#TITLE=ASP common syntax and functions
#INFO
Some commonly used syntax and custom functions in ASP
#SORT=n
#T= ===Common ASP syntax===
#T==============================
#T=database related
#T= Connect to ACCESS database
<%
Dim DBName,Conn
DBName^! 'Define database path and name
SET Conn = Server.CreateObject(ADODB.Connection)
Conn.Open Provider=Microsoft.Jet.OLEDB.4.0;Data Source= & Server.MapPath(DBName)
%>
#T= Connect to MS SQL database
<%
Dim Conn
SET Conn=Server.CreateObject(ADODB.connection)
Conn.Open PROVIDER=SQLOLEDB;DATA SOURCE=SQL server name or IP address;UID=database login account;PWD=database password;DATABASE=database name
%>
#T= Create record set
SET ^!=Server.CreateObject(ADODB.recordset)
#T= Execute SQL command
RS.Open SQL,conn,1,1
#T= Execute SQL command
Conn.Execute(^!)
#T= RS directly executes SQL commands
SET RS = Conn.Execute(^!)
#T= Close the recordset
RS.CLOSE
SET RS=NOTHING
#T= Close database
Conn.Close
SETConn=Nothing
#T==============================
#T=ServerVariables related
#T= Get the address of the previous page
Request.ServerVariables(HTTP_REFERER)
#T= Get the name of the server 1
Request.ServerVariables(SERVER_NAME)
#T= Get the name of the server 2
Request.ServerVariables(HTTP_HOST)
#T= Get server IP
Request.ServerVariables(LOCAL_ADDR)
#T= Get user IP
Request.ServerVariables(Remote_Host)
#T= Get the user’s real IP1
Request.serverVariables(REMOTE_ADDR)
#T= Get the user’s real IP function
Function GetRealIP()
GetRealIP = Request.ServerVariables(HTTP_X_FORWARDED_FOR)
IF(GetRealIP = )THEN GetRealIP = Request.ServerVariables(REMOTE_ADDR)
End Function
#T= Get server port
Request.ServerVariables(SERVER_PORT)
#T= Get the server operating system
Request.ServerVariables(OS)
#T= Get the absolute path of the server
Request.ServerVariables(APPL_PHYSICAL_PATH)
#T= Get the absolute path of this file 1
Requet.ServerVariables(PATH_TRANSLATED)
#T= Get the absolute path of this file 2
Server.mappath(Request.ServerVariables(SCRIPT_NAME))
#T= Get the relative path of this file 1
Request.ServerVariables(URL)
#T= Get the relative path of this file 2
Request.ServerVariables(SCRIPT_NAME)
#T= Get the relative path of this file 3
Request.ServerVariables(PATH_INFO)
#T= Get the parameters after the address bar
Request.ServerVariables(QUERY_STRING)
#T= Get server system information
Request.ServerVariables(HTTP_USER_AGENT)
#T= Server component detection
<%
Function IsObjInstalled(strClassString)
On Error Resume Next
IsObjInstalled = False
Err = 0
DimxTestObj
SET xTestObj = Server.CreateObject(strClassString)
IF(0 = Err)THEN IsObjInstalled = True
SET xTestObj = Nothing
Err = 0
End Function
'IF(IsObjInstalled(Persits.Upload)=True)THEN
' Response.Write supports AspUpload component
'ELSE
' Response.Write does not support AspUpload component
'END IF
%>
#T= Get the client locale
^!Request.ServerVariables(HTTP_ACCEPT_LANGUAGE)
#T= Get client information: HTTP_USER_AGENT
^!Request.ServerVariables(HTTP_USER_AGENT)
#T= Get the form (Form) value element value
Request.Form(^!)
#T= Get the value passed by the URL
Request.QueryString(^!)
