'----------------------------------数据过滤 ↓---------------------------------------
Function CheckSql() '防止SQL注入
    Dim sql_injdata 
    SQL_injdata = "'|and|exec|insert|select|delete|update|count|*|%|chr|mid|master|truncate|char|declare"
    SQL_inj = split(SQL_Injdata,"|")
    If Request.QueryString<>"" Then
        For Each SQL_Get In Request.QueryString
            For SQL_Data=0 To Ubound(SQL_inj)
                if instr(Request.QueryString(SQL_Get),Sql_Inj(Sql_DATA))>0 Then
                    Response.Write "<Script Language='javascript'>{alert('请不要在参数中包含非法字符！');history.back(-1)}</Script>"
                    Response.end
                end if
            next
        Next
    End If
    If Request.Form<>"" Then
        For Each Sql_Post In Request.Form
            For SQL_Data=0 To Ubound(SQL_inj)
                if instr(Request.Form(Sql_Post),Sql_Inj(Sql_DATA))>0 Then
                    Response.Write "<Script Language='javascript'>{alert('请不要在参数中包含非法字符！');history.back(-1)}    </Script>"
                    Response.end
                end if
            next
        next
    end if
End Function

Function CheckStr(byVal ChkStr) '检查无效字符
    Dim Str:Str=ChkStr
    Str=Trim(Str)
    If IsNull(Str) Then
        CheckStr = ""
        Exit Function
    End If
    Dim re
    Set re=new RegExp
    re.IgnoreCase =True
    re.Global=True
    re.Pattern="(\r\n){3,}"
    Str=re.Replace(Str,"$1$1$1")
    Set re=Nothing
    Str = Replace(Str,"'","''")
    Str = Replace(Str, "select", "select")
    Str = Replace(Str, "join", "join")
    Str = Replace(Str, "union", "union")
    Str = Replace(Str, "where", "where")
    Str = Replace(Str, "insert", "insert")
    Str = Replace(Str, "delete", "delete")
    Str = Replace(Str, "update", "update")
    Str = Replace(Str, "like", "like")
    Str = Replace(Str, "drop", "drop")
    Str = Replace(Str, "create", "create")
    Str = Replace(Str, "modify", "modify")
    Str = Replace(Str, "rename", "rename")
    Str = Replace(Str, "alter", "alter")
    Str = Replace(Str, "cast", "cast")
    CheckStr=Str
End Function

Function UnCheckStr(Str) '检查非法sql命令
        Str = Replace(Str, "select", "select")
        Str = Replace(Str, "join", "join")
        Str = Replace(Str, "union", "union")
        Str = Replace(Str, "where", "where")
        Str = Replace(Str, "insert", "insert")
        Str = Replace(Str, "delete", "delete")
        Str = Replace(Str, "update", "update")
        Str = Replace(Str, "like", "like")
        Str = Replace(Str, "drop", "drop")
        Str = Replace(Str, "create", "create")
        Str = Replace(Str, "modify", "modify")
        Str = Replace(Str, "rename", "rename")
        Str = Replace(Str, "alter", "alter")
        Str = Replace(Str, "cast", "cast")
        UnCheckStr=Str
End Function

