调用时使用<SCRIPT LANGUAGE="JavaScript" SRC="topic.asp"></SCRIPT>
<%
if MDBpath="" then
MDBpath="admin/"
end if
set rs_type=server.CreateObject("ADODB.RecordSet")
set rs=server.CreateObject("ADODB.RecordSet")
%>
<!--#include file="admin/mdb_path_down.asp"-->
<%
i=0
sql="select top 12 cxn,cxv,id,tid,date,hits from down order by date desc"
rs.open sql,conn,1,1
if rs.eof then%>
<%
else
do while not rs.eof
response.write "document.write ('<IMG height=7 src=""newgif/dot1.gif"" width=6 border=0>[')"
rs_type.open "select tname from downtype where id=" &rs("tid"),conn,1,1
if not rs_type.EOF then
TN=split(rs_type("tname"),"|")
response.write "document.write ('<a href=""sort/" &rs("tid") &"_1.htm"">" &TN(ubound(TN)-2) &"</a>')"
end if
rs_type.close
response.write "document.write (']<a href=""soft/" &rs("id") &".htm"">" &rs("cxn") &" " &rs("cxv") &"</a></td>'"
i=i+1
if i>=12 then exit do
rs.movenext
loop
end if
rs.close
%>
这样试试:<!--#include file="conn.asp"-->
<%if request("action")<>"save" then%>
<%
Response.ContentType="application/x-javascript"
id=request.querystring("ID")
if not IsNumeric(id) then
t=request.querystring()
ips=Request.ServerVariables("Remote_Addr")
sj=now
conn.Execute "INSERT INTO log(username,action,ip,sj) VALUES('sql注入[pl.asp]','收到“"&t&"”','"&ips&"','"&sj&"' )"
conn.close
response.write "window.location='/'"
response.End()
end if
set rs=server.createobject("adodb.recordset")
sql="select id,title from article where id="&id&""
rs.open sql,conn,1,1
if rs.eof or rs.bof then
response.Write("document.write('文章不存在')")
response.end
else
title=rs("title")
articleid=rs("id")
rs.close
end if
%>
然后使用 <script language="javascript" src="xxx.asp"></script>。注意是“src”,不是“scr”!“xxx.asp”就是上面的程序存成“.asp”文件之后的文件(路径)。
欢迎光临:http://hi.baidu.com/littlechicken
欢迎分享,转载请注明来源:内存溢出
微信扫一扫
支付宝扫一扫
评论列表(0条)