ASP防止GET,Post注入和防止服務器攻擊,并記錄IP(2)_ASP教程

推薦：ASP將IP地址最后一位替換成星號實例代碼
先將IP地址存入數據庫，然后取出來，效果如圖： 代碼如下： % '來源 ipstr= rs(cIP) ipstr=split(ipstr,.,-1,1) ipstrout=ipstr(0).ipstr(1).ipstr(2).* response.write ipstrout %

' Write current information to Log Text File.
TS_Post.writeline "攻擊者詳細資料："
TS_Post.writeline "攻擊者IP地址："&strip_Post
TS_Post.writeline "攻擊時間："&strTime_Post
TS_Post.writeline "攻擊頁面："&Request.ServerVariables("URL")
TS_Post.writeline "提交參數："&Fy_Post
TS_Post.writeline "提交數據："&Request.Form(Fy_Post)
TS_Post.writeline "提交方式：post"
TS_Post.writeline "----------------------------------------"
TS_Post.Writeline ""
' Create a session varialbe to check next time for ValidEntry_Post
Session("LogIn_post") = "yes"
Set TS_Post = Nothing
Set FSO_Post = Nothing
end if
'記錄post攻擊結束
Response.Write "<Script Language=JavaScript>alert('警告:此操作已被記錄! 提示:POST傳值請不要在參數中包含非法字符【"&replace(Fy_Inf(Fy_Xh),"'","’")&"】. 頁面將返回！');history.go(- 1);</Script>"
response.End()
end if
Next
Next
end if
'--------GET部份-------------------
If Request.QueryString<>"" Then
For Each Fy_Get In Request.QueryString

For Fy_Xh=0 To Ubound(Fy_Inf)
If Instr(LCase(Request.QueryString(Fy_Get)),Fy_Inf(Fy_Xh))<>0 Then

'記錄Get攻擊開始

ValidEntry_Get = True
If not IsEmpty(Session("LogIn_get")) Then ValidEntry_Get = False
If ValidEntry_Get Then
Const ForAppending_Get = 8
Const Create_Get = true
Dim FSO_Get
DIM TS_Get
DIM MyFileName_Get
'Dim strLog
Dim strTime_Get,strip_Get,strurll_Get,strwords_Get
MyFileName_Get = Server.MapPath(fxjt111_Attack_Get)
Set FSO_Get = Server.CreateObject("Scripting.FileSystemObject")
Set TS_Get = FSO_Get.OpenTextFile(MyFileName_Get, ForAppending_Get, Create_Get)
strip_Get=Request.ServerVariables ("REMOTE_ADDR") & ""
if strip_Get="" then
strip_Get=Request.ServerVariables("HTTP_X_FORWARDED_FOR") & ""
end if
'strurll_Get=request.servervariables("http_referer")
strwords_Get=request.servervariables("query_string")
strTime_Get=now()
' Write current information to Log Text File.
TS_Get.writeline "攻擊者詳細資料："
TS_Get.writeline "攻擊者IP地址："&strip_Get
TS_Get.writeline "攻擊時間："&strTime_Get
TS_Get.writeline "攻擊頁面："&Request.ServerVariables("URL")
TS_Get.writeline "提交參數："&Fy_Get
TS_Get.writeline "提交數據："&Request.QueryString(Fy_Get)
TS_Get.writeline "提交方式：Get"
TS_Get.writeline "----------------------------------------"
TS_Get.Writeline ""
' Create a session varialbe to check next time for ValidEntry_Get
Session("LogIn_get") = "yes"
Set TS_Get = Nothing
Set FSO_Get = Nothing
end if

分享：全角半角轉換代碼
javascript轉換： SCRIPT /* **************************** * 參數說明: * str:要轉換的字符串 * flag:標記，為０時半轉全，為非０時全轉半 * 返回值類型：字符串 **************************** */ function DBC2SBC(str,flag) { var i; var result=''; if (

ASP視頻教程

ASP系列課程從入門到精通教程打包下載  黑鷹ASP視頻教程下載  黑鷹基地ASP特訓班教程  FIF ASP互動視頻VIP教程下載  輕輕松松學編程！FIF小組ASP互動視頻教程  ASP操作ACCESS數據庫視頻教程