-1)
End If
next
end function
function check_qydm(qydm_str)
check_qydm=true
len_qydm=len(qydm_str)
if len_qydm<>13 then
check_qydm=false
else
for i=0 to len_qydm-1
str=left(qydm_str,1)
len_qydm=len(qydm_str)
if instr(1,"0123456789", str)=0 then
check_qydm=false
else
qydm_str=right(qydm_str,len_qydm-1)
end if
next
end if
end function
function isOption(val)
temp=trim(val.value)
if temp="" then
msgbox "请选择!"
window.event.returnvalue=false
val.focus()
isOption=false
else
isOption=true
end if
end function
function datacheck()
if not islength(document.userinfo.userid)then
exit function
end if
if len(trim(userinfo.userid.value))<4 or len(trim(userinfo.userid.value))>20 then
alert "请输入4-20位的会员代号!"
window.event.returnvalue=false
document.userinfo.userid.focus()
exit function
end if
if not isAlpha(document.userinfo.userid) then
exit function
end if
if not islength(document.userinfo.password)then
exit function
end if
if not isAlpha(document.userinfo.password) then
exit function
end if
If Len(Trim(userinfo.password.value)) < 4 or len(trim(userinfo.password.value))>10 Then
alert "密码4-10位!"
window.event.returnvalue=false
document.userinfo.password.select
exit function
end if
if not islength(document.userinfo.rpassword)then
exit function
end if
If Len(Trim(userinfo.rpassword.value)) < 4 or len(trim(userinfo.rpassword.value))>10 Then
alert "确认密码密码4-10位!"
window.event.returnvalue=false
document.userinfo.rpassword.select
exit function
end if
if Trim(userinfo.password.value)<>Trim(userinfo.rpassword.value) then
alert "密码和确认密码不一致!"
window.event.returnvalue=false
document.userinfo.rpassword.select
exit function
end if
if not islength(document.userinfo.name) then
exit function
end if
if not isAlpha(document.userinfo.name) then
exit function
end if
if not isOption(document.userinfo.provi) then
exit function
end if
if isnumeric(document.userinfo.zip.value)=false or len(document.userinfo.zip.value)<>6 then
alert("请正确输入邮政编码!")
window.event.returnvalue=false
document.userinfo.zip.focus()
Exit function
end if
if not islength(document.userinfo.addr) then
exit function
end if
if not isAlpha(document.userinfo.addr) then
exit function
end if
if not islength(document.userinfo.conman) then
exit function
end if
if not islength(document.userinfo.phone) then
exit function
end if
if check_phonestr(document.userinfo.phone.value)=false then
alert("请正确输入联系电话!")
window.event.returnvalue=false
document.userinfo.phone.focus()
Exit function
end if
if not islength(document.userinfo.fax) then
exit function
end if
if check_phonestr(document.userinfo.fax.value)=false then
alert("请正确输入传真电话!")
window.event.returnvalue=false
document.userinfo.fax.focus()
Exit function
end if
if not islength(document.userinfo.email) then
exit function
end if
if check_emailstr(document.userinfo.email.value)=false then
alert("请正确输入e_mail!")
window.event.returnvalue=false
document.userinfo.email.focus()
Exit function
end if
if not isOption(document.userinfo.job) then
exit function
end if
if check_qydm(document.userinfo.qydm.value)=false then
alert ("请按规定输入企业代号")
window.event.returnvalue=false
document.userinfo.qydm.focus()
exit function
end if
if not islength(document.userinfo.note) then
exit function
end if
userinfo.submit
end function
</script>
<table border=1 cellpadding=0 cellspacing=0 width=778 align="center" bordercolor="#6699CC">
<html>
<head>
<title>---b2b会员注册</title>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
</head>
<STYLE type=text/css>TD {
FONT-FAMILY: "宋体"; FONT-SIZE: 9pt
}
BODY {
FONT-FAMILY: "宋体"; FONT-SIZE: 9pt
}
SELECT {
FONT-FAMILY: "宋体"; FONT-SIZE: 9pt
}
A {
COLOR: #000000; FONT-FAMILY: "宋体"; FONT-SIZE: 9pt; TEXT-DECORATION: none
}
A:hover {
COLOR:#FA9229; FONT-FAMILY: "宋体"; FONT-SIZE: 9pt; TEXT-DECORATION: underline
}
.title1 {
COLOR: white; FONT-FAMILY: "宋体"; FONT-SIZE: 9pt; TEXT-DECORATION: none
}
.title1:hover {
COLOR: white; FONT-FAMILY: "宋体"; FONT-SIZE: 9pt; text-decortion: none
}
.title2 {
COLOR: red; FONT-FAMILY: "宋体"; FONT-SIZE: 9pt; TEXT-DECORATION: none
}
.title2:hover {
COLOR: red; FONT-FAMILY: "宋体"; FONT-SIZE: 9pt; text-decortion: none
}
</STYLE>
<body bgcolor="#FFFFFF" leftmargin="0" topmargin="0" marginwidth="0" marginheight="0" onload="javascript:document.userinfo.userid.focus()">
<!--#include file="../../templates01/b2bheader.dwt"--> <script language="VBScript">
function islength(val)
if len(val.value)>0 then
islength=true
else
alert "不能为空!"
