非法字符过滤函数
非法字符过滤函数
Function ChkStr(InString) '非法字符过滤函数
If InString<>"" Then
InString=Replace(LCase(InString)," ","")
InString=Replace(LCase(InString),";","")
InString=Replace(LCase(InString),"'","")
InString=Replace(LCase(Instring),"--","")
Instring=Replace(LCase(Instring),"%","")
InString=Replace(LCase(InString),"%20","")
InString=Replace(LCase(InString),"admin","")
InString=Replace(LCase(InString),"and","")
InString=Replace(LCase(InString),"or","")
InString=Replace(LCase(InString),"asc","")
InString=Replace(LCase(Instring),"chr","")
InString=Replace(LCase(InString),"mid","")
InString=Replace(LCase(InString),"len","")
InString=Replace(LCase(InString),"select","")
InString=Replace(LCase(InString),"insert","")
InString=Replace(LCase(InString),"delete","")
InString=Replace(LCase(InString),"update","")
ChkStr=InString
End If
End Function
Function CheckFileExt(FileExt) '检测文件扩展名
Dim FileAccessExt,AccessExt
AccessExt="gif,jpg,jpeg,bmp,doc,txt,png"
FileAccessExt=Split(AccessExt,",")
For i=LBound(FileAccessExt) to UBound(FileAccessExt)
If LCase(FileExt)=LCase(FileAccessExt(i)) Then
CheckFileExt=True
Else
CheckFileExt=False
End If
Next
End Function
Function CheckStr(str,IsStr) '检查非法字符和数字数据
CheckStr=str
If IsStr And InStr(str,",")>0 Then
Call errmsg("提交字符中包含非法字符")
ElseIf (Not IsStr) And (Not IsNumeric(str)) Then
Call errmsg("提交不是数字型")
End If
End Function
Sub errmsg(str)
If Not IsNull(str) Then
Response.Write(str)&"< br >"
Call ASCpy()
Response.End()
End If
End Sub
Sub ASCpy()
Response.Write "<link href='Css/Maincss.css' rel='stylesheet' type='text/css'>"
Response.Write "<div align='center' class='Maincss'>"
Response.Write("<Center>Error happed!<br>Please Contract ")
Response.Write("Name:<a href='mailto:jdqn@sjzu.edu.cn' style='text-decoration:none'>")
Response.Write("<font Color=red>AloneSword</font>")
Response.Write("</a>.<br>Thank you!!!</Center><br>")
Response.Write "<hr>Copyright © By <a href='#' style='text-decoration:none'>建大网络</a> ™<br>"
Response.Write "Last Modified:21/08/2004<br>"
Response.Write("Author:<a href='http://blog.csdn.net/alonesword/' style='text-decoration:none' target='_blank'>AloneSword</a>")
Response.Write "</div>"
End Sub
本文来自:http://www.aspprogram.cn/
补充:asp教程,安全加密