protected
void
Application_BeginRequest(Object sender, EventArgs e)
{
// SQL防注入
string Sql_1 = " exec|insert+|select+|delete|update|count|chr|mid|master+|truncate|char|declare|drop+|drop+table|creat+|creat+table " ;
string Sql_2 = " exec+|insert+|delete+|update+|count(|count+|chr+|+mid(|+mid+|+master+|truncate+|char+|+char(|declare+|drop+|creat+|drop+table|creat+table " ;
string [] sql_c = Sql_1.Split( ' | ' );
string [] sql_c1 = Sql_2.Split( ' | ' );
if (Request.QueryString != null )
{
foreach ( string sl in sql_c)
{
if (Request.QueryString.ToString().ToLower().IndexOf(sl.Trim()) >= 0 )
{
Response.Write( " 警告!你的IP已经被记录! " ); // 吓唬人的
Response.Write(sl);
Response.Write(Request.QueryString.ToString());
// System.Windows.Forms.MessageBox.Show("禁止提交外部数据","1",System.Windows.F
// orms.MessageBoxButtons.OK,System.Windows.Forms.MessageBoxIcon.Error,System.Windows.Forms.MessageBoxDefaultButton.Button1,System.Windows.Forms.MessageBoxOptions.DefaultDesktopOnly);
// Response.Redirect(" http://www.163.com ");
Response.End();
break ;
}
}
}
if (Request.Form.Count > 0 )
{
string s1 = Request.ServerVariables[ " SERVER_NAME " ].Trim(); // 服务器名称
if (Request.ServerVariables[ " HTTP_REFERER " ] != null )
{
string s2 = Request.ServerVariables[ " HTTP_REFERER " ].Trim(); // http接收的名称
string s3 = "" ;
if (s1.Length > (s2.Length - 7 ))
{
s3 = s2.Substring( 7 );
}
else
{
s3 = s2.Substring( 7 ,s1.Length);
}
if (s3 != s1)
{
Response.Write( " 你的IP已被记录!警告! " ); // 吓人的
// System.Windows.Forms.MessageBox.Show("禁止提交外部数据","1",System.Windows.Forms.MessageBoxButtons.OK,Sy
// stem.Windows.Forms.MessageBoxIcon.Error,System.Windows.Forms.MessageBoxDefaultButton.Button1,System.Windows.Forms.MessageBoxOptions.DefaultDesktopOnly);
// Response.Redirect(" http://www.163.com ");
Response.End();
}
}
}
}
{
// SQL防注入
string Sql_1 = " exec|insert+|select+|delete|update|count|chr|mid|master+|truncate|char|declare|drop+|drop+table|creat+|creat+table " ;
string Sql_2 = " exec+|insert+|delete+|update+|count(|count+|chr+|+mid(|+mid+|+master+|truncate+|char+|+char(|declare+|drop+|creat+|drop+table|creat+table " ;
string [] sql_c = Sql_1.Split( ' | ' );
string [] sql_c1 = Sql_2.Split( ' | ' );
if (Request.QueryString != null )
{
foreach ( string sl in sql_c)
{
if (Request.QueryString.ToString().ToLower().IndexOf(sl.Trim()) >= 0 )
{
Response.Write( " 警告!你的IP已经被记录! " ); // 吓唬人的
Response.Write(sl);
Response.Write(Request.QueryString.ToString());
// System.Windows.Forms.MessageBox.Show("禁止提交外部数据","1",System.Windows.F
// orms.MessageBoxButtons.OK,System.Windows.Forms.MessageBoxIcon.Error,System.Windows.Forms.MessageBoxDefaultButton.Button1,System.Windows.Forms.MessageBoxOptions.DefaultDesktopOnly);
// Response.Redirect(" http://www.163.com ");
Response.End();
break ;
}
}
}
if (Request.Form.Count > 0 )
{
string s1 = Request.ServerVariables[ " SERVER_NAME " ].Trim(); // 服务器名称
if (Request.ServerVariables[ " HTTP_REFERER " ] != null )
{
string s2 = Request.ServerVariables[ " HTTP_REFERER " ].Trim(); // http接收的名称
string s3 = "" ;
if (s1.Length > (s2.Length - 7 ))
{
s3 = s2.Substring( 7 );
}
else
{
s3 = s2.Substring( 7 ,s1.Length);
}
if (s3 != s1)
{
Response.Write( " 你的IP已被记录!警告! " ); // 吓人的
// System.Windows.Forms.MessageBox.Show("禁止提交外部数据","1",System.Windows.Forms.MessageBoxButtons.OK,Sy
// stem.Windows.Forms.MessageBoxIcon.Error,System.Windows.Forms.MessageBoxDefaultButton.Button1,System.Windows.Forms.MessageBoxOptions.DefaultDesktopOnly);
// Response.Redirect(" http://www.163.com ");
Response.End();
}
}
}
}