Use the ASP to minimize server-side workloads, so you should use JavaScript more, and submit all submitted fields to the server using JavaScript or VBScript, so that the server does not have to be tested again. And at the time of submission, someone might modify the script to submit it locally, so there is a security issue, so it should be required to commit from a server-broken path, and no other address submission is invalid:
<%
Server_v1=cstr (Request.ServerVariables ("Http_referer"))
Server_v2=cstr (Request.ServerVariables ("SERVER_NAME"))
If Mid (Server_v1,8,len (SERVER_V2)) <>server_v2 Then
Response.Write "<br><br><center><table border=1 cellpadding=20 bordercolor=black bgcolor=# Eeeeee width=450> "
Response.Write "<tr><td style= ' font:9pt Verdana ' >"
Response.Write "You submitted the wrong path, prohibit the submission of data from outside the site please do not mess with this parameter!" "
Response.Write "</td></tr></table></center>"
Response.End
End If
%>
For example, the code above is named Check_path.asp save, and each time you encounter a form submission, the reference is OK:
<!--#include file= "check_path.asp"-->
This is seen in blue, my previous ASP is so to do, but later found that this code is not used, the message is still a mess is sent in, so be a breakthrough, and then added:
<%
If InStr (Request.ServerVariables ("Http_referer"), "http://" &request.servervariables ("host") <1 Then
Response.Write An error occurred on the server while processing the URL. "
Response.End
End If
%>
<%
Query_string = LCase (Request.ServerVariables ("query_string"))
if (InStr (query_string, "'") >0) or (InStr (query_string, ";") >0) or (InStr (query_string, "and") >0) Then
Response.Write "<script Language=javascript>alert ('