1, the problem description Standard HTML statements or JavaScript statements can change the output For example: In the message board, we enter in the message content: <font size=10 color=red> Hello </font> If your ASP program does not block HTML statements, it will change the "Hello" font size. Another example: Write a dead loop of JavaScript in the input box: <a Herf=http://someurl > Mega News </a> Then other visitors to view the message as long as the mobile mouse to "Mega News", on the user's browser because of the death cycle and die.
Solutions and Recommendations: You should guard against such operations when writing similar programs, such as writing a program to judge input from the client and masking all HTML and JavaScript statements. Use the following function HTMLEncode () Processing: Function HtmlEnCode (str) ' Replace the space symbol Str=replace (str, "", "") ' Replace the character ' < ', ' > ' Str=replace (str, "<", "<") Str=replace (str, ">", ">") ' Replace line Str=replace (STR,CHR (13), " ") Htmlencode=str End Function
2, the problem description After the user copy the form, modify the action to the specified URL For example: Create a new publishing page, not join the client's data legality check code, if you specify the form action to the submission page, through your program portal, you can enter the database illegal data, or cause the database error.
Solutions and Recommendations: The following procedures can be used to resolve: Sub Checksubmit (Dir) Dim Parenturl,childurl ' Read the address of the previous jump page and convert to lowercase character channeling Parenturl=lcase (Request.ServerVariables ("Http_referer")) Childurl=lcase ("http://www.kupage.com/" &dir) If Instr (parenturl,childurl) =0 Then Strtemp= " <li> Your submission file is illegal! " Call Showerrmsg (strtemp) ' showerrmsg () Error prompt procedure End If End Sub Note: 1 Use this process, in advance to enter the site in the Childurl domain name, note that the IP address can not be entered, should be the Http_refferer returned parameters for the domain name. 2 The parameter dir passed is the relative directory path where the current file is located. 3 If this site has 2 or more than 2 domain names, you can coordinate a condition on the conditional statement, if the domain name www.51hu.com also point to this IP address (more of the same), conditional statement head can be judged: If Instr (Parenturl,childurl) =0 and Instr (Parenturl,lcase ("www.51hu.com" &dir)) Then
3. Problem Description Modify an SQL statement with an input box Solutions and Recommendations: Shielding "" & + symbols, note that when the keyboard is forbidden to "&+" and other illegal symbols, users may also use the method of copy input; There is another way is to use a conversion function, the illegal characters into a legitimate, from the database when the conversion back. You can draw on the following functions: (converting special characters before executing SQL commands) Function Adjustedforsql (ADJ_STR) Dim Adjustedstr,i Adj_str=trim (ADJ_STR) Adjustedstr= "" If Len (adj_str) >0 Then For I=1 to Len (ADJ_STR) Select case Mid (adj_str,i,1) Case "[": Adjustedstr=adjustedstr & "[]" Case "|": Adjustedstr=adjustedstr & "[{-}]" Case "'": Adjustedstr=adjustedstr & "[&-()" Case Else: Adjustedstr=adjustedstr & Mid (adj_str,i,1) End Select Next End If Adjustedforsql=adjustedstr End Function
4. Problem Description Click Back to refresh the database repeatedly For example: Publishing page, after publishing a message to click Back, continue to publish, repeated operation, will result in the Department of the database unnecessary invalid data. Solutions and Recommendations: The next database operation can be controlled in time: Session ("Putinfo") =now () When doing database operations, it is best to read the form variable before adding the following sentence If DateAdd ("s", 30,session ("Putinfo")) >now () Then Response.Write "<script Language=javascript>alert (" "The interval between the time you publish information cannot be less than 30 seconds!"); History.back ();</script> " Response.End End If
5. Problem Description ASP Program Password Authentication problem For example: Enter any value in the Username box, and enter Ben ' or ' 1 ' = ' 1 in the Password box, bypassing password authentication and landing as the first user in the database.
Solutions and Recommendations: 1) Mask the symbol "'" in the input box 2 in the user login page for the user name and password do not judge at the same time, only to judge the user name, according to the user name in the database to find whether there is a matching password, and then the password in the database and the contents of the input box to compare
6. Problem Description Directly modify the parameter values passed in the URL in the browser
Solutions and Recommendations: 1 as far as possible not in the link with important parameters, in the acceptance of parameters should be authorized to judge the request. 2 If the parameters passed are numbers, we should judge the legality of the parameters passed.
|