网络编程
每日更新|TOP排行榜|Tag标签|充值
网络编程教程模板无忧>建站教程>网络编程>ASP教程>
收藏分享查看评论ASP教程

ASP防止GET,Post注入和防止服务器攻击,并记录IP(2)_ASP教程

编辑Tag赚U币
教程Tag:暂无Tag,欢迎添加,赚取U币!

推荐:ASP将IP地址最后一位替换成星号实例代码
先将IP地址存入数据库,然后取出来,效果如图: 代码如下: % '来源 ipstr= rs(cIP) ipstr=split(ipstr,.,-1,1) ipstrout=ipstr(0).ipstr(1).ipstr(2).* response.write ipstrout %


' Write current information to Log Text File.
TS_Post.writeline "攻击者详细资料:"
TS_Post.writeline "攻击者IP地址:"&strip_Post
TS_Post.writeline "攻击时间:"&strTime_Post
TS_Post.writeline "攻击页面:"&Request.ServerVariables("URL")
TS_Post.writeline "提交参数:"&Fy_Post
TS_Post.writeline "提交数据:"&Request.Form(Fy_Post)
TS_Post.writeline "提交方式:post"
TS_Post.writeline "----------------------------------------"
TS_Post.Writeline ""
' Create a session varialbe to check next time for ValidEntry_Post
Session("LogIn_post") = "yes"
Set TS_Post = Nothing
Set FSO_Post = Nothing
end if
'记录post攻击结束
Response.Write "<Script Language=JavaScript>alert('警告:此操作已被记录! 提示:POST传值请不要在参数中包含非法字符【"&replace(Fy_Inf(Fy_Xh),"'","’")&"】. 页面将返回!');history.go(- 1);</Script>"
response.End()
end if
Next
Next
end if
'--------GET部份-------------------
If Request.QueryString<>"" Then
For Each Fy_Get In Request.QueryString

For Fy_Xh=0 To Ubound(Fy_Inf)
If Instr(LCase(Request.QueryString(Fy_Get)),Fy_Inf(Fy_Xh))<>0 Then

'记录Get攻击开始

ValidEntry_Get = True
If not IsEmpty(Session("LogIn_get")) Then ValidEntry_Get = False
If ValidEntry_Get Then
Const ForAppending_Get = 8
Const Create_Get = true
Dim FSO_Get
DIM TS_Get
DIM MyFileName_Get
'Dim strLog
Dim strTime_Get,strip_Get,strurll_Get,strwords_Get
MyFileName_Get = Server.MapPath(fxjt111_Attack_Get)
Set FSO_Get = Server.CreateObject("Scripting.FileSystemObject")
Set TS_Get = FSO_Get.OpenTextFile(MyFileName_Get, ForAppending_Get, Create_Get)
strip_Get=Request.ServerVariables ("REMOTE_ADDR") & ""
if strip_Get="" then
strip_Get=Request.ServerVariables("HTTP_X_FORWARDED_FOR") & ""
end if
'strurll_Get=request.servervariables("http_referer")
strwords_Get=request.servervariables("query_string")
strTime_Get=now()
' Write current information to Log Text File.
TS_Get.writeline "攻击者详细资料:"
TS_Get.writeline "攻击者IP地址:"&strip_Get
TS_Get.writeline "攻击时间:"&strTime_Get
TS_Get.writeline "攻击页面:"&Request.ServerVariables("URL")
TS_Get.writeline "提交参数:"&Fy_Get
TS_Get.writeline "提交数据:"&Request.QueryString(Fy_Get)
TS_Get.writeline "提交方式:Get"
TS_Get.writeline "----------------------------------------"
TS_Get.Writeline ""
' Create a session varialbe to check next time for ValidEntry_Get
Session("LogIn_get") = "yes"
Set TS_Get = Nothing
Set FSO_Get = Nothing
end if

分享:全角半角转换代码
javascript转换: SCRIPT /* **************************** * 参数说明: * str:要转换的字符串 * flag:标记,为0时半转全,为非0时全转半 * 返回值类型:字符串 **************************** */ function DBC2SBC(str,flag) { var i; var result=''; if (

ASP视频教程

共4页上一页1234下一页
来源:模板无忧//所属分类:ASP教程/更新时间:2012-06-08
[收藏][报错][返回列表]
相关ASP教程