최초등록
This commit is contained in:
@@ -0,0 +1,72 @@
|
||||
<!--#include virtual="/common/lib/dbcon.asp"-->
|
||||
<%
|
||||
R_Fields = "sc_hdate1, sc_hdate2, sc_hdd"
|
||||
|
||||
Call RequestAll (R_Fields, "")
|
||||
|
||||
rtn_url = request.QueryString("rtn_url")
|
||||
|
||||
R_Fields_u = "sc_hdate1, sc_hdate2, sc_hdd, sc_wdate"
|
||||
sc_wdate = Date() & " " & Hour(now) & ":" & Minute(now)
|
||||
|
||||
Call UpdateQuery (R_Fields_u, "site_config", "")
|
||||
|
||||
|
||||
If rtn_url <> "" Then
|
||||
response.redirect rtn_url
|
||||
response.end
|
||||
End if
|
||||
|
||||
|
||||
function RequestAll(R_Fields, RequestObj)
|
||||
Dim i, R_Fields_arr
|
||||
R_Fields = Replace(R_Fields, " ", "")
|
||||
R_Fields_arr = Split(R_Fields, ",")
|
||||
|
||||
If RequestObj = "" Then RequestObj = "Request"
|
||||
|
||||
For i = 0 To UBound(R_Fields_arr)
|
||||
|
||||
execute(R_Fields_arr(i)&" = inputValue("&RequestObj&"("""&R_Fields_arr(i)&"""))")
|
||||
'^------inputValue()함수
|
||||
'execute("response.write """&R_Fields_arr(i)&"=""&"&R_Fields_arr(i)&"&""<br>""")
|
||||
|
||||
Next
|
||||
|
||||
End Function
|
||||
|
||||
|
||||
function InputValue(strvalue)
|
||||
Dim strvalue_temp, injection
|
||||
strvalue = trim(strvalue)
|
||||
strvalue = Replace(strvalue,"'","''")
|
||||
strvalue = Replace(strvalue,chr(34), """)
|
||||
strvalue = Replace(strvalue, "<title>", "")
|
||||
strvalue = Replace(strvalue, "</title>", "")
|
||||
strvalue = Replace(strvalue, "script", "")
|
||||
InputValue = strvalue
|
||||
end Function
|
||||
|
||||
|
||||
Function UpdateQuery(R_Fields, table, where)
|
||||
|
||||
Dim i, R_Fields_arr
|
||||
R_Fields = Replace(R_Fields, " ", "")
|
||||
R_Fields_arr = Split(R_Fields, ",")
|
||||
|
||||
execute("sql = ""update "&table&" set """)
|
||||
|
||||
For i = 0 To UBound(R_Fields_arr)
|
||||
|
||||
execute("sql = sql & """&R_Fields_arr(i)&" = '""&"&R_Fields_arr(i)&"&""'""")
|
||||
|
||||
If i < UBound(R_Fields_arr) Then sql = sql & ","
|
||||
next
|
||||
execute("sql = sql & "" "" & where")
|
||||
'response.write sql
|
||||
'response.end
|
||||
|
||||
Dbcon.Execute sql
|
||||
|
||||
End Function
|
||||
%>
|
||||
Reference in New Issue
Block a user