Safe3 common asp injection prevention code

<%

Copy Right By Safe3 www.safe3.cn
If request. querystring <> "then stopinjection (request. querystring)
If request. Form <> "" then stopinjection (request. Form)
If request. Cookies <> "" then stopinjection (request. Cookies)
Function stopinjection (values)
Dim l_get, l_get2, n_get, regex, IP
For each n_get in values
For each l_get in values
Rochelle get2 = values (l_get)
Set regex = new regexp
Regex. ignorecase = true
Regex. global = true
Regex. pattern = "(|; | * | declares | sands | sors | sunions | select | update | insert |.../| ..\)"
If regex. test (l_get2) then
IP = Request. ServerVariables ("HTTP_X_FORWARDED_FOR ")
If IP = "" Then
IP = Request. ServerVariables ("REMOTE_ADDR ")
End if
Slog ("<br> operation IP:" & ip & "<br> operation time:" & now () & "<br> operation page:" & Request. serverVariables ("URL") & "<br> submission method:" & Request. serverVariables ("Request_Method") & "<br> submit parameter:" & l_get & "<br> submit data:" & l_get2)
Response. Write "Illegal operation! "
Response. end
End if
Set regex = nothing
Next
Next
End function

Sub slog (logs)
Dim toppath, fs, Ts, Errorlog
Toppath = Server. Mappath ("/log.htm ")
Set fs = CreateObject ("scripting. filesystemobject ")
If Not Fs. FILEEXISTS (toppath) Then
Set Ts = fs. createtextfile (toppath, True)
Ts. close
End if
Set Ts = Fs. OpenTextFile (toppath, 1)
Do While Not Ts. AtEndOfStream
Errorlog = Errorlog & Ts. ReadLine & chr (13) & chr (10)
Loop
Ts. close
Errorlog = Errorlog & logs
Set Ts = Fs. OpenTextFile (toppath, 2)
Ts. writeline (Errorlog)
Ts. Close
End sub
%>