这段代码有好处也有坏处,用的时候得小心,搞不好就会跳进错误
dim
sql_injdata
SQL_injdata = " ;|'|and|exec|insert|select|delete|update|*|%|chr|mid|master|truncate|char|declare "
SQL_inj = split (SQL_Injdata, " | " )
If Request.QueryString <> "" Then
For Each SQL_Get In Request.QueryString
For SQL_Data = 0 To Ubound (SQL_inj)
if instr (Request.QueryString(SQL_Get),Sql_Inj(Sql_DATA)) > 0 Then
Response.Write " <Script Language=javaScript>history.back(-1)</Script> "
Response.end
end if
next
Next
End If
If Request.Form <> "" Then
For Each Sql_Post In Request.Form
For SQL_Data = 0 To Ubound (SQL_inj)
if instr (Request.Form(Sql_Post),Sql_Inj(Sql_DATA)) > 0 Then
Response.Write " <Script Language=javaScript>history.back(-1)</Script> "
Response.end
end if
next
next
end if
SQL_injdata = " ;|'|and|exec|insert|select|delete|update|*|%|chr|mid|master|truncate|char|declare "
SQL_inj = split (SQL_Injdata, " | " )
If Request.QueryString <> "" Then
For Each SQL_Get In Request.QueryString
For SQL_Data = 0 To Ubound (SQL_inj)
if instr (Request.QueryString(SQL_Get),Sql_Inj(Sql_DATA)) > 0 Then
Response.Write " <Script Language=javaScript>history.back(-1)</Script> "
Response.end
end if
next
Next
End If
If Request.Form <> "" Then
For Each Sql_Post In Request.Form
For SQL_Data = 0 To Ubound (SQL_inj)
if instr (Request.Form(Sql_Post),Sql_Inj(Sql_DATA)) > 0 Then
Response.Write " <Script Language=javaScript>history.back(-1)</Script> "
Response.end
end if
next
next
end if
<script type="text/javascript"> </script><script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>