ASP prevents GET, Post injection and server attacks, and records IP

Recommended: ASP replaces the last bit of IP address with the asterisk instance code
First save the IP address into the database, and then take it out. The effect is as shown in the figure: The code is as follows: % 'Source ipstr= rs(cIP) ipstr=split(ipstr,.,-1,1) ipstrout=ipstr(0).ipstr(1).ipstr(2).* response.write ipstrout %

<%

'Prevent GET, Post Injection and Server Attack

'It is OK to use this file to include the file that needs to be noted. Let's explain that post attacks and Get attacks here are not necessarily attacks. Please pay attention to using them in the English version.

'Feng Xu modified

session.Abandon()

Dim fxjt111_Attack_post,fxjt111_Attack_Get,fxjt111_Attack_System

fxjt111_Attack_post="/Attack.txt" 'Attack record fxjt111_Attack_post is the Post attack record file name.

fxjt111_Attack_Get="/Attack.txt" 'fxjt111_Attack_Get is the file name of the GET attack record

fxjt111_Attack_System="/Attack_system.txt" 'fxjt111_Attack_System is the file name of the system attack record

Dim Fy_Post,Fy_Get,Fy_In,Fy_Inf,Fy_Xh,Fy_db,Fy_dbstr

Fy_In = "'★;★and★exec★insert★select★delete★update★count★*★%★chr★mid★master★truncate★char★declare"

'----------------------------------

Fy_Inf = split(Fy_In,"★")

'-----------------------------------------------------------------------------------------------------------------------------

If Request.Form<>"" Then

For Each Fy_Post In Request.Form

For Fy_Xh=0 To Ubound(Fy_Inf)

If Instr(LCase(Request.Form(Fy_Post)),Fy_Inf(Fy_Xh))<>0 Then

'Record post attack starts

Dim ValidEntry_Post

ValidEntry_Post = True

If not IsEmpty(Session("LogIn_post")) Then ValidEntry_Post = False

If ValidEntry_Post Then

Const ForAppending_Post = 8

Const Create_Post = true

Dim FSO_Post

DIM TS_Post

DIM MyFileName_Post

'Dim strLog

Dim strTime_Post,strip_Post,strurll_Post,strwords_Post

MyFileName_Post = Server.MapPath(fxjt111_Attack_post)

Set FSO_Post = Server.CreateObject("Scripting.FileSystemObject")

Set TS_Post = FSO_Post.OpenTextFile(MyFileName_Post, ForAppending_Post, Create_Post)

strip_Post=Request.ServerVariables ("REMOTE_ADDR") & ""

if strip_Post="" then

strip_Post=Request.ServerVariables("HTTP_X_FORWARDED_FOR") & ""

end if

'strurll_Post=request.servervariables("http_referer")

strwords_Post=request.servervariables("query_string")

strTime_Post=now()

Share: Full-width half-width conversion code
javascript conversion: SCRIPT /* ************************ * Parameter description: * str: The string to be converted * flag: mark, 0 and half to full, and 0 and half to half to full* Return value type: string ********************************** */ function DBC2SBC(str,flag) { var i; var result=''; if (