Snitz Forums 2000
Snitz Forums 2000
Home | Profile | Register | Active Topics | Members | Search | FAQ
Username:
Password:
Save Password
Forgot your Password?

 All Forums
 Snitz Forums 2000 MOD-Group
 MOD Add-On Forum (W/Code)
 Go away, Hackers!
 New Topic  Topic Locked
 Printer Friendly
Previous Page
Author Previous Topic Topic Next Topic
Page: of 2

Etymon
Advanced Member

United States
2385 Posts

Posted - 21 August 2002 :  03:02:09  Show Profile  Visit Etymon's Homepage

Hi,

I got lost, sorry.

Could someone please post the finished code? I am unsure of what to add and what to delete.

Thanks for the MOD!

Etymon
Go to Top of Page

CaNgo
Starting Member

15 Posts

Posted - 16 September 2002 :  11:01:43  Show Profile
Fixed problems with URLEncoding:


<%If Request.ServerVariables("QUERY_STRING") <> "" then
	strChkQuery = UCase(URLDecode(Request.ServerVariables("QUERY_STRING")))
	If Instr(strChkQuery,"FORUM_MEMBERS") OR Instr(strChkQuery,"UNION") _
	OR Instr(strChkQuery,"SELECT") OR Instr(strChkQuery,"M_PASSWORD") _
	OR Instr(strChkQuery,"M_LEVEL") oR Instr(strChkQuery,"M_EMAIL") Then
		Response.Redirect("http://www.bored.com")
		Response.End
	End If
End If
%>
<script language=JavaScript RUNAT=SERVER>
function URLDecode(psEncodeString) 
{
  return unescape(psEncodeString); 
}
</script>
Go to Top of Page

pweighill
Junior Member

United Kingdom
453 Posts

Posted - 16 September 2002 :  11:49:39  Show Profile
Nice code, but it only covers the use of Request.QueryString and does not look at any of the Request.Form data. The Request.Form data is more difficult to check though as some fields can contain all the text items you are searching for. e.g. Request.Form("Message")
Go to Top of Page
Page: of 2 Previous Topic Topic Next Topic  
Previous Page
 New Topic  Topic Locked
 Printer Friendly
Jump To:
Snitz Forums 2000 © 2000-2021 Snitz™ Communications Go To Top Of Page
This page was generated in 0.14 seconds. Powered By: Snitz Forums 2000 Version 3.4.07