window.event.returnvalue=false
val.select
isLength=false
end if
end function
function isAlpha(val)
if islength(val) then
isNot="'~!@#$ %^&*()=+[{]}\|;:'',<.>/?"
invalid=false
if instr(val.value,chr(34)) > 0 then
invalid=true
else
for i=1 to len(val.value)
for x=1 to len (isNot)
a=mid(val.value,i,1)
b=mid( isnot,x,1)
if a=b then
invalid=true
end if
next
next
end if
if not invalid then
isAlpha=true
else
alert "请使用汉字、英文字母,数字或下划线组合,勿用特殊字符!"
window.event.returnvalue=false
val.select
isAlpha=false
end if
end if
end function
function check_emailstr(email_str)
check_emailstr=true
if left(email_str,1)="@" or left(email_str,1)="." or right(email_str,1)="." or right(email_str,1)="@" or instr(1,email_str,"@.")<>0 or instr(1,email_str,"@")=0 or instr(1,email_str,".")=0 then
check_emailstr=false
end if
for i=1 to len(email_str)
len_email=len(email_str)
str=left(email_str,1)
if instr(1,"0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ_-@.",str)=0 then
check_emailstr=false
else
email_str=right(email_str,len_email-1)
End If
next
end function
function check_phonestr(phone_str)
check_phonestr=true
for i=1 to len(phone_str)
len_phone=len(phone_str)
str=left(phone_str,1)
if instr(1,"0123456789/()-",str)=0 then
check_phonestr=false
else
phone_str=right(phone_str,len_phone-1)
End If
next
end function
function check_qydm(qydm_str)
check_qydm=true
len_qydm=len(qydm_str)
if len_qydm<>13 then
check_qydm=false
else
for i=0 to len_qydm-1
str=left(qydm_str,1)
len_qydm=len(qydm_str)
if instr(1,"0123456789", str)=0 then
check_qydm=false
else
qydm_str=right(qydm_str,len_qydm-1)
end if
next
end if
end function
function isOption(val)
temp=trim(val.value)
if temp="" then
msgbox "请选择!"
window.event.returnvalue=false
val.focus()
isOption=false
else
isOption=true
end if
end function
function datacheck()
if not islength(document.userinfo.userid)then
exit function
end if
if len(trim(userinfo.userid.value))<4 or len(trim(userinfo.userid.value))>20 then
alert "请输入4-20位的会员代号!"
window.event.returnvalue=false
document.userinfo.userid.focus()
exit function
end if
if not isAlpha(document.userinfo.userid) then
exit function
end if
if not islength(document.userinfo.password)then
exit function
end if
if not isAlpha(document.userinfo.password) then
exit function
end if
If Len(Trim(userinfo.password.value)) < 4 or len(trim(userinfo.password.value))>10 Then
alert "密码4-10位!"
window.event.returnvalue=false
document.userinfo.password.select
exit function
end if
if not islength(document.userinfo.rpassword)then
exit function
end if
If Len(Trim(userinfo.rpassword.value)) < 4 or len(trim(userinfo.rpassword.value))>10 Then
alert "确认密码密码4-10位!"
window.event.returnvalue=false
document.userinfo.rpassword.select
exit function
end if
if Trim(userinfo.password.value)<>Trim(userinfo.rpassword.value) then
alert "密码和确认密码不一致!"
window.event.returnvalue=false
document.userinfo.rpassword.select
exit function
end if
if not islength(document.userinfo.name) then
exit function
end if
if not isAlpha(document.userinfo.name) then
exit function
end if
if not isOption(document.userinfo.provi) then
exit function
end if
if isnumeric(document.userinfo.zip.value)=false or len(document.userinfo.zip.value)<>6 then
alert("请正确输入邮政编码!")
window.event.returnvalue=false
document.userinfo.zip.focus()
Exit function
end if
if not islength(document.userinfo.addr) then
exit function
end if
if not isAlpha(document.userinfo.addr) then
exit function
end if
if not islength(document.userinfo.conman) then
exit function
end if
if not islength(document.userinfo.phone) then
exit function
end if
if check_phonestr(document.userinfo.phone.value)=false then
alert("请正确输入联系电话!")
window.event.returnvalue=false
document.userinfo.phone.focus()
Exit function
end if
if not islength(document.userinfo.fax) then
exit function
end if
if check_phonestr(document.userinfo.fax.value)=false then
alert("请正确输入传真电话!")
window.event.returnvalue=false
document.userinfo.fax.focus()
Exit function
end if
if not islength(document.userinfo.email) then
exit function
end if
if check_emailstr(document.userinfo.email.value)=false then
alert("请正确输入e_mail!")
window.event.returnvalue=false
document.userinfo.email.focus()
Exit function
end if
if not isOption(document.userinfo.job) then
exit function
end if
if check_qydm(document.userinfo.qydm.value)=false then
alert ("请按规定输入企业代号")
window.event.returnvalue=false
document.userinfo.qydm.focus()
exit function
end if
if not islength(document.userinfo.note) then
exit function
end if
userinfo.submit
end function
</script>
<table border=1 cellpadding=0 cellspacing=0 width=778 align="center" bordercolor="#6699CC">
iuhxq 2005-10-12
- 打赏
- 举报
说详细些啊, 或者给出URL,或者详细描述,否则怎么知道哪里有问题
