因为比较简单,我就不说什么了。一看就明白的!
Function ChkStr(InString)
If InString<>"" Then
?InString=Replace(LCase(InString)," ","")
?InString=Replace(LCase(InString),";","")
?InString=Replace(LCase(InString),"'","")
?InString=Replace(LCase(Instring),"--","")
?Instring=Replace(LCase(Instring),"%","")
?InString=Replace(LCase(InString),"%20","")
?
?InString=Replace(LCase(InString),"admin","")
?
?InString=Replace(LCase(InString),"and","")
?InString=Replace(LCase(InString),"or","")
?
?InString=Replace(LCase(InString),"asc","")
?InString=Replace(LCase(Instring),"chr","")
?InString=Replace(LCase(InString),"mid","")
?InString=Replace(LCase(InString),"len","")
?
?InString=Replace(LCase(InString),"select","")
?InString=Replace(LCase(InString),"insert","")
?InString=Replace(LCase(InString),"delete","")
?InString=Replace(LCase(InString),"update","")
?
?
?ChkStr=InString
End If
End Function
Function CheckFileExt(FileExt)
?Dim FileAccessExt,AccessExt
?AccessExt="gif,jpg,jpeg,bmp,doc,txt,png"
?FileAccessExt=Split(AccessExt,",")
?For i=LBound(FileAccessExt) to UBound(FileAccessExt)
??If LCase(FileExt)=LCase(FileAccessExt(i)) Then
???CheckFileExt=True
??Else
???CheckFileExt=False
??End If
?Next
End Function
Function CheckStr(str,IsStr)
CheckStr=str
If IsStr And InStr(str,",")>0 Then
?Call errmsg("提交字符中包含非法字符")
ElseIf (Not IsStr) And (Not IsNumeric(str)) Then
?Call errmsg("提交不是数字型")
End If
End Function
Sub errmsg(str)
?If Not IsNull(str) Then
??Response.Write(str)&"< br >"
??Call ASCpy()
??Response.End()? 'Very Improtan.Stop execute program.
?End If
End Sub
?
?Sub ASCpy()
?Response.Write ""
?Response.Write "
??? Response.Write("
Please Contract ")
?Response.Write("Name:")
?Response.Write("AloneSword")
?Response.Write(".
Thank you!!!
")
?Response.Write "
Copyright © By 建大网络 ™
"
??? Response.Write "Last Modified:21/08/2004
"
?Response.Write("Author:AloneSword")
?Response.Write "
End Sub
?
小结:
最值得学习的还是response.End()的合理使用,非常的好。只要出现错误马上终止程序的运行,不给后面的机会,保证数据的安全。