ASP功能函数大全文档格式.docx
《ASP功能函数大全文档格式.docx》由会员分享,可在线阅读,更多相关《ASP功能函数大全文档格式.docx(87页珍藏版)》请在冰豆网上搜索。
Response.write"
scriptlanguage='
javascript'
location.href='
&
strHttp&
;
/script>
EndSub
subAlert(sText)
alert('
&
sText&
"
);
subHistory(iStep)
script>
window.history("
iStep&
subFunmsg(iStep,sText)
Response.Write"
sText&
iStep&
执行非法提交检测
Subget_rq()
dimqs,errc,iii
qs=request.servervariables("
query_string"
dimnothis(18)
nothis(0)="
netuser"
nothis
(1)="
xp_cmdshell"
nothis
(2)="
/add"
nothis(3)="
exec%20master.dbo.xp_cmdshell"
nothis(4)="
netlocalgroupadministrators"
nothis(5)="
select"
nothis(6)="
count"
nothis(7)="
asc"
nothis(8)="
char"
nothis(9)="
mid"
nothis(10)="
nothis(11)="
:
nothis(12)="
nothis(13)="
insert"
nothis(14)="
delete"
nothis(15)="
drop"
nothis(16)="
truncate"
nothis(17)="
from"
nothis(18)="
anduser>
0"
errc=false
foriii=0toubound(nothis)
ifinstr(qs,nothis(iii))<
0then
errc=true
endif
next
iferrcthen
Response.Write("
对不起,非法URL地址请求!
metahttp-equiv="
Refresh"
content="
3;
URL=index.html"
divstyle='
1pxsolid#CCCCCC;
width:
600px;
height:
25px;
padding:
5px;
padding-left:
15px;
fontstyle='
font-size:
14px'
Diggcms系统友情提示:
br>
nbsp;
HTTP错误404-URL地址请求出错<
response.end
endif
初始化被过滤的客户端列表
FunctionwebAgent()
dimstrAgentFilter
strAgentFilter="
webzip|||flashget|||offline|||teleport"
IfChkAgent(strAgentFilter)=FalseThen
错误"
AddErrCode
(1)
CallChkError()
EndIf
*检查浏览站点的客户端
*strAL——屏蔽的客户端标志列表
FunctionChkAgent(strAL)
DimAgent,iijj
ChkAgent=True
Agent=Trim(Lcase(Request.Servervariables("
HTTP_USER_AGENT"
)))
If(NotIsNull(strAL))Then
strAL=Split(strAL,"
|||"
Foriijj=0ToUbound(strAL)
IfInstr(Agent,strAL(iijj))>
0Then
ChkAgent=False
endif
Next
EndIf
/*
防网站小偷来采摘数据
*/
functionAppeal()
DimAppealNum,AppealCount
AppealNum=30'
同一IP10秒内请求限制30次
AppealCount=Request.Cookies("
AppealCount"
)
IfAppealCount="
Then
response.Cookies("
)=1
AppealCount=1
response.cookies("
).expires=dateadd("
s"
10,now())
Else
)=AppealCount+1
ifint(AppealCount)>
int(AppealNum)then
FIELDSETstyle='
350px'
LEGEND>
描述<
/LEGEND>
response.write"
抓取很累,歇一会儿吧!
ahref="
Website&
/a>
/font>
/FIELDSET>
endfunction
防外部提交
结合Chkpost函数
functionchpost()
IfNotChkPost(Website)then
center>
系统提示<
Response.Write"
ahref=>
返回<
235px;
ahref=target=_blanktitle=免费的Diggcms内容管理系统>
Diggcms-给你最好的<
/center>
response.End()
Endfunction
处部提交数据查
FunctionChkPost(web_url)
dimServer_V1,Server_V2
ChkPost=False
Server_V1=Cstr(Request.ServerVariables("
HTTP_REFERER"
))
Server_V2=Cstr(Request.ServerVariables("
SERVER_NAME"
--------------------------------------------
Instr(所有,其中),包括>
0,否则=0
IfMid(Server_V1,8,Len(Server_V2))<
Server_V2orInstr(web_url,Server_V2)=0Then
ChkPost=False
Else
ChkPost=True
EndIf
========================================================文件操作
删除文件
FunctionDelFile(DelFilePath)
OnErrorResumeNext
DelFile=False
setMyFileObject=Server.CreateOBject("
Scripting.FileSystemObject"
MyFileObject.DeleteFile"
Server.MapPath("
DelFilePath&
)&
SetMyFileObject=Nothing
If0=Error53=ErrThen
DelFile=True
else
CatchError("
文件无法删除!
