几个比较好用的asp检查函数
因为比较简单,我就不说什么了。一看就明白的!
Function ChkStr(InString)
If InString<>"" Then
InString=Replace(LCase(InString)," ","")
InString=Replace(LCase(InString),";","")
InString=Replace(LCase(InString),"'","")
InString=Replace(LCase(Instring),"--","")
Instring=Replace(LCase(Instring),"%","")
InString=Replace(LCase(InString),"%20","")
InString=Replace(LCase(InString),"admin","")
InString=Replace(LCase(InString),"and","")
InString=Replace(LCase(InString),"or","")
InString=Replace(LCase(InString),"asc","")
InString=Replace(LCase(Instring),"chr","")
InString=Replace(LCase(InString),"mid","")
InString=Replace(LCase(InString),"len","")
InString=Replace(LCase(InString),"select","")
InString=Replace(LCase(InString),"insert","")
InString=Replace(LCase(InString),"delete","")
InString=Replace(LCase(InString),"update","")
ChkStr=InString
End If
End Function
Function CheckFileExt(FileExt)
Dim FileAccessExt,AccessExt
AccessExt="gif,jpg,jpeg,bmp,doc,txt,png"
FileAccessExt=Split(AccessExt,",")
For i=LBound(FileAccessExt) to UBound(FileAccessExt)
If LCase(FileExt)=LCase(FileAccessExt(i)) Then
CheckFileExt=True
Else
CheckFileExt=False
End If
Next
End Function
Function CheckStr(str,IsStr)
CheckStr=str
If IsStr And InStr(str,",")>0 Then
Call errmsg("提交字符中包含非法字符")
ElseIf (Not IsStr) And (Not IsNumeric(str)) Then
Call errmsg("提交不是数字型")
End If
End Function
Sub errmsg(str)
If Not IsNull(str) Then
Response.Write(str)&"< br >"
Call ASCpy()
Response.End() 'Very Improtan.Stop execute program.
End If
End Sub
Sub ASCpy()
Response.Write "<link href='Css/Maincss.css' rel='stylesheet' type='text/css'>"
Response.Write "<div align='center' class='Maincss'>"
Response.Write("<Center>Error happed!<br>Please Contract ")
Response.Write("Name:<a href='mailto:jdqn@sjzu.edu.cn' style='text-decoration:none'>")
Response.Write("<font Color=red>AloneSword</font>")
Response.Write("</a>.<br>Thank you!!!</Center><br>")
Response.Write "<hr>Copyright © By <a href='#' style='text-decoration:none'>建大网络</a> ™<br>"
Response.Write "Last Modified:21/08/2004<br>"
Response.Write("Author:<a href='http://blog.csdn.net/alonesword/' style='text-decoration:none' target='_blank'>AloneSword</a>")
Response.Write "</div>"
End Sub
小结:
最值得学习的还是response.End()的合理使用,非常的好。只要出现错误马上终止程序的运行,不给后面的机会,保证数据的安全。
Function ChkStr(InString)
If InString<>"" Then
InString=Replace(LCase(InString)," ","")
InString=Replace(LCase(InString),";","")
InString=Replace(LCase(InString),"'","")
InString=Replace(LCase(Instring),"--","")
Instring=Replace(LCase(Instring),"%","")
InString=Replace(LCase(InString),"%20","")
InString=Replace(LCase(InString),"admin","")
InString=Replace(LCase(InString),"and","")
InString=Replace(LCase(InString),"or","")
InString=Replace(LCase(InString),"asc","")
InString=Replace(LCase(Instring),"chr","")
InString=Replace(LCase(InString),"mid","")
InString=Replace(LCase(InString),"len","")
InString=Replace(LCase(InString),"select","")
InString=Replace(LCase(InString),"insert","")
InString=Replace(LCase(InString),"delete","")
InString=Replace(LCase(InString),"update","")
ChkStr=InString
End If
End Function
Function CheckFileExt(FileExt)
Dim FileAccessExt,AccessExt
AccessExt="gif,jpg,jpeg,bmp,doc,txt,png"
FileAccessExt=Split(AccessExt,",")
For i=LBound(FileAccessExt) to UBound(FileAccessExt)
If LCase(FileExt)=LCase(FileAccessExt(i)) Then
CheckFileExt=True
Else
CheckFileExt=False
End If
Next
End Function
Function CheckStr(str,IsStr)
CheckStr=str
If IsStr And InStr(str,",")>0 Then
Call errmsg("提交字符中包含非法字符")
ElseIf (Not IsStr) And (Not IsNumeric(str)) Then
Call errmsg("提交不是数字型")
End If
End Function
Sub errmsg(str)
If Not IsNull(str) Then
Response.Write(str)&"< br >"
Call ASCpy()
Response.End() 'Very Improtan.Stop execute program.
End If
End Sub
Sub ASCpy()
Response.Write "<link href='Css/Maincss.css' rel='stylesheet' type='text/css'>"
Response.Write "<div align='center' class='Maincss'>"
Response.Write("<Center>Error happed!<br>Please Contract ")
Response.Write("Name:<a href='mailto:jdqn@sjzu.edu.cn' style='text-decoration:none'>")
Response.Write("<font Color=red>AloneSword</font>")
Response.Write("</a>.<br>Thank you!!!</Center><br>")
Response.Write "<hr>Copyright © By <a href='#' style='text-decoration:none'>建大网络</a> ™<br>"
Response.Write "Last Modified:21/08/2004<br>"
Response.Write("Author:<a href='http://blog.csdn.net/alonesword/' style='text-decoration:none' target='_blank'>AloneSword</a>")
Response.Write "</div>"
End Sub
小结:
最值得学习的还是response.End()的合理使用,非常的好。只要出现错误马上终止程序的运行,不给后面的机会,保证数据的安全。
- 没有相关文章
- 没有评论