72 lines
1.6 KiB
Plaintext
72 lines
1.6 KiB
Plaintext
<!--#include virtual="/common/lib/dbcon.asp"-->
|
|
<%
|
|
R_Fields = "sc_hdate1, sc_hdate2, sc_hdd"
|
|
|
|
Call RequestAll (R_Fields, "")
|
|
|
|
rtn_url = request.QueryString("rtn_url")
|
|
|
|
R_Fields_u = "sc_hdate1, sc_hdate2, sc_hdd, sc_wdate"
|
|
sc_wdate = Date() & " " & Hour(now) & ":" & Minute(now)
|
|
|
|
Call UpdateQuery (R_Fields_u, "site_config", "")
|
|
|
|
|
|
If rtn_url <> "" Then
|
|
response.redirect rtn_url
|
|
response.end
|
|
End if
|
|
|
|
|
|
function RequestAll(R_Fields, RequestObj)
|
|
Dim i, R_Fields_arr
|
|
R_Fields = Replace(R_Fields, " ", "")
|
|
R_Fields_arr = Split(R_Fields, ",")
|
|
|
|
If RequestObj = "" Then RequestObj = "Request"
|
|
|
|
For i = 0 To UBound(R_Fields_arr)
|
|
|
|
execute(R_Fields_arr(i)&" = inputValue("&RequestObj&"("""&R_Fields_arr(i)&"""))")
|
|
'^------inputValue()함수
|
|
'execute("response.write """&R_Fields_arr(i)&"=""&"&R_Fields_arr(i)&"&""<br>""")
|
|
|
|
Next
|
|
|
|
End Function
|
|
|
|
|
|
function InputValue(strvalue)
|
|
Dim strvalue_temp, injection
|
|
strvalue = trim(strvalue)
|
|
strvalue = Replace(strvalue,"'","''")
|
|
strvalue = Replace(strvalue,chr(34), """)
|
|
strvalue = Replace(strvalue, "<title>", "")
|
|
strvalue = Replace(strvalue, "</title>", "")
|
|
strvalue = Replace(strvalue, "script", "")
|
|
InputValue = strvalue
|
|
end Function
|
|
|
|
|
|
Function UpdateQuery(R_Fields, table, where)
|
|
|
|
Dim i, R_Fields_arr
|
|
R_Fields = Replace(R_Fields, " ", "")
|
|
R_Fields_arr = Split(R_Fields, ",")
|
|
|
|
execute("sql = ""update "&table&" set """)
|
|
|
|
For i = 0 To UBound(R_Fields_arr)
|
|
|
|
execute("sql = sql & """&R_Fields_arr(i)&" = '""&"&R_Fields_arr(i)&"&""'""")
|
|
|
|
If i < UBound(R_Fields_arr) Then sql = sql & ","
|
|
next
|
|
execute("sql = sql & "" "" & where")
|
|
'response.write sql
|
|
'response.end
|
|
|
|
Dbcon.Execute sql
|
|
|
|
End Function
|
|
%> |