资源描述
ASP过滤特殊字符完整.docx
《ASP过滤特殊字符完整.docx》由会员分享,可在线阅读,更多相关《ASP过滤特殊字符完整.docx(10页珍藏版)》请在冰豆网上搜索。
ASP过滤特殊字符完整
ASP过滤特殊字符
<%
functionchangechr(str)
changechr=replace(replace(replace(replace(str,"<","<"),">",">"),chr(13),"
"),""," ")
changechr=replace(replace(replace(replace(changechr,"[sayyes]",""),"[red]",""),"[big]","")
changechr=replace(replace(replace(replace(changechr,"[/sayyes]",">
"),"",""),"[/red]",""),"[/big]","")
endfunction
'过滤SQL非法字符并格式化html代码
functionReplace_Text(fString)
ifisnull(fString)then
Replace_Text=""
exitfunction
else
fString=trim(fString)
fString=replace(fString,"'","''")
fString=replace(fString,";",";")
fString=replace(fString,"--","—")
fString=server.htmlencode(fString)
Replace_Text=fString
endif
endfunction
'会员发布的各种信息过滤
'FunctionReplace_Text(fString)
'IfNotIsNull(fString)Then
'fString=trim(fString)
'fString=replace(fString,";",";") '分号过滤
'fString=replace(fString,"--","——")'--过滤
'fString=replace(fString,"%20","") '特殊字符过滤
'fString=replace(fString,"==","") '==过滤
'fString=replace(fString,">",">")
'fString=replace(fString,"<","<")
'fString=Replace(fString,CHR(32),"") '
'fString=Replace(fString,CHR(9),"") '
'fString=Replace(fString,CHR(34),""")
'fString=Replace(fString,CHR(39),"'")'单引号过滤
'fString=Replace(fString,CHR(13),"")
'fString=Replace(fString,CHR(10)&CHR(10),"
")
'fString=Replace(fString,CHR(10),"
")
'Replace_Text=fString
'EndIf
'EndFunction
'过滤SQL非法字符
FunctioncheckStr(Chkstr)
dimStr:
Str=Chkstr
ifisnull(Str)then
checkStr=""
exitFunction
else
Str=replace(Str,"'","")
Str=replace(Str,";","")
Str=replace(Str,"--","")
checkStr=Str
endif
EndFunction
'检测传递的参数是否为数字型
FunctionChkrequest(Para)
Chkrequest=False
IfNot(IsNull(Para)orTrim(Para)=""orNotIsNumeric(Para))Then
Chkrequest=True
EndIf
EndFunction
'检测传递的参数是否为日期型
FunctionChkrequestdate(Para)
Chkrequestdate=False
IfNot(IsNull(Para)orTrim(Para)=""orNotIsDate(Para))Then
Chkrequestdate=True
EndIf
EndFunction
'得到当前页面的地址
FunctionGetUrl()
OnErrorResumeNext
DimstrTemp
IfLCase(Request.ServerVariables("HTTPS"))="off"Then
strTemp="http:
//"
Else
strTemp="https:
//"
EndIf
strTemp=strTemp&CheckStr(Request.ServerVariables("SERVER_NAME"))
IfRequest.ServerVariables("SERVER_PORT")<>80ThenstrTemp=strTemp&":
"&CheckStr(Request.ServerVariables("SERVER_PORT"))
strTemp=strTemp&CheckStr(Request.ServerVariables("URL"))
IfTrim(Request.QueryString)<>""ThenstrTemp=strTemp&"?
"&CheckStr(Trim(Request.QueryString))
GetUrl=strTemp
EndFunction
'FunctionCheckReferer() '检查用户是否在浏览器里输入了本页的地址
' DimsReferer,Icheck
' CheckReferer=True
' sReferer=Request.ServerVariables("HTTP_REFERER")
' ServerIP=Request.ServerVariables("LOCAL_ADDR")
' Icheck=InStr(sReferer,"ServerIP")
' IfIcheck=0Then
' CheckReferer=False
' EndIf
'EndFunction
'日期格式化
FunctionFormatDate(DT,tp)
dimY,M,D
Y=Year(DT)
M=month(DT)
D=Day(DT)
ifM<10thenM="0"&M
ifD<10thenD="0"&D
selectcasetp
case1FormatDate=Y&"年"&M&"月"&D&"日"
case2FormatDate=Y&"-"&M&"-"&D
endselect
EndFunction
'不允许外部提交数据的选择
FunctionChkPost()
dimHTTP_REFERER,SERVER_NAME
dimserver_v1,server_v2
chkpost=false
SERVER_NAME=CheckStr(Request.ServerVariables("SERVER_NAME"))
HTTP_REFERER=CheckStr(Request.ServerVariables("HTTP_REFERER"))
server_v1=Cstr(HTTP_REFERER)
server_v2=Cstr(SERVER_NAME)
ifmid(server_v1,8,len(server_v2))<>server_v2then
chkpost=false
else
chkpost=true
endif
EndFunction
'构造上传图片文件名随机数
functionMakedownName()
dimfname
fname=now()
fname=replace(fname,"-","")
fname=replace(fname,"","")
fname=replace(fname,":
","")
fname=replace(fname,"PM","")
fname=replace(fname,"AM","")
fname=replace(fname,"上午","")
fname=replace(fname,"下午","")
fname=int(fname)+int((10-1+1)*Rnd+1)
MakedownName=fname
endfunction
'Email检测
functionIsValidEmail(email)
dimnames,name,i,c
IsValidEmail=true
names=Split(email,"@")
ifUBound(names)<>1then
IsValidEmail=false
exitfunction
endif
foreachnameinnames
ifLen(name)<=0then
IsValidEmail=false
exitfunction
endif
fori=1toLen(name)
c=Lcase(Mid(name,i,1))
ifInStr("abcdefghijklmnopqrstuvwxyz_-.",c)<=0andnotIsNumeric(c)then
IsValidEmail=false
exitfunction
endif
next
ifLeft(name,1)="."orRight(name,1)="."then
IsValidEmail=false
exitfunction
endif
next
ifInStr(names
(1),".")<=0then
IsValidEmail=false
exitfunction
endif
i=Len(names
(1))-InStrRev(names
(1),".")