OnErrorGoTo0
检查多层目录不存在,则生成
functionCreateDIR(LocalPath)
dimpatharr,path_level,i,pathtmp,cpath,FileObject
onerrorresumenext
LocalPath=Server.MapPath(LocalPath)
LocalPath=replace(LocalPath,"
\"
"
/"
setFileObject=server.createobject("
patharr=split(LocalPath,"
path_level=ubound(patharr)
fori=0topath_level
ifi=0thenpathtmp=patharr(0)&
elsepathtmp=pathtmp&
patharr(i)&
cpath=left(pathtmp,len(pathtmp)-1)
ifnotFileObject.FolderExists(cpath)thenFileObject.CreateFolder(cpath)
next
setFileObject=nothing
iferr.number<
0then
CreateDIR=false
err.Clear
else
CreateDIR=true
cookie编码加密
FunctionCodeCookie(Str)
Dimi
DimStrRtn
Fori=Len(Str)To1Step-1
StrRtn=StrRtn&
AscW(Mid(Str,i,1))
If(i<
1)ThenStrRtn=StrRtn&
a"
CodeCookie=StrRtn
cookie解密
*/
FunctionDecodeCookie(Str)
DimStrArr,StrRtn
StrArr=Split(Str,"
Fori=0ToUBound(StrArr)
IfIsNumeric(StrArr(i))=TrueThen
StrRtn=ChrW(StrArr(i))&
StrRtn
StrRtn=Str
ExitFunction
DecodeCookie=StrRtn
*设置Cookies
*vparameter:
参数,val:
值
FunctionSetCookies(vparameter,val)
response.Cookies(vparameter)=val
response.Cookies(vparameter).Expires=dateadd("
H"
12,now())
* 读取Cookies
FunctionGetCookies(vparameter)
GetCookies=request.Cookies(vparameter)
============================================================安全过滤
安全过滤
FunctionSafeSql(Str,Flag)
SafeSql=Str
IfFlag=1Then
IfNotIsNumeric(SafeSql)OrTrim(SafeSql)="
URL=index.asp"
参数错误,参数类型应为数值型。
当前值是:
Str&
ahref=target=_blanktitle=行业黄页门户>
好财经-给你最好的<
Response.End
ElseIfFlag=2Then
Str=trim(Str)
Str=replace(Str,"
"
gt;
lt;
Str=Replace(Str,"
#92;
--"
#45;
Str=Replace(Str,CHR(34),"
quot;
)'
过滤'
Str=Replace(Str,CHR(39),"
#39;
Str=Replace(Str,CHR(13)&
CHR(10),"
BR>
回车换行
Str=Replace(Str,CHR(42),"
#42;
“*”
Str=Replace(Str,CHR(44),"
#44;
“,”
Str=Replace(Str,"
join"
union"
where"
update"
like"
create"
modify"
rename"
alter"
cast"
SafeSql=Str
参数错误SafeSql方法参数在1,2范围内"
HTML解码函数
FunctionHTMLDecode(refStringing)
DimfString
fString=refStringing
IfNotIsNull(fString)Then
fString=Replace(fString,"
fString=Replace(fString,"
CHR(34))'
还原'
ifinstr(fString,CHR(13)&
CHR(10))>
fString=Replace(fString,CHR(13)&
回车换行
HTMLDecode=fString
防注入
FunctionFunSQL(Str)
IfIsnull(Str)Then
FunSQL="
ExitFunction
Str=trim(Str)
Str=Replace(Str,Chr(0),"
1,-1,1)
Str=Replace(Str,"
Str=Replace(Str,"
1,-1,1)
Str=
升级会员 