<%
'用户输入非法字符
dim checkstring(3)
checkstring(0) = "'"
checkstring(1) = " "
checkstring(2) = ";"
checkstring(3) = ":"
'替换用户输入的非法字符 stringarray 非法字符数组 checkstring 需检查的字符串
function ReplaceString(stringarray,checkstring)
for i=0 to ubound(stringarray)
checkstring = Replace(checkstring,stringarray(i),"")
next
ReplaceString = checkstring
end function
%>
uid = ReplaceString(checkstring,Request.Form("loginname"))
upwd = ReplaceString(checkstring,Request.Form("password"))