|
马上注册,结交更多好友,享用更多功能,让你轻松玩转社区。
您需要 登录 才可以下载或查看,没有帐号?立即注册
x
asp可以使用微软的activeX使得网页功能无比强大,不过安全性也较差,而且是基于的windows服务器,所以性能稳定性也一般平安|函数--------------------------------------------------------------------------
感化:平安字符串检测函数
名字:SafeCheck
参数:CheckString,CheckType,CheckLength
申明:
Checkstring待检拆字符串:恣意字符.
CheckType检测范例0一般短字符1数字2日期3款项4编码HTML5解码HTML6登录字符串7防打击检测
CheckLength检测范例长度:范例为int,当为款项时为小数点的地位
前往值:假如经由过程检测,前往准确字符串,
假如未经由过程则前往毛病代码SYSTEM_ERROR|ERROR_CODE
ScriptWritenby:SnowDu(杜雪.NET)
Web:http://www.snsites.com/
--------------------------------------------------------------------------
functionSafeCheck(CheckString,CheckType,CheckLength)
OnErrorResumeNext
ErrorRoot="SYSTEM_ERROR|"
ifcheckString=""then
SafeCheck=ErrorRoot&"00001"
exitfunction
endif
CheckString=Replace(CheckString,"","'")
selectcaseCheckType
case0
CheckString=trim(CheckString)
SafeCheck=Left(CheckString,CheckLength)
case1
ifnotisnumberic(CheckString)then
SafeCheck=ErrorRoot&"00002"
exitfunction
else
SafeCheck=Left(CheckString,CheckLength)
endif
case2
tempVar=IsDate(CheckString)
ifNotTempVarthen
SafeCheck=ErrorRoot&"00003"
exitfunction
else
selectcaseCheckLength
case0
SafeCheck=FormatDateTime(CheckString,vbShortDate)
case1
SafeCheck=FormatDateTime(CheckString,vbLongDate)
case2
SafeCheck=CheckString
endselect
endif
case3
tempVar=FormatCurrency(CheckString,0)
ifErrthen
SafeCheck=ErrorRoot&"00004"
exitfunction
else
SafeCheck=FormatCurrency(CheckString,CheckLength)
endif
case4
sTemp=CheckString
IfIsNull(sTemp)=TrueThen
SafeCheck=ErrorRoot&"00005"
ExitFunction
EndIf
sTemp=Replace(sTemp,"&","&")
sTemp=Replace(sTemp,"<","<")
sTemp=Replace(sTemp,">",">")
sTemp=Replace(sTemp,Chr(34),""")
sTemp=Replace(sTemp,Chr(10),"<br>")
SafeCheck=Left(sTemp,CheckLength)
case5
sTemp=CheckString
IfIsNull(sTemp)=TrueThen
SafeCheck=ErrorRoot&"00006"
ExitFunction
EndIf
sTemp=Replace(sTemp,"&","&")
sTemp=Replace(sTemp,"<","<")
sTemp=Replace(sTemp,">",">")
sTemp=Replace(sTemp,""",Chr(34))
sTemp=Replace(sTemp,"<br>",Chr(10))
SafeCheck=Left(sTemp,CheckLength)
case6
s_BadStr=" &?%,;:()`~!@#$^*{}[]|+-="&Chr(34)&Chr(9)&Chr(32)
n=Len(s_BadStr)
IsSafeStr=True
Fori=1Ton
IfInstr(CheckString,Mid(s_BadStr,i,1))>0Then
IsSafeStr=False
EndIf
Next
ifIsSafeStrthen
SafeCheck=left(CheckString,CheckLength)
else
SafeCheck=ErrorRoot&"00007"
ExitFunction
endif
case7
s_Filter="netuser|xp_cmdshell|/add|select|count|asc|char|mid||""|"
S_Filter=S_Filter&"insert|delete|drop|truncate|from|%|declare|-"
S_Filters=split(S_Filter,"|")
isFound=false
fori=0toubound(S_Filters)-1
ifInstr(lcase(CheckString),lcase(S_Filters(i)))0then
isFound=true
exitfor
endif
next
ifisFoundthen
SafeCheck=ErrorRoot&"00008"
ExitFunction
else
SafeCheck=left(CheckString,CheckLength)
endif
endselect
endfunction
</p>ASP最大的缺点在于网络的安全性和可靠性,企业将经营数据放在开放的平台上,最大的担忧就是如何保证这些数据不被其他人破坏。 |
|