#T= Get the complete URL address
Function GetUrl()
GetUrl=http://&Request.ServerVariables(SERVER_N ... .ServerVariables(URL)
IF(Request.ServerVariables(QUERY_STRING)<>)THEN GetURL=GetUrl&?& Request.ServerVariables(QUERY_STRING)
End Function
#T==============================
#T=custom function
#T= Filter HTML characters
<%
'Filter HTML character function
Function HTMLEncode(str)
IF(str <> )THEN
str = Replace(str, &, &)
str = Replace(str, >, >)
str = Replace(str, <, <)
str = Replace(str, Chr(32), )
str = Replace(str, Chr(9), )
str = Replace(str, Chr(34), )
str = Replace(str, Chr(39), ')
str = Replace(str, Chr(13), )
str = Replace(str, Chr(10) & Chr(10), </P><P>)
str = Replace(str, Chr(10), <BR>)
str = Replace(str, Chr(255), )
END IF
HTMLEncode = str
End Function
%>
#T= Check whether the previous page was submitted from this site
<%
'Check whether the previous page was submitted from this site
'Return:True,False
'================================================== ==============
Function IsSelfRefer()
Dim sHttp_Referer, sServer_Name
sHttp_Referer = CStr(Request.ServerVariables(HTTP_REFERER))
sServer_Name = CStr(Request.ServerVariables(SERVER_NAME))
IF(Mid(sHttp_Referer, 8, Len(sServer_Name)) = sServer_Name)THEN
IsSelfRefer = True
ELSE
IsSelfRefer = False
END IF
End Function
%>
#T= Clear all HTML tags
<%
'Clear HTML tags
Function stripHTML(htmlStr)
Dim regEx
SETregEx = NewRegexp
regEx.IgnoreCase = True
regEx.Global = True
regEx.Pattern = <.+?>
htmlStr = regEx.Replace(htmlStr,)
htmlStr = Replace(htmlStr, <,<)
htmlStr = Replace(htmlStr, >,>)
htmlStr = Replace(htmlStr,chr(10),)
htmlStr = Replace(htmlStr,chr(13),)
stripHTML = htmlStr
SET regEx = Nothing
End Function
%>
#T= Get the length of the string
<%
'Function to find the length of a string
Function GetLength(str)
Dim Length
For i=1 to Len(str)
IF(Asc(Mid(str,i,1))<0 or Asc(Mid(str,i,1))>256)THEN
Length=Length+2
ELSE
Length=Length+1
END IF
Next
GetLength=Length
End Function
%>
#T= intercept the specified length string
<%
'Intercept a string of specified length, replace the excess with...
Function StrLeft(str,strlen)
IF(str = )THEN
StrLeft =
Exit Function
END IF
Dim l,t,c,i
str = Replace(Replace(Replace(Replace(str, , ),,chr(34)),>,>),<,<)
l=len(str)
t=0
For i=1 to l
c=Abs(Asc(Mid(str,i,1)))
IF(c>255)THEN
t=t+2
ELSE
t=t+1
END IF
IF(t>strlen)THEN
StrLeft = left(str,i) & ...
Exit For
ELSE
StrLeft = str
END IF
Next
StrLeft = Replace(Replace(Replace(Replace(StrLeft, , ),chr(34),),>,>),<,<)
End Function
%>
#T= Get secure submission parameters
<%
'================================================== ==============
'SQL Injection Check
'Function function: filter single quotes in character parameters, judge numeric parameters, and assign a value of 0 if it is not a numeric type
'Parameter meaning: str ---- parameters to be filtered
'strType ---- parameter type, divided into character type and numeric type, character type is s, numeric type is i
'================================================== ==============
Function CheckStr(str,strType)
Dim strTmp
strTmp =
IF(strType =s)THEN
strTmp = Replace(Trim(str),','')
ELSEIF(strType=i)THEN
IF(IsNumeric(str)=False)THEN str=False
strTmp = str
ELSE
strTmp = str
End IF
CheckStr= strTmp
End Function
%>
#T= Filter out bad characters (BadWord)
<%
'Filter bad characters (BadWords)
Function ChkBadWords(fString)
Dim BadWords,bwords,i
BadWords = Fuck|fuck you|fuck him|fuck you|fuck|dog|bastard|cunt|dick|bastard|rape|make love|virgin|zemin|falun|falun|hongzhi|falun
IF(Not(IsNull(BadWords) or IsNull(fString)))THEN
bwords = Split(BadWords, |)
For i = 0 to UBound(bwords)
fString = Replace(fString, bwords(i), string(Len(bwords(i)),*))
Next
ChkBadWords = fString
END IF
End Function
%>
#T= Generate random custom length password
<%
'Generate a random custom length password
Function makePassword(maxLen)
Dim strNewPass
Dim whatsNext, upper, lower, intCounter
Randomize
For intCounter = 1 To maxLen
whatsNext = Int((1 - 0 + 1) * Rnd + 0)
IF(whatsNext = 0)THEN
'character
upper=90
lower=65
ELSE
upper=57
lower = 48
END IF
strNewPass = strNewPass & Chr(Int((upper - lower + 1) * Rnd + lower))
Next
makePassword = strNewPass
End Function
'Response.Write makepassword(8)
%>
#T= Keep format inHTML when filling in Textarea
<%
'================================================== ==============
'Remove Html format, used when fetching values from the database and filling in the input box
'Note: value=? must use double quotes here
'================================================== ==============
Function inHTML(str)
Dim sTemp
sTemp = str
inHTML =
If IsNull(sTemp) = True Then
Exit Function
End If
sTemp = Replace(sTemp, &, &)
sTemp = Replace(sTemp, <br>,chr(13))
sTemp = Replace(sTemp, <, <)
sTemp = Replace(sTemp, >, >)
sTemp = Replace(sTemp, , Chr(34))
inHTML = sTemp
End Function
%>
#T= Regular table expression verification function
<%
'Regular expression verification function patrn-regular expression strng-string that needs to be verified
'================================================== ==============
Function RegExpTest(patrn, strng)
Dim regEx, retVal 'Create variables.
