asp get and post data reception and filtering

Author：Eve Cole Update Time：2025-01-13 20:12:02

asp get and post data receiving filter functions, some codes copied for safety are as follows:

'--------Definition part------------------

Dim XH_Post,XH_Get,XH_In,XH_Inf,XH_Xh,XH_db,XH_dbstr

'Customize the strings that need to be filtered, separated by |

'----------------------------------

XH_Inf = split(XH_In,|)

'--------POST part------------------

If Request.Form<> Then

For Each XH_Post In Request.Form

For XH_Xh=0 To Ubound(XH_Inf)

If Instr(LCase(Request.Form(XH_Post)),XH_Inf(XH_Xh))<>0 Then

Response.Write <Script Language=JavaScript>alert('Please do not include illegal characters in the parameters and try to inject!');</Script>

Response.Write illegal operation! The system has made the following records↓<br>

Response.Write operation IP: &Request.ServerVariables(REMOTE_ADDR)<br>

Response.Write operation time: &Now<br>

Response.Write operation page: &Request.ServerVariables(URL)<br>

Response.Write submission method: POST<br>

Response.Write submission parameters: &XH_Post<br>

Response.Write submits data: &Request.Form(XH_Post)

Response.End

End If

'----------------------------------

'--------GET part------------------

If Request.QueryString<> Then

For Each XH_Get In Request.QueryString

For XH_Xh=0 To Ubound(XH_Inf)

If Instr(LCase(Request.QueryString(XH_Get)),XH_Inf(XH_Xh))<>0 Then

Response.Write <Script Language=JavaScript>alert('Please do not include illegal characters in the parameters and try to inject!');</Script>

Response.Write illegal operation! The system has made the following records↓<br>

Response.Write operation IP: &Request.ServerVariables(REMOTE_ADDR)<br>

Response.Write operation time: &Now<br>

Response.Write operation page: &Request.ServerVariables(URL)<br>

Response.Write submission method: GET<br>

Response.Write submission parameters: &XH_Get<br>

Response.Write submits data: &Request.QueryString(XH_Get)

Response.End

End If

'----------------------------------