[php] <% dim sql_leach,sql_leach_0,Sql_DATA,SQL_Get,Sql_Post sql_leach = "',and,exec,insert,select,delete,update,count,*,%,chr,mid,master,truncate,char,declare" sql_leach_0 = split(sql_leach,",") If Request.QueryString<>"" Then For Each SQL_Get In Request.QueryString For SQL_Data=0 To Ubound(sql_leach_0) if instr(Request.QueryString(SQL_Get),sql_leach_0(Sql_DATA))>0 Then Response.Write "请不要尝试进行SQL注入!" Response.end end if next Next End If If Request.Form<>"" Then For Each Sql_Post In Request.Form For SQL_Data=0 To Ubound(sql_leach_0) if instr(Request.Form(Sql_Post),sql_leach_0(Sql_DATA))>0 Then Response.Write "请不要尝试进行SQL注入!" Response.end end if next next end if %> [/php] 防止暴库的办法,在数据库文件前面加上On Error Resume Next [php] <% On Error Resume Next dim conn,connstr,db %> [/php] 本文来自CSDN博客,转载请标明出处:http://blog.csdn.net/wjq3714/archive/2009/05/17/4195793.aspx
发表评论