ifi<>2andi<>3then
IsValidEmail=false
exitfunction
endif
ifInStr(email,"..")>0then
IsValidEmail=false
endif
endfunction
'Jmail邮件发送
FunctionSendJmail(Email,Topic,MailBody)
DimJMail
onerrorresumenext
SetJMail=Server.CreateObject("JMail.SMTPMail")
JMail.LazySend =true
JMail.silent =true
JMail.Charset ="gb2312"
JMail.ContentType ="text/html"
JMail.Sender ="wemaster@alibaba.info"'我们网站自己的邮箱
JMail.ReplyTo ="wemaster@alibaba.info"'我们网站自己的邮箱
JMail.SenderName ="阿里爸爸邮件发送"
JMail.Subject =Topic
JMail.SimpleLayout =true
JMail.Body =MailBody
JMail.Priority =3
JMail.AddRecipientEmail
JMail.AddHeader"Originating-IP",GBL_IPAddress
IfJMail.Execute()=falseThen
SendJmail=0
Else
SendJmail=1
EndIf
JMail.Close
SetJMail=Nothing
EndFunction
'分页
FunctionlistPages(LinkFile)
ifnot(rs.eofandrs.bof)then
gopage=currentpage
totalpage=n
blockPage=Int((gopage-1)/10)*10+1
'ifinstr(linkfile,"?
page=")>0orinstr(linkfile,"&page=")>0then
'pos=instr(linkfile,"page=")-2
'linkfile=left(linkfile,pos)
'endif
IfLCase(Request.ServerVariables("HTTPS"))="off"Then
strTemp="http:
//"
Else
strTemp="https:
//"
EndIf
strTemp=strTemp&CheckStr(Request.ServerVariables("SERVER_NAME"))
IfRequest.ServerVariables("SERVER_PORT")<>80ThenstrTemp=strTemp&":
"&CheckStr(Request.ServerVariables("SERVER_PORT"))
strTemp=strTemp&CheckStr(Request.ServerVariables("URL"))
lenstrTemp=len(strTemp)+1
ifinstr(left(linkfile,lenstrTemp),"?
")>0then
ifblockPage=1Then
Response.Write"【←前10页 "
Else
Response.Write("【←前10页 ")
EndIf
i=1
DoUntili>10orblockPage>n
IfblockPage=int(gopage)Then
Response.Write("["&blockPage&"]")
Else
Response.Write("["&blockPage&"]")
EndIf
blockPage=blockPage+1
i=i+1
Loop
ifblockPage>totalpageThen
Response.Write" 后10页→】"
Else
Response.Write(" 后10页→】")
EndIf
response.write"直接到第"
response.write"=''){location=this.options[this.selectedIndex].value;}>"
fori=1tototalpage
response.write" ifi=gopagethenresponse.write"selected"
response.write">"&i&""
next
response.write""
response.write"页
"
else
ifblockPage=1Then
Response.Write"【←前10页 "
Else
Response.Write("【page="&blockPage-10&">←前10页 ")
EndIf
i=1
DoUntili>10orblockPage>n
IfblockPage=int(gopage)Then
Response.Write("["&blockPage&"]")
Else
Response.Write("page="&blockPage&">["&blockPage&"]")
EndIf
blockPage=blockPage+1
i=i+1
Loop
ifblockPage>totalpageThen
Response.Write" 后10页→】"
Else
Response.Write(" page="&blockPage&">后10页→】")
EndIf
response.write"直接到第"
response.write"=''){location=this.options[this.selectedIndex].value;}>"
fori=1tototalpage
response.write"page="&i&"'"
ifi=gopagethenresponse.write"selected"
response.write">"&i&""
next
response.write""
response.write"页
"
EndIf
Startinfo=((gopage-1)*msg_per_page)+1
Endinfo=gopage*msg_per_page
ifEndinfo>totalrecthenEndinfo=totalrec
Response.Write(" 共"&totalrec&"条信息当前显示第"&Startinfo&"-"&Endinfo&"条每页"&msg_per_page&"条信息共"&n&"页")
endif
EndFunction
'分页2
FunctionlistPages2(LinkFile)
ifnot(rs.eofandrs.bof)then
gopage=currentpage
totalpage=n
blockPage=Int((gopage-1)/10)*10+1
IfLCase(Request.ServerVariables("HTTPS"))="off"Then
strTemp="http:
//"
Else
strTemp="https:
//"
EndIf
strTemp=strTemp&CheckStr(Request.ServerVariables("SERVER_NAME"))
IfRequest.ServerVariables("SERVER_PORT")<>80ThenstrTemp=strTemp&":
"&CheckStr(Request.ServerVariables("SERVER_PORT"))
strTemp=strTemp&CheckStr(Request.ServerVariables("URL"))
lenstrTemp=len(strTemp)+1
ifinstr(left(linkfile,lenstrTemp),"?
")>0then
ifblockPage=1Then
Response.Write"前10页 "
Else
Response.Write("前10页 ")
EndIf
i=1
DoUntili>10orblockPage>n
升级会员 