www.gusucode.com > 学校共青团组织网站源代码 > 学校共青团组织网站源代码/626/admin_conn.asp
<% For each j in Request.QueryString sss= sss& j & Request.QueryString(j) Next sss=sss&LCase(request.servervariables("QUERY_STRING")) GuoLv="select,insert,;,update,',delete,exec,admin,count,drop,from,truncate,xp_cmdshell,netlocalgroup,and,chr,master,declare,*,char" GuoLvA=split(GuoLv,",") for i=0 to ubound(GuoLvA) if instr(sss,GuoLvA(i))<>0 then Response.Redirect "res://shdoclc.dll/dnserror.htm" response.end end if next xuasmdb=mdb&"data\#db1.asp" set conn=server.CreateObject("adodb.connection") DBPath = Server.MapPath(xuasmdb) conn.open "provider=microsoft.jet.oledb.4.0; data source="&DBpath 'ON ERROR RESUME NEXT userip = Request.ServerVariables("HTTP_X_FORWARDED_FOR") If userip = "" Then userip = Request.ServerVariables("REMOTE_ADDR") set rs = Server.CreateObject("ADODB.RecordSet") rs.Open "select zuziip from [config] where zuziip like '%"&zuziip&"%'",conn,1,1 if rs.recordcount<>0 then zuziip=rs("zuziip")&chr(13) zuziip=replace(zuziip," ","") zuziip=replace(zuziip,chr(10),"") 'zuziip=replace(zuziip,".","") 'userip2=replace(userip,".","") zzip=split(zuziip,chr(13)) 'Response.Write "ubound(zzip):"&ubound(zzip)&"<BR>" 'Response.Write "zzip(0):"&zzip(0)&"<BR>" 'Response.Write "zzip(1):"&trim(zzip(1))&"<BR>" for i=0 to ubound(zzip) if userip=trim(zzip(i)) then er=1 'Response.Write userip&" "&zzip(i)&"<BR>" end if next if er=1 then Response.Write "<BR><BR><BR><BR><Center><font style='font-size:10.5pt'>你所在IP被系统阻止!("&userip&")</font><BR><BR></center>" conn.close:set conn=nothing Response.end end if end if %>