Manage_Conn.asp
资源名称:NetPhone.rar [点击查看]
上传用户:xxtaishan
上传日期:2022-01-02
资源大小:4063k
文件大小:1k
源码类别:
IP电话/视频会议
开发平台:
ASP/ASPX
- <%
- if session("key")<>"freesky_zhangdan" and session("manage")="" then
- response.write "<script>alert('连接超时,请使用管理员身份重新登录后台系统!');"
- response.write "top.location.href='../index.asp';</script>"
- end if
- dim sql_injdata,SQL_inj,SQL_Get,SQL_Data,Sql_Post
- SQL_injdata = "'|and|exec|insert|select|delete|update|count|*|%|chr|mid|master|truncate|char|declare"
- SQL_inj = split(SQL_Injdata,"|")
- If Request.QueryString<>"" Then
- For Each SQL_Get In Request.QueryString
- For SQL_Data=0 To Ubound(SQL_inj)
- if instr(Request.QueryString(SQL_Get),Sql_Inj(Sql_DATA))>0 Then
- Response.Write "<script>alert('请不要在参数中包含非法字符尝试注入!');history.back(-1);</script>"
- Response.end
- end if
- next
- Next
- End If
- '--------------------------------------
- If Request.Form<>"" Then
- For Each Sql_Post In Request.Form
- For SQL_Data=0 To Ubound(SQL_inj)
- if instr(Request.Form(Sql_Post),Sql_Inj(Sql_DATA))>0 Then
- Response.Write "<script>alert('请不要在参数中包含非法字符尝试注入!');history.back(-1);</script>"
- Response.end
- end if
- next
- next
- end if
- '--------------------------------------
- dim conn
- dim connstr
- dim db
- db="../../Data/#data.mdb"
- Set conn = Server.CreateObject("ADODB.Connection")
- connstr="Provider=Microsoft.Jet.OLEDB.4.0;Data Source=" & Server.MapPath(""&db&"")
- conn.Open connstr
- FUNCTION COCLS
- CONN.CLOSE
- SET CONN=NOTHING
- END FUNCTION
- %>