ASP防止GET,Post注入和防止服务器攻击,并记录IP(4)_ASP教程
推荐:ASP将IP地址最后一位替换成星号实例代码先将IP地址存入数据库,然后取出来,效果如图: 代码如下: % '来源 ipstr= rs(cIP) ipstr=split(ipstr,.,-1,1) ipstrout=ipstr(0).ipstr(1).ipstr(2).* response.write ipstrout %
Zerrc=False
for Ziii= 0 to ubound(Znothis)
if instr(Zqs,Znothis(Ziii))<>0 or instr(Zurl,Znothis(Ziii))<>0 Then
Zerrc=true
end if
next
if Zerrc Then
'记录攻击
Dim ValidEntry
ValidEntry = True
If not IsEmpty(Session("LogIn")) Then ValidEntry = False
If ValidEntry Then
Const ForAppending = 8
Const Create = true
Dim FSO
DIM TS
DIM MyFileName
'Dim strLog
Dim strTime,strip,strurll,strwords
MyFileName = Server.MapPath(fxjt111_Attack_System)
Set FSO = Server.CreateObject("Scripting.FileSystemObject")
Set TS = FSO.OpenTextFile(MyFileName, ForAppending, Create)
strip=Request.ServerVariables ("REMOTE_ADDR") & ""
if strip="" then
strip=Request.ServerVariables("HTTP_X_FORWARDED_FOR") & ""
end if
'strurll=request.servervariables("http_referer")
strwords=request.servervariables("query_string")
strtime=now()
' Write current information to Log Text File.
Ts.writeline "攻击者详细资料:"
Ts.writeline "攻击者IP地址:"&strip
Ts.writeline "攻击时间:"&strtime
Ts.writeline "攻击页面:"&zurl
Ts.writeline "攻击语句:"&strwords
Ts.writeline "----------------------------------------"
TS.Writeline ""
' Create a session varialbe to check next time for ValidEntry
Session("LogIn") = "yes"
Set TS = Nothing
Set FSO = Nothing
End If
Response.Write "<Script Language=JavaScript>alert('系统提示↓ 请不要输入非法字符["&Zqs&"]尝试注入! 您的IP["&strip&"]将被本站禁止!');</Script>"
Response.end
end If
%>
分享:全角半角转换代码javascript转换: SCRIPT /* **************************** * 参数说明: * str:要转换的字符串 * flag:标记,为0时半转全,为非0时全转半 * 返回值类型:字符串 **************************** */ function DBC2SBC(str,flag) { var i; var result=''; if (
- 相关链接:
- 教程说明:
ASP教程-ASP防止GET,Post注入和防止服务器攻击,并记录IP(4)
。