UC知道怎么防SQL注入攻击
来源:百度知道 编辑:UC知道 时间:2024/06/14 10:56:36
怎么防SQL注入攻击
在conn.asp或其他网页前面加上如下防注入代码即可。
<%
dim var
var = "and|exec|insert|select|delete|update|count|*|%|chr|mid|master|truncate|char|declare|or|javascript"
sql_inj = split(var,"|")
If Request.QueryString<>"" Then
For Each sql_Get In Request.QueryString
For sql_Data=0 To Ubound(sql_inj)
if instr(Request.QueryString(sql_Get),sql_inj(sql_Data))>0 Then
Response.Write "<Script Language=Javascript>alert('该程序执行了非法操作,即将被关闭');window.close();</Script>"
Response.end
end if
next
Next
End If
%>
dim var
var = "and|exec|insert|select|delete|update|count|*|%|chr|mid|master|truncate|char|declare|or|javascript"
sql_inj = split(var,"|")