防止SQL注入的asp.net通用程序

新开发的项目被注入攻击了,帮她写了一个通用的注入程序,共享出来。原理很简单:使用Global.asax中的Application_BeginRequest(objectsender,EventArgse)事情,终结表单或URL提交数据的获取,然后通过SQLInjectionHelper类终结恶意代码的检测。本代码仅仅考虑到通用性和部署简便性,由于项目现已开发结束,并现已上线,为预防很多修复,才写的这个通用程序
App_Code\SQLInjectionHelper.cs
SQLInjection\TestSQLInjection.aspx
SQLInjection\TestSQLInjection.aspx.cs
Global.asax
.....

(The newly developed project was attacked by injection, so she helped her write a general injection program and shared it. The principle is very simple: use the Application_BeginRequest(objectsender, EventArgse) event in Global.asax to terminate the acquisition of form or URL submission data, and then terminate the detection of malicious code through the SQLInjectionHelper class. This code only takes into account the versatility and ease of deployment. Since the project has now been developed and is now online, this general program was written to prevent many fixes.
App_Code\SQLInjectionHelper.cs
SQLInjection\TestSQLInjection.aspx
SQLInjection\TestSQLInjection.aspx.cs
Global.asax
.....)

[下载]10330006766.rar

2022-9-20 10:33 上传

文件大小: 3 KB
下载次数: 0