<& '--------版權(quán)說明------------------ 'SQL通用防注入程序 V3.0 '2.0強化版,對代碼做了一點優(yōu)化,加入自動封注入者Ip的功能!^_^ '3.0版,加入后臺登陸查看注入記錄功能,方便網(wǎng)站管理員查看非法記錄,以及刪除以前的記錄,是否對入侵者Ip解除封鎖! '火狐技術(shù)聯(lián)盟 Neeao URL:http://www.wrsky.com 'Neeao站點:http://www.neeao.com 'Mail:neeaocn@Gamil.com '--------數(shù)據(jù)庫連接部分-------------- dim dbkillSql,killSqlconn,connkillSql dbkillSql="../web#data#hxj#hyxr#mdb#hyjnh/Sql#In.mdb" 'On Error Resume Next Set killSqlconn = Server.CreateObject("ADODB.Connection") connkillSql="Provider=Microsoft.Jet.OLEDB.4.0;Data Source=" & Server.MapPath(dbkillSql) killSqlconn.Open connkillSql If Err Then err.Clear Set killSqlconn = Nothing Response.Write "數(shù)據(jù)庫連接出錯,請檢查連接字串。" Response.End End If '--------定義部份------------------ Dim Fy_Post,Fy_Get,Fy_In,Fy_Inf,Fy_Xh,Fy_db,Fy_dbstr,Kill_IP,WriteSql '自定義需要過濾的字串,用 "|" 分隔 Fy_In = "'|;|and|(|)|exec|insert|select|delete|update|count|*|%|chr|mid|master|truncate|char|declare" Kill_IP=True WriteSql=True '---------------------------------- Fy_Inf = split(Fy_In,"|") '--------POST部份------------------ If Request.Form<>"" Then For Each Fy_Post In Request.Form For Fy_Xh=0 To Ubound(Fy_Inf) If Instr(LCase(Request.Form(Fy_Post)),Fy_Inf(Fy_Xh))<>0 Then If WriteSql=True Then killSqlconn.Execute("insert into SqlIn(Sqlin_IP,SqlIn_Web,SqlIn_FS,SqlIn_CS,SqlIn_SJ) values('"&Request.ServerVariables("REMOTE_ADDR")&"','"&Request.ServerVariables("URL")&"','POST','"&Fy_Post&"','"&replace(Request.Form(Fy_Post),"'","''")&"')") killSqlconn.close Set killSqlconn = Nothing End If Response.Write "" Response.Write "非法操作!系統(tǒng)做了如下記錄↓
" Response.Write "操作IP:"&Request.ServerVariables("REMOTE_ADDR")&"
" Response.Write "操作時間:"&Now&"
" Response.Write "操作頁面:"&Request.ServerVariables("URL")&"
" Response.Write "提交方式:POST
" Response.Write "提交參數(shù):"&Fy_Post&"
" Response.Write "提交數(shù)據(jù):"&Request.Form(Fy_Post) Response.End End If Next Next End If '---------------------------------- '--------GET部份------------------- If Request.QueryString<>"" Then For Each Fy_Get In Request.QueryString For Fy_Xh=0 To Ubound(Fy_Inf) If Instr(LCase(Request.QueryString(Fy_Get)),Fy_Inf(Fy_Xh))<>0 Then If WriteSql=True Then killSqlconn.Execute("insert into SqlIn(Sqlin_IP,SqlIn_Web,SqlIn_FS,SqlIn_CS,SqlIn_SJ) values('"&Request.ServerVariables("REMOTE_ADDR")&"','"&Request.ServerVariables("URL")&"','GET','"&Fy_Get&"','"&replace(Request.QueryString(Fy_Get),"'","''")&"')") killSqlconn.close Set killSqlconn = Nothing End If Response.Write "" Response.Write "非法操作!我們的系統(tǒng)已經(jīng)做了如下記錄↓
" Response.Write "操作IP:"&Request.ServerVariables("REMOTE_ADDR")&"
" Response.Write "操作時間:"&Now&"
" Response.Write "操作頁面:"&Request.ServerVariables("URL")&"
" Response.Write "提交方式:GET
" Response.Write "提交參數(shù):"&Fy_Get&"
" Response.Write "提交數(shù)據(jù):"&Request.QueryString(Fy_Get) Response.Write "

請馬上離開,謝謝!" Response.End End If Next Next End If If Kill_IP=True Then Dim Sqlin_IP,rsKill_IP,Kill_IPsql Sqlin_IP=Request.ServerVariables("REMOTE_ADDR") Kill_IPsql="select Sqlin_IP from SqlIn where Sqlin_IP='"&Sqlin_IP&"'" Set rsKill_IP=killSqlconn.execute(Kill_IPsql) If Not(rsKill_IP.eof or rsKill_IP.bof) Then Response.write "" Response.End End If rsKill_IP.close End If &> &

羞羞网站在线观看无码高清_强奷乱码中文字幕熟女塚本_中文字幕不卡高清视频在线_午夜国产精品500

  ·中文簡體·繁體中文·ENGLISH
 
最新公告:
變壓器 開關(guān)電源 OEM加工產(chǎn)品 鐵芯
     
河源天裕電子塑膠有限公司是一家集信息技
術(shù)與現(xiàn)代化生產(chǎn)為一體的高科技企業(yè),公司秉著
“誠信、真誠、互利、合作”的工作理念...
聯(lián)系電話:0762-2203101
聯(lián)系傳真:0762-2203100
電子郵箱:sales@keenocean-china.com
網(wǎng)站網(wǎng)址:www.jiaivr.com
聯(lián)系地址:河源市高新技術(shù)開
發(fā)區(qū)興工大道東面科七路南
銷售咨詢熱線:0762-2203101 關(guān)于我們 | 銷售網(wǎng)絡(luò) | 招賢納士 | 聯(lián)系我們
Copyright © 2016 www.jiaivr.com All Rights Reserved. 河源天裕電子塑膠有限公司 版權(quán)所有
地址:河源市高新技術(shù)開發(fā)區(qū)興工大道東面科七路南 電話:0762-2203101 傳真:0762-2203100
網(wǎng)站備案:粵ICP備11067044號 技術(shù)支持:新銳網(wǎng)絡(luò)-河源網(wǎng)站建設(shè)