www.gusucode.com > 落叶冰点万能企业网站内容管理系统 V9.1 > 落叶冰点万能企业网站内容管理系统 V9.1\code\admin\adminKernel\D_asp_code_str_for_complie_conn.asp
<%
'**************************************************************
' 新动软网站管理系统
' 官方网站: http://www.aspcpu.com
' 系统作者: 阮丁远(网名:天 下 程 序)
' Copyright 新动软网站管理系统 版权所有
'**************************************************************
%>
<%
'全局考虑,加on error resume next
on error resume next
dir_set="..\"
nodooooooa=0
if have_a1="" then
have_a1="1"
'***********************************************
'函数名:JoinChar
'作 用:向地址中加入 ? 或 &
'参 数:strUrl ----网址
'返回值:加了 ? 或 & 的网址
'***********************************************
function JoinChar(strUrl)
if strUrl="" then
JoinChar=""
exit function
end if
if InStr(strUrl,"?")<len(strUrl) then
if InStr(strUrl,"?")>1 then
if InStr(strUrl,"&")<len(strUrl) then
JoinChar=strUrl & "&"
else
JoinChar=strUrl
end if
else
JoinChar=strUrl & "?"
end if
else
JoinChar=strUrl
end if
end function
'Dim Fy_Url,Fy_a,Fy_x,Fy_Cs(),Fy_Cl,Fy_Ts,Fy_Zx
'---定义部份 头------
Fy_Cl = 2 '处理方式:1=提示信息,2=转向页面,3=先提示再转向
Fy_Zx = "/Error.Asp" '出错时转向的页面
'---定义部份 尾------
'ruandingyuan xiugai
Fy_Url=Request.ServerVariables("QUERY_STRING")
Fy_a=split(Fy_Url,"&")
redim Fy_Cs(ubound(Fy_a))
for Fy_x=0 to ubound(Fy_a)
Fy_Cs(Fy_x) = left(Fy_a(Fy_x),instr(Fy_a(Fy_x),"=")-1)
Next
For Fy_x=0 to ubound(Fy_Cs)
If Fy_Cs(Fy_x)<>"" Then
If Instr(LCase(Request(Fy_Cs(Fy_x))),"'")<>0 or Instr(LCase(Request(Fy_Cs(Fy_x))),"and ")<>0 or Instr(LCase(Request(Fy_Cs(Fy_x))),"and%20")<>0 or Instr(LCase(Request(Fy_Cs(Fy_x))),"select")<>0 or (Instr(LCase(Request(Fy_Cs(Fy_x))),"update")<>0 and Instr(LCase(Request(Fy_Cs(Fy_x))),"set")<>0) or Instr(LCase(Request(Fy_Cs(Fy_x))),"chr")<>0 or Instr(LCase(Request(Fy_Cs(Fy_x))),"delete%20from")<>0 or (Instr(LCase(Request(Fy_Cs(Fy_x))),"delete")<>0 and Instr(LCase(Request(Fy_Cs(Fy_x))),"from")<>0) or Instr(LCase(Request(Fy_Cs(Fy_x))),";")<>0 or (Instr(LCase(Request(Fy_Cs(Fy_x))),"insert")<>0 and Instr(LCase(Request(Fy_Cs(Fy_x))),"into")<>0) or Instr(LCase(Request(Fy_Cs(Fy_x))),"mid")<>0 Or Instr(LCase(Request(Fy_Cs(Fy_x))),"master.")<>0 Then
Select Case Fy_Cl
Case "1"
Response.Write "<Script Language=JavaScript>alert('出现错误!参数 "&Fy_Cs(Fy_x)&" 的值中包含非法字符串!\n\n 请不要在参数中出现:;,and%20,select%20,update%20,insert%20,delete,chr 等非法字符!);window.close();</Script>"
Case "2"
Response.Write "<Script Language=JavaScript>location.href='"&Fy_Zx&"'</Script>"
Case "3"
Response.Write "<Script Language=JavaScript>alert('出现错误!参数 "&Fy_Cs(Fy_x)&"的值中包含非法字符串!\n\n 请不要在参数中出现:;,and%20,select%20,update%20,insert%20,delete%20,chr 等非法字符!);location.href='"&Fy_Zx&"';</Script>"
End Select
nodooooooa=1
Response.End
End If
End If
Next
'post方式的sql注入,则直接禁止站点外部提交post
if lcase(Request.Servervariables("REQUEST_METHOD"))="post" then
server_v1=Cstr(Request.ServerVariables("HTTP_REFERER"))
server_v2=Cstr(Request.ServerVariables("SERVER_NAME"))
if mid(server_v1,8,len(server_v2))<>server_v2 then
nodooooooa=1
response.write "<br><br><center><table border=1 cellpadding=20 bordercolor=black bgcolor=#EEEEEE width=450>"
response.write "<tr><td style='font:9pt Verdana'>"
response.write "你提交的路径有误,禁止从站点外部提交数据,请不要乱该参数!"
