3wt.ezer.com 9/7/2010 11:52:44 AM 3wt.ezer.com:ASP:servervariables query-string:學習 asp sql html code 繁體中文 w3 Learning

domain .tw idv.tw .com.tw
你正在閱覽 :: 繁體中文:: 學習 ASP SQL VB HTML code

學習 .ASP SQL HTML XML CSS JAVA Perl code study
 English Chinese_Traditional Chinese_Simplified

你正在閱覽 :: 繁體中文 Chinese_Traditional

學習.主題:
首頁
ASP
. Active-Server-Flash
. Array
. Cache
. Connection
. Count
. Counter
. Distinct
. Email
. File
. Folder
. Function
. GetSQLserver
. Header
. mySQL
. Record
. Recordset
. Request
. Response
. Server
. server-createobject
. ServerVariables
»all-HTTP-headers
»PATH_INFO
»Query-String
. Session
. Special-Symbols
. String
. Sub
. Time
CSS
Ecommerce
HTML
InternetProtocol
JAVA
Microsoft
php
Robots
SearchEngine
SQL
SQLserver
VBscript
XML

SiteMap

3w....學習.教學 > ASP > servervariables » query-string

3w learning

servervariables >
query-string

Title:
ServerVariables("Query_String")

網址後面的參數(不含問號)
Description: 
QueryString= Request.ServerVariables("Query_String")

if the URL has a "?" question mark included
the the Len(QueryString)>0

Tips: security to prevent some one to hake 
your submit form Ezer suggest add a check point 
to check the length of :;

Len(QueryString)

取出"?"之後的字串

所以同理也可測其自串的長度
Example Code: 
http://3w.ezer.com/search/index.asp?dir1=&page=2&q=server

<%

Query_String="http://3w.ezer.com/search/index.asp?
dir1=&page=2&q=server"

QueryString= Request.ServerVariables("Query_String")

response.write QueryString

%>

-----------------Tip------------

you may often see URL request like this:

http://www.----.com/?aKeyword

here (aKeyword) is a quary

<%

quaryX= Request.ServerVariables("Query_String")

%>

then you can easy to use the request

技巧:防護你個人的(Submit form)表單
簡單方式以避免駭客玩弄你重要的query
減少非法呼叫與外侵襲擊

道理雖是簡單, 但仍有很多企業網站輕忽

技巧:可建立直接讀取"?"之後的關鍵字成為
query呼叫送出
Example Result:
dir1=&page=2&q=server

---------- attention :: -----------

the ? (question mark) shall not be included

tips: you can see the Len(QueryString)>0

you may avoid hacker to play around your quary
by writing this ::
<%

if Len(QueryString)>0 then
response.write "stop hacking me"
response.end
end if

%>

However you shall know about how to use
(get) and (post) submit form before use it.


注意不含問號
..
...
...

[ 9/7/2010 ]
www learning school add more scripts and tips memo
You are at >>3WT.EZER.COM >> 3WT.EZER.COM/ASP/SERVERVARIABLES/QUERY-STRING.ASP>>ASP
Helpful link:: SEO web tools :: Live PR | SERP checker Google SERP pageranking checker
back to top Ezer code adding :: Questions ;email