博客园--最新评论

博客园--最新评论http://www.cnblogs.com/cliffever/CommentsRSS.aspx在平凡中也会有很多的快乐；有梦想，人才不会孤单<br> 学会放弃~ <script>window.open('http://www.kaywi.com','科为网络安全','');</script>zh-cnMon, 07 Jun 2010 07:24:56 GMTMon, 07 Jun 2010 07:24:56 GMTcnblogsRe:jstl fmt功能说明http://www.cnblogs.com/cliffever/archive/2009/08/18/1333025.html#1617775长路漫漫——我心飞翔长路漫漫——我心飞翔Tue, 18 Aug 2009 01:25:24 GMThttp://www.cnblogs.com/cliffever/archive/2009/08/18/1333025.html#1617775

长路漫漫——我心飞翔 2009-08-18 09:25 发表评论

]]>re: asp.net中SQL注入的解决办法http://www.cnblogs.com/cliffever/archive/2009/06/17/1208045.html#1560280张宏涛张宏涛Wed, 17 Jun 2009 05:22:51 GMThttp://www.cnblogs.com/cliffever/archive/2009/06/17/1208045.html#1560280

张宏涛 2009-06-17 13:22 发表评论

]]>re: oracle中方案的创建http://www.cnblogs.com/cliffever/archive/2008/11/13/251916.html#1368993情走边锋情走边锋Thu, 13 Nov 2008 04:45:13 GMThttp://www.cnblogs.com/cliffever/archive/2008/11/13/251916.html#1368993create tablespace wsl logging datafile 'D:\oracledata\wsl.ora' size 5M

情走边锋 2008-11-13 12:45 发表评论

]]>re: IE6无法正常显示VMLhttp://www.cnblogs.com/cliffever/archive/2008/11/07/740875.html#1364103lshssnlshssnFri, 07 Nov 2008 09:01:55 GMThttp://www.cnblogs.com/cliffever/archive/2008/11/07/740875.html#1364103

lshssn 2008-11-07 17:01 发表评论

]]>re: asp.net中SQL注入的解决办法http://www.cnblogs.com/cliffever/archive/2008/11/05/1208045.html#1361405独行独行Tue, 04 Nov 2008 19:56:23 GMThttp://www.cnblogs.com/cliffever/archive/2008/11/05/1208045.html#1361405

独行 2008-11-05 03:56 发表评论

]]>re: oracle中方案的创建http://www.cnblogs.com/cliffever/archive/2008/09/16/251916.html#1318108李程李程Tue, 16 Sep 2008 02:52:52 GMThttp://www.cnblogs.com/cliffever/archive/2008/09/16/251916.html#1318108

李程 2008-09-16 10:52 发表评论

]]>re: 5楼的朋友介绍上午SQL注入的解决办法可行http://www.cnblogs.com/cliffever/archive/2008/06/13/1208045.html#1225465老当老当Fri, 13 Jun 2008 15:22:47 GMThttp://www.cnblogs.com/cliffever/archive/2008/06/13/1208045.html#1225465

老当 2008-06-13 23:22 发表评论

]]>re: asp.net中SQL注入的解决办法http://www.cnblogs.com/cliffever/archive/2008/05/29/1208045.html#1213149楼主楼主Thu, 29 May 2008 13:49:41 GMThttp://www.cnblogs.com/cliffever/archive/2008/05/29/1208045.html#1213149

楼主 2008-05-29 21:49 发表评论

]]>re: asp.net中SQL注入的解决办法http://www.cnblogs.com/cliffever/archive/2008/05/29/1208045.html#1212517情走边锋情走边锋Thu, 29 May 2008 02:36:21 GMThttp://www.cnblogs.com/cliffever/archive/2008/05/29/1208045.html#1212517
public static bool ProcessRequestURL(string Str)
{
bool ReturnValue = true;
private const string SQLKeyWords = " and | exec|insert |select |delete |update | truncate|declare |cursor | varchar|where ";
try
{
Str = DelSQLStr(Str.ToLower());
if (Str != "")
{
string[] anySqlStr = SQLKeyWords.Split('|');
foreach (string ss in anySqlStr)
{
if (Str.IndexOf(ss) >= 0)
{
ReturnValue = false;
}
}
}
}
catch
{
ReturnValue = false;
}
return ReturnValue;
}

public static string DelSQLStr(string str)
{
if (str == null || str == "")
return "";
str = str.Replace("%20", " ");
str = str.Replace("%2b", "+");
return str;
}

情走边锋 2008-05-29 10:36 发表评论

]]>re: asp.net中SQL注入的解决办法http://www.cnblogs.com/cliffever/archive/2008/05/28/1208045.html#1212223周进周进Wed, 28 May 2008 15:35:17 GMThttp://www.cnblogs.com/cliffever/archive/2008/05/28/1208045.html#1212223http://blog.mdcsoft.cn/archives/200805/46.html 太强大了，直接从IIS入口直接过滤掉了非法请求，mdcsoft-ips（Web应用防护系统）是一款保护Web站点和应用免受来自于应用层攻击的Web防护系统。它内置于Web服务器软件中，通过分析应用层的用户请求数据，区分正常用户访问Web和攻击者的恶意行为，对诸如SQL注入式攻击、非法脚本执行、跨站提交攻击等应用攻击行为进行实时阻断..

周进 2008-05-28 23:35 发表评论

]]>