测试SQL防注入脚本

t=conn.execute("select * from news")
sql="UPDATE news SET news_count = news_count + 1 where news_id="&request.querystring("news_id")
conn.execute (sql)
rscount.close
set rscount=nothing
end function
可以看到它是直接读取GET上去的news_id字段，直接利用的话：
http://127.0.0.1/shownews.asp?news_id=1%20and%201=1
http://127.0.0.1/shownews.asp?news_id=1%20and%201=2
加入SQL通用防注入系统--直接在shownews.asp中include file标签段内加入：
<!--#Include File="Neeao_SqlIn.Asp"-->
刷新后再试将载入Neeao_SqlIn.Asp内的GET过滤部分内容：
If Request.QueryString<>"" Then
  For Each Fy_Get In Request.QueryString
    For Fy_Xh=0 To Ubound(Fy_Inf)
      If Instr(LCase(Request.QueryString(Fy_Get)),Fy_Inf(Fy_Xh))<>0 Then
        If WriteSql=True Then
          killSqlconn.Execute("insert into SqlIn(Sqlin_IP,SqlIn_Web,SqlIn_FS,SqlIn_CS,SqlIn_SJ) values(’"&Request.ServerVariables("REMOTE_ADDR")&"’,’"&Request.ServerVariables("URL")&"’,’GET’,’"&Fy_Get&"’,’"&replace(Request.QueryString(Fy_Get),"’","’’")&"’)")
        killSqlconn.close
        Set killSqlconn = Nothing
        End If
        Response.Write "<Script Language=JavaScript>alert(’SQL通用防注入系统提示你↓\n\n请不要在GET参数中包含非法字符尝试注入！\n\nHttp://Www.wrsky.Com 系统版本:V3.0(ASP)版\n\nBy:Neeao’);</Script>"
        Response.Write "非法操作！系统做了如下记录↓<br>"
        Response.Write "操作ＩＰ："&Request.ServerVariables("REMOTE_ADDR")&"<br>"
        Response.Write "操作时间："&Now&"<br>"
        Response.Write "操作页面："&