1<%...
  2dim sql_injdata
  3SQL_injdata = "'|exec|=|>|<|;|insert|select|delete|update|count|*|%|chr|mid|master|truncate|char|declare"
  4SQL_inj = split(SQL_Injdata,"|")
  5
  6If Request.QueryString<>"" Then
  7    For Each SQL_Get In Request.QueryString
  8        For SQL_Data=0 To Ubound(SQL_inj)
  9            if instr(Request.QueryString(SQL_Get),Sql_Inj(Sql_DATA))>0 Then
 10                Response.Write "<Script Language=JavaScript>alert('◆≡≡≡系 统 提 示≡≡≡◆\n\n您的输入含有非法字符!');history.back(-1)</Script>"
 11                Response.end
 12            end if
 13        next
 14    Next
 15End If
 16
 17If Request.Form<>"" Then
 18    For Each Sql_Post In Request.Form
 19        For SQL_Data=0 To Ubound(SQL_inj)
 20            if instr(Request.Form(Sql_Post),Sql_Inj(Sql_DATA))>0 Then
 21                Response.Write "<Script Language=JavaScript>alert('◆≡≡≡系 统 提 示≡≡≡◆\n\n您的输入含有非法字符!');history.back(-1)</Script>"
 22                Response.end
 23            end if
 24        next
 25    next
 26end if
 27%>
 28<%...
 29     mm=month(now)
 30      if mm<10 then
 31         mm="0" & mm
 32     end if
 33     dd=day(now)
 34     if dd<10 then
 35         dd="0" & dd
 36     end if
 37     thistoday = year(now)&"-"& mm &"-"& dd
 38%>
 39<html>
 40<head>
 41<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
 42<link rel="stylesheet" href="../include/e1.css" type="text/css">
 43<script language='javascript' src='../include/common.js'></script>
 44</head>
 45<script>...
 46    function check()
 47    ...{
 48        if(!confirm("恢复数据后，当前的数据将丢失！！请慎重处理，您确认要恢复数据么？"))
 49        ...{
 50            return false;
 51        }
 52        return true;
 53    }
 54</script>
 55<BODY topMargin=0 leftmargin="0" marginheight="0">
 56<%...
 57if Request.QueryString("action")="reload" then
 58    currf="../App_Data/webhww.mdb"
 59    currf=server.mappath(currf)
 60    backf=trim(request.form("backf"))
 61    if backf="" then
 62        response.write "<script>alert(""请输入您要恢复的数据库路径"");history.back();</script>" 
 63    else
 64        backf=cstr(backf)&"/webhww.mdb"
 65        backf=server.mappath(backf)
 66    end if
 67    on error resume next
 68    Set objfso = Server.CreateObject("Scripting.FileSystemObject")
 69    if err then 
 70    err.clear
 71    response.write "<script>alert(""不能建立fso对象，请确保你的空间支持fso:！"");history.back();</script>"
 72    response.end
 73    end if
 74    if objfso.fileexists(backf) then 
 75    objfso.copyfile ""&backf&"",""&currf&""
 76    response.write "<script>alert(""恢复数据库成功"");history.back();</script>"
 77    response.end
 78    else
 79    response.write "<script>alert(""错误:备份目录下无您的备份文件！"");history.back();</script>"
 80    response.end
 81    end if
 82end if 
 83%>
 84
 85<form name="form1" method="POST" action="restoredb.asp?action=reload" onsubmit="return check();">
 86<div align="center">
 87<center>
 88<br><br>
 89<table align="center" bgcolor="#AAAAAA" border="0" cellpadding="0" cellspacing="0" width="75%"><tr>
 90          <td>
 91<table border="0" cellpadding="5" cellspacing="1" style="border-collapse: collapse" width="100%" id="AutoNumber3">
 92              <tr class="tdTitle"> 
 93                <td height="40" colspan="2"> <div align="center"><font color="#FFFFFF" size="3"><strong>恢 
 94                    复 数 据 库</strong></font></div></td>
 95              </tr>
 96              <tr bgcolor="#FBFDFF"> 
 97                <td width="35%"> <div align="center"> 
 98                    <p>&nbsp;</p>
 99                    <p align="right">恢复的数据库路径：</p>
100                    <p>&nbsp;</p>
101                  </div></td>
102                <td width="65%"  height="25"><span style="background-color: #F7FFF7"> 
103                  <input type="text" name="backf" size="30" value="<% =thistoday%>">
104                  （默认格式：<%=thistoday%>） </span></td>
105              </tr>
106              <tr bgcolor="#FBFDFF"> 
107                <td colspan="2"><div align="center"><span style="background-color: #F7FFF7"> 
108                    <input type="submit" name="Submit" value="恢 复" class="b02">
109                    </span></div></td>
110              </tr>
111              <tr bgcolor="#FBFDFF"> 
112                <td colspan="2"><p><font color="#FF0000"><strong><br>
113                    *</strong></font>你的空间只有支持fso才可以进行如下操作，否则你只能手动备份</p>
114              </tr>
115            </table>
116</td>
117  </tr>
118</table>
119</center>
120</div>
121</form>
122</html>