{"id":26,"date":"2010-03-15T08:00:00","date_gmt":"2010-03-15T00:00:00","guid":{"rendered":"http:\/\/31.0.2.219:81\/?p=26"},"modified":"2014-03-11T16:56:18","modified_gmt":"2014-03-11T08:56:18","slug":"%e6%95%b0%e6%8d%ae%e5%ba%93%e8%a2%ab%e6%8c%82%e9%a9%ac%e7%9a%84%e5%a4%84%e7%90%86%e6%96%b9%e6%b3%95","status":"publish","type":"post","link":"http:\/\/www.huike007.cn\/?p=26","title":{"rendered":"\u6570\u636e\u5e93\u88ab\u6302\u9a6c\u7684\u5904\u7406\u65b9\u6cd5"},"content":{"rendered":"<p>\u6570\u636e\u5e93\u88ab\u6302\u9a6c\u6211\u76f8\u4fe1\u5f88\u591a\u4eba\u90fd\u78b0\u5230\u8fc7\u3002\u5728\u8fd9\u91cc\uff0c\u8bb2\u4e0b\u5904\u7406\u7684\u65b9\u6cd5\u3002<br \/>\n\u7b2c\u4e00\u6b65\uff1a\u4e3a\u73b0\u6709\u6570\u636e\u5e93\u505a\u597d\u5907\u4efd\u3002<br \/>\n\u7b2c\u4e8c\u6b65\uff1a<br \/>\n\u6267\u884c\u5982\u4e0bASP\u6587\u4ef6\uff0c\u8fd9\u6837\u5c31\u53ef\u4ee5\u53bb\u6389\u6570\u636e\u5e93\u5f53\u4e2d\u7684JS\u6728\u9a6c\uff1a<br \/>\n\u6ce8\uff1aconn.asp\u81ea\u5df1\u53bb\u5199\u4e86\u3002<br \/>\n\u590d\u5236\u5185\u5bb9\u5230\u526a\u8d34\u677f\u4ee3\u7801:<br \/>\n&#39;\u8fd9\u91cc\u653e\u5165JS\u6728\u9a6c\u5185\u5bb9\uff1a\u8bf7\u8bb0\u5f97\u6539\u4e3a\u81ea\u5df1\u6570\u636e\u5e93\u4e2d\u7684JS\u6728\u9a6c\u5185\u5bb9\u3002<br \/>\n<!--#include file=&#34;conn.asp&#34;--><br \/>\n<%\nServer.ScriptTimeOut=180\nSet rstSchema = conn.OpenSchema(20)\nk=1\nDo Until rstSchema.EOF &#39;\u904d\u5386\u6570\u636e\u5e93\u8868\n    If rstSchema(&#34;TABLE_TYPE&#34;)=&#34;TABLE&#34; Then \n        response.write K&amp;&#34;.<font color=red><b>&#34;&amp;rstSchema(&#34;TABLE_NAME&#34;) &amp; &#34;<\/b><\/font>:&#34; &#39;\u663e\u793a\u8868\u540d<br \/>\n        Set rs=Server.Cr&#101;ateObject(&#34;ADODB.Recordset&#34;)<br \/>\n        sql=&#34;sel&#101;ct * from [&#34; &amp; rstSchema(&#34;TABLE_NAME&#34;)&amp;&#34;]&#34;<br \/>\n        rs.open sql,conn,1,3<br \/>\n        For i=0 to rs.fields.count-1 &#39;\u904d\u5386\u8868\u4e2d\u5b57\u6bb5<br \/>\n           If int(rs(i).Type)=129 o&#114; int(rs(i).Type)=130 o&#114; int(rs(i).Type)=200 o&#114; int(rs(i).Type)=201 o&#114; int(rs(i).Type)=202 o&#114; int(rs(i).Type)=203 Then&#39;\u53ea\u5904\u7406\u5b57\u6bb5\u7c7b\u578b\u4e3a\u5b57\u7b26\u578b\u7684\u5b57\u6bb5<br \/>\n            conn.execute(&#34;up&#100;ate [&#34;&amp;rstSchema(&#34;TABLE_NAME&#34;)&amp;&#34;] set &#34;&amp;rs(i).name&amp;&#34; =replace(cast(&#34;&amp;rs(i).name&amp;&#34; as varchar(8000)),&#39;\u8fd9\u91cc\u653e\u5165JS\u6728\u9a6c\u5185\u5bb9&#39;,&#39;&#39;)&#34;)<br \/>\n            response.write rs(i).name &amp;&#34; &#34;&amp;rs(i).Type &amp;&#34; &#34;&#39;\u663e\u793a\u6267\u884c\u8fc7\u7684\u5b57\u6bb5\u540d\u3002<br \/>\n          End If<br \/>\n        Next<br \/>\n        response.write &#34;<br \/>&#34;<br \/>\n    End If<br \/>\n    rstSchema.MoveNext<br \/>\n    k=k+1<br \/>\nLoop<br \/>\nresponse.Write &#34;\u6267\u884c\u6210\u529f&#34;<br \/>\n%><br \/>\n\u5982\u679c\u6570\u636e\u5e93\u8868\u5f88\u591a\u7684\u8bdd\uff0c\u4e0a\u9762\u7684\u904d\u5386\u6570\u636e\u5e93\u7ed3\u6784\u672a\u6267\u884c\u5b8c\u5c31\u88abIIS\u7ed9\u505c\u6b62\u4e86\u3002\u5728\u8fd9\u65f6\u5019\u53ef\u4ee5\u5728<br \/>\n\u590d\u5236\u5185\u5bb9\u5230\u526a\u8d34\u677f\u4ee3\u7801:<br \/>\nIf rstSchema(&#34;TABLE_TYPE&#34;)=&#34;TABLE&#34; Then<br \/>\n\u5f53\u4e2d\u9002\u5f53\u52a0\u5165k\u503c\u7684\u8303\u56f4\uff0c\u5982\uff1a<br \/>\n\u590d\u5236\u5185\u5bb9\u5230\u526a\u8d34\u677f\u4ee3\u7801:<br \/>\nIf rstSchema(&#34;TABLE_TYPE&#34;)=&#34;TABLE&#34; k>10 and k<20 Then\n\u8fd9\u6837\u7684\u8bdd\u5c31\u4e00\u6b21\u53ea\u64cd\u4f5c9\u4e2a\u8868\u3002\n\u7b2c\u4e09\u6b65\uff1a\n\u6839\u636e\u6570\u636e\u5e93JS\u6ce8\u5165\u7684\u7279\u6027(\u4f1a\u5305\u62ec<script\u3001<\/script>\u548chttp:\/\/\u8fd9\u6837\u7684\u5b57\u7b26)\uff0c<br \/>\n\u5728conn.asp\u91cc\u9762\u653e\u5165\u5982\u4e0b\u4ee3\u7801\uff1a<br \/>\n\u590d\u5236\u5185\u5bb9\u5230\u526a\u8d34\u677f\u4ee3\u7801:<br \/>\nFunction Cheack_Sqljs()&#39;\u9632\u6b62\u6570\u636e\u5e93\u5916\u94feJS\u6ce8\u5165:true\u4e3a\u53d1\u73b0\u5916\u94feJS\u6ce8\u5165\u3002<br \/>\n    Dim F_Post,F_Get<br \/>\n    Cheack_Sqljs=False<br \/>\n    If Request.Form<>&#34;&#34; Then&#39;\u8868\u5355\u63d0\u4ea4\u65f6\u7684\u68c0\u6d4b<br \/>\n        For Each F_Post In Request.Form<br \/>\n            If (Instr(LCase(Request.Form(F_Post)),&#34;<script&#34;)<>0 o&#114; Instr(LCase(Request.Form(F_Post)),&#34;<\/script>&#34;)<>0) and Instr(LCase(Request.Form(F_Post)),&#34;http:\/\/&#34;)<>0 Then<br \/>\n                Cheack_Sqljs=True<br \/>\n                Exit For<br \/>\n            End If<br \/>\n        Next<br \/>\n    End If<br \/>\n    If Request.QueryString<>&#34;&#34; Then&#39;QueryString\u63d0\u4ea4\u65f6\u7684\u68c0\u6d4b<br \/>\n        For Each F_Get In Request.QueryString<br \/>\n            If (Instr(LCase(Request.Form(F_Get)),&#34;<script&#34;)<>0 o&#114; Instr(LCase(Request.Form(F_Get)),&#34;<\/script>&#34;)<>0) and Instr(LCase(Request.Form(F_Get)),&#34;http:\/\/&#34;)<>0 Then<br \/>\n                Cheack_Sqljs=True<br \/>\n                Exit For<br \/>\n            End If<br \/>\n        Next<br \/>\n    End If<br \/>\nEnd Function<br \/>\nFunction CheckDataFrom()&#39;\u68c0\u67e5\u63d0\u4ea4\u6570\u636e\u6765\u6e90\uff1aTrue\u4e3a\u6570\u636e\u4ece\u7ad9\u5916\u63d0\u4ea4\u8fc7\u6765\u7684<br \/>\n    CheckDataFrom=True<br \/>\n    server_v1=Cstr(Request.ServerVariables(&#34;HTTP_REFERER&#34;))<br \/>\n    server_v2=Cstr(Request.ServerVariables(&#34;SERVER_NAME&#34;))<br \/>\n    if mid(server_v1,8,len(server_v2))<>server_v2 then<br \/>\n        CheckDataFrom=False<br \/>\n    end if<br \/>\nEnd Function<br \/>\nIf Cheack_Sqljs o&#114; CheckDataFrom Then<br \/>\n   Response.Write &#34;<script Language=JavaScript>alert(&#39;\u7981\u6b62\u6267\u884c\uff0c\u975e\u6cd5\u64cd\u4f5c\u3002&#39;);<\/script>&#34;<br \/>\n   Response.End()<br \/>\nEnd If<\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u6570\u636e\u5e93\u88ab\u6302\u9a6c\u6211\u76f8\u4fe1\u5f88\u591a\u4eba\u90fd\u78b0\u5230\u8fc7\u3002\u5728\u8fd9\u91cc\uff0c\u8bb2\u4e0b\u5904\u7406\u7684\u65b9\u6cd5\u3002 \u7b2c\u4e00\u6b65\uff1a\u4e3a\u73b0\u6709\u6570\u636e\u5e93\u505a\u597d\u5907\u4efd\u3002 \u7b2c\u4e8c\u6b65\uff1a \u6267\u884c\u5982\u4e0b [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[180],"tags":[333,332],"_links":{"self":[{"href":"http:\/\/www.huike007.cn\/index.php?rest_route=\/wp\/v2\/posts\/26"}],"collection":[{"href":"http:\/\/www.huike007.cn\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.huike007.cn\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.huike007.cn\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/www.huike007.cn\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=26"}],"version-history":[{"count":1,"href":"http:\/\/www.huike007.cn\/index.php?rest_route=\/wp\/v2\/posts\/26\/revisions"}],"predecessor-version":[{"id":355,"href":"http:\/\/www.huike007.cn\/index.php?rest_route=\/wp\/v2\/posts\/26\/revisions\/355"}],"wp:attachment":[{"href":"http:\/\/www.huike007.cn\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=26"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.huike007.cn\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=26"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.huike007.cn\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=26"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}