几个常用的asp函数

 Function ChkStr(InString) '非法字符过滤函数
  If InString<>"" Then
   InString=Replace(LCase(InString)," ","")
   InString=Replace(LCase(InString),";","")
   InString=Replace(LCase(InString),"'","")
   InString=Replace(LCase(Instring),"--","")
   Instring=Replace(LCase(Instring),"%","")
   InString=Replace(LCase(InString),"%20","")
  
   InString=Replace(LCase(InString),"admin","")
  
   InString=Replace(LCase(InString),"and","")
   InString=Replace(LCase(InString),"or","")
  
   InString=Replace(LCase(InString),"asc","")
   InString=Replace(LCase(Instring),"chr","")
   InString=Replace(LCase(InString),"mid","")
   InString=Replace(LCase(InString),"len","")
  
   InString=Replace(LCase(InString),"select","")
   InString=Replace(LCase(InString),"insert","")
   InString=Replace(LCase(InString),"delete","")
   InString=Replace(LCase(InString),"update","")
  
  
   ChkStr=InString
  End If
  End Function
  
  Function CheckFileExt(FileExt) '检测文件扩展名
   Dim FileAccessExt,AccessExt
   AccessExt="gif,jpg,jpeg,bmp,doc,txt,png"
   FileAccessExt=Split(AccessExt,",")
   For i=LBound(FileAccessExt) to UBound(FileAccessExt)
   If LCase(FileExt)=LCase(FileAccessExt(i)) Then
   CheckFileExt=True
   Else
   CheckFileExt=False
   End If
   Next
  End Function
  
  Function CheckStr(str,IsStr) '检查非法字符和数字数据
  CheckStr=str
  If IsStr And InStr(str,",")>0 Then
   Call errmsg("提交字符中包含非法字符")
  ElseIf (Not IsStr) And (Not IsNumeric(str)) Then
   Call errmsg("提交不是数字型")
  End If
  End Function
  
  Sub errmsg(str)
   If Not IsNull(str) Then
   Response.Write(str)&"< br >"
   Call ASCpy()
   Response.End() 
   End If
  End Sub
  
  
   Sub ASCpy()
   Response.Write "<link href='Css/Maincss.css' rel='stylesheet' type='text/css'>"
   Response.Write "<div align='center' class='Maincss'>"
   Response.Write("<Center>Error happed!<br>Please Contract ")
   Response.Write("Name:<a href='mailto:jdqn@sjzu.edu.cn' style='text-decoration:none'>")
   Response.Write("<font Color=red>AloneSword</font>")
   Response.Write("</a>.<br>Thank you!!!</Center><br>")
   Response.Write "<hr>Copyright © By <a href='#' style='text-decoration:none'>建大网络</a> ™<br>"
   Response.Write "Last Modified：21/08/2004<br>"
   Response.Write("Author:<a href='http://blog.csdn.net/alonesword/' style='text-decoration:none' target='_blank'>AloneSword</a>")
   Response.Write "</div>"
  End Sub