response.write "</td></tr></table></center>"
response.end
end if
end if
nd_web_output_folder_b="xndasp"
nd_web_output_folder_qiye_b="xcomasp"
'Dim ConnStr
if nodooooooa=0 then
ConnStr = "Provider=Microsoft.Jet.OLEDB.4.0;Data Source=" & Server.MapPath(dir_set&"$$xxxx_d_soft_complie$$db_str$")
Set $$xxxx_d_soft_complie$$conn$ = Server.CreateObject("ADODB.Connection")
$$xxxx_d_soft_complie$$conn$.open ConnStr
If Err Then
Err.Clear
Set $$xxxx_d_soft_complie$$conn$ = Nothing
Response.Write "数据库连接出错,请检查Conn.asp文件中的数据库参数设置。"
Response.End
End If
end if
if request("ruandingyuan_do")="getinfox" then
response.write "本站使用新"&""&"动"&"软系统制作,"&"系"&"统"&"作"&"者:"&"阮"&""&"丁"&"远,官网:ww"&"w.as"&"pcpu.com"
response.end
end if
J_True = "True"
J_False = "False"
J_Now = "Now()" '获得现在的时间
end if
'放在这,以免标签循环嵌套导致本函数循环定义而导致asp错误
'放在这,以免标签循环嵌套导致本函数循环定义而导致asp错误
if is_haved_g_fontaa="" then
is_haved_g_fontaa="1"
Function getFontMode(str, vColor, vFont,vSize)
Dim FontStr, tColor
Dim ColorStr, arrColor
If IsNull(str) Then
getFontMode = ""
Exit Function
End If
getFontMode = str
FontStr=str
Select Case CInt(vFont)
Case 1
FontStr = "<b>" & str & "</b>"
Case 2
FontStr = "<em>" & str & "</em>"
Case 3
FontStr = "<u>" & str & "</u>"
Case 4
FontStr = "<b><em>" & str & "</em></b>"
Case 5
FontStr = "<b><u>" & str & "</u></b>"
Case 6
FontStr = "<em><u>" & str & "</u></em>"
Case 7
FontStr = "<b><em><u>" & str & "</u></em></b>"
Case Else
FontStr = str
End Select
getFontMode = FontStr
If vColor = "" Then Exit Function
'ColorStr = "," & InitTitleColor
'arrColor = Split(ColorStr, ",")
'If vColor > UBound(arrColor) Then Exit Function
'tColor = Trim(arrColor(vColor))
if vColor ="0" then
'ssscolor="<font style='font-size:"&vSize&" px;'>"
'ssscolor2="</font>"
else
'ssscolor="<font color="&vColor&" style='font-size:"&vSize&" px;'>"
'ssscolor2="</font>"
ssscolor="<span style='color:"&vColor&";'>"
ssscolor2="</span>"
end if
getFontMode = ssscolor& FontStr & ssscolor2
End Function
end if
'放在这,以免标签循环嵌套导致本函数循环定义而导致asp错误
if haved_atype_a="" then
haved_atype_a="1"
function get_art_type(in1)
get_art_type=""
if in1="1" then get_art_type="<font color=red>[图文]</font>"
if in1="2" then get_art_type="<font color=red>[组图]</font>"
if in1="3" then get_art_type="<font color=red>[新闻]</font>"
if in1="4" then get_art_type="<font color=red>[推荐]</font>"
if in1="5" then get_art_type="<font color=red>[注意]</font>"
if in1="6" then get_art_type="<font color=red>[转载]</font>"
if in1="7" then get_art_type="<font color=red>[最新]</font>"
end function
end if
'放在这,以免标签循环嵌套导致本函数循环定义而导致asp错误
function findx_price(grade_id,str)
rst2=""
if str<>"" then
other_params=split(str,"|")
for i=0 to ubound(other_params)
sss11=split(other_params(i),":")
sss11a=sss11(0)
sss11b=sss11(1)
if cstr(sss11a)=cstr(grade_id) then
rst2=sss11b
exit for
end if
next
end if
if isnumeric(rst2)<>true then
rst2=""
end if
findx_price=rst2
end function
'放在这,以免标签循环嵌套导致本函数循环定义而导致asp错误
Function n_RemoveHTML_mdx(strHTML)
n_RemoveHTML_md=""
on error resume next
strHTML=cstr(strHTML&"")
Set objRegExp = New Regexp
objRegExp.IgnoreCase = True
objRegExp.Global = True
'取闭合的<>
objRegExp.Pattern = "<.+?>"
'进行匹配
Set Matches = objRegExp.Execute(strHTML)
' 遍历匹配集合,并替换掉匹配的项目
For Each Match in Matches
strHtml=Replace(strHTML,Match.Value,"")
Next
n_RemoveHTML_mdx=strHTML
Set objRegExp = Nothing
End Function
'放在这,以免标签循环嵌套导致本函数循环定义而导致asp错误
function replace_huanhangz(cont)
cont=replace(cont,vbcrlf,"$$sx_aspcodex_huanhang$")
cont=replace(cont,chr(10),"$$sx_aspcodex_huanhang$")
cont= Replace(cont, CHR(13), "$$sx_aspcodex_huanhang$")
cont= Replace(cont, CHR(9), "$$sx_aspcodex_huanhang$")
cont=replace(cont,"=","$zzdenghaoaspcpu1$")
cont=replace(cont,"&","$zzadnnhaoaspcpu1$")
cont=replace(cont,"?","$zzwnnehaoaspcpu1$")
replace_huanhangz=cont
end function
'放在这,以免标签循环嵌套导致本函数循环定义而导致asp错误
Function UrlEncoding_x(DataStr)
StrReturn = ""
For Si = 1 To Len(DataStr)
ThisChr = Mid(DataStr, Si, 1)
If Abs(Asc(ThisChr)) < &HFF Then
StrReturn = StrReturn & ThisChr
Else
InnerCode = Asc(ThisChr)
If InnerCode < 0 Then
InnerCode = InnerCode + &H10000
End If
Hight8 = (InnerCode And &HFF00) \ &HFF
Low8 = InnerCode And &HFF
StrReturn = StrReturn & "%" & Hex(Hight8) & "%" & Hex(Low8)
End If
Next
UrlEncoding_x = StrReturn
End Function
%>