Mainly use the ServerVariables property of the request object, through which the value of the environment variable is obtained. The syntax used is: Request.ServerVariables(variable), "variable" represents the name of the environment variable, such as the server host name, the web server software name, etc. If "variable" is "REMOTE_ADDR", it represents the visitor's IP address, and through it, the filtering of the IP address can be achieved.
The source program is as follows: (File name: demo.ASP)
<html>
<head>
<metahttp-equiv=Content-Typecontent=text/html;charset=gb_2312-80>
<metaname=GENERATORcontent=MicrosoftFrontPageExpress2.0>
<style>
<!--
.as{line-height:15px;font-size:9pt}
a:hover{color:rgb(0,51,240);text-decoration:underline}
.p9{font-family:安安;font-size:9pt;line-height:15pt}
.p12{font-family:安安;font-size:12pt;line-height:18pt}
a:link{text-decoration:none;}
a: visited{text-decoration:none;}
a:hover{text-decoration:underline;font-size:125%;color:blue}
-->
</style>
<title>ASP page firewall function demonstration</title>
</head>
<bodybackground=back.jpg>
<%
'Use Request.ServerVariables(REMOTE_ADDR) to get the IP address and save it in the variable rip
rip=Request.ServerVariables(REMOTE_ADDR)
strip=cstr(rip)
'Get the value of the third segment of the IP address and save it to strip
fori=1to2
strip=right(strip,len(strip)-instr(1,strip,.)))
next
strip=left(str,instr(1,str,.)-1)
'IP address validity verification and password verification, including two aspects:
'If the IP address meets the value, pass verification; if the IP address does not meet the value, check whether the entered password is correct (here the password is asp)
if(left(rip,5)<>127.1orstrip<1orstrip>50)andrequest(Passwd)<>aspthen
%>
<p><fontcolor=#FF0000>Sorry, your IP is <%=rip%>, and the IPs that can be accessed on this page are between 127.1.1.* and 127.1.50.*. If you are a user of the internal network of this unit, please make sure that your browser does not use a proxy! <BR></font></p>
<formaction=demo.aspmethod=POSTid=form1name=form1>
<p>Please enter the access password: <inputtype=passwordname=Passwd><inputtype=submitvalue=confirm name=B1>;
</p>
</form>
<%else%>
'The page that legal users can access, any information can be added here
Congratulations, you have successfully passed the page security certification and can directly use the resources of this site!
<%endif%>
</body>
</html>
In fact, just slightly modify the above program (such as IP address and other information). Of course, this only implements security prevention functions in one page. If a website has multiple pages, you can set a session variable to mark the user to make judgments in the subsequent page.