??% 'on error resume next 'Response.Buffer = true on error resume next ConnStr = "Provider=Microsoft.Jet.OLEDB.4.0;Data Source="&Server.MapPath("admin/data/wsw#feifei.mdb") Set Conn = Server.CreateObject("ADODB.Connection") Conn.open ConnStr '通過classID,獲取類名?? function classname(id) Set RsGetTable1 = Server.CreateObject("ADODB.RecordSet") sqlgettable1="Select * from class where classid="&id 'response.write sqlgettable1 RsGetTable1.open sqlgettable1,Conn,1,1 If Not RsGetTable1.Eof Then classname=RsGetTable1("ClassName") Else End If end function '通過小類classID,獲取大類classid function bigclassid(id) Set RsGetTable2 = Server.CreateObject("ADODB.RecordSet") sqlgettable2="Select * from class where classid="&id 'response.write sqlgettable1 RsGetTable2.open sqlgettable2,Conn,1,1 If Not RsGetTable2.Eof Then bigclassid=RsGetTable2("Parentid") Else End If end function '通過企業類ID,獲取類名?? function qy_nei(id) Set RsGetTable9 = Server.CreateObject("ADODB.RecordSet") sqlgettable9="Select * from hangye where classid="&id RsGetTable9.open sqlgettable9,Conn,1,1 If Not RsGetTable9.Eof Then qy_nei=RsGetTable9("classname") Else End If end function '通過企業小類classID,獲取企業大類classid function bigneiid(id) Set RsGetnei2 = Server.CreateObject("ADODB.RecordSet") sqlgetnei2="Select * from hangye where classid="&int(id) 'response.write sqlgettable1 'response.end RsGetnei2.open sqlgetnei2,Conn,1,1 If Not RsGetnei2.Eof Then bigneiid=RsGetnei2("ParentID") Else End If 'response.write bigneiid 'response.end end function '通過新聞ID,獲取評論個數 function pin_num(id) Set RsGetnei8 = Server.CreateObject("ADODB.RecordSet") sqlgetnei8="Select * from pinlun where Articleid="&id 'response.write sqlgetnei8 RsGetnei8.open sqlgetnei8,Conn,1,1 pin_num=RsGetnei8.recordcount end function '通過新聞類ID,獲取首頁新聞的默認初始?? function index_def(id) Set RsGetnei71 = Server.CreateObject("ADODB.RecordSet") sqlgetnei71="Select * from size_admin where nid="&id 'response.write sqlgettable1 RsGetnei71.open sqlgetnei71,Conn,1,1 If Not RsGetnei71.Eof Then index_def=RsGetnei71("ts") Else End If end function '將HTML字符轉成無格式字?? Function RemoveHTML( strText ) Dim RegEx Set RegEx = New RegExp RegEx.Pattern = "<[^>]*>" RegEx.Global = True RemoveHTML = RegEx.Replace(strText, "") End Function 'SQL通用防注入系?? SQL_injdata =":|;|>|<|--|sp_|xp_|\|dir|cmd|^|(|)|+|$|'|copy|format|and|exec|insert|select|delete|update|count|*|%|chr|mid|master|truncate|char|declare" SQL_inj = split(SQL_Injdata,"|") If Request.QueryString<>"" Then For Each SQL_Get In Request.QueryString For SQL_Data=0 To Ubound(SQL_inj) if instr(Request.QueryString(SQL_Get),Sql_Inj(Sql_DATA))>0 Then Response.Write "你想弄SQL注入嗎,沒門!!" Response.end end if next Next End If If Request.Form<>"" Then For Each Sql_Post In Request.Form For SQL_Data=0 To Ubound(SQL_inj) if instr(Request.Form(Sql_Post),Sql_Inj(Sql_DATA))>0 Then Response.Write "你想弄SQL注入嗎,沒門!!" Response.end end if next next end if '防止注入 dim qs,errc,iii qs=request.servervariables("query_string") 'response.write(qs) dim deStr(17) deStr(0)="net user" deStr(1)="xp_cmdshell" deStr(2)="/add" deStr(3)="exec%20master.dbo.xp_cmdshell" deStr(4)="net localgroup administrators" deStr(5)="select" deStr(6)="count" deStr(7)="asc" deStr(8)="char" deStr(9)="mid" deStr(10)="'" deStr(11)=":" deStr(12)="""" deStr(13)="insert" deStr(14)="delete" deStr(15)="drop" deStr(16)="truncate" deStr(17)="from" errc=false for iii= 0 to ubound(deStr) if instr(qs,deStr(iii))<>0 then errc=true end if next if errc then Response.Write("對不起,非法URL地址請求!") response.end end if %> 北京納瓦蘭德戶外旅游用品有限公司 - SUV戶外組合產品

  • 歡迎關注nevalend公眾??br />

    歡迎關注nevalend網址
    ??div class="footer">
    售后熱線??/strong>18911088157     工作時間:上??:30-12:00,下午13??0-17:30 (周末及國家法定假期除????nbsp; 技術支持:九品互聯    
    欧美另类 自拍 亚洲 图区,国精品产露脸偷拍视频,亚洲 欧美 动漫 中字 视频,在线看午夜福利片