SET regEx = New RegExp ' Create a regular expression.
regEx.Pattern = patrn ' Set pattern.
regEx.IgnoreCase = False 'Set whether to be case sensitive.
retVal = regEx.Test(strng) 'Execute search test.
RegExpTest = retVal 'Return value, if it does not match, it returns false, if it matches, it returns true
SET regEx = NOTHING
End Function
%>
#T= Generate random string
<%
'Generate a random string
FunctionRndCode()
Dim CodeSet,AmountSet
CodeSet = 0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz
AmountSet = 62 'Amount of text
Randomize
Dim vCode(10), vCodes,i
For i = 0 To 9
vCode(i) = Int(Rnd * AmountSet)
vCodes = vCodes & Mid(CodeSet, vCode(i) + 1, 1)
Next
RndCode=vCodes
End Function
%>
#T==============================
#T=FSO related operations
#T= Determine whether the directory exists
<%
Function IsFloderExist(strFolderName)
SET FSO=Server.CreateObject(Scripting.FileSystemObject)
IF(FSO.FolderExists(strFolderName))THEN
IsFloderExist = True
ELSE
IsFloderExist = False
END IF
SET FSO=NOTHING
End Function
%>
#T= Create directory
<%
Function CreateFolder(strFolderName)
SET FSO=Server.CreateObject(Scripting.FileSystemObject)
IF(FSO.FolderExists(strFolderName) = False)THEN
FSO.CreateFolder(strFolderName)
END IF
SET FSO=NOTHING
END Function
%>
#T= Delete directory
<%
Function DeleteFolder(strFolderName)
SET FSO=Server.CreateObject(Scripting.FileSystemObject)
IF(FSO.FolderExists(strFolderName))THEN
FSO.DeleteFolder(strFolderName)
END IF
SET FSO=NOTHING
END Function
%>
#T= Determine whether the file exists
<%
Function IsFileExist(strFileName)
SET FSO=Server.CreateObject(Scripting.FileSystemObject)
IF(FSO.FileExists(strFileName))THEN
IsFileExist = True
ELSE
IsFileExist = False
END IF
SET FSO=NOTHING
End Function
%>
#T= delete file
<%
Function DeleteFile(strFileName)
SET FSO=Server.CreateObject(Scripting.FileSystemObject)
IF(FSO.FileExists(strFileName))THEN
FSO.DeleteFile(strFileName)
END IF
SET FSO=NOTHING
END Function
%>
#T==============================
#T= Several functions commonly used by ASP thieves
<%
Function ByteToStr(vIn)
Dim strReturn,i,ThisCharCode,innerCode,Hight8,Low8,NextCharCode
strReturn =
For i = 1 To LenB(vIn)
ThisCharCode = AscB(MidB(vIn,i,1))
IF(ThisCharCode < &H80)THEN
strReturn = strReturn & Chr(ThisCharCode)
ELSE
NextCharCode = AscB(MidB(vIn,i+1,1))
strReturn = strReturn & Chr(CLng(ThisCharCode) * &H100 + CInt(NextCharCode))
i = i + 1
END IF
Next
ByteToStr = strReturn
End Function
Function GetHttpPageContent(url,Method,SendStr)
Dim Retrieval
SET Retrieval = Server.CreateObject(Microsoft.XMLHTTP)
With Retrieval
.Open Method, url, False , ,
.setRequestHeader Content-Type,application/x-www-form-urlencoded
.Send(SendStr)
GetHttpPageContent = .ResponseBody
End With
SET Retrieval = Nothing
GetHttpPageContent=ByteToStr(GetHttpPageContent)
End Function
Function RegExpText(strng,regStr)
Dim regEx,Match,Matches,RetStr
SET regEx = New RegExp
regEx.Pattern = regStr
regEx.IgnoreCase = True
regEx.Global = True
SET Matches = regEx.Execute(strng)
For Each Match in Matches
RetStr = RetStr & regEx.Replace(Match.Value,$1) & ,
Next
RegExpText = RetStr
set regEx=nothing
End Function
Function StreamBytesToBstr(strBody, CodeBase)
Dim objStream
SET objStream = Server.CreateObject(Adodb.Stream)
With objStream
.Type = 1
.Mode = 3
.Open
.Write strBody
.Position = 0
.Type = 2
.Charset = CodeBase
StreamBytesToBstr = .ReadText
.Close
End With
SET objStream = Nothing
End Function
%>