<%
DIM Query_Badword, Form_Badword, I, Err_Message, Err_Web, Name
'------ Define part of the head ------------------------------------- -------------------------------
ERR_MESSAGE = 1 'processing method: 1 = prompt information, 2 = Turn page, 3 = first prompt and turn
Err_Web = "err.asp" 'When the error is turned to the page
Query_badword = "'∥and∥select ∥update∥chr∥delete ∥% 20FROM ∥; ∥insert∥mid∥master.∥set∥chr (37) ∥ ="
'Define GET illegal parameters to use the "∥" interval
FORM_BADWORD = "'∥% ∥ & ∥ * ∥ # ∥ @ ∥ (∥) ∥ ="' Defines the POST illegal parameters in this part, using the "∥" number
'------ Define the tail --------------------------------------- -------------------------------- '' Power by Marquee'www.mb999.com'QQ: 278836516 Mail: Marquee @ mb999.com'on error resume next
'----- Filtering of the Get Query value.
if request.QueryString <> "" thenChk_badword = split (Query_Badword, "∥") FOR EACH Query_Name IN Request.QueryStringfor i = 0 to ubound (Chk_badword) If Instr (LCase (request.QueryString (Query_Name)), Chk_badword (i) <> 0 THENSELECT CASE ERR_MESSAGE CASE "1" Response.write "
