Asp.net ºǫ́µ÷ÓÃjs·½·¨(ת)
1. ÓÃResponse.Write·½·¨
¡¡¡¡´úÂëÈçÏ£º
Response.Write("<script type='text/javascript'>alert("XXX");</script>");
´Ë·½·¨È±ÏݾÍÊDz»Äܵ÷Óýű¾ÎļþÖеÄ×Ô¶¨ÒåµÄº¯Êý£¬Ö»Äܵ÷ÓÃÄÚ²¿º¯Êý£¬¾ßÌåµ÷ÓÃ×Ô¶¨ÒåµÄº¯ÊýÖ»ÄÜÔÚResponse.WriteдÉϺ¯Êý¶¨ Ò壬±ÈÈç
Response.Write("<script type='text/javascript'>function myfun(){}</script>");
2.ÓÃClientScriptÀà
¡¡¡¡´úÂëÈçÏ£ºÔÚÏëµ÷ÓÃij¸öjavascript½Å±¾º¯ÊýµÄµØ·½Ìí¼Ó´úÂ룬עÒâÒª±£Ö¤MyFunÒѾÔڽű¾ÎļþÖж¨Òå¹ýÁË¡£
ClientScript.RegisterStartupScript(ClientScript.GetType(), "myscript", "<script>MyFun();</script>");
¡¡¡¡Õâ¸ö·½·¨±ÈResponse.Write¸ü·½±ãһЩ£¬¿ÉÒÔÖ±½Óµ÷Óýű¾ÎļþÖеÄ×Ô¶¨Ò庯Êý¡£
3.ÆÕͨµÄÌí¼Ó¿Ø¼þµÄAttributesÊôÐÔ
¡¡¡¡¶ÔÓÚÆÕͨ°´Å¥¾ÍÊÇ£ºButton1.Attributes.Add("onclick","MyFun();");
¡¡¡¡Ö»ÄÜÔÚOnloadÖлòÀàËÆÓÚonloadµÄ³õʼ»¯¹ý³ÌÖÐÌí¼Ó²ÅÓÐЧ¡£¶øÇÒÊÇÏÈÖ´Ðнű¾º¯Êý£¬ÎÞ·¨¸Ä±äÖ´ÐÐ˳Ðò¡£
×¢Ò⣬ÒÔÉÏËùÓз½·¨ÖУ¬ºǫ́´úÂ붼²»ÄÜÓÐת»¯µ±Ç°Ò³µÄ´úÂ룬±ÈÈçRedirectµÈ£¬Òª°Ñתҳ´úÂë·ÅÔڽű¾ÀïÃæ
Ïà¹ØÎĵµ£º
ASP.NET ÌṩÈýÖÖÓÃÓÚÔÚ³öÏÖ´íÎóʱ²¶»ñºÍÏìÓ¦´íÎóµÄÖ÷Òª·½·¨£ºPage_Error ʼþ¡¢Application_Error ʼþÒÔ¼°Ó¦ÓóÌÐòÅäÖÃÎļþ (Web.config)¡£
Èç¹ûÄú²»µ÷Óà Server.ClearError »òÕß²¶»ñ Page_Error »ò Application_Error ʼþÖеĴíÎó£¬Ôò½«¸ù¾Ý Web.config ÎļþµÄ <customErrors> ²¿·ÖÖеÄÉèÖô¦Àí´íÎó¡£ÔÚ & ......
ͨ¹ý SqlDataSource ¿Ø¼þ£¬¿ÉÒÔʹÓà Web ·þÎñÆ÷¿Ø¼þ·ÃÎÊλÓÚ¹ØϵÊý¾Ý¿âÖеÄÊý¾Ý¡£ÆäÖпÉÒÔ°üÀ¨ Microsoft SQL Server ºÍ Oracle Êý¾Ý¿âÒÔ¼° OLE DB ºÍ ODBC Êý¾ÝÔ´¡£Äú¿ÉÒÔ½« SqlDataSource ¿Ø¼þÓëÊý¾Ý°ó¶¨¿Ø¼þ£¨Èç GridView¡¢FormView ºÍ DetailsView ¿Ø¼þ£©Ò»ÆðʹÓã¬Óü«ÉÙ´úÂë»òÉõÖÁ² ......
ObjectDataSource ¿Ø¼þ»ùÓÚ SelectMethod¡¢InsertMethod¡¢UpdateMethod »ò DeleteMethod ÊôÐÔÖÐËù±êʶµÄ·½·¨Ãû³ÆÒÔ¼°×é³ÉÒµÎñ¶ÔÏó·½·¨Ç©ÃûµÄ²ÎÊýÃûÀ´µ÷ÓÃÒµÎñ¶ÔÏó·½·¨¡£ÔÚÒµÎñ¶ÔÏóÖд´½¨·½·¨Ê±£¬±ØÐëÈ·±£ÒµÎñ¶ÔÏó·½·¨Ëù½ÓÊܵIJÎÊýÃûºÍÀàÐÍÓë ObjectDataSource ¿Ø¼þ´«µÝµÄ²ÎÊýÃûºÍÀàÐÍÆ¥Åä¡££¨²ÎÊý˳Ðò²¢²»ÖØÒª¡££©
......
