帮忙看看,该如何解决
日期:2014-05-17 浏览次数:20865 次
帮忙看看
dim nothis(19)
nothis(0)= "net user "
nothis(1)= "xp_cmdshell "
nothis(2)= "/add "
nothis(3)= "exec%20master.dbo.xp_cmdshell "
nothis(4)= "net localgroup administrators "
nothis(5)= "select "
nothis(6)= "count "
nothis(7)= "asc "
nothis(8)= "char "
nothis(9)= "mid "
nothis(10)= " ' "
nothis(11)= " " " "
nothis(12)= "insert "
nothis(13)= "delete "
nothis(14)= "drop "
nothis(15)= "truncate "
nothis(16)= "from "
nothis(17)= "and "
nothis(18)= "or "
nothis(19)= "not "
for i=0 to ubound(nothis)
if instr(request( "title "),nothis(i)) <> 0 then
Response.write "你输入的内容含有非法字符! "
response.end
end if
next
========================
怎么得不到正确的结果????????
------解决方案--------------------
从程序代码来讲, 没有错误. 是不是你的测试方法有问题.
另外, 要考虑到关键词的大小写. 可以把request( "title ")转换为小写然后再放入instr函数.
dim nothis(19)
nothis(0)= "net user "
nothis(1)= "xp_cmdshell "
nothis(2)= "/add "
nothis(3)= "exec%20master.dbo.xp_cmdshell "
nothis(4)= "net localgroup administrators "
nothis(5)= "select "
nothis(6)= "count "
nothis(7)= "asc "
nothis(8)= "char "
nothis(9)= "mid "
nothis(10)= " ' "
nothis(11)= " " " "
nothis(12)= "insert "
nothis(13)= "delete "
nothis(14)= "drop "
nothis(15)= "truncate "
nothis(16)= "from "
nothis(17)= "and "
nothis(18)= "or "
nothis(19)= "not "
for i=0 to ubound(nothis)
if instr(request( "title "),nothis(i)) <> 0 then
Response.write "你输入的内容含有非法字符! "
response.end
end if
next
========================
怎么得不到正确的结果????????
------解决方案--------------------
从程序代码来讲, 没有错误. 是不是你的测试方法有问题.
另外, 要考虑到关键词的大小写. 可以把request( "title ")转换为小写然后再放入instr函数.
免责声明: 本文仅代表作者个人观点,与爱易网无关。其原创性以及文中陈述文字和内容未经本站证实,对本文以及其中全部或者部分内容、文字的真实性、完整性、及时性本站不作任何保证或承诺,请读者仅作参考,并请自行核实相关内容。
