1pxsolid#CCCCCC;width:
235px;height:
25px;padding:
5px;padding-left:
15px;'>Diggcms-给你最好的"
response.Write""
response.End()
endif
Endfunction
'/*
'处部提交数据查
'*/
FunctionChkPost(web_url)
dimServer_V1,Server_V2
ChkPost=False
Server_V1=Cstr(Request.ServerVariables("HTTP_REFERER"))
Server_V2=Cstr(Request.ServerVariables("SERVER_NAME"))
''--------------------------------------------
''Instr(所有,其中),包括>0,否则=0
''--------------------------------------------
IfMid(Server_V1,8,Len(Server_V2))<>Server_V2orInstr(web_url,Server_V2)=0Then
ChkPost=False
Else
ChkPost=True
EndIf
EndFunction
'========================================================文件操作
'/*
'删除文件
'*/
FunctionDelFile(DelFilePath)
OnErrorResumeNext
DelFile=False
setMyFileObject=Server.CreateOBject("Scripting.FileSystemObject")
MyFileObject.DeleteFile""&Server.MapPath(""&DelFilePath&"")&""
SetMyFileObject=Nothing
If0=Error53=ErrThen
DelFile=True
else
CatchError(""&DelFilePath&"文件无法删除!
")
endif
OnErrorGoTo0
EndFunction
'/*
'检查多层目录不存在,则生成
'*/
functionCreateDIR(LocalPath)
dimpatharr,path_level,i,pathtmp,cpath,FileObject
onerrorresumenext
LocalPath=Server.MapPath(LocalPath)
LocalPath=replace(LocalPath,"\","/")
setFileObject=server.createobject("Scripting.FileSystemObject")
patharr=split(LocalPath,"/")
path_level=ubound(patharr)
fori=0topath_level
ifi=0thenpathtmp=patharr(0)&"/"elsepathtmp=pathtmp&patharr(i)&"/"
cpath=left(pathtmp,len(pathtmp)-1)
ifnotFileObject.FolderExists(cpath)thenFileObject.CreateFolder(cpath)
next
setFileObject=nothing
iferr.number<>0then
CreateDIR=false
err.Clear
else
CreateDIR=true
endif
endfunction
'/*
'cookie编码加密
'*/
FunctionCodeCookie(Str)
Dimi
DimStrRtn
Fori=Len(Str)To1Step-1
StrRtn=StrRtn&AscW(Mid(Str,i,1))
If(i<>1)ThenStrRtn=StrRtn&"a"
Next
CodeCookie=StrRtn
EndFunction
'/*
'cookie解密
'*/
FunctionDecodeCookie(Str)
Dimi
DimStrArr,StrRtn
StrArr=Split(Str,"a")
Fori=0ToUBound(StrArr)
IfIsNumeric(StrArr(i))=TrueThen
StrRtn=ChrW(StrArr(i))&StrRtn
Else
StrRtn=Str
ExitFunction
EndIf
Next
DecodeCookie=StrRtn
EndFunction
'/*
'*设置Cookies
'*vparameter:
参数,val:
值
'*/
FunctionSetCookies(vparameter,val)
response.Cookies(vparameter)=val
response.Cookies(vparameter).Expires=dateadd("H",12,now())
EndFunction
'/*
'* 读取Cookies
'*/
FunctionGetCookies(vparameter)
GetCookies=request.Cookies(vparameter)
EndFunction
'============================================================安全过滤
'/*
'安全过滤
'*/
FunctionSafeSql(Str,Flag)
SafeSql=Str
IfFlag=1Then
IfNotIsNumeric(SafeSql)OrTrim(SafeSql)=""Then
'response.Write""
response.Write"350px'>"
Response.Write"14px'>参数错误,参数类型应为数值型。
当前值是:
"&Str&""
response.Write""
response.Write"
1pxsolid#CCCCCC;width:
235px;height:
25px;padding:
5px;padding-left:
15px;'>好财经-给你最好的"
Response.End
EndIf
ElseIfFlag=2Then
Str=trim(Str)
Str=replace(Str,">",">")
Str=replace(Str,"<","<")
Str=Replace(Str,"\","\")
Str=Replace(Str,"--","--")
Str=Replace(Str,CHR(34),""")'过滤''
Str=Replace(Str,CHR(39),"'")'过滤'
'Str=Replace(Str,CHR(13)&CHR(10),"
")'回车换行
Str=Replace(Str,CHR(42),"*")'“*”
Str=Replace(Str,CHR(44),",")'“,”
Str=Replace(Str,"select","select")
Str=Replace(Str,"join","join")
Str=Replace(Str,"union","union")
Str=Replace(Str,"where","where")
Str=Replace(Str,"insert","insert")
Str=Replace(Str,"delete","delete")
Str=Replace(Str,"update","update")
Str=Replace(Str,"like","like")
Str=Replace(Str,"drop","drop")
Str=Replace(Str,"create","create")
Str=Replace(Str,"modify","modify")
Str=Replace(Str,"rename","rename")
Str=Replace(Str,"alter","alter")
Str=Replace(Str,"cast","cast")
SafeSql=Str
Else
response.Write"350px'>"
Response.Write"14px'>参数错误SafeSql方法参数在1,2范围内"
response.Write""
response.Write"
1pxsolid#CCCCCC;width:
235px;height:
25px;padding:
5px;padding-left:
15px;'>好财经-给你最好的"
Response.End
EndIf
EndFunction
'/*
'HTML解码函数
'*/
FunctionHTMLDecode(refStringing)
DimfString
fString=refStringing
IfNotIsNull(fString)Then
fString=Replace(fString,">",">")
fString=Replace(fString,"<","<")
fString=Replace(fString,"\","\")
fString=Replace(fString,"--","--")
fString=Replace(fString,""",CHR(34))'还原''
fString=Replace(fString,"'","'")'还原'
'ifinstr(fString,CHR(13)&CHR(10))>0then
'fString=Replace(fString,CHR(13)&CHR(10),"
")'回车换行
'endif
fString=Replace(fString,"select","select")
fString=Replace(fString,"join","join")
fString=Replace(fString,"union","union")
fString=Replace(fString,"where","where")
fString=Replace(fString,"insert","insert")
fString=Replace(fString,"delete","delete")
fString=Replace(fString,"update","update")
fString=Replace(fString,"like","like")
fString=Replace(fString,"drop","drop")
fString=Replace(fString,"create","create")
fString=Replace(fString,"modify","modify")
fString=Replace(fString,"rename","rename")
fString=Replace(fString,"alter","alter")
fString=Replace(fString,"cast","cast")
HTMLDecode=fString
EndIf
EndFunction
'/*
'防注入
'*/
FunctionFunSQL(Str)
IfIsnull(Str)Then
FunSQL=""
ExitFunction
EndIf
Str=trim(Str)
Str=Replace(Str,Chr(0),"",1,-1,1)
Str=Replace(Str,"""",""",1,-1,1)
Str=Replace(Str,"<","<",1,-1,1)
Str=Replace(Str,">",">",1,-1,1)
Str=
展开阅读全文
相关搜索