Function Checkstr(Str) 'SQL防注入过滤涵数
    If Isnull(Str) Then
    CheckStr = ""
    Exit Function
    End If
    Str = Replace(Str,Chr(0),"", 1, -1, 1)
    Str = Replace(Str, """", """", 1, -1, 1)
    Str = Replace(Str,"<","<", 1, -1, 1)
    Str = Replace(Str,">",">", 1, -1, 1)
    Str = Replace(Str, "script", "script", 1, -1, 0)
    Str = Replace(Str, "SCRIPT", "SCRIPT", 1, -1, 0)
    Str = Replace(Str, "Script", "Script", 1, -1, 0)
    Str = Replace(Str, "script", "Script", 1, -1, 1)
    Str = Replace(Str, "object", "object", 1, -1, 0)
    Str = Replace(Str, "OBJECT", "OBJECT", 1, -1, 0)
    Str = Replace(Str, "Object", "Object", 1, -1, 0)
    Str = Replace(Str, "object", "Object", 1, -1, 1)
    Str = Replace(Str, "applet", "applet", 1, -1, 0)
    Str = Replace(Str, "APPLET", "APPLET", 1, -1, 0)
    Str = Replace(Str, "Applet", "Applet", 1, -1, 0)
    Str = Replace(Str, "applet", "Applet", 1, -1, 1)
    Str = Replace(Str, "[", "[")
    Str = Replace(Str, "]", "]")
    Str = Replace(Str, """", "", 1, -1, 1)
    Str = Replace(Str, "=", "=", 1, -1, 1)
    Str = Replace(Str, "'", "''", 1, -1, 1)
    Str = Replace(Str, "select", "select", 1, -1, 1)
    Str = Replace(Str, "execute", "execute", 1, -1, 1)
    Str = Replace(Str, "exec", "exec", 1, -1, 1)
    Str = Replace(Str, "join", "join", 1, -1, 1)
    Str = Replace(Str, "union", "union", 1, -1, 1)
    Str = Replace(Str, "where", "where", 1, -1, 1)
    Str = Replace(Str, "insert", "insert", 1, -1, 1)
    Str = Replace(Str, "delete", "delete", 1, -1, 1)
    Str = Replace(Str, "update", "update", 1, -1, 1)
    Str = Replace(Str, "like", "like", 1, -1, 1)
    Str = Replace(Str, "drop", "drop", 1, -1, 1)
    Str = Replace(Str, "create", "create", 1, -1, 1)
    Str = Replace(Str, "rename", "rename", 1, -1, 1)
    Str = Replace(Str, "count", "count", 1, -1, 1)
    Str = Replace(Str, "chr", "chr", 1, -1, 1)
    Str = Replace(Str, "mid", "mid", 1, -1, 1)
    Str = Replace(Str, "truncate", "truncate", 1, -1, 1)
    Str = Replace(Str, "nchar", "nchar", 1, -1, 1)
    Str = Replace(Str, "char", "char", 1, -1, 1)
    Str = Replace(Str, "alter", "alter", 1, -1, 1)
    Str = Replace(Str, "cast", "cast", 1, -1, 1)
    Str = Replace(Str, "exists", "exists", 1, -1, 1)
    Str = Replace(Str,Chr(13),"<br>", 1, -1, 1)
    CheckStr = Replace(Str,"'","''", 1, -1, 1)
End Function

Function HTMLEncode(reString) '过滤转换HTML代码
    Dim Str:Str=reString
    If Not IsNull(Str) Then
        Str = UnCheckStr(Str)
        Str = Replace(Str, "&", "&")
        Str = Replace(Str, ">", "&gt;")
        Str = Replace(Str, "<", "&lt;")
        Str = Replace(Str, CHR(32), "&nbsp;")
        Str = Replace(Str, CHR(9), "&nbsp;&nbsp;&nbsp;&nbsp;")
        Str = Replace(Str, CHR(9), "&nbsp;&nbsp;&nbsp;&nbsp;")
        Str = Replace(Str, CHR(34),""")
        Str = Replace(Str, CHR(39),"&#39;")
        Str = Replace(Str, CHR(13), "")
        Str = Replace(Str, CHR(10), "<br>")
        HTMLEncode = Str
    End If
End Function

Function DateToStr(DateTime,ShowType)  '日期转换函数
    Dim DateMonth,DateDay,DateHour,DateMinute
    DateMonth=Month(DateTime)
    DateDay=Day(DateTime)
    DateHour=Hour(DateTime)
    DateMinute=Minute(DateTime)
    If Len(DateMonth)<2 Then DateMonth="0"&DateMonth
    If Len(DateDay)<2 Then DateDay="0"&DateDay
    Select Case ShowType
    Case "Y-m-d" 
        DateToStr=Year(DateTime)&"-"&DateMonth&"-"&DateDay
    Case "Y-m-d H:I A"
        Dim DateAMPM
        If DateHour>12 Then
            DateHour=DateHour-12
            DateAMPM="PM"
        Else
            DateHour=DateHour
            DateAMPM="AM"
        End If
        If Len(DateHour)<2 Then DateHour="0"&DateHour   
        If Len(DateMinute)<2 Then DateMinute="0"&DateMinute
        DateToStr=Year(DateTime)&"-"&DateMonth&"-"&DateDay&" "&DateHour&":"&DateMinute&" "&DateAMPM
    Case "Y-m-d H:I:S"
        Dim DateSecond
        DateSecond=Second(DateTime)
        If Len(DateHour)<2 Then DateHour="0"&DateHour   
        If Len(DateMinute)<2 Then DateMinute="0"&DateMinute
        If Len(DateSecond)<2 Then DateSecond="0"&DateSecond
        DateToStr=Year(DateTime)&"-"&DateMonth&"-"&DateDay&" "&DateHour&":"&DateMinute&":"&DateSecond
    Case "YmdHIS"
        DateSecond=Second(DateTime)
        If Len(DateHour)<2 Then DateHour="0"&DateHour   
        If Len(DateMinute)<2 Then DateMinute="0"&DateMinute
        If Len(DateSecond)<2 Then DateSecond="0"&DateSecond
        DateToStr=Year(DateTime)&DateMonth&DateDay&DateHour&DateMinute&DateSecond   
    Case "ym"
        DateToStr=Right(Year(DateTime),2)&DateMonth
    Case "d"
        DateToStr=DateDay
    Case Else
        If Len(DateHour)<2 Then DateHour="0"&DateHour
        If Len(DateMinute)<2 Then DateMinute="0"&DateMinute
        DateToStr=Year(DateTime)&"-"&DateMonth&"-"&DateDay&" "&DateHour&":"&DateMinute
    End Select
End Function

