newasp中main类(31)


        Dim PostRefer, GetRefer, Sql_DATA

        SQL_Nonlicet = "'|;|^|and|exec|insert|select|delete|update|count|*|%|chr|mid|master|truncate|char|declare"
        arrNonlicet = Split(SQL_Nonlicet, "|")
        If Request.Form <> "" Then
            For Each PostRefer In Request.Form
                For Sql_DATA = 0 To UBound(arrNonlicet)
                    If InStr(1, Request.Form(PostRefer), arrNonlicet(Sql_DATA), 1) > 0 Then
                    Response.Write "<Script Language=JavaScript>alert('安全系统提示↓\n\n请不要在参数中包含非法字符!');history.back(-1)</Script>"
                    Response.End
                    End If
                Next
            Next
        End If

        If Request.QueryString <> "" Then
            For Each GetRefer In Request.QueryString
                For Sql_DATA = 0 To UBound(arrNonlicet)
                    If InStr(1, Request.QueryString(GetRefer), arrNonlicet(Sql_DATA), 1) > 0 Then
                    Response.Write "<Script Language=JavaScript>alert('安全系统提示↓\n\n请不要在参数中包含非法字符!');history.back(-1)</Script>"
                    Response.End
                    End If
                Next

内容版权声明:除非注明,否则皆为本站原创文章。

转载注明出处:http://www.heiqu.com/3539.html