These days, the SQL injection hole really hurt God, online code a lot of not very esoteric is trouble
Finally found a universal anti-note code, sharing, hehe
Simple to operate, as long as the inclusion or put into the conn.asp, to fix
Finally, it is estimated that there are some dangerous characters did not put all, help me to complete, thank you
<%
"--------Definition part------------------
Dim Fy_post,fy_get,fy_in,fy_inf,fy_xh,fy_db,fy_dbstr
"" To customize the string to filter, separated by "anti"
fy_in = "" ' Anti-and-anti-exec anti-insert anti-select anti-delete anti-update anti-count anti-anti-CHR anti-"mid anti-truncate anti-char anti-declare < > anti-anti- | anti-Anti _ "
Fy_inf = Split (fy_in, "anti")
If request.form<> "" Then
For each fy_post in Request.Form
For fy_xh=0 to Ubound (Fy_inf)
If Instr (LCase (Request.Form (Fy_post)), Fy_inf (FY_XH)) <>0 Then
Response.Write "<script Language=javascript>alert" "Network long Friendship tips hacker Heroes ↓
Please do not include illegal characters in the parameter attempt to inject the attack site, this site is not easy to do. I am a rookie, good fear, put me a horse bar.
Http://www.ohttp.com
qq:100020304
If you have any word, please go to http://www.pkgo.net/message to give me a message ';</script> '
Response.Write "Illegal operation. This site has been to the heroes you have done the following record ↓<br> "
Response.Write "Operation IP:" &request.servervariables ("REMOTE_ADDR") & "<br>"
Response.Write "Operation time:" &Now& "<br>"
Response.Write "Action page:" &request.servervariables ("URL") & "<br>"
Response.Write "Submit Way:post<br>"
Response.Write "Submit Parameters:" &Fy_Post& "<br>"
Response.Write "Submit data:" &request.form (Fy_post)
Response.End
End If
Next
Next
End If
If request.querystring<> "" Then
For each fy_get in Request.QueryString
For fy_xh=0 to Ubound (Fy_inf)
If Instr (LCase (Request.QueryString (Fy_get)), Fy_inf (FY_XH)) <>0 Then
Response.Write "<script Language=javascript>alert" "Network long Friendship tips hacker Heroes ↓
Please do not include illegal characters in the parameter attempt to inject the attack site, this site is not easy to do. I am a rookie, good fear, put me a horse bar.
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.
