IDC资讯中心 作用:安全字符串检测函数 CheckString=Replace(CheckString,””,”'″)
名字:SafeCheck
参数:CheckString,CheckType,CheckLength
说明:
Checkstring待检测字符串:任意字符.
CheckType检测类型0正常短字符1数字2日期3金钱4编码HTML5解码HTML6登录字符串7防攻击检测
CheckLength检测类型长度:类型为int,当为金钱时为小数点的位置
返回值:如果通过检测,返回正确字符串,
如果未通过则返回错误代码SYSTEM_ERROR|ERROR_CODE
Script Writen by :SnowDu(杜雪.NET)
Web:http://www.snsites.com/
Web:http://www.knowsky.com/
——————————————-
function SafeCheck(CheckString,CheckType,CheckLength)
On Error Resume Next
ErrorRoot=”SYSTEM_ERROR|”
if checkString=”” then
SafeCheck=ErrorRoot&”00001″
exit function
end if
select case CheckType
case 0
CheckString=trim(CheckString)
SafeCheck=Left(CheckString,CheckLength)
case 1
if not isnumberic(CheckString) then
SafeCheck=ErrorRoot&”00002″
exit function
else
SafeCheck=Left(CheckString,CheckLength)
end if
case 2
tempVar=IsDate(CheckString)
if Not TempVar then
SafeCheck=ErrorRoot&”00003″
exit function
else
select case CheckLength
case 0
SafeCheck=FormatDateTime(CheckString,vbShortDate)
case 1
SafeCheck=FormatDateTime(CheckString,vbLongDate)
case 2
SafeCheck=CheckString
end select
end if
case 3
tempVar=FormatCurrency(CheckString,0)
if Err then
SafeCheck=ErrorRoot&”00004″
exit function
else
SafeCheck=FormatCurrency(CheckString,CheckLength)
end if
case 4
sTemp = CheckString
If IsNull(sTemp) = True Then
SafeCheck=ErrorRoot&”00005″
Exit Function
End If
sTemp = Replace(sTemp, “&”, “&”)
sTemp = Replace(sTemp, “<“, “<”)
sTemp = Replace(sTemp, “>”, “>”)
sTemp = Replace(sTemp, Chr(34), “"”)
sTemp = Replace(sTemp, Chr(10), “<br>”)
SafeCheck = Left(sTemp,CheckLength)
case 5
sTemp = CheckString
If IsNull(sTemp) = True Then
SafeCheck=ErrorRoot&”00006″
Exit Function
End If
sTemp = Replace(sTemp, “&”, “&”)
sTemp = Replace(sTemp, “<”, “<“)
sTemp = Replace(sTemp, “>”, “>”)
sTemp = Replace(sTemp, “"”, Chr(34))
sTemp = Replace(sTemp, “<br>”,Chr(10))
SafeCheck = Left(sTemp,CheckLength)
case 6
s_BadStr = ” &<>?%,;:()`~!@#$^*{}[]|+-=” & Chr(34) & Chr(9) & Chr(32)
n = Len(s_BadStr)
IsSafeStr = True
For i = 1 To n
If Instr(CheckString, Mid(s_BadStr, i, 1)) > 0 Then
IsSafeStr = False
End If
Next
if IsSafeStr then
SafeCheck=left(CheckString,CheckLength)
else
SafeCheck=ErrorRoot&”00007″
Exit Function
end if
case 7
s_Filter=”net user|xp_cmdshell|/add|select|count|asc|char|mid||””|”
S_Filter=S_Filter&”insert|delete|drop|truncate|from|%|declare|-“
S_Filters=split(S_Filter,”|”)
isFound=false
for i=0 to ubound(S_Filters)-1
if Instr(lcase(CheckString),lcase(S_Filters(i)))<>0 then
isFound=true
exit for
end if
next
if isFound then
SafeCheck=ErrorRoot&”00008″
Exit Function
else
SafeCheck=left(CheckString,CheckLength)
end if
end select
end function
asp安全检测与过滤函数safecheck_asp技巧
版权申明:本站文章部分自网络,如有侵权,请联系:west999com@outlook.com 特别注意:本站所有转载文章言论不代表本站观点! 本站所提供的图片等素材,版权归原作者所有,如需使用,请与原作者联系。未经允许不得转载:IDC资讯中心 » asp安全检测与过滤函数safecheck_asp技巧
