<%
SQL_injdata = |and|exec|insert|select|delete|update|count|*|%|chr|mid|master|truncate|char|declare
SQL_inj = split(SQL_Injdata|)
If RequestQueryString<> Then
For Each SQL_Get In RequestQueryString
For SQL_Data= To Ubound(SQL_inj)
if instr(RequestQueryString(SQL_Get)Sql_Inj(Sql_DATA))> Then
ResponseWrite <script Language=JavaScript>alert(非法连接!!)</script>
Responseend
end if
next
Next
End If
If RequestForm<> Then
For Each Sql_Post In RequestForm
For SQL_Data= To Ubound(SQL_inj)
if instr(RequestForm(Sql_Post)Sql_Inj(Sql_DATA))> Then
ResponseWrite <script Language=JavaScript>alert(非法连接!!)</script>
Responseend
end if
next
next
end if
%>
