Asp anti-SQL injection source code _ PHP Tutorial

Asp anti-SQL injection source program. This article provides an asp anti-SQL injection source program for free. the simple method is to receive query values for filtering. This article provides an asp anti-SQL injection source program free of charge, the method is more simple than this article provides an asp anti-SQL injection source program, the method is relatively simple is to receive the query value for filtering.

This article provides an asp anti-SQL injection source program for free. the simple method is to receive query values for filtering.

<%
Squery = lcase (Request. ServerVariables ("QUERY_STRING "))
SURL = lcase (Request. ServerVariables ("HTTP_HOST "))
SQL _injdata = ": |; | >||||-- | sp _ | xp _ | dir | cmd | ^ | (|) | + | $ | '| copy | format | and | exec | insert | select | delete | update | count | * | chr | mid | master | truncate | char | declare"
SQL _inj = split (SQL _Injdata, "| ")
For SQL _Data = 0 To Ubound (SQL _inj)
If instr (squery & sURL, SQL _Inj (SQL _DATA)> 0 Then
Response. Write "your operations may be SQL injection. "
Response. end
End if
Next
%>

I think there is also a way to prevent SQL injection, that is, to use the trim () function to remove spaces of all values from querystring, because SQL execution must contain spaces, in addition, if the id type is used, it is OK to determine whether it is a number.

Bytes. This article provides an asp anti-SQL injection source program free of charge, the method ratio...