堆栈内存溢出
  简体   繁体   English

如何防止 SQL 注入?

[英]How can I prevent SQL injection?

 原文  2015-06-21 16:18:09       sql/ sql-server/ database/ asp-classic/ sql-injection

问题描述

I have the following code where the user is prompted to enter his username and password in a form.我有以下代码,其中提示用户在表单中输入他的用户名和密码。 The username and password are checked with the database and if correct the user is logged in. However this code can be easily SQL injected for example by typing:用数据库检查用户名和密码,如果正确则用户登录。但是,此代码可以很容易地通过 SQL 注入,例如通过键入:

UserName = 'x' and UserPwd = 'x' or 'x'

Can someone help me to modify the code to prevent SQL injection.有人可以帮我修改代码以防止 SQL 注入。 Here is the code:这是代码:

 <%@LANGUAGE=Jscript%>

<%
   // ----- GLOBALS DECLARATIONS ----------------------------------------------------------------------------

   var CKEDir     = "ckeditor/";
   var DB         = Server.MapPath("DB/CMS.MDB");



   // ----- GENERAL PURPOSE FUNCTIONS -----------------------------------------------------------------------

   // Uses regular expressions to change all single quotes in a string to the HTML
   // entity &#39; and replaces all carriage return and newline characters to spaces.
   // This ensures that the string can be incorporated in a SQL statement.

   function cleanString(s) {
      s = s.replace(/'/g, "&#39;"); // SO syntax fix ' 
      s = s.replace(/[\r\n]/g,' ');
      return s;
   }



   // ----- DATABASE FUNCTIONS ------------------------------------------------------------------------------

   // Creates a connection to the database named in the parameter,

   function getDBConnection() {
      var DBCon = Server.CreateObject("ADODB.Connection");
      var DBasePath = DB;
      var ConStr = "Provider=Microsoft.Jet.OLEDB.4.0; Data Source=" + DBasePath + ";Persist Security Info=False";
      DBCon.Open(ConStr,"","");
      return DBCon;
    }

    // Increments counter for current page (as identified by global variable PageID) in
    // table Counters, and returns a string indicating number of times page was accessed.

    function getAccess() {
       var msg = '';
       if (PageID) {
          var DBConn = getDBConnection();
          var Td     = new Date();
          var SQL    = "SELECT * FROM Counters WHERE PageID=" + PageID ;
          var RS     = DBConn.Execute(SQL);

          // Page counter does not yet exist - create it.
          if (RS.Eof)
          {
             var AccessCount=1;
             var AccessSince = new Date();
             SQL="INSERT into Counters ([PageID]) VALUES ("+PageID+")";
          }

          // Page counter exists, increment it.
          else
          {
             var AccessCount=RS("Hits")+1;
             var AccessSince=RS("Created").value;
             SQL="UPDATE Counters SET [Hits]="+AccessCount+" WHERE [PageID]="+PageID;
          }
          RS = DBConn.Execute(SQL)
          DBConn.Close();
          msg = AccessCount + " visits since " + AccessSince;
       }
     return msg;
   }




   // ----- LOGGING IN AND OUT FUNCTIONS --------------------------------------------------------------------


   // Returns true if user is logged in.

   function isLoggedIn() {
      return Session("UserID");
   }


   // Checks given name and password in users database.
   // No validation on the user input is performed, so this function is
   // susceptible to SQL injection attacks.

   function logInUser(name,pwd) {
     var DBConn = getDBConnection();
     var SQL    = "SELECT * FROM Users WHERE UserName = '" + name + "' and UserPwd = '" + pwd + "'";
     var RS     = DBConn.Execute(SQL);
     var valid  = !RS.Eof;
     if (valid) {
       Session("UserID")   = RS("UserID").value;
       Session("UserName") = RS("UserName").value;
       Session("UserFullName") = RS("UserFirstName").value + ' ' + RS("UserLastName").value;
     }
     DBConn.Close;
     return valid;
   }

   // Logs out current user.

   function logOutUser() {
     Session("UserID") = 0;
   }


   // Returns full name of currently logged in user if any.

   function loggedInUser() {
     var msg = '';
     if (Session("UserID")) msg = Session("UserFullName");
     return msg;
   }


   // Returns true if current user can edit content.
   // Currently allows any authenticated user to edit content.

   function inEditMode() {
     return isLoggedIn();
   }

%>

1 个解决方案

解决方案1
 0  2015-06-21 20:29:24

Use parameterized queries.使用参数化查询。 It prevents the SQL injections.它可以防止 SQL 注入。

Click here for more documentation 单击此处获取更多文档

It will prevent the SQL string being hijacked by malicious input.防止SQL字符串被恶意输入劫持。

Good luck!祝你好运!

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何防止PHP中的SQL注入? - How can I prevent SQL injection in PHP? 如何防止sql注入但保留“和”? - How can i prevent sql injection but keep " and '? 如何防止 SQL 在以下轨道查询中注入? - How can I prevent SQL injection in following rails query? 如何在PYTHON-DJANGO中阻止SQL注入? - How can I prevent SQL injection in PYTHON-DJANGO? 这个参数化查询如何防止 SQL 注入? - How can this Parametrized Query Prevent SQL Injection? 如何使用ColdFusion阻止SQL注入 - How do I prevent SQL injection with ColdFusion 当我生成 sql 脚本而不是直接访问数据库时,如何防止 sql 注入漏洞? - How I can prevent the sql injection vulnerability when I generate sql scripts instead of directly accessing the database? 如何防止客户端Java / JSP中的SQL注入? - How can I prevent SQL-injection in Java / JSP on the client side? 如何防止Wordpress中的SQL注入? - How to prevent SQL Injection in Wordpress? 如何防止SQL注入攻击? - how to prevent an SQL Injection Attack?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM