常用ASP函数集【经验才是最重要的】
程序员文章站
2023-12-01 16:33:46
<%@language="vbscript" codepage="936"%> <% starttime=timer() '程序执行时...
<%@language="vbscript" codepage="936"%>
<%
starttime=timer() '程序执行时间检测
'###############################################################
'┌──vibo───────────────────┐
'│ vibo studio 版权所有 │
'└───────────────────────┘
' author:vibo
' email:vibo_cn@hotmail.com
'----------------- vibo asp站点开发常用函数库 ------------------
'opendb(vdata_url) -------------------- 打开数据库
'getip() ------------------------------- 得到真实ip
'getipadress(sip)------------------------ 查找ip对应的真实地址
'ip2num(sip) ---------------------------- 限制某段ip地址
'chkfrom() ------------------------------ 防站外提交设定
'getsys() ------------------------------- 操作系统检测
'getbrowser() --------------------------- 浏览器版本检测
'getsearcher() -------------------------- 识别搜索引擎
'
'---------------------- 数据过滤 ↓----------------------------
'checkstr(byval chkstr) ----------------- 检查无效字符
'checksql() ----------------------------- 防止sql注入
'uncheckstr(str)------------------------- 检查非法sql命令
'checkstr(str) -------------------------- asp最新sql防注入过滤涵数
'htmlencode(restring) ------------------- 过滤转换html代码
'datetostr(datetime,showtype) ----------- 日期转换函数
'date2chinese(idate) -------------------- 获得asp的中文日期字符串
'lenstr(str) ---------------------------- 计算字符串长度(字节)
'createarr(str) ------------------------- 生成二维数组
'showrsarr(rsarr) ----------------------- 用表格显示记录集getrows生成的数组的表结构
'---------------------- 外接组件使用函数↓------------------------
'sendmail(to_email,from_email,from_name,mail_subject,mail_body,mail_htmlbody) -----'jmail组件 发送邮件
'-----------------------------------------系统检测函数↓------------------------------------------
'isvalidurl(url) ------------------------ 检测网页是否有效
'gethtmlpage(filename) ------------------ 获取文件内容
'checkfile(filepath) -------------------- 检查某一文件是否存在
'checkdir(folderpath) ------------------- 检查某一目录是否存在
'makenewsdir(foldername) ---------------- 根据指定名称生成目录
'createhtmlpage(filename,filedata,c_mode) 生成文件
'checkbadword(byval chkstr) ------------- 过滤脏字
'###############################################################
dim ipdata_url
ipdata_url="./ip.mdb"
response.write("--------------客户端信息检测------------"&"<br>")
response.write(getsys()&"<br>")
response.write(getbrowser()&"<br>")
response.write(getsearcher()&"<br>")
response.write("ip:"&getip()&"<br>")
response.write("来源:"&(getipadress(getip()))&"<br>")
response.write("<br>")
response.write("--------------数据提交检测--------------"&"<br>")
if not chkfrom then
response.write("请不要从站外提交内容!"&"<br>")
response.end
else
response.write("本站提交内容!"&"<br><br>")
end if
function opendb(vdata_url)
'------------------------------打开数据库
'使用:conn = opendb("data/data.mdb")
dim vibo_conn
set vibo_conn= server.createobject("adodb.connection")
vibo_conn.connectionstring="provider=microsoft.jet.oledb.4.0;data source=" & server.mappath(vdata_url)
vibo_conn.open
opendb=vibo_conn
end function
function getip()
'-----------------------得到真实ip
userip = request.servervariables("http_x_forwarded_for")
if userip = "" then userip = request.servervariables("remote_addr")
getip=userip
end function
function getipadress(sip)
'---------------------查找ip对应的真实地址
dim iparr,iprs,country,city
if sip="127.0.0.1" then sip= "192.168.0.1"
iparr=split(sip,".")
sip=cint(iparr(0))*256*256*256+cint(iparr(1))*256*256+cint(iparr(2))*256+cint(iparr(3))-1
dim vibo_ipconn_string
vibo_ipconn_string = "provider=microsoft.jet.oledb.4.0;data source="&server.mappath(ipdata_url)
set iprs = server.createobject("adodb.recordset")
iprs.activeconnection = vibo_ipconn_string
iprs.source = "select top 1 city, country from address where ip1 <=" & sip & " and " & sip & "<=ip2"
iprs.cursortype = 0
iprs.cursorlocation = 2
iprs.locktype = 1
iprs.open()
if iprs.bof and iprs.eof then
country="未知地区"
city=""
else
country=iprs.fields.item("country").value
city=iprs.fields.item("city").value
end if
getipadress=country&city
iprs.close()
set iprs = nothing
end function
function ip2num(sip)
'--------------------限制某段ip地址
dim str1,str2,str3,str4
dim num
ip2num=0
if isnumeric(left(sip,2)) then
str1=left(sip,instr(sip,".")-1)
sip=mid(sip,instr(sip,".")+1)
str2=left(sip,instr(sip,".")-1)
sip=mid(sip,instr(sip,".")+1)
str3=left(sip,instr(sip,".")-1)
str4=mid(sip,instr(sip,".")+1)
num=cint(str1)*256*256*256+cint(str2)*256*256+cint(str3)*256+cint(str4)-1
ip2num = num
end if
end function
'useripnum = ip2num(request.servervariables("remote_addr"))
'if useripnum > ip2num("192.168.0.0") and useripnum < ip2num("192.168.0.255") then
'response.write ("<center>您的ip被禁止</center>")
'response.end
'end if
function chkfrom()
'----------------------------防站外提交设定
dim server_v1,server_v2, server1, server2
chkfrom=false
server1=cstr(request.servervariables("http_referer"))
server2=cstr(request.servervariables("server_name"))
if mid(server1,8,len(server2))=server2 then chkfrom=true
end function
'if not chkfrom then
'response.write("请不要从站外提交内容!")
