www.gusucode.com > 山寨版广告信息招贴网源码程序 > 山寨版广告信息招贴网源码程序/ewuyi/dir_发布/admin/conn.asp

    <!-- #include file="../config.asp"-->
<%
Function AlertUrl(AlertStr,Url) 
 Response.Write "<script>" 
 Response.Write "alert('"&AlertStr&"');" 
 Response.Write "location.href='"&Url&"';" 
 Response.Write "</script>" 
End Function
Function AlertBack(AlertStr) 
 Response.Write "<script>" 
 Response.Write "alert('"&AlertStr&"');" 
 Response.Write "history.go(-1)" 
 Response.Write "</script>" 
End Function
%>
<%
squery=lcase(Request.ServerVariables("QUERY_STRING")) 
sURL=lcase(Request.ServerVariables("HTTP_HOST")) 
SQL_injdata =":|;|>|<|--|sp_|xp_|\|dir|cmd|^|(|)|+|$|'|copy|format|and|exec|insert|select|delete|update|count|*|%|chr|mid|master|truncate|char|declare" 
SQL_inj = split(SQL_Injdata,"|") 
For SQL_Data=0 To Ubound(SQL_inj) 
if instr(squery&sURL,Sql_Inj(Sql_DATA))>0 Then 
Response.Write "SQL通用防注入系统" 
Response.end 
end if 
next
on error resume next
'字符串连接数据库方法
set conn=Server.CreateObject("ADODB.Connection")
conn.open "DRIVER=Driver do Microsoft Access (*.mdb);UID=admin;PWD=;DBQ="&Server.MapPath("../"&mdbpath&"")
'字符串连接数据库方法
Function GetCode1()
Dim Test
On Error Resume Next
Set Test = Server.CreateObject("Adodb.Stream")
Set Test = Nothing
if Err Then
Dim zNum
Randomize Timer
zNum = CInt(8999 * Rnd + 1000)
Session("GetCode") = zNum
getcode1 = Session("GetCode")
Else
getcode1 = "<img src=""code.asp"">"
End if
End Function
%>