打开网页就提示 请不要在参数中包含非法字符尝试注入 10
打开网页,就提示请不要在参数中包含非法字符尝试注入提示后就直接跳到别的网站,我就一直找不到原因,怎么找也没有找到!对了在提示一下,就是从百度哪里点击进去会有这样的提示,本...
打开网页,就提示 请不要在参数中包含非法字符尝试注入
提示后就直接跳到别的网站,我就一直找不到原因,怎么找也没有找到!
对了在提示一下,就是从百度 哪里点击进去会有这样的提示,本网 点击那个页面不会有这样的提示。请教一下,谢谢
<!--#include file="conn.asp"-->
<!--#include file="config.asp" -->
<!--#include file="Sql.Asp" -->
<!--#include file="TD_sql.asp"-->
<%
id=request.QueryString("id")
if id="" or not isnumeric(id) then
response.write "<script>alert('警告!请勿尝试非法注入!');window.location.href='index.asp';</script>"
Response.End()
end if
set rs=server.createobject("adodb.recordset")
exec="select * from about where id="&id
rs.open exec,conn,1,1
%>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312" />
<title><%=rs("title")%>_<%=TD_home%></title>
<META http-equiv=Content-Type content="text/html; charset=gb2312">
<META http-equiv=X-UA-Compatible content=IE=EmulateIE7>
<META content="绿化设计 苗木供应 施工养护" name=keywords>
<META content="绿化设计 苗木供应 施工养护|河北涿州京南友好园艺,联系电话+86-0312-3928146" name=Description>
<LINK href="images/index.css" type=text/css rel=stylesheet>
<style type="text/css">
<!--
.STYLE4 {color: #000000}
-->
</style>
</head>
<body>
<!--#include file="top.asp" -->
<table width="950" border="0" cellpadding="0" cellspacing="0" align="center">
<tr>
<td height="3"></td>
</tr>
</table>
<table width="950" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td width="270" valign="top"><!--#include file="about-left.asp" --></td>
<td width="3"> </td>
<td valign="top"><table width="674" border="0" cellpadding="0" cellspacing="0" align="center" style="BORDER: #33B001 1px solid;">
<tr>
<td background="images/right_title.gif" height="25"><span class="STYLE3"><%
response.write(""&rs("title")&"")
%></span></td>
</tr>
<tr>
<td>
<table width="640" border="0" cellpadding="0" cellspacing="0" align="center" height="250">
<tr>
<td valign="top">
<br />
<span class="STYLE4">
<%
response.Write(""&rs("body")&"")
rs.close
set rs=nothing
%>
</span></td>
</tr>
</table></td>
</tr>
</table>
<table width="670" border="0" cellpadding="0" cellspacing="0" align="center">
<tr>
<td height="3"></td>
</tr>
</table> 展开
提示后就直接跳到别的网站,我就一直找不到原因,怎么找也没有找到!
对了在提示一下,就是从百度 哪里点击进去会有这样的提示,本网 点击那个页面不会有这样的提示。请教一下,谢谢
<!--#include file="conn.asp"-->
<!--#include file="config.asp" -->
<!--#include file="Sql.Asp" -->
<!--#include file="TD_sql.asp"-->
<%
id=request.QueryString("id")
if id="" or not isnumeric(id) then
response.write "<script>alert('警告!请勿尝试非法注入!');window.location.href='index.asp';</script>"
Response.End()
end if
set rs=server.createobject("adodb.recordset")
exec="select * from about where id="&id
rs.open exec,conn,1,1
%>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312" />
<title><%=rs("title")%>_<%=TD_home%></title>
<META http-equiv=Content-Type content="text/html; charset=gb2312">
<META http-equiv=X-UA-Compatible content=IE=EmulateIE7>
<META content="绿化设计 苗木供应 施工养护" name=keywords>
<META content="绿化设计 苗木供应 施工养护|河北涿州京南友好园艺,联系电话+86-0312-3928146" name=Description>
<LINK href="images/index.css" type=text/css rel=stylesheet>
<style type="text/css">
<!--
.STYLE4 {color: #000000}
-->
</style>
</head>
<body>
<!--#include file="top.asp" -->
<table width="950" border="0" cellpadding="0" cellspacing="0" align="center">
<tr>
<td height="3"></td>
</tr>
</table>
<table width="950" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td width="270" valign="top"><!--#include file="about-left.asp" --></td>
<td width="3"> </td>
<td valign="top"><table width="674" border="0" cellpadding="0" cellspacing="0" align="center" style="BORDER: #33B001 1px solid;">
<tr>
<td background="images/right_title.gif" height="25"><span class="STYLE3"><%
response.write(""&rs("title")&"")
%></span></td>
</tr>
<tr>
<td>
<table width="640" border="0" cellpadding="0" cellspacing="0" align="center" height="250">
<tr>
<td valign="top">
<br />
<span class="STYLE4">
<%
response.Write(""&rs("body")&"")
rs.close
set rs=nothing
%>
</span></td>
</tr>
</table></td>
</tr>
</table>
<table width="670" border="0" cellpadding="0" cellspacing="0" align="center">
<tr>
<td height="3"></td>
</tr>
</table> 展开
1个回答
推荐律师服务:
若未解决您的问题,请您详细描述您的问题,通过百度律临进行免费专业咨询