'response.end
'end if
function getsys()
'----------------------------------操作系统检测
vibo_soft=request.servervariables("http_user_agent")
if instr(vibo_soft,"windows nt 5.0") then
msm="win 2000"
elseif instr(vibo_soft,"windows nt 5.1") then
msm="win xp"
elseif instr(vibo_soft,"windows nt 5.2") then
msm="win 2003"
elseif instr(vibo_soft,"4.0") then
msm="win nt"
elseif instr(vibo_soft,"nt") then
msm="win nt"
elseif instr(vibo_soft,"windows ce") then
msm="windows ce"
elseif instr(vibo_soft,"windows 9") then
msm="win 9x"
elseif instr(vibo_soft,"9x") then
msm="windows me"
elseif instr(vibo_soft,"98") then
msm="windows 98"
elseif instr(vibo_soft,"windows 95") then
msm="windows 95"
elseif instr(vibo_soft,"win32") then
msm="win32"
elseif instr(vibo_soft,"unix") or instr(vibo_soft,"linux") or instr(vibo_soft,"sunos") or instr(vibo_soft,"bsd") then
msm="类unix"
elseif instr(vibo_soft,"mac") then
msm="mac"
else
msm="other"
end if
getsys=msm
end function
function getbrowser()
'----------------------------------浏览器版本检测
dim vibo_soft
vibo_soft=request.servervariables("http_user_agent")
browser="unknown"
version="unknown"
'vibo_soft="mozilla/4.0 (compatible; msie 6.0; windows nt 5.0; tencenttraveler ; .net clr 1.1.4322)"
if left(vibo_soft,7) ="mozilla" then '有此标识为浏览器
vibo_soft=split(vibo_soft,";")
if instr(vibo_soft(1),"msie")>0 then
browser="microsoft internet explorer "
version=trim(left(replace(vibo_soft(1),"msie",""),6))
elseif instr(vibo_soft(4),"netscape")>0 then
browser="netscape "
tmpstr=split(vibo_soft(4),"/")
version=tmpstr(ubound(tmpstr))
elseif instr(vibo_soft(4),"rv:")>0 then
browser="mozilla "
tmpstr=split(vibo_soft(4),":")
version=tmpstr(ubound(tmpstr))
if instr(version,")") > 0 then
tmpstr=split(version,")")
version=tmpstr(0)
end if
end if
elseif left(vibo_soft,5) ="opera" then
vibo_soft=split(vibo_soft,"/")
browser="mozilla "
tmpstr=split(vibo_soft(1)," ")
version=tmpstr(0)
end if
if version<>"unknown" then
dim tmpstr1
tmpstr1=trim(replace(version,".",""))
if not isnumeric(tmpstr1) then
version="unknown"
end if
end if
getbrowser=browser &" "& version
end function
function getsearcher()
'----------------------识别搜索引擎
dim botlist,searcher
dim vibo_soft
vibo_soft=request.servervariables("http_user_agent")
botlist="google,isaac,surveybot,baiduspider,ia_archiver,p.arthur,fast-webcrawler,java,microsoft-atl-native,turnitinbot,webgather,sleipnir,tencenttraveler"
botlist=split(botlist,",")
for i=0 to ubound(botlist)
if instr(vibo_soft,botlist(i))>0 then
searcher=botlist(i)&" 搜索器"
issearch=true
exit for
end if
next
if issearch then
getsearcher=searcher
else
getsearcher="unknown"
end if
end function
'----------------------------------数据过滤 ↓---------------------------------------
function checksql() '防止sql注入
dim sql_injdata
sql_injdata = "'|and|exec|insert|select|delete|update|count|*|%|chr|mid|master|truncate|char|declare"
sql_inj = split(sql_injdata,"|")
if request.querystring<>"" then
for each sql_get in request.querystring
for sql_data=0 to ubound(sql_inj)
if instr(request.querystring(sql_get),sql_inj(sql_data))>0 then
response.write "<script language='javascript'>{alert('请不要在参数中包含非法字符!');history.back(-1)}< /script>"
response.end
end if
next
next
end if
if request.form<>"" then
for each sql_post in request.form
for sql_data=0 to ubound(sql_inj)
if instr(request.form(sql_post),sql_inj(sql_data))>0 then
response.write "<script language='javascript'>{alert('请不要在参数中包含非法字符!');history.back(-1)} </script>"
response.end
end if
next
next
end if
end function
function checkstr(byval chkstr) '检查无效字符
dim str:str=chkstr
str=trim(str)
if isnull(str) then
checkstr = ""
exit function
end if
dim re
set re=new regexp
re.ignorecase =true
re.global=true
re.pattern="(\r\n){3,}"
str=re.replace(str,"$1$1$1")
set re=nothing
str = replace(str,"'","''")
str = replace(str, "select", "select")
str = replace(str, "join", "join")
str = replace(str, "union", "union")
str = replace(str, "where", "where")
str = replace(str, "insert", "insert")
str = replace(str, "delete", "delete")
str = replace(str, "update", "update")
str = replace(str, "like", "like")
str = replace(str, "drop", "drop")
str = replace(str, "create", "create")
str = replace(str, "modify", "modify")
str = replace(str, "rename", "rename")
str = replace(str, "alter", "alter")
str = replace(str, "cast", "cast")
checkstr=str
end function
function uncheckstr(str) '检查非法sql命令
str = replace(str, "select", "select")
str = replace(str, "join", "join")
str = replace(str, "union", "union")
str = replace(str, "where", "where")
str = replace(str, "insert", "insert")
str = replace(str, "delete", "delete")
str = replace(str, "update", "update")
str = replace(str, "like", "like")
str = replace(str, "drop", "drop")
str = replace(str, "create", "create")
str = replace(str, "modify", "modify")
str = replace(str, "rename", "rename")
str = replace(str, "alter", "alter")
str = replace(str, "cast", "cast")
uncheckstr=str
end function
function checkstr(str) 'sql防注入过滤涵数
if isnull(str) then
checkstr = ""
exit function
end if
str = replace(str,chr(0),"", 1, -1, 1)
str = replace(str, """", """", 1, -1, 1)
str = replace(str,"<","<", 1, -1, 1)
str = replace(str,">",">", 1, -1, 1)
str = replace(str, "script", "script", 1, -1, 0)
str = replace(str, "script", "script", 1, -1, 0)
str = replace(str, "script", "script", 1, -1, 0)
str = replace(str, "script", "script", 1, -1, 1)
str = replace(str, "object", "object", 1, -1, 0)
str = replace(str, "object", "object", 1, -1, 0)
str = replace(str, "object", "object", 1, -1, 0)
str = replace(str, "object", "object", 1, -1, 1)
str = replace(str, "applet", "applet", 1, -1, 0)
str = replace(str, "applet", "applet", 1, -1, 0)
str = replace(str, "applet", "applet", 1, -1, 0)
str = replace(str, "applet", "applet", 1, -1, 1)
str = replace(str, "[", "[")
str = replace(str, "]", "]")
str = replace(str, """", "", 1, -1, 1)
str = replace(str, "=", "=", 1, -1, 1)
str = replace(str, "'", "''", 1, -1, 1)
str = replace(str, "select", "select", 1, -1, 1)
str = replace(str, "execute", "execute", 1, -1, 1)
str = replace(str, "exec", "exec", 1, -1, 1)
str = replace(str, "join", "join", 1, -1, 1)
str = replace(str, "union", "union", 1, -1, 1)
str = replace(str, "where", "where", 1, -1, 1)
str = replace(str, "insert", "insert", 1, -1, 1)
str = replace(str, "delete", "delete", 1, -1, 1)
str = replace(str, "update", "update", 1, -1, 1)
str = replace(str, "like", "like", 1, -1, 1)
str = replace(str, "drop", "drop", 1, -1, 1)
str = replace(str, "create", "create", 1, -1, 1)
str = replace(str, "rename", "rename", 1, -1, 1)
str = replace(str, "count", "count", 1, -1, 1)
str = replace(str, "chr", "chr", 1, -1, 1)
str = replace(str, "mid", "mid", 1, -1, 1)
str = replace(str, "truncate", "truncate", 1, -1, 1)
str = replace(str, "nchar", "nchar", 1, -1, 1)
str = replace(str, "char", "char", 1, -1, 1)
str = replace(str, "alter", "alter", 1, -1, 1)
str = replace(str, "cast", "cast", 1, -1, 1)
str = replace(str, "exists", "exists", 1, -1, 1)
str = replace(str,chr(13),"<br>", 1, -1, 1)
checkstr = replace(str,"'","''", 1, -1, 1)
end function
function htmlencode(restring) '过滤转换html代码
dim str:str=restring
if not isnull(str) then
str = uncheckstr(str)
str = replace(str, "&", "&")
str = replace(str, ">", ">")
str = replace(str, "<", "<")
str = replace(str, chr(32), " ")
str = replace(str, chr(9), " ")
str = replace(str, chr(9), " ")
str = replace(str, chr(34),""")
str = replace(str, chr(39),"'")
str = replace(str, chr(13), "")
str = replace(str, chr(10), "<br>")
htmlencode = str
end if
end function
function datetostr(datetime,showtype) '日期转换函数
dim datemonth,dateday,datehour,dateminute
datemonth=month(datetime)
dateday=day(datetime)
datehour=hour(datetime)
dateminute=minute(datetime)
if len(datemonth)<2 then datemonth="0"&datemonth
if len(dateday)<2 then dateday="0"&dateday
select case showtype
case "y-m-d"
datetostr=year(datetime)&"-"&datemonth&"-"&dateday
case "y-m-d h:i a"
dim dateampm
if datehour>12 then
datehour=datehour-12
dateampm="pm"
else
datehour=datehour
dateampm="am"
end if
if len(datehour)<2 then datehour="0"&datehour
if len(dateminute)<2 then dateminute="0"&dateminute
datetostr=year(datetime)&"-"&datemonth&"-"&dateday&" "&datehour&":"&dateminute&" "&dateampm
case "y-m-d h:i:s"
dim datesecond
datesecond=second(datetime)
if len(datehour)<2 then datehour="0"&datehour
if len(dateminute)<2 then dateminute="0"&dateminute
if len(datesecond)<2 then datesecond="0"&datesecond
datetostr=year(datetime)&"-"&datemonth&"-"&dateday&" "&datehour&":"&dateminute&":"&datesecond
case "ymdhis"
datesecond=second(datetime)
if len(datehour)<2 then datehour="0"&datehour
if len(dateminute)<2 then dateminute="0"&dateminute
if len(datesecond)<2 then datesecond="0"&datesecond
datetostr=year(datetime)&datemonth&dateday&datehour&dateminute&datesecond
case "ym"
datetostr=right(year(datetime),2)&datemonth
case "d"
datetostr=dateday
case else
if len(datehour)<2 then datehour="0"&datehour
if len(dateminute)<2 then dateminute="0"&dateminute
datetostr=year(datetime)&"-"&datemonth&"-"&dateday&" "&datehour&":"&dateminute
end select
end function
function date2chinese(idate) '获得asp的中文日期字符串
dim num(10)
dim iyear
dim imonth
dim iday
num(0) = "〇"
num(1) = "一"
num(2) = "二"
num(3) = "三"
num(4) = "四"
num(5) = "五"
num(6) = "六"
num(7) = "七"
num(8) = "八"
num(9) = "九"
iyear = year(idate)
imonth = month(idate)
iday = day(idate)
date2chinese = num(iyear \ 1000) + num((iyear \ 100) mod 10) + num((iyear\ 10) mod 10) + num(iyear mod 10) + "年"
if imonth >= 10 then
if imonth = 10 then
date2chinese = date2chinese + "十" + "月"
else
date2chinese = date2chinese + "十" + num(imonth mod 10) + "月"
end if
else
date2chinese = date2chinese + num(imonth mod 10) + "月"
end if
if iday >= 10 then
if iday = 10 then
date2chinese = date2chinese +"十" + "日"
elseif iday = 20 or iday = 30 then
date2chinese = date2chinese + num(iday \ 10) + "十" + "日"
elseif iday > 20 then
date2chinese = date2chinese + num(iday \ 10) + "十" +num(iday mod 10) + "日"
else
date2chinese = date2chinese + "十" + num(iday mod 10) + "日"
end if
else
date2chinese = date2chinese + num(iday mod 10) + "日"
end if
end function
function lenstr(str)'计算字符串长度(字节)
dim l,t,c
dim i
l=len(str)
t=0
for i=1 to l
c=asc(mid(str,i,1))
if c<0 then c=c+65536
if c<255 then t=t+1
if c>255 then t=t+2
next
lenstr=t
end function
function createarr(str) '生成二维数组 数据如:"1,a1,b1,c1,d1|2,a2,b2,c2,d2|5,a3,b3,c3,d3|8,a4,b4,c4,d4"
dim arr()
str=split(str,"|")
for i=0 to ubound(str)
arrstr=split(str(i),",")
for j=0 to ubound(arrstr)
redim preserve arr(ubound(str),ubound(arrstr))
arr(i,j)=arrstr(j)
next
next
createarr=arr
end function
function showrsarr(rsarr) '用表格显示记录集getrows生成的数组的表结构
showhtml="<table width=100% border=1 cellspacing=0 cellpadding=0>"
if not isempty(rsarr) then
for y=0 to ubound(rsarr,2)
showhtml=showhtml&"<tr>"
for x=0 to ubound(rsarr,1)
showhtml=showhtml& "<td>"&rsarr(x,y)&"</td>"
next
showhtml=showhtml&"</tr>"
next
else
rshowhtml=showhtml&"<tr>"
showhtml=showhtml&"<td>no records</td>"
showhtml=showhtml&"</tr>"
end if
showhtml=showhtml&"</table>"
showrsarr=showhtml
end function
'-----------------------------------------外接组件使用函数↓------------------------------------------
function sendmail(to_email,from_email,from_name,mail_subject,mail_body,mail_htmlbody) 'jmail 发送邮件
set vibo_mail = server.createobject("jmail.message") '建立发送邮件的对象
vibo_mail.silent = true '屏蔽例外错误,返回false跟true两值j
vibo_mail.logging = true '启用邮件日志
vibo_mail.charset = "gb2312" '邮件的文字编码为国标
'vibo_mail.contenttype = "text/html" '邮件的格式为html格式
'vibo_mail.prority = 1 '邮件的紧急程序,1 为最快,5 为最慢, 3 为默认值
vibo_mail.addrecipient to_email '邮件收件人的地址
vibo_mail.from = from_email '发件人的e-mail地址
vibo_mail.fromname = from_name '发件人姓名
vibo_mail.mailserverusername = "system@aaa.com" '登录邮件服务器所需的用户名
vibo_mail.mailserverpassword = "asdasd" '登录邮件服务器所需的密码
vibo_mail.subject = mail_subject '邮件的标题
vibo_mail.body = mail_body '正文
vibo_mail.htmlbody = mail_htmlbody 'html正文
vibo_mail.returnreceipt = true
vibo_mail.send("smtp.263xmail.com") '执行邮件发送(通过邮件服务器地址)
vibo_mail.close()
set vibo_mail=nothing
end function
'---------------------------------------程序执行时间检测↓----------------------------------------------
endtime=timer()
if endtime<starttime then
endtime=endtime+24*3600
end if
runtime=(endtime-starttime)*1000
response.write("------------程序执行时间检测------------"&"<br>")
response.write("程序执行时间"&runtime&"毫秒")
'-----------------------------------------系统检测使用函数↓------------------------------------------
'---------------------检测网页是否有效-----------------------
function isvalidurl(url)
set xl = server.createobject("microsoft.xmlhttp")
xl.open "head",url,false
xl.send
isvalidurl = (xl.status=200)
end function
'if isvalidurl(""&fileurl&"") then
' response.redirect fileurl
'else
' response.write "由于下载用户过多,程序检测到文件暂时无法下载,请更换其他下载地址!感谢您对本软件网站的支持哦^_^"
'end if
'------------------检查某一目录是否存在-------------------
function gethtmlpage(filename) '获取文件内容
dim fso,file
set fso = server.createobject("scripting.filesystemobject")
set file=fso.opentextfile(server.mappath(filename))
showhtml=file.readall
file.close
set file=nothing
set fso=nothing
gethtmlpage=showhtml '输出
end function
function checkdir(folderpath)
dim fso
folderpath=server.mappath(".")&"\"&folderpath
set fso = server.createobject("scripting.filesystemobject")
if fso.folderexists(folderpath) then
'存在
checkdir = true
else
'不存在
checkdir = false
end if
set fso = nothing
end function
function checkfile(filepath) '检查某一文件是否存在
dim fso
filepath=server.mappath(filepath)
set fso = server.createobject("scripting.filesystemobject")
if fso.fileexists(filepath) then
'存在
checkfile = true
else
'不存在
checkfile = false
end if
set fso = nothing
end function
'-------------根据指定名称生成目录---------
function makenewsdir(foldername)
dim fso,f
set fso = server.createobject("scripting.filesystemobject")
set f = fso.createfolder(foldername)
makenewsdir = true
set fso = nothing
end function
function createhtmlpage(filename,filedata,c_mode) '生成文件
if c_mode=0 then '使用fso生成
dim fso,txt
set fso = createobject("scripting.filesystemobject")
filepath=server.mappath(filename)
if checkfile(filename) then fso.deletefile filepath,true '防止续写
set txt=fso.opentextfile(filepath,8,true)
txt.write filedata
txt.close
set fso = nothing
elseif c_mode=1 then '使用stream生成
dim vibostream
on error resume next
set vibostream = server.createobject("adodb.stream")
if err.number=-2147221005 then
response.write "<div align='center' style=""font-size:12px;font-family:tahoma;"">非常遗憾,您的主机不支持 adodb.stream,不能使用本程序</div>"
err.clear
response.end
end if
with vibostream
.type = 2
.open
.charset = "gb2312"
.position = objstream.size
.writetext = filedata
.savetofile server.mappath(filename),2
.close
end with
set vibostream = nothing
end if
response.write "<div align='center' style=""font-size:12px;font-family:tahoma;"">恭喜!文件 <a href="""&filename&""" target=""_blank"" style=""font-weight: bold;color: #ff0000;"">"&filename&"</a> 已经生成完毕!...</div>"
response.flush()
end function
function checkbadword(byval chkstr)'过滤脏字
dim str:str = chkstr
str = trim(str)
if isnull(str) then
checkbadword = ""
exit function
end if
dic = gethtmlpage("include/badword.txt")'载入脏字词典
dicarr = split(dic,chr(10))
for i =0 to ubound(dicarr )
worddic = split(dicarr(i),"=")
str = replace(str,worddic(0),worddic(1))
next
checkbadword = str
end function
%>
http://www.zzcn.net/blog/article.asp?id=69
<%
starttime=timer() '程序执行时间检测
'###############################################################
'┌──vibo───────────────────┐
'│ vibo studio 版权所有 │
'└───────────────────────┘
' author:vibo
' email:vibo_cn@hotmail.com
'----------------- vibo asp站点开发常用函数库 ------------------
'opendb(vdata_url) -------------------- 打开数据库
'getip() ------------------------------- 得到真实ip
'getipadress(sip)------------------------ 查找ip对应的真实地址
'ip2num(sip) ---------------------------- 限制某段ip地址
'chkfrom() ------------------------------ 防站外提交设定
'getsys() ------------------------------- 操作系统检测
'getbrowser() --------------------------- 浏览器版本检测
'getsearcher() -------------------------- 识别搜索引擎
'
'---------------------- 数据过滤 ↓----------------------------
'checkstr(byval chkstr) ----------------- 检查无效字符
'checksql() ----------------------------- 防止sql注入
'uncheckstr(str)------------------------- 检查非法sql命令
'checkstr(str) -------------------------- asp最新sql防注入过滤涵数
'htmlencode(restring) ------------------- 过滤转换html代码
'datetostr(datetime,showtype) ----------- 日期转换函数
'date2chinese(idate) -------------------- 获得asp的中文日期字符串
'lenstr(str) ---------------------------- 计算字符串长度(字节)
'createarr(str) ------------------------- 生成二维数组
'showrsarr(rsarr) ----------------------- 用表格显示记录集getrows生成的数组的表结构
'---------------------- 外接组件使用函数↓------------------------
'sendmail(to_email,from_email,from_name,mail_subject,mail_body,mail_htmlbody) -----'jmail组件 发送邮件
'-----------------------------------------系统检测函数↓------------------------------------------
'isvalidurl(url) ------------------------ 检测网页是否有效
'gethtmlpage(filename) ------------------ 获取文件内容
'checkfile(filepath) -------------------- 检查某一文件是否存在
'checkdir(folderpath) ------------------- 检查某一目录是否存在
'makenewsdir(foldername) ---------------- 根据指定名称生成目录
'createhtmlpage(filename,filedata,c_mode) 生成文件
'checkbadword(byval chkstr) ------------- 过滤脏字
'###############################################################
dim ipdata_url
ipdata_url="./ip.mdb"
response.write("--------------客户端信息检测------------"&"<br>")
response.write(getsys()&"<br>")
response.write(getbrowser()&"<br>")
response.write(getsearcher()&"<br>")
response.write("ip:"&getip()&"<br>")
response.write("来源:"&(getipadress(getip()))&"<br>")
response.write("<br>")
response.write("--------------数据提交检测--------------"&"<br>")
if not chkfrom then
response.write("请不要从站外提交内容!"&"<br>")
response.end
else
response.write("本站提交内容!"&"<br><br>")
end if
function opendb(vdata_url)
'------------------------------打开数据库
'使用:conn = opendb("data/data.mdb")
dim vibo_conn
set vibo_conn= server.createobject("adodb.connection")
vibo_conn.connectionstring="provider=microsoft.jet.oledb.4.0;data source=" & server.mappath(vdata_url)
vibo_conn.open
opendb=vibo_conn
end function
function getip()
'-----------------------得到真实ip
userip = request.servervariables("http_x_forwarded_for")
if userip = "" then userip = request.servervariables("remote_addr")
getip=userip
end function
function getipadress(sip)
'---------------------查找ip对应的真实地址
dim iparr,iprs,country,city
if sip="127.0.0.1" then sip= "192.168.0.1"
iparr=split(sip,".")
sip=cint(iparr(0))*256*256*256+cint(iparr(1))*256*256+cint(iparr(2))*256+cint(iparr(3))-1
dim vibo_ipconn_string
vibo_ipconn_string = "provider=microsoft.jet.oledb.4.0;data source="&server.mappath(ipdata_url)
set iprs = server.createobject("adodb.recordset")
iprs.activeconnection = vibo_ipconn_string
iprs.source = "select top 1 city, country from address where ip1 <=" & sip & " and " & sip & "<=ip2"
iprs.cursortype = 0
iprs.cursorlocation = 2
iprs.locktype = 1
iprs.open()
if iprs.bof and iprs.eof then
country="未知地区"
city=""
else
country=iprs.fields.item("country").value
city=iprs.fields.item("city").value
end if
getipadress=country&city
iprs.close()
set iprs = nothing
end function
function ip2num(sip)
'--------------------限制某段ip地址
dim str1,str2,str3,str4
dim num
ip2num=0
if isnumeric(left(sip,2)) then
str1=left(sip,instr(sip,".")-1)
sip=mid(sip,instr(sip,".")+1)
str2=left(sip,instr(sip,".")-1)
sip=mid(sip,instr(sip,".")+1)
str3=left(sip,instr(sip,".")-1)
str4=mid(sip,instr(sip,".")+1)
num=cint(str1)*256*256*256+cint(str2)*256*256+cint(str3)*256+cint(str4)-1
ip2num = num
end if
end function
'useripnum = ip2num(request.servervariables("remote_addr"))
'if useripnum > ip2num("192.168.0.0") and useripnum < ip2num("192.168.0.255") then
'response.write ("<center>您的ip被禁止</center>")
'response.end
'end if
function chkfrom()
'----------------------------防站外提交设定
dim server_v1,server_v2, server1, server2
chkfrom=false
server1=cstr(request.servervariables("http_referer"))
server2=cstr(request.servervariables("server_name"))
if mid(server1,8,len(server2))=server2 then chkfrom=true
end function
'if not chkfrom then
'response.write("请不要从站外提交内容!")
