www.gusucode.com > 栽豆迷你博客 MiniBlog 3.0 正式版源码程序 > Include/Char.asp

    <%
Dim KW_NoSqlHack_AllStr,KW_NoSqlHack_Str,KW_NoSqlHack_ComeUrlGet,KW_NoSqlHack_ComeUrlPost,KW_NoSqlHack_Get,KW_NoSqlHack_Post,KW_NoSqlHack_i
'On Error Resume Next
KW_NoSqlHack_AllStr="'|;| and |chr(|exec |insert |select |delete from|update |mid(|master."
KW_NoSqlHack_ComeUrlGet   = Request.QueryString
KW_NoSqlHack_ComeUrlPost  = Request.Form
KW_NoSqlHack_Str = Split(KW_NoSqlHack_AllStr,"|")
'Post
If KW_NoSqlHack_ComeUrlPost<>"" then
	For Each KW_NoSqlHack_Post In Request.Form
		For KW_NoSqlHack_i = 0 To Ubound(KW_NoSqlHack_Str)
			If Instr(LCase(Request.Form(KW_NoSqlHack_Post)),KW_NoSqlHack_Str(KW_NoSqlHack_i))<>0 Then
				Response.Write("请通过合法途径进入本站!!")
				Response.End
			End if
		Next
	Next
End if
'Get
If KW_NoSqlHack_ComeUrlGet<>"" then 
	For Each KW_NoSqlHack_Get In Request.QueryString
		For KW_NoSqlHack_i = 0 To Ubound(KW_NoSqlHack_Str)
			If Instr(LCase(Request.QueryString(KW_NoSqlHack_Get)),KW_NoSqlHack_Str(KW_NoSqlHack_i))<>0 Then
				Response.Write("请通过合法途径进入本站!!")
				Response.End
			End if
		Next
	Next
End if
%>