Function Date2Chinese(iDate) '获得ASP的中文日期字符串
　 　 Dim num(10)
　 　 Dim iYear
　 　 Dim iMonth
　 　 Dim iDay

　 　 num(0) = "〇"
　 　 num(1) = "一"
　 　 num(2) = "二"
　 　 num(3) = "三"
　 　 num(4) = "四"
　 　 num(5) = "五"
　 　 num(6) = "六"
　 　 num(7) = "七"
　 　 num(8) = "八"
　 　 num(9) = "九"

　 　 iYear = Year(iDate)
　 　 iMonth = Month(iDate)
　 　 iDay = Day(iDate)
　 　 Date2Chinese = num(iYear \ 1000) + num((iYear \ 100) Mod 10) + num((iYear\ 10) Mod 10) + num(iYear Mod 10) + "年"
　 　 If iMonth >= 10 Then
　 　 　 　 If iMonth = 10 Then
　 　 　 　 　 　 Date2Chinese = Date2Chinese + "十" + "月"
　 　 　 　 Else
　 　 　 　 　 　 Date2Chinese = Date2Chinese + "十" + num(iMonth Mod 10) + "月"
　 　 　 　 End If
　 　 Else
　 　 　 　 Date2Chinese = Date2Chinese + num(iMonth Mod 10) + "月"
　 　 End If
　 　 If iDay >= 10 Then
　 　 　 　 If iDay = 10 Then
　 　 　 　 　 　 Date2Chinese = Date2Chinese +"十" + "日"
　 　 　 　 ElseIf iDay = 20 Or iDay = 30 Then
　 　 　 　 　 　 Date2Chinese = Date2Chinese + num(iDay \ 10) + "十" + "日"
　 　 　 　 ElseIf iDay > 20 Then
　 　 　 　 　 　 Date2Chinese = Date2Chinese + num(iDay \ 10) + "十" +num(iDay Mod 10) + "日"
　 　 　 　 Else
　 　　 　 　 　 Date2Chinese = Date2Chinese + "十" + num(iDay Mod 10) + "日"
　 　 　 　 End If
　 　 Else
　 　 　 　 Date2Chinese = Date2Chinese + num(iDay Mod 10) + "日"
　 　 End If
End Function

Function lenStr(str)'计算字符串长度（字节）
    dim l,t,c
    dim i
    l=len(str)
    t=0
for i=1 to l
    c=asc(mid(str,i,1))
    if c<0 then c=c+65536
    if c<255 then t=t+1
    if c>255 then t=t+2
next
   lenstr=t
End Function

Function CreateArr(str) '生成二维数组 数据如："1,a1,b1,c1,d1|2,a2,b2,c2,d2|5,a3,b3,c3,d3|8,a4,b4,c4,d4"
dim arr()
str=split(str,"|")
for i=0 to UBound(str)
    arrstr=split(str(i),",")
    for j=0 to Ubound(arrstr)
        ReDim Preserve arr(UBound(str),UBound(arrstr))
        arr(i,j)=arrstr(j)
    next
next
CreateArr=arr
End Function

[首页]    [上一页]    [下一页]    [末页]    选择页数123