简单的asp防注入代码

<%

Dim XH_Post,XH_Get,XH_Cookie,XH_In,XH_Inf,XH_Xh

XH_In = "'|;|*|and|union|declare|exec|insert|select|update|delete%20from|drop%20table|create%20table"

XH_Inf = split(XH_In,"|")

'--------POST部份------------------
If Request.Form<>"" Then
For Each XH_Post In Request.Form

For XH_Xh=0 To Ubound(XH_Inf)
If Instr(LCase(Request.Form(XH_Post)),XH_Inf(XH_Xh))<>0 Then

slog("<br><br>操作ip:"&Request.ServerVariables("REMOTE_ADDR")&"<br>操作时间:"&Now&"<br>操作页面:"&Request.ServerVariables("URL")&"<br>提交方式:POST<br>提交参数:"&XH_Post&"<br>提交数据:"&Request.Form(XH_Post))
Response.Write "非法操作"
Response.End
End If
Next
Next
End If
'----------------------------------

'--------GET部份-------------------
If Request.QueryString<>"" Then
For Each XH_Get In Request.QueryString

For XH_Xh=0 To Ubound(XH_Inf)
If Instr(LCase(Request.QueryString(XH_Get)),XH_Inf(XH_Xh))<>0 Then

slog("<br><br>操作ip:"&Request.ServerVariables("REMOTE_ADDR")&"<br>操作时间:"&Now&"<br>操作页面:"&Request.ServerVariables("URL")&"<br>提交方式:GET<br>提交参数:"&XH_Get&"<br>提交数据:"&Request.QueryString(XH_Get))
Response.Write "非法操作"
Response.End
End If
Next
Next
End If
'----------------------------------

'--------COOKIE部份-------------------
If Request.Cookies<>"" Then
For Each XH_Cookie In Request.Cookies

For XH_Xh=0 To Ubound(XH_Inf)
If Instr(LCase(Request.Cookies(XH_Cookie)),XH_Inf(XH_Xh))<>0 Then

slog("<br><br>操作ip:"&Request.ServerVariables("REMOTE_ADDR")&"<br>操作时间:"&Now&"<br>操作页面:"&Request.ServerVariables("URL")&"<br>提交方式:Cookie<br>提交参数:"&XH_Cookie&"<br>提交数据:"&Request.Cookies(XH_Cookie))
Response.Write "非法操作"
Response.End
End If
Next
Next
End If

sub slog(logs)
        Dim toppath,fs,Ts,Errorlog
        toppath = Server.Mappath("/log.htm")
                                Set fs = CreateObject("scripting.filesystemobject")
                                If Not Fs.FILEEXISTS(toppath) Then
                                    Set Ts = fs.createtextfile(toppath, True)
                                    Ts.close
                                end if
                                Set Ts= Fs.OpenTextFile(toppath,1)
                                    Do While Not Ts.AtEndOfStream
                                             Errorlog = Errorlog  & Ts.ReadLine  & chr(13) & chr(10)
                                    loop
                                    Ts.close
                                    Errorlog =Errorlog & logs
                                    Set Ts= Fs.OpenTextFile(toppath,2)
                                    Ts.writeline (Errorlog)
                                    Ts.Close
end sub

%>

转载于:https://www.cnblogs.com/Safe3/archive/2008/12/19/1358686.html

  • 0
    点赞
  • 0
    收藏
    觉得还不错? 一键收藏
  • 0
    评论

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值