源码
<!--#include file="mdb.asp"-->
<%
id=request.querystring("id")
sql="select * from aspliancom_gj where id="&id
set rsc=conn.execute(sql)
id=rsc("id")
aspliancom_url=rsc("aspliancom_url")
conn.execute (sql)
rsc.close
set rsc=nothing
%>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<title><%=aspliancom_url%></title></head>
<body><form name=loading><INPUT style="color:#ffffff;border:0px;" size=0 name=chart><INPUT style="color:#ffffff;border:0px;" size=0 name=percent>
<script>
var bar=0
var line="||"
var amount="||"
count()
function count(){
bar=bar+2
amount =amount + line
document.loading.chart.value=amount
document.loading.percent.value=bar+"%"
if (bar<4)
{setTimeout("count()",2);}
else
{window.location = "<%=aspliancom_url%>";}
}</script>
</form>
</body>
</html>
因为你这里传入的参数id是整型,适合你的,最简单的办法就是在后台先判断下id是否为整数,如果是继续执行,如果不是跳出。
这样,你的sql 注入漏洞就修复了。
