上一篇
下一篇
ASP防止外部提交数据
作者:江蓝 日期:2009-02-26
程序代码<%
Function isSelfRefer()
Dim sHttp_Referer, sServer_Name
sHttp_Referer = CStr(Request.ServerVariables("HTTP_REFERER"))
sServer_Name = CStr(Request.ServerVariables("SERVER_NAME"))
If Mid(sHttp_Referer, 8, Len(sServer_Name)) = sServer_Name Then
IsSelfRefer = True
Else
IsSelfRefer = False
End If
End Function
If isSelfRefer() Then
response.write "ok"
Else
response.write "no"
End If
%>
Function isSelfRefer()
Dim sHttp_Referer, sServer_Name
sHttp_Referer = CStr(Request.ServerVariables("HTTP_REFERER"))
sServer_Name = CStr(Request.ServerVariables("SERVER_NAME"))
If Mid(sHttp_Referer, 8, Len(sServer_Name)) = sServer_Name Then
IsSelfRefer = True
Else
IsSelfRefer = False
End If
End Function
If isSelfRefer() Then
response.write "ok"
Else
response.write "no"
End If
%>
把以上代码放到aa.asp,如果是直接输入网址或者是从外部网部链接到本站,http://doamain/aa.asp 就会显示NO,如果系从本站链接到aa.asp,或通过表单提交到aa.asp,将会显示ok。可以防止一些伪造表单向站内提交数据。
文章来自: 
引用通告: 
Tags: 评论: 0 | 引用: 0 | 查看次数: 490
发表评论
