ASP过滤SQL非法字符并格式化html代码

'得到当前页面的地址
Function GetUrl()
On Error Resume Next
Dim strTemp
If LCase(Request.ServerVariables("HTTPS")) = "off" Then
strTemp = "http://"
Else
strTemp = "https://"
End If
strTemp = strTemp & CheckStr(Request.ServerVariables("SERVER_NAME"))
If Request.ServerVariables("SERVER_PORT") <> 80 Then strTemp = strTemp & ":" & CheckStr(Request.ServerVariables("SERVER_PORT"))
strTemp = strTemp & CheckStr(Request.ServerVariables("URL"))
If Trim(Request.QueryString) <> "" Then strTemp = strTemp & "?" & CheckStr(Trim(Request.QueryString))
GetUrl = strTemp  
End Function

'Function CheckReferer()   '检查用户是否在浏览器里输入了本页的地址
'     Dim sReferer, Icheck
'     CheckReferer = True
'     sReferer = Request.ServerVariables("HTTP_REFERER")
'     ServerIP = Request.ServerVariables("LOCAL_ADDR")
'     Icheck = InStr(sReferer, "ServerIP")
'     If Icheck = 0 Then
'     CheckReferer = False
'     End If
'End Function

'日期格式化
Function FormatDate(DT,tp)
dim Y,M,D
Y=Year(DT)
M=month(DT)
D=Day(DT)
if M<10 then M="0"&M
if D<10 then D="0"&D
select case tp
case 1 FormatDate=Y&"年"&M&"月"&D&"日"
case 2 FormatDate=Y&"-"&M&"-"&D
end select
End Function

'不允许外部提交数据的选择
Function ChkPost()
     dim HTTP_REFERER,SERVER_NAME
dim server_v1,server_v2
chkpost=false
     SERVER_NAME=CheckStr(Request.ServerVariables("SERVER_NAME"))
HTTP_REFERER=CheckStr(Request.ServerVariables("HTTP_REFERER"))
server_v1=Cstr(HTTP_REFERER)
server_v2=Cstr(SERVER_NAME)
if mid(server_v1,8,len(server_v2))<>server_v2 then
   chkpost=false
else
   chkpost=true
end if
End Function

'构造上传图片文件名随机数
function MakedownName()
dim fname
fname = now()
fname = replace(fname,"-","")
fname = replace(fname," ","")
fname = replace(fname,":","")
fname = replace(fname,"PM","")
fname = replace(fname,"AM","")
fname = replace(fname,"上午","")
fname = replace(fname,"下午","")
fname = int(fname) + int((10-1+1)*Rnd + 1)

上一页 [1] [2] [3] [4] [5] [6] [7] [8] 下一页

复制本页网址和标题，发送给你QQ/Msn的好友一起分享

上一篇:有关ADO访问不同数据库的差别详细介绍

下一篇:ASP网站漏洞及黑客入侵防范方法解析