<%‘************** ASPSecurity SQL 防注入**************‘ Copyright 2006‘ Create:2006-4-06‘ Update:2006-6-01‘*************************************************** If Request.Form<>"" Then StopInjection(Request.Form)If Request.QueryString<>"" Then StopInjection(Request.QueryString)If Request.Cookies<>"" Then StopInjection(Request.Cookies) Function StopInjection(values) For Each N_Get In values Dim L_Get, L_Get2 For Each L_Get In values L_Get2 = values(L_Get) Set regEx = New RegExp regEx.IgnoreCase = True regEx.Global = True regEx.Pattern = "(\bselect\b|\sand\s|‘|\sdeclare\s)" If regEx.Test(L_Get2) Then Alert() response.End() End If Set regEx = Nothing Next NextEnd Function Sub Alert() Dim str str = "<"&"Script Language=JavaScript"&">" str = str & "alert(‘== 雷客图ASP站长安全助手检测到了危险字符，已经禁止本次提交 ==\n‘);window.close();" str = str & "<"&"/Script"&">" response.write strEnd Sub%>