sworda
Yeni Üye
Kayıt Tarihi: 17-Temmuz-2012
Gönderilenler: 1
|
| Gönderen: 17-Temmuz-2012 Saat 17:03 | Kayıtlı IP
|
|
|
merhaba ,
aşağıdaki kod sql injection açığı veriyor
nasıldüzeltebilirim?
'set time session and disable caches
response.buffer = true
response.expires = 60
response.expiresabsolute = now() - 1
response.addheader "pragma","no-cache"
response.addheader "cache-control","private"
response.cachecontrol = "no-cache"
%>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en">
<head>
<!--#include virtual="/includes/inc-dataconnection.asp"--
>
<!--#include virtual="/Includes/func-common.asp"-->
<!--#include virtual="/Includes/func-aspcode.asp"-->
<!--#include virtual="/Includes/func-content.asp"-->
<!--#include virtual="/Includes/func-encryption.asp"-->
<!--#include virtual="/Includes/inc-configuration.asp"-->
<%
'dimension variables
dim rsLogin, sqlLogin, intLoginCount, arrLoginData
dim strUsername, strPassword, strHeader, strMessage,
strAddress, strRedirect
dim intRemember
'load and check variables
strUsername = prepare_text(request.form("name"), true,
false)
strPassword = prepare_text(request.form("password"),
true, false)
if request.form("remember") <> "" and
isnumeric(request.form("remember")) = true then
intRemember = request.form("remember")
else
intRemember = 0
end if
%>
<title><%=page_title("Administration")%></tit le>
<%
Response.Charset = "windows-1254"
Session.LCID = 1055
Session.CodePage = 1254
%>
<meta http-equiv="Content-Type"
content="text/html;charset=windows-1254" />
<link rel="stylesheet" type="text/css" href="
<%=strBlogLocation%>Admin/Includes/inc-stylesheet.css" />
<link rel="shortcut icon" href="
<%=strBlogLocation%>Themes/<%=strBlogTheme%>/Com mon/favic
on.ico" />
<script type="text/javascript" src="
<%=strBlogLocation%>Includes/inc-javascript.js">< ;/script>
</head>
<body>
<div id="container">
<div id="header">
<!--#include file="Includes/inc-
header.asp"-->
</div>
<div id="centre">
<div id="login">
<%
'check whether user is
logged in
if session("FB_UserID") =
"" then
'check whether
user has enetered any user details
if (strUsername =
"" and strUsername <> "name") and (strPassword = "" and
strPassword <> "password") then
'display
login header
response.write("<h1>" & strBlogTitle &" "& ids("Login")
&"</h1>")
'display
login message
response.write("<p>")
response.write(ids("Login_"))
response.write("</p>")
'display
login form
response.write("<form action='login.asp' method='post'
onsubmit=""this.submit.disabled=true;"">")
response.write("<p>")
response.write("<label for='name'>"& ids("Username") &"
</label> <input id='name' name='name' type='text'
value=""name"" size='22' maxlength='80' tabindex='1'
onfocus=""this.value=''"" /> <label for='password'>"&
ids("Password") &"</label> <input id='password'
name='password' type='password' value=""password""
size='22' maxlength='80' tabindex='2'
onfocus=""this.value=''"" /> <label for='remember'>"&
ids("LoginRemember") &"</label> <input id='remember'
name='remember' type='checkbox' value='1' tabindex='3' />
<input id='submit' name='submit' type='submit'
tabindex='4' value="""& ids("Submit") &""" class='button'
/>")
response.write("</p>")
response.write("</form>")
else
'grab
details for the specified user name
set
rsLogin = server.createobject("adodb.recordset")
sqlLogin
= "SELECT User_ID, User_Name, User_Password,
User_Activation, User_Level, User_Ban_Expires,
User_Ban_Reason FROM FB_Users WHERE User_Name = '"&
strUsername &"';"
rsLogin.cursorlocation = 3
rsLogin.open sqlLogin, adoConn
if not
(rsLogin.bof or rsLogin.eof) then
intLoginCount = rsLogin.recordcount