'response.end
'end if
function getsys()
'----------------------------------操作系统检测
vibo_soft=request.servervariables("http_user_agent")
if instr(vibo_soft,"windows nt 5.0") then
msm="win 2000"
elseif instr(vibo_soft,"windows nt 5.1") then
msm="win xp"
elseif instr(vibo_soft,"windows nt 5.2") then
msm="win 2003"
elseif instr(vibo_soft,"4.0") then
msm="win nt"
elseif instr(vibo_soft,"nt") then
msm="win nt"
elseif instr(vibo_soft,"windows ce") then
msm="windows ce"
elseif instr(vibo_soft,"windows 9") then
msm="win 9x"
elseif instr(vibo_soft,"9x") then
msm="windows me"
elseif instr(vibo_soft,"98") then
msm="windows 98"
elseif instr(vibo_soft,"windows 95") then
msm="windows 95"
elseif instr(vibo_soft,"win32") then
msm="win32"
elseif instr(vibo_soft,"unix") or instr(vibo_soft,"linux") or instr(vibo_soft,"sunos") or instr(vibo_soft,"bsd") then
msm="类unix"
elseif instr(vibo_soft,"mac") then
msm="mac"
else
msm="other"
end if
getsys=msm
end function
function getbrowser()
'----------------------------------浏览器版本检测
dim vibo_soft
vibo_soft=request.servervariables("http_user_agent")
browser="unknown"
version="unknown"
'vibo_soft="mozilla/4.0 (compatible; msie 6.0; windows nt 5.0; tencenttraveler ; .net clr 1.1.4322)"
if left(vibo_soft,7) ="mozilla" then '有此标识为浏览器
vibo_soft=split(vibo_soft,";")
if instr(vibo_soft(1),"msie")>0 then
browser="microsoft internet explorer "
version=trim(left(replace(vibo_soft(1),"msie",""),6))
elseif instr(vibo_soft(4),"netscape")>0 then
browser="netscape "
tmpstr=split(vibo_soft(4),"/")
version=tmpstr(ubound(tmpstr))
elseif instr(vibo_soft(4),"rv:")>0 then
browser="mozilla "
tmpstr=split(vibo_soft(4),":")
version=tmpstr(ubound(tmpstr))
if instr(version,")") > 0 then
tmpstr=split(version,")")
version=tmpstr(0)
end if
end if
elseif left(vibo_soft,5) ="opera" then
vibo_soft=split(vibo_soft,"/")
browser="mozilla "
tmpstr=split(vibo_soft(1)," ")
version=tmpstr(0)
end if
if version<>"unknown" then
dim tmpstr1
tmpstr1=trim(replace(version,".",""))
if not isnumeric(tmpstr1) then
version="unknown"
end if
end if
getbrowser=browser &" "& version
end function
function getsearcher()
'----------------------识别搜索引擎
dim botlist,searcher
dim vibo_soft
vibo_soft=request.servervariables("http_user_agent")
botlist="google,isaac,surveybot,baiduspider,ia_archiver,p.arthur,fast-webcrawler,java,microsoft-atl-native,turnitinbot,webgather,sleipnir,tencenttraveler"
botlist=split(botlist,",")
for i=0 to ubound(botlist)
if instr(vibo_soft,botlist(i))>0 then
searcher=botlist(i)&" 搜索器"
issearch=true
exit for
end if
next
if issearch then
getsearcher=searcher
else
getsearcher="unknown"
end if
end function
'----------------------------------数据过滤 ↓---------------------------------------
function checksql() '防止sql注入
dim sql_injdata
sql_injdata = "'|and|exec|insert|select|delete|update|count|*|%|chr|mid|master|truncate|char|declare"
sql_inj = split(sql_injdata,"|")
if request.querystring<>"" then
for each sql_get in request.querystring
for sql_data=0 to ubound(sql_inj)
if instr(request.querystring(sql_get),sql_inj(sql_data))>0 then
response.write "<script language='javascript'>{alert('请不要在参数中包含非法字符!');history.back(-1)}< /script>"
response.end
end if
next
next
end if
if request.form<>"" then
for each sql_post in request.form
for sql_data=0 to ubound(sql_inj)
if instr(request.form(sql_post),sql_inj(sql_data))>0 then
response.write "<script language='javascript'>{alert('请不要在参数中包含非法字符!');history.back(-1)} </script>"
response.end
end if
next
next
end if
end function
function checkstr(byval chkstr) '检查无效字符
dim str:str=chkstr
str=trim(str)
if isnull(str) then
checkstr = ""
exit function
end if
dim re
set re=new regexp
re.ignorecase =true
re.global=true
re.pattern="(\r\n){3,}"
str=re.replace(str,"$1$1$1")
set re=nothing
str = replace(str,"'","''")
str = replace(str, "select", "select")
str = replace(str, "join", "join")
str = replace(str, "union", "union")
str = replace(str, "where", "where")
str = replace(str, "insert", "insert")
str = replace(str, "delete", "delete")
str = replace(str, "update", "update")
str = replace(str, "like", "like")
str = replace(str, "drop", "drop")
str = replace(str, "create", "create")
str = replace(str, "modify", "modify")
str = replace(str, "rename", "rename")
str = replace(str, "alter", "alter")
str = replace(str, "cast", "cast")
checkstr=str
end function
function uncheckstr(str) '检查非法sql命令
str = replace(str, "select", "select")
str = replace(str, "join", "join")
str = replace(str, "union", "union")
str = replace(str, "where", "where")
str = replace(str, "insert", "insert")
str = replace(str, "delete", "delete")
str = replace(str, "update", "update")
str = replace(str, "like", "like")
str = replace(str, "drop", "drop")
str = replace(str, "create", "create")
str = replace(str, "modify", "modify")
str = replace(str, "rename", "rename")
str = replace(str, "alter", "alter")
str = replace(str, "cast", "cast")
uncheckstr=str
end function
function checkstr(str) 'sql防注入过滤涵数
if isnull(str) then
checkstr = ""
exit function
end if
str = replace(str,chr(0),"", 1, -1, 1)
str = replace(str, """", """", 1, -1, 1)
