반응형 Developer/asp25 sql injection 방지 (GET 방식) 좋은 자료가 있어 기록 남김... 0 Or inStr(lcase(Request(LWItem)), "--") > 0 thenErrParity = 11exit forend if '## select, delete 방지if (inStr(lcase(Request(LWItem)), "select") > 0 or inStr(lcase(Request(LWItem)), "delete") > 0) and inStr(lcase(Request(LWItem)), "from") > 0 thenErrParity = 30exit forend if '## update 방지if inStr(lcase(Request(LWItem)), "update") > 0 and inStr(lcase(Request(LWItem)), "set") > 0 .. 2014. 12. 5. 이전 1 ··· 4 5 6 7 다음 반응형