If your query is a SELECT * from admin where username= ' "' &user& '" ' "" "" "," "" "" &pwd& "" "" ""
Well, if my username is: 1 "' or '" ' 1 "' = ' 1
So, your query will become:
SELECT * from admin where username= ' ' 1 or ' ' 1 ' ' = ' ' ' 1 ' ' ' and password= ' ' &pwd& ' ' "
This way your query is passed, so you can enter your admin interface.
Therefore, the user's input should be checked when guarding. In particular, some special characters, such as single quotes, double quotes, semicolons, commas, colons, connection numbers, etc. are converted or filtered.
Special characters and strings that need to be filtered are:
NET user
xp_cmdshell
/add
EXEC Master.dbo.xp_cmdshell
net localgroup Administrators
Select
Count
Asc
Char
Mid
''''
:
"
Insert
Delete from
drop table
Update
Truncate
From
%
JS version of the prevention of SQL injection Attack of the two-piece code ~:
[CODE START]
<script language= "JavaScript" >
<!--
var url = location-.search;
var re=/^\? (.*) (Select%20|insert%20|delete%20from%20|count\ (|drop%20table|update%20truncate%20|asc\ (|mid\ |char\ (|xp_cmdshell |exec%20master|net%20localgroup%20administrators|\ "|:| Net%20user|\ ' |%20or%20) (. *) $/gi;
var e = re.test (URL);
if (e) {
Alert ("The address contains illegal characters ~");
Location-href= "error.asp";
}
-->
<script>
Login and Password input judgment
Prevent illegal string injection
function Checkuseravoid (str) {
var inj_str= "' |and|exec|insert|select|delete|update|count|*|%| chr|mid|master|truncate|char|declare|;| Or|-|+|, ";
var sarray=new Array ();
Sarray=inj_str.split (' | ');
for (var i=0 i <inj_stra.length; i++) {
if (Str.indexof (Inj_stra) >=0)
return true;
}
return false;
}
[CODE end]
ASP version of the prevention of SQL injection attack code ~:
[CODE START]
<%
On Error Resume Next
Dim strtemp
If LCase (Request.ServerVariables ("HTTPS") = "Off" Then
strtemp = "http://"
Else
strtemp = "https://"
End If
strtemp = strtemp & Request.ServerVariables ("SERVER_NAME")
If Request.ServerVariables ("Server_port") <> Then strtemp = strtemp & ":" & Request.ServerVariables ("SER Ver_port ")
strtemp = strtemp & Request.ServerVariables ("URL")
If Trim (request.querystring) <> "" Then strtemp = strtemp & "?" & Trim (Request.QueryString)
strtemp = LCase (strtemp)
If Instr (strtemp, "select%20") or Instr (strtemp, "insert%20") or Instr (strtemp, "Delete%20from") or Instr (strtemp, "Count (") or Instr (strtemp," drop%20table ") or Instr (strtemp," update%20 ") or Instr (strtemp," truncate%20 ") or Instr (strtemp," ASC (") or Instr (strtemp, Mid () or INSTR (strtemp," char (") or Instr (strtemp," xp_cmdshell ") or Instr (strtemp," exec% ") 20master ") or Instr (strtemp," net%20localgroup%20administrators ") or Instr (strtemp,": ") or Instr (strtemp," Net%20user " ) or Instr (strtemp, "'" ") or Instr (strtemp,"%20or%20 ") Then
Response.Write "<script language=" ' JavaScript ' ' > '
Response.Write "Alert (" "Illegal address!!) '''');"
Response.Write "location-href=" ' error.asp ';
Response.Write "<script>"
End If
%>
[CODE end]
C # Check string, anti-SQL injection attack
In this case, the number is tentatively = number and ' "
BOOL Checkparams (params object[] args)
{
String[] lawlesses={"=", "'"};
if (lawlesses==null| | lawlesses.length<=0) return true;
Constructs a regular expression, for example: lawlesses is an = number and ' ', the regular expression is. *[=} '].* (see MSDN for Regular expression related content)
In addition, because I want to do general and easy to modify the function, so more than one step from the character array to the regular expression, in actual use, directly write regular expressions can also;
String str_regex= ". *[";
for (int i=0;i< lawlesses.length-1;i++)
Str_regex+=lawlesses+ "|";
str_regex+=lawlesses[lawlesses.length-1]+ "].*";
//
foreach (object arg in args)
{
if (arg is string)//If it is a string, check directly
{
If Regex.Matches (Arg. ToString (), Str_regex). COUNT>0)
return false;
}
else if (Arg is ICollection)//If it is a collection, check that the elements in the collection are strings and are strings.
{
foreach (Object obj in (ICollection) Arg)
{
if (obj is string)
{
If Regex.Matches (obj. ToString (), Str_regex). COUNT>0)
return false;
}
}
}
}
return true;
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.
