ASP的SQL防注入过滤涵数
ASP最新SQL防注入过滤涵数
Function Checkstr(Str)
If Isnull(Str) Then
CheckStr = ""
Exit Function
End If
Str = Replace(Str,Chr(0),"", 1, -1, 1)
Str = Replace(Str, """", """, 1, -1, 1)
Str = Replace(Str,"<;","<; str="Replace(Str,"">;",">;", 1, -1, 1)
Str = Replace(Str, "scrIPt", "script", 1, -1, 0)
Str = Replace(Str, "SCRIPT", "SCRIPT", 1, -1, 0)
Str = Replace(Str, "Script", "Script", 1, -1, 0)
Str = Replace(Str, "script", "Script", 1, -1, 1)
Str = Replace(Str, "object", "object", 1, -1, 0)
Str = Replace(Str, "OBJECT", "OBJECT", 1, -1, 0)
Str = Replace(Str, "Object", "Object", 1, -1, 0)
Str = Replace(Str, "object", "Object", 1, -1, 1)
Str = Replace(Str, "applet", "applet", 1, -1, 0)
Str = Replace(Str, "APPLET", "APPLET", 1, -1, 0)
Str = Replace(Str, "Applet", "Applet", 1, -1, 0)
Str = Replace(Str, "applet", "Applet", 1, -1, 1)
Str = Replace(Str, "[", "[")
Str = Replace(Str, "]", "]")
Str = Replace(Str, """", "", 1, -1, 1)
Str = Replace(Str, "=", "=", 1, -1, 1)
Str = Replace(Str, "’", "’’", 1, -1, 1)
Str = Replace(Str, "select", "select", 1, -1, 1)
Str = Replace(Str, "execute", "execute", 1, -1, 1)
Str = Replace(Str, "exec", "exec", 1, -1, 1)
Str = Replace(Str, "join", "join", 1, -1, 1)
Str = Replace(Str, "union", "union", 1, -1, 1)
Str = Replace(Str, "where", "where", 1, -1, 1)
Str = Replace(Str, "", "", 1, -1, 1)
Str = Replace(Str, "", "", 1, -1, 1)
Str = Replace(Str, "update", "update", 1, -1, 1)
Str = Replace(Str, "like", "like", 1, -1, 1)
Str = Replace(Str, "drop", "drop", 1, -1, 1)
Str = Replace(Str, "create", "create", 1, -1, 1)
Str = Replace(Str, "rename", "rename", 1, -1, 1)
Str = Replace(Str, "count", "count", 1, -1, 1)
Str = Replace(Str, "chr", "chr", 1, -1, 1)
Str = Replace(Str, "mid", "mid", 1, -1, 1)
Str = Replace(Str, "truncate", "truncate", 1, -1, 1)
Str = Replace(Str, "nchar", "nchar", 1, -1, 1)
Str = Replace(Str, "char", "char", 1, -1, 1)
Str = Replace(Str, "alter", "alter", 1, -1, 1)
Str = Replace(Str, "cast", "cast", 1, -1, 1)
Str = Replace(Str, "exists", "exists", 1, -1, 1)
Str = Replace(Str,Chr(13),"<;br>;", 1, -1, 1)
CheckStr = Replace(Str,"’","’’", 1, -1, 1)
End Function
-
ASP.NET新型的投票结果显示方法
一个投票功能模块少不了查看投票结果,用进度条显示各个投票结果可以起到一目了然的效果。以下是我的方法,请大家不吝赐教:1:做一张图片用于做进度条,只需要很小的一个图片就可以了,如高20px,宽1px。2:在要显示进度条的单元格中插入image控件,其imageUrl设置为已做好的...
-
如何获取PHP数组的键与值呢
array_keys($array);//获取数组(字典)的所有键值,返回一个键值数组。array_values($array)://获取数组的所有value值,饭回一个数组。<?php$json='{"a":1,"b":2,"c":3,"d":4,"e":5}';//注明:value不带双引号时,其值只能是数字。【!!!注意:大括号两边只能是单引号,...
-
Dreamweaver技巧详解
Dreamweaver由MX版本开始使用Opera软件公司的排版引擎“Presto”作为网页预览。下面给大家介绍Dreamweaver技巧,一起来学习吧!Dreamweaver技巧详解1、灵活运用样式熟悉网页设计的网友就知道,调用Style的方法很多,我们可以单击鼠标右键选择CustonStyle来调用Style...
-
关于jQuery实现鼠标单击网页文字后在文本框显示的方法介绍
本文实例讲述了jQuery实现鼠标单击网页文字后在文本框显示的方法。分享给大家供大家参考。具体实现方法如下:张三李四王五赵六选择姓名$("ulli")k(function(){vartext=$(this)();$("input")("");$("input:checked")nts("td")ings("td")dren("input")(text);})希...