www.gusucode.com > 栽豆迷你博客 MiniBlog 3.0 正式版源码程序 > Include/Char.asp
<% Dim KW_NoSqlHack_AllStr,KW_NoSqlHack_Str,KW_NoSqlHack_ComeUrlGet,KW_NoSqlHack_ComeUrlPost,KW_NoSqlHack_Get,KW_NoSqlHack_Post,KW_NoSqlHack_i 'On Error Resume Next KW_NoSqlHack_AllStr="'|;| and |chr(|exec |insert |select |delete from|update |mid(|master." KW_NoSqlHack_ComeUrlGet = Request.QueryString KW_NoSqlHack_ComeUrlPost = Request.Form KW_NoSqlHack_Str = Split(KW_NoSqlHack_AllStr,"|") 'Post If KW_NoSqlHack_ComeUrlPost<>"" then For Each KW_NoSqlHack_Post In Request.Form For KW_NoSqlHack_i = 0 To Ubound(KW_NoSqlHack_Str) If Instr(LCase(Request.Form(KW_NoSqlHack_Post)),KW_NoSqlHack_Str(KW_NoSqlHack_i))<>0 Then Response.Write("请通过合法途径进入本站!!") Response.End End if Next Next End if 'Get If KW_NoSqlHack_ComeUrlGet<>"" then For Each KW_NoSqlHack_Get In Request.QueryString For KW_NoSqlHack_i = 0 To Ubound(KW_NoSqlHack_Str) If Instr(LCase(Request.QueryString(KW_NoSqlHack_Get)),KW_NoSqlHack_Str(KW_NoSqlHack_i))<>0 Then Response.Write("请通过合法途径进入本站!!") Response.End End if Next Next End if %>