求比较基础的asp程序代码
ConnString = "Driver={Microsoft Access Driver (*.mdb)};DBQ=" & Server.MapPath("数据库路径.mdb")
Set Conn = Server.CreateObject("ADODB.Connection")
Conn.Op
|
On Error Resume Next ConnString = "Driver={Microsoft Access Driver (*.mdb)};DBQ=" & Server.MapPath("数据库路径.mdb") Set Conn = Server.CreateObject("ADODB.Connection") Conn.Open ConnString If Err.Number > 0 Then Err.Clear Set Conn = Nothing Response.Write "网站数据库连接错误或网站关闭!" Response.End End If Set Rs=Server.CreateObject("ADODB.RecordSet") Form_Badword = "'|%|&|*|#|@|(|)|=|select|and|set|delete|Count" Query_Badword = "'|and|select|update|chr|delete|%20from|;|insert|mid|master|set|chr(37)|=|Count" Form_BadwordA = Split(Form_Badword, "|") Query_BadwordA = Split(Query_Badword,"|") UserIP = Request.ServerVariables("HTTP_X_FORWARDED_FOR") If UserIP = "" Then UserIP = Request.ServerVariables("REMOTE_ADDR") ClientIP = Replace(UserIP,"'",Chr(34)) If ClientIP "" Then Rs.Open "Select * From BlackRoom Where SqlInIP='"&ClientIP&"'",Conn,3 If Rs.RecordCount > 0 Then Response.Write "安全提示:你的IP ("&ClientIP&") 已被本站锁定,请联系本站管理员!" Response.End End If Rs.Close End If If Request.Form "" Then For Each AntiPost In Request.Form For Antixh = 0 To UBound(Form_BadwordA) If InStr(LCase(Request.Form(AntiPost)),Form_BadwordA(Antixh)) 0 Then If WriteSql Then Rs.Open "BlackRoom",Conn,1,3 Rs.AddNew Rs("SqlInIP") = ClientIP Rs("URL") = Request.ServerVariables("URL") Rs("PFS") = "POST" Rs("PName") = AntiPost Rs("PValue") = Request.Form(AntiPost) Rs("PTime") = Now Rs.Update Rs.Close End If
Response.Write "非法操作ASP程序,系统记录如下: " Response.Write "操作IP:" & ClientIP & " " Response.Write "操作时间:" & Now & " " Response.Write "操作页面:" & Request.ServerVariables("URL") & " " Response.Write "操作方式:POST方式 " Response.Write "提交参数:" & AntiPost & " " Response.Write "提交数据:" & Request.Form(AntiPost) & " " Response.End End If Next Next End If Set Rs = Nothing Conn.Close Set Conn = Nothing (编辑:威海站长网) 【声明】本站内容均来自网络,其相关言论仅代表作者个人观点,不代表本站立场。若无意侵犯到您的权利,请及时与联系站长删除相关内容! |
