[讨论]如果过滤了大于号和小于号应该怎样写入数据库
议题作者:ctmm99信息来源:邪恶八进制信息安全团队([url]www.eviloctal.com[/url])
一个记事本的代码:
[attach]5363[/attach]
以下是压缩包中文件transfer_html.inc里的代码
[code]<%
function transfer(x)
transfer=replace(x,"<","<")
transfer=replace(transfer,">",">")
transfer=replace(transfer," "," ")
transfer=replace(transfer,chr(13)," <br>")
end function
%>[/code]
write.asp调用了上述文件
[code]<!--#include file="transfer_html.inc"-->[/code]
致使无法将一句话木马写入数据库,那我该怎么办呢?
页:
[1]