str = replace(str,"<","<", 1, -1, 1)
str = replace(str,">",">", 1, -1, 1)
str = replace(str, "script", "script", 1, -1, 0)
str = replace(str, "script", "script", 1, -1, 0)
str = replace(str, "script", "script", 1, -1, 0)
str = replace(str, "script", "script", 1, -1, 1)
str = replace(str, "object", "object", 1, -1, 0)
str = replace(str, "object", "object", 1, -1, 0)
str = replace(str, "object", "object", 1, -1, 0)
str = replace(str, "object", "object", 1, -1, 1)
str = replace(str, "applet", "applet", 1, -1, 0)
str = replace(str, "applet", "applet", 1, -1, 0)
str = replace(str, "applet", "applet", 1, -1, 0)
str = replace(str, "applet", "applet", 1, -1, 1)
str = replace(str, "[", "[")
str = replace(str, "]", "]")
str = replace(str, """", "", 1, -1, 1)
str = replace(str, "=", "=", 1, -1, 1)
str = replace(str, "'", "''", 1, -1, 1)
str = replace(str, "select", "select", 1, -1, 1)
str = replace(str, "execute", "execute", 1, -1, 1)
str = replace(str, "exec", "exec", 1, -1, 1)
str = replace(str, "join", "join", 1, -1, 1)
str = replace(str, "union", "union", 1, -1, 1)
str = replace(str, "where", "where", 1, -1, 1)
str = replace(str, "insert", "insert", 1, -1, 1)
str = replace(str, "delete", "delete", 1, -1, 1)
str = replace(str, "update", "update", 1, -1, 1)
str = replace(str, "like", "like", 1, -1, 1)
str = replace(str, "drop", "drop", 1, -1, 1)
str = replace(str, "create", "create", 1, -1, 1)
str = replace(str, "rename", "rename", 1, -1, 1)
str = replace(str, "count", "count", 1, -1, 1)
str = replace(str, "chr", "chr", 1, -1, 1)
str = replace(str, "mid", "mid", 1, -1, 1)
str = replace(str, "truncate", "truncate", 1, -1, 1)
str = replace(str, "nchar", "nchar", 1, -1, 1)
str = replace(str, "char", "char", 1, -1, 1)
str = replace(str, "alter", "alter", 1, -1, 1)
str = replace(str, "cast", "cast", 1, -1, 1)
str = replace(str, "exists", "exists", 1, -1, 1)
str = replace(str,chr(13),"<br>", 1, -1, 1)
checkstr = replace(str,"'","''", 1, -1, 1)
end function
function htmlencode(restring) '过滤转换html代码
dim str:str=restring
if not isnull(str) then
str = uncheckstr(str)
str = replace(str, "&", "&")
str = replace(str, ">", ">")
str = replace(str, "<", "<")
str = replace(str, chr(32), " ")
str = replace(str, chr(9), " ")
str = replace(str, chr(9), " ")
str = replace(str, chr(34),""")
str = replace(str, chr(39),"'")
str = replace(str, chr(13), "")
str = replace(str, chr(10), "<br>")
htmlencode = str
end if
end function
function datetostr(datetime,showtype) '日期转换函数
dim datemonth,dateday,datehour,dateminute
datemonth=month(datetime)
dateday=day(datetime)
datehour=hour(datetime)
dateminute=minute(datetime)
if len(datemonth)<2 then datemonth="0"&datemonth
if len(dateday)<2 then dateday="0"&dateday
select case showtype
case "y-m-d"
datetostr=year(datetime)&"-"&datemonth&"-"&dateday
case "y-m-d h:i a"
dim dateampm
if datehour>12 then
datehour=datehour-12
dateampm="pm"
else
datehour=datehour
dateampm="am"
end if
if len(datehour)<2 then datehour="0"&datehour
if len(dateminute)<2 then dateminute="0"&dateminute
datetostr=year(datetime)&"-"&datemonth&"-"&dateday&" "&datehour&":"&dateminute&" "&dateampm
case "y-m-d h:i:s"
dim datesecond
datesecond=second(datetime)
if len(datehour)<2 then datehour="0"&datehour
if len(dateminute)<2 then dateminute="0"&dateminute
if len(datesecond)<2 then datesecond="0"&datesecond
datetostr=year(datetime)&"-"&datemonth&"-"&dateday&" "&datehour&":"&dateminute&":"&datesecond
case "ymdhis"
datesecond=second(datetime)
if len(datehour)<2 then datehour="0"&datehour
if len(dateminute)<2 then dateminute="0"&dateminute
if len(datesecond)<2 then datesecond="0"&datesecond
datetostr=year(datetime)&datemonth&dateday&datehour&dateminute&datesecond
case "ym"
datetostr=right(year(datetime),2)&datemonth
case "d"
datetostr=dateday
case else
if len(datehour)<2 then datehour="0"&datehour
if len(dateminute)<2 then dateminute="0"&dateminute
datetostr=year(datetime)&"-"&datemonth&"-"&dateday&" "&datehour&":"&dateminute
end select
end function
function date2chinese(idate) '获得asp的中文日期字符串
dim num(10)
dim iyear
dim imonth
dim iday
num(0) = "〇"
num(1) = "一"
num(2) = "二"
num(3) = "三"
num(4) = "四"
num(5) = "五"
num(6) = "六"
num(7) = "七"
num(8) = "八"
num(9) = "九"
iyear = year(idate)
imonth = month(idate)
iday = day(idate)
date2chinese = num(iyear \ 1000) + num((iyear \ 100) mod 10) + num((iyear\ 10) mod 10) + num(iyear mod 10) + "年"
if imonth >= 10 then
if imonth = 10 then
date2chinese = date2chinese + "十" + "月"
else
date2chinese = date2chinese + "十" + num(imonth mod 10) + "月"
end if
else
date2chinese = date2chinese + num(imonth mod 10) + "月"
end if
if iday >= 10 then
if iday = 10 then
date2chinese = date2chinese +"十" + "日"
elseif iday = 20 or iday = 30 then
date2chinese = date2chinese + num(iday \ 10) + "十" + "日"
elseif iday > 20 then
date2chinese = date2chinese + num(iday \ 10) + "十" +num(iday mod 10) + "日"
else
date2chinese = date2chinese + "十" + num(iday mod 10) + "日"
end if
else
date2chinese = date2chinese + num(iday mod 10) + "日"
end if
end function
function lenstr(str)'计算字符串长度(字节)
dim l,t,c
dim i
l=len(str)
t=0
for i=1 to l
c=asc(mid(str,i,1))
if c<0 then c=c+65536
if c<255 then t=t+1
if c>255 then t=t+2
next
lenstr=t
end function
function createarr(str) '生成二维数组 数据如:"1,a1,b1,c1,d1|2,a2,b2,c2,d2|5,a3,b3,c3,d3|8,a4,b4,c4,d4"
dim arr()
str=split(str,"|")
for i=0 to ubound(str)
arrstr=split(str(i),",")
for j=0 to ubound(arrstr)
redim preserve arr(ubound(str),ubound(arrstr))
arr(i,j)=arrstr(j)
next
next
createarr=arr
end function
function showrsarr(rsarr) '用表格显示记录集getrows生成的数组的表结构
showhtml="<table width=100% border=1 cellspacing=0 cellpadding=0>"
if not isempty(rsarr) then
for y=0 to ubound(rsarr,2)
showhtml=showhtml&"<tr>"
for x=0 to ubound(rsarr,1)
showhtml=showhtml& "<td>"&rsarr(x,y)&"</td>"
next
showhtml=showhtml&"</tr>"
next
else
rshowhtml=showhtml&"<tr>"
showhtml=showhtml&"<td>no records</td>"
showhtml=showhtml&"</tr>"
end if
showhtml=showhtml&"</table>"
showrsarr=showhtml
end function
'-----------------------------------------外接组件使用函数↓------------------------------------------
function sendmail(to_email,from_email,from_name,mail_subject,mail_body,mail_htmlbody) 'jmail 发送邮件
set vibo_mail = server.createobject("jmail.message") '建立发送邮件的对象
vibo_mail.silent = true '屏蔽例外错误,返回false跟true两值j
vibo_mail.logging = true '启用邮件日志
vibo_mail.charset = "gb2312" '邮件的文字编码为国标
'vibo_mail.contenttype = "text/html" '邮件的格式为html格式
'vibo_mail.prority = 1 '邮件的紧急程序,1 为最快,5 为最慢, 3 为默认值
vibo_mail.addrecipient to_email '邮件收件人的地址
vibo_mail.from = from_email '发件人的e-mail地址
vibo_mail.fromname = from_name '发件人姓名
vibo_mail.mailserverusername = "system@aaa.com" '登录邮件服务器所需的用户名
vibo_mail.mailserverpassword = "asdasd" '登录邮件服务器所需的密码
vibo_mail.subject = mail_subject '邮件的标题
vibo_mail.body = mail_body '正文
vibo_mail.htmlbody = mail_htmlbody 'html正文
vibo_mail.returnreceipt = true
vibo_mail.send("smtp.263xmail.com") '执行邮件发送(通过邮件服务器地址)
vibo_mail.close()
set vibo_mail=nothing
end function
'---------------------------------------程序执行时间检测↓----------------------------------------------
endtime=timer()
if endtime<starttime then
endtime=endtime+24*3600
end if
runtime=(endtime-starttime)*1000
response.write("------------程序执行时间检测------------"&"<br>")
response.write("程序执行时间"&runtime&"毫秒")
'-----------------------------------------系统检测使用函数↓------------------------------------------
'---------------------检测网页是否有效-----------------------
function isvalidurl(url)
set xl = server.createobject("microsoft.xmlhttp")
xl.open "head",url,false
xl.send
isvalidurl = (xl.status=200)
end function
'if isvalidurl(""&fileurl&"") then
' response.redirect fileurl
'else
' response.write "由于下载用户过多,程序检测到文件暂时无法下载,请更换其他下载地址!感谢您对本软件网站的支持哦^_^"
'end if
'------------------检查某一目录是否存在-------------------
function gethtmlpage(filename) '获取文件内容
dim fso,file
set fso = server.createobject("scripting.filesystemobject")
set file=fso.opentextfile(server.mappath(filename))
showhtml=file.readall
file.close
set file=nothing
set fso=nothing
gethtmlpage=showhtml '输出
end function
function checkdir(folderpath)
dim fso
folderpath=server.mappath(".")&"\"&folderpath
set fso = server.createobject("scripting.filesystemobject")
if fso.folderexists(folderpath) then
'存在
checkdir = true
else
'不存在
checkdir = false
end if
set fso = nothing
end function
function checkfile(filepath) '检查某一文件是否存在
dim fso
filepath=server.mappath(filepath)
set fso = server.createobject("scripting.filesystemobject")
if fso.fileexists(filepath) then
'存在
checkfile = true
else
'不存在
checkfile = false
end if
set fso = nothing
end function
'-------------根据指定名称生成目录---------
function makenewsdir(foldername)
dim fso,f
set fso = server.createobject("scripting.filesystemobject")
set f = fso.createfolder(foldername)
makenewsdir = true
set fso = nothing
end function
function createhtmlpage(filename,filedata,c_mode) '生成文件
if c_mode=0 then '使用fso生成
dim fso,txt
set fso = createobject("scripting.filesystemobject")
filepath=server.mappath(filename)
if checkfile(filename) then fso.deletefile filepath,true '防止续写
set txt=fso.opentextfile(filepath,8,true)
txt.write filedata
txt.close
set fso = nothing
elseif c_mode=1 then '使用stream生成
dim vibostream
on error resume next
set vibostream = server.createobject("adodb.stream")
if err.number=-2147221005 then
response.write "<div align='center' style=""font-size:12px;font-family:tahoma;"">非常遗憾,您的主机不支持 adodb.stream,不能使用本程序</div>"
err.clear
response.end
end if
with vibostream
.type = 2
.open
.charset = "gb2312"
.position = objstream.size
.writetext = filedata
.savetofile server.mappath(filename),2
.close
end with
set vibostream = nothing
end if
response.write "<div align='center' style=""font-size:12px;font-family:tahoma;"">恭喜!文件 <a href="""&filename&""" target=""_blank"" style=""font-weight: bold;color: #ff0000;"">"&filename&"</a> 已经生成完毕!...</div>"
response.flush()
end function
function checkbadword(byval chkstr)'过滤脏字
dim str:str = chkstr
str = trim(str)
if isnull(str) then
checkbadword = ""
exit function
end if
dic = gethtmlpage("include/badword.txt")'载入脏字词典
dicarr = split(dic,chr(10))
for i =0 to ubound(dicarr )
worddic = split(dicarr(i),"=")
str = replace(str,worddic(0),worddic(1))
next
checkbadword = str
end function
%>
http://www.zzcn.net/blog/article.asp?id=69
下一篇: jsp中四种传递参数的方法