The most easy way for the ASP to make the program problems and solutions

Program | beginners | solve | problems

In ASP programming, identity authentication can be said to be used frequently. But how to achieve the security of certification?

Example:

Form Submission page: sub.htm

<title> Admin Login <body>
<form name= "Form1" method= "Post" action= "sub.asp" >
<p> admin:
<input type= "text" name= "UserID" size= "" "Maxlength=" >
Password
<input type= "text" name= "pass" size= "maxlength=" >
<input type= "Submit" name= "Submission" value= "submitted" >
</p>
</form>
</body>

Sub.asp Program

<%
Receive data from a form
User=request.from ("UserID")
Check whether the data submitted by the form is empty (the form page may be controlled by JavaScript or VBScript, but don't forget to control here!)
If user= "" Then
Go to the error prompt page!
Response.Redirect "Err1.htm"
This sentence may not be useful, but add it as well!
Response.End
End If
Pass=request.from ("Pass")
If pass= "" Then
Response.Redirect "Err2.htm"
Response.End
End If
Join database
File=server.mappath ("Your Database")
Set Conn=server.createobject ("Adodb.connection")
Dr= "Driver={microsoft Access Driver (*.mdb)};d bq=" &file
Conn.Open Dr
Set Rs=server.createobject ("Adodb.recordset")
The key is the SQL language here
Sql= "SELECT * from table where user=" &user& "and pass=" &pass& ""
Rs.Open SQL
If not rs.eof then
If you find it, go to the admin page.
Reponse.redirect "Login.asp"
Else
Go to the wrong page without finding it
Response.Write "Err3.htm"
End If
%>

We feel that the above code should be no problem ah, but here is a serious security risk:

If I want to log in to the administrator, you can enter in the Sub.htm form input box:

Enter the first text box: A or 1 = 1 or =

Enter the second text box: A or 1 = 1 or =

Submit, you will see ... "Woo, listen to me say good, bricks will be thrown over again ..."

"A" and "1" are any characters

Some people will ask why you enter these characters as an administrator to enter it??

In fact, these characters are for your program in the SQL language deception, and the successful entry of the

Everyone look: In the Start program SQL is the record that queries the table to satisfy the user= "&user&" and pass= "&pass&" condition
Sql= "SELECT * from table where user=" &user& "and pass=" &pass& ""

I entered the above code and became the following:

Sql= "SELECT * from table where user= A or 1 = 1 and pass= A or 1 = 1"

Can you see the reason for not entering?? Give me a reason not to enter, first!

The above user pass field is a character type if it is the same as the number of the same reason!

Workaround:

One, function substitution method:

Replace the user input content with a special character in the replacement, to achieve control purposes AH! ：）

Sql= "SELECT * from table where user=" &replace (User, "" "") & "and pass=" &replace (Pass, "", "") & ""

This method can only replace one character at a time, in fact, the dangerous characters are not just "", but also like ">", "<", "&", "%" and other characters should be fully controlled. But with the Replace function does not seem to be competent then how to do??

Second, the procedure Control Law

Use the program to all the input of the client to control, so that you can fully control the user input any possible dangerous characters or code, I will this method! ：）

An example is provided:

<%
Capturing the content of a form submitted by a client
User=request.from ("User")
Pass=request.from ("Pass")
...
Loop control Start
For I=1 to Len (user)
Read a character of position I in the variable user with the Mid function
Us=mid (user,i,1)
Compare the characters that are read out
If us= "" or us= "%" or us= "<" or us= ">" or us= "&" Then
If you have the above characters will be error prompts, can not contain the above special characters
Response.Redirect "Err2.htm"
Response.End
End If
Next
...
%>