asp»áÔ±×¢²áºó×Ô¶¯µÇ½
<%
set rs=server.createobject("adodb.recordset")
sql="select * from YONGHU where (ID is null)"
rs.open sql,conn,1,3
rs.addnew
rs("USERNAME")=request("username")
rs.update
rs.close
set rs=nothing
conn.close
set conn=nothing
session("username")=rs("name")
response.redirect "index.asp"
%>
ÔÚÊ×Ò³ÏÔʾÓû§Ãû¾ÍÓà <%=session("username")%>
=====================================
ÔÚÓû§×¢²á³É¹¦ºó£º
1¡¢Ìí¼Ó±äÁ¿session("names")ΪÓû§Ãû³Æ£»
2¡¢¼ì²âlen(session("names"))ÊÇ·ñΪ0£¨¼´±äÁ¿ÊÇ·ñ¿Õ£©£¬Èç¹û²»¿Õ£¬response.Redirect("»áÔ±ÖÐÐÄÒ³Ãæ") £¬Èç¹û¿Õ£¬ÈÔÈ»ÔڵǼҳÃ棬ÌáʾµÇ¼²»³É¹¦¡£
Ïà¹ØÎĵµ£º
‘·À×¢Èë°ÑËü¼Óµ½connÀïÕâÑù¾ÍokÁË
dim sql_injdata
SQL_injdata = "’|and|exec|insert|select|delete|update|count|*|%|chr|mid|master|truncate|char|declare"
SQL_inj = split(SQL_Injdata,"|")
If Request.QueryString<>"" Then
For Each SQL_Get In Request.QueryString
For SQL_Data=0 To Ubo ......
ÒÔÏÂÊÇ·¢ÔÚ÷×ÓÂÛ̳µÄÌù×Ó£¬×ª·¢¹ýÀ´£¬Ï£Íû¸øÓõÃ×ŵĺüÓѲο¼¡£
ÎҵijÌÐòÒÔÇ°Ò»Ö±ÊÇÓû¨Éú¿Ç°ó¶¨IPʵÏÖµÄÔ¶³Ì£¬ÓÉÓÚ¿Í»§·þÎñÆ÷ºÍ¿Í»§¶Ë¶¼ÊÇͨ¹ý¿í´øÉÏÍø£¬Ò»°ãµÄ²Ù×÷£¨¿ª½ø»õµ¥¡¢ÏúÊÛµ¥µÈ£©ËÙ¶ÈÒ²»¹²»´í£¬µ«ÊÇÔÚÔ¶³Ì¿Í»§¶ËÐÞ¸ÄÉÌÆ·×ÊÁÏ£¨10000¶àÌõ¼Ç¼£©¡¢²éѯһ¶ÎʱÆڵĽøÏú´æÁ÷Ë®£¨Ò»ÖÜ5000ÌõÒÔÉÏ£©µÈÉæ¼°µ½È¡¼Ç¼Á¿´óµ ......
dim conn,connstr
Set conn = Server.CreateObject("ADODB.Connection")'´´½¨Ò»¸öÊý¾Ý¿âÁ´½Ó¶ÔÏóconn£¬·½±ãºóÃæµ÷ÓÃ
connstr="Provider=SQLOLEDB;Data Source=(local);Initial Catalog=111;User ID=sa;Password=1234;" '´´½¨Ò»¸öÊý¾Ý¿âµÄrecordset¶ÔÏ󣬷½±ãÒÔºóµ÷ÓÃ
conn.Open connstr'´ò¿ªÊý¾Ý¿â ......
eofÊÇaspÖÐrecordset¶ÔÏóÖ¸ÕëµÄÒ»ÖÖ¡£
rs.eof ·µ»Ø¼Ç¼ָÕëÊÇ·ñ³¬³öÊý¾Ý±íÄ©¶Ë£¬true±íʾÊÇ£¬falseΪ·ñ
rs¼Ç¼¼¯ÊÇÎÒÃǾ³£»áÅöµ½µÄ,ÏÂÃæ¶ÔËüÖî¶àµÄÒƶ¯Ö¸Õë½øÐлã×Ü,ÈçÏÂ:
rs.movenext ½«¼Ç¼ָÕë´Óµ±Ç°µÄλÖÃÏòÏÂÒÆÒ»ÐÐ
rs.moveprevious ½«¼Ç¼ָÕë´Óµ±Ç°µÄλÖÃÏòÉÏÒÆÒ»ÐÐ
rs.movefirst ½«¼Ç¼ָÕëÒƵ½Êý¾Ý±íµÚÒ»ÐÐ
......
º¯Êý Óï·¨ ¹¦ÄÜ
Len Len(string|varname) ·µ»Ø×Ö·û´®ÄÚ×Ö·ûµÄÊýÄ¿£¬»òÊÇ´æ´¢Ò»±äÁ¿ËùÐèµÄ×Ö½ÚÊý¡£
Trim Trim(string) ½«×Ö·û´®Ç°ºóµÄ¿Õ¸ñÈ¥µô
Ltrim Ltrim(string) ½«×Ö·û´®Ç°ÃæµÄ¿Õ¸ñÈ¥µô
Rtrim Rtrim(string) ½«×Ö·û´®ºóÃæµÄ¿Õ¸ñÈ¥µô
Mid Mid(string,start,length) ´Óstring×Ö·û´®µÄstart×Ö·û¿ªÊ¼È¡µÃlength³¤¶ ......
