sql.asp 随缘网络产品管理系统 2.0码程序 - ASP源码程序

www.gusucode.com > 随缘网络产品管理系统 2.0码程序 > fsql.asp

    <%
'**************************************
'文件名: get.asp
 '描  述:
'  文本存入
'**************************************  
dim sql_leach,sql_leach_0,Sql_DATA 
sql_leach = "',and,exec,insert,select,delete,update,count,*,%,chr,mid,master,truncate,char,declare" 
sql_leach_0 = split(sql_leach,",") 

If Request.QueryString<>"" Then 
For Each SQL_Get In Request.QueryString 
For SQL_Data=0 To Ubound(sql_leach_0) 
if instr(Request.QueryString(SQL_Get),sql_leach_0(Sql_DATA))>0 Then 
Response.Write "请不要尝试进行SQL注入！" 
Response.end 
end if 
next 
Next 
End If 

'**************************************
'文件名: post.asp
 '描  述:
'  文本存入
'**************************************  

If Request.Form<>"" Then 
For Each Sql_Post In Request.Form 
For SQL_Data=0 To Ubound(sql_leach_0) 
if instr(Request.Form(Sql_Post),sql_leach_0(Sql_DATA))>0 Then 
Response.Write "请不要尝试进行SQL注入！" 
Response.end 
end if 
next 
next 
end if 
%>