arrLoginData = rsLogin.getrows()
else
intLoginCount = 0
end if
rsLogin.close
set
rsLogin = nothing
'increment query count
intQuery
= intQuery + 1
'check a
valid user has been specified
if
intLoginCount = 0 then
'set error message
strHeader = ids("LoginError")
strMessage = "<p>"& ids("LoginErrorIncorrect") &"</p>"
strRedirect = "default.asp"
else
'check account is activated
if arrLoginData(4, 0) = 0 then
'set error message
strHeader = ids("LoginError")
'check whether account authorisation is enabled
if intBlogAccountAuthorisation = 1 then
strMessage = "<p>" & ids("LoginErrorWaiting") &"</p>"
else
strMessage = "<p>"& ids("LoginErrorEmail") &"</p>"
end if
strRedirect = "default.asp"
end if
'check whether account has been banned
if arrLoginData(5, 0) > db_time(intBlogTimeOffset) then
'set error message
strHeader = ids("LoginError")
strMessage = "<p>" &
replace(replace(replace(ids("LoginErrorBanned"),"#REASON#
",SQL_decode(arrLoginData(6,
0))),"#TIME#",web_time(arrLoginData(5, 0),
strBlogTimeFormat,
"Time")),"#DATE#",web_time(arrLoginData(5, 0),
strBlogTimeFormat, "Date")) &"</p>"
strRedirect = "default.asp"
end if
'check that the correct password has been specified
if arrLoginData(2, 0) <> strPassword then
'set error message
strHeader = ids("LoginError")
strMessage = "<p>"& ids("LoginErrorPassword") &"</p>"
strRedirect = "default.asp"
end if
'check there has not been an error
if strHeader = "" then
'set session variables
session("FB_UserID") = arrLoginData(0, 0)
session("FB_UserName") = SQL_Decode(arrLoginData(1, 0))
session("FB_UserLevel") = arrLoginData(4, 0)
'write user details to session cookie
response.cookies(strBlogTitle)("ID") = arrLoginData(0, 0)
response.cookies(strBlogTitle)("Code") =
md5(arrLoginData(0, 0) &"-"& arrLoginData(3, 0))
'if specified set cookie expirey time
if intRemember = 1 then
response.cookies(strBlogTitle).expires = dateadd("yyyy",
1, now())
end if
'set user IP address
if request.servervariables("HTTP_X_FORWARDED_FOR") = ""
then
strAddress = request.servervariables("REMOTE_ADDR")
else
strAddress =
request.servervariables("HTTP_X_FORWARDED_FOR")
end If
'update users details
set rsLogin = server.createobject("adodb.recordset")
sqlLogin = "UPDATE FB_Users SET User_Date_Visit = '"&
db_time(intBlogTimeOffset) &"', User_Login_Count =
(User_Login_Count + 1), User_Address = '"& strAddress
&"', User_Ban_Expires = NULL, User_Ban_Reason = NULL
WHERE User_ID = "& arrLoginData(0, 0) &";"
rsLogin.cursortype = 2
rsLogin.locktype = 3
rsLogin.open sqlLogin, adoConn
set rsLogin = nothing
'increment query count
intQuery = intQuery + 1
'set confirmation message
strHeader = ids("Login") &" "& ids("Successful")
strMessage = "<p>"& ids("LoginSuccess") &"</p>"
'set redirection based on user level
if session("FB_UserLevel") > 2 then
strRedirect = "Admin/default.asp"
else
strRedirect = "default.asp"
end if
end if
end if
end if
else
'clear session
variables
session.abandon()
'clear cookies
response.cookies(strBlogTitle)("ID") = ""
response.cookies(strBlogTitle)("Code") = ""
response.cookies(strBlogTitle).expires = dateadd("d", -1,
now())
'set confirmarion
message
strHeader =
ids("Logout") &" "& ids("Successful")
strMessage = "
<p>"& ids("LogoutSuccess") &"</p>"
strRedirect =
"default.asp"
end if
if strMessage <> "" then
call
display_redirect(strHeader,strMessage,strRedirect)
end if
%>
</div>
<div class="clear"></div>
</div>
<div id="footer">
<!--#include
virtual="/Includes/inc-footer.asp"-->
|
ASPTurkiye.com Forum : ASP / ASP.NET
Konu: sql injection hatası
Aktif Konular
Üye Listesi
Arama
Yardım
Kayıt Ol
Giriş
