<% Option Explicit %>
Test of Input
<%
Function CleanSQL(badStr) 'Clean up string by stripping out all but alphanumerics
Dim goodStr
Dim i
Dim ch
Dim goodChars
goodChars = "-_. @"
for i = 1 to Len(badStr)
ch = Mid(badStr, i, 1)
if ( (ch>="A") and (ch<="Z") ) or ((ch>="a") and (ch<="z") ) or ((ch>="0") and (ch<="9")) or (InStr(goodChars,ch)>0) then
goodStr = goodStr & ch
end if
next
CleanSQL = goodStr
End Function
Dim Input
Dim Message
Input = Request.Form("Command")
Message = CleanSQL(Input)
%>
You typed: <% = Input %>
After processing: <% = Message %>
">
Files in Periscope that are changed
- cleansql.asp
- checklog.asp
- content.asp (used on numbered pages by index.asp)
- send_password_email.asp
- send_login_email.asp (remove the trios reply-from)
- CFAW\checklog.asp
- CFAW\send_password_email.asp (not actually used)
- CFAW\login.asp (link to "../send_password_email.asp"
- System\checklog.asp
- admin\index.asp (add passwd protection)
- Go to http://www.thevbzone.com/d_DLL.htm and download cdonts.dll, then install with regsvr32 cdonts.dll
- administer IIS and on default website/documents, add index.html (so that "take a tour" will work)
Javascript to check every checkbox in first form (0)
function CheckAll(chk)
//for check all the checkboxes in a page
//Assumes first form in browser
{
for (var j=0;j < document.forms[0].elements.length;j++)
{
var e = document.forms[0].elements[j];
if (e.type == 'checkbox' && e.disabled==false)
{
e.checked = chk.checked
}
}
}
. Website development by Writeup.org