aspde sql injection dan kurtulmak icin filitre

Admin: Üst Düzey Admin; Mesaj Sayısı : 3516
Kayıt tarihi : 13/06/09
Nerden : küçükyalı
Yaş : 34

Post n°1

aspde sql injection dan kurtulmak icin filitre

Mesaj tarafından Admin Paz Haz. 13, 2010 9:41 pm

KODLAR

<%
Function htmltemizle(change)
change = Replace(change, "<", "<", 1, -1, 1)
change = Replace(change, ">", ">", 1, -1, 1)
change = Replace(change, "%3c", "<", 1, -1, 1)
change = Replace(change, "%3e", ">", 1, -1, 1)
change = Replace(change, Chr(39), "'", 1, -1, 1)
change = Replace(change, Chr(34), """, 1, -1, 1)
change = Replace(change ,"'","'",1,-1,1)
change = Replace(change ,"""",""",1,-1,1)
change = Replace(change, "", "", 1, -1, 1)
change = Replace(change, "", "",
1, -1, 1)
change = Replace(change, "", "", 1,
-1, 1)
change = Replace(change, "script", "script", 1, -1, 0)
change = Replace(change, "script", "script", 1, -1, 0)
change = Replace(change, "script", "script", 1, -1, 1)
change = Replace(change, "OBJECT", "OBJECT", 1, -1, 0)
change = Replace(change, "Object", "Object", 1, -1, 0)
change = Replace(change, "object", "object", 1, -1, 1)
change = Replace(change, "APPLET", "APPLET", 1, -1, 0)
change = Replace(change, "Applet", "Applet", 1, -1, 0)
change = Replace(change, "applet", "applet", 1, -1, 1)
change = Replace(change, "ALERT", "ALERT", 1, -1, 0)
change = Replace(change, "Alert", "Alert", 1, -1, 0)
change = Replace(change, "alert", "alert", 1, -1, 1)
change = Replace(change, "EMBED", "EMBED", 1, -1, 0)
change = Replace(change, "Embed", "Embed", 1, -1, 0)
change = Replace(change, "embed", "embed", 1, -1, 1)
change = Replace(change, "EVENT", "EVENT", 1, -1, 0)
change = Replace(change, "Event", "Event", 1, -1, 0)
change = Replace(change, "event", "event", 1, -1, 1)
change = Replace(change, "DOCUMENT", "DOCUMENT", 1, -1, 0)
change = Replace(change, "Document", "Document", 1, -1, 0)
change = Replace(change, "document", "document", 1, -1, 1)
change = Replace(change, "COOKIE", "COOKIE", 1, -1, 0)
change = Replace(change, "Cookie", "Cookie", 1, -1, 0)
change = Replace(change, "cookie", "cookie", 1, -1, 1)
change = Replace(change, "FORM", "FORM", 1, -1, 0)
change = Replace(change, "Form", "Form", 1, -1, 0)
change = Replace(change, "form", "form", 1, -1, 1)
change = Replace(change, "IFRAME", "IFRAME", 1, -1, 0)
change = Replace(change, "Iframe", "Iframe", 1, -1, 0)
change = Replace(change, "iframe", "iframe", 1, -1, 1)
change = Replace(change, "TEXTAREA", "TEXTAREA", 1, -1, 0)
change = Replace(change, "Textarea", "Textarea", 1, -1, 0)
change = Replace(change, "textarea", "textarea", 1, -1, 1)
change = Replace(change, "union", "union",1,-1,1)
change = Replace(change, "select", "select",1,-1,1)
change = Replace(change, "where", "where",1,-1,1)
change = Replace(change, "like", "like",1,-1,1)
change = Replace(change, "from", "from",1,-1,1)
change = Replace(change, "update", "update",1,-1,1)
change = Replace(change, "delete", "delete",1,-1,1)
change = Replace(change, "insert", "insert",1,-1,1)
change = Replace(change, "group", "group",1,-1,1)
change = Replace(change, "alter", "alter",1,-1,1)
change = Replace(change, "modify", "modify",1,-1,1)
change = Replace(change, "rename", "rename",1,-1,1)

htmltemizle = change
End Function
%>

KULLANIMI

yukarıdaki kodu bir asp içine kaydediyoruz. sonra bu asp yi her sayfada
include ediyoruz.

<%=htmltemizle(request.querystring("ID"))%>

şeklinde kullanıyoruz.

Oyunalani Ekibi

Oyunalani Ekibi

Oyunalani Ekibi

aspde sql injection dan kurtulmak icin filitre

aspde sql injection dan kurtulmak icin filitre