0

问题:我有一个搜索,它工作正常,直到用户进行没有结果的查询。发生这种情况时,下拉菜单(从 sql 中获取选项,停止工作)。我得到以下信息:

<option label=' <font face="Arial" size=2>
<p>ADODB.Field</font> <font face="Arial" size=2>error '80020009'</font>
<p>
<font face="Arial" size=2>Either BOF or EOF is True, or the current record has been deleted. Requested operation requires a current record.</font>
<p>
<font face="Arial" size=2>/junk/dbinstant.htm</font><font face="Arial" size=2>, line 0</font>

发生这种情况时,它似乎切断了它下面的所有代码。

我认为负责的代码是:

<%if request.querystring("abn") = "all" then 
response.write("")
else
response.write("<option label='")%><%=lcon("legal")%><%response.write("' value='")%><%=(src_abn)%><%response.write("' selected></option>'")
end if %>

整页:

<%@ LANGUAGE="VBSCRIPT" %>
<%
pagetitle="Contractor Details"
%>
<!--#INCLUDE VIRTUAL="/_lib/include/header.htm"-->
<!--#INCLUDE VIRTUAL="/_lib/include/menu.htm"-->
<script>
$(document).ready(function() {
    $("#abn,#cat").change(function () {
    this.form.submit();
})
});
</script>
<div class="twoColumnRow">
<div class="twoColumnContent">
<p class="breadCrm"><a href="/index.htm">Home</a> <span>&gt;</span> <a href="/tools/index.htm">Tools of the Trade</a> <span>&gt;</span> <a href="/tools/finance/index.htm">Finance and Purchasing</a><span>&gt;</span> <a href="/tools/finance/procurement/index.htm">Procurement and Contracts information</a></p>
<div class="contentPad">
<!-- Start of main content -->

<p class="imageRight">&nbsp;</p>
<h1><%=pagetitle%></h1>

<%
        Dim connectString, connect, conDB, sconDB, lDB, con, scon, lcon, src_abn, src_cat
        connectString = "Driver={Microsoft Text Driver (*.txt; *.csv)}; DBQ=" & Server.MapPath("data")
              src_abn = Request.QueryString("abn")
              src_cat = Request.QueryString("cat")
        set connect = Server.CreateObject("ADODB.connection")
        connect.open connectString

        if src_abn = "all" and src_cat = "all" then
        conDB = "SELECT * FROM cont.csv"
        lDB = "SELECT * FROM cont.csv"
        elseif src_abn = "all" then
        conDB = "SELECT * FROM cont.csv WHERE " & src_cat & " = 'Yes'"  
        lDB = "SELECT * FROM cont.csv WHERE " & src_cat & " = 'Yes'"    
        elseif src_cat = "all" then
        conDB = "SELECT * FROM cont.csv WHERE ucase(abn) LIKE ucase('%"+src_abn+"%')"   
        lDB = "SELECT * FROM cont.csv WHERE ucase(abn) LIKE ucase('%"+src_abn+"%')" 
        else 
        conDB = " SELECT * FROM cont.csv WHERE " & src_cat & " = 'Yes' AND ucase(abn) LIKE ucase('%"+src_abn+"%')"
        lDB = " SELECT * FROM cont.csv WHERE " & src_cat & " = 'Yes' AND ucase(abn) LIKE ucase('%"+src_abn+"%')"
        end if

        sconDB = "SELECT * FROM cont.csv"   

        set con = connect.execute(conDB)
        set scon = connect.execute(sconDB)
        set lcon = connect.execute(lDB)
%>
<h2>Search results</h2><hr />
<% if not con.BOF then %>
<div style="margin-top:1em">

  <form action="dbinstant.htm" method="get">

      <p>Company name:1<br/>
      <select id="abn" name="abn">
        <option label="All companies" value="all" <%if request.querystring("abn") = "all" then response.write("selected") %>></option>
        <%if request.querystring("abn") = "all" then 
        response.write("<option label='All companies' value='all' selected></option>")
        else
        response.write("<option label='")%><%=lcon("legal")%><%response.write("' value='")%><%=(src_abn)%><%response.write("' selected></option>'")
        end if %>
        <% while (NOT scon.EOF) %>
        <option label="<%=scon("legal")%>" value="<%=scon("abn")%>" <%if request.querystring("abn") = "response.write(src_abn)" then 
        response.write("selected") 
        end if %>></option>
        <%scon.MoveNext()
                          Wend %>
      </select>
      </p>
     <p>Categories for Creative Design:<br/>
      <select id="cat" name="cat">
        <option class="group" label="All categories" value="all" <%if request.querystring("cat") = "all" then response.write("selected") %>></option>
        <option class="group" label="Strategic brand, marketing and communications advice" value="a" <%if request.querystring("cat") = "a" then response.write("selected") %>></option>
        <option class="group" label="Graphic design and layout" value="b" <%if request.querystring("cat") = "b" then response.write("selected") %>></option>
        <option class="group" label="Forms design" value="c" <%if request.querystring("cat") = "c" then response.write("selected") %>></option>
        <option class="group" label="Web design and development" value="d" <%if request.querystring("cat") = "d" then response.write("selected") %>></option>
        <option class="group" label="Authoring services" value="e" <%if request.querystring("cat") = "e" then response.write("selected") %>></option>
        <option class="group" label="Editorial services" value="f" <%if request.querystring("cat") = "f" then response.write("selected") %>></option>
        <option class="group" label="Translation services" value="g" <%if request.querystring("cat") = "g" then response.write("selected") %>></option>
        <option class="group" label="Photography and film services" value="h" <%if request.querystring("cat") = "h" then response.write("selected") %>></option>
        <option class="group" label="Scanning and digitisation services" value="i" <%if request.querystring("cat") = "i" then response.write("selected") %>></option>
        <option class="group" label="Multimedia editing services" value="j" <%if request.querystring("cat") = "j" then response.write("selected") %>></option>
      </select>
    </p>
    <input type="submit" value="Search" />
  </form>
  <br /><hr />

    <table style="font-size:.9em;" class="contentTable">
          <tr>
                <th>ABN:</th>
                <th>Company Name:</td>
          </tr>
  <% con.Movefirst() %>
  <% while (NOT con.EOF) %>
          <tr>
                <td width="120px"><%=con("abn")%></th>
                <td><a href="dbcomp.htm?abn=<%=con("abn")%>&cat=all"><%=con("legal")%></a></td>
          </tr>
  <%
    con.MoveNext()
    Wend
  %>
</table>

</div>
<% else %>
    <% scon.Movefirst() %>
  <form action="dbinstant.htm" method="get">

      <p>Company name:2<br/>
      <select id="abn" name="abn">
        <option label="All companies" value="all" <%if request.querystring("abn") = "all" then response.write("selected") %>></option>
        <%if request.querystring("abn") = "all" then 
        response.write("")
        else
        response.write("<option label='")%><%=lcon("legal")%><%response.write("' value='")%><%=(src_abn)%><%response.write("' selected></option>'")
        end if %>

        <% while (NOT scon.EOF) %>
        <option label="<%=scon("legal")%>" value="<%=scon("abn")%>" <%if request.querystring("abn") = "response.write(src_abn)" then 
        response.write("selected") 
        end if %>></option>
        <%scon.MoveNext()
                          Wend %>
      </select>
      </p>
     <p>Categories for Creative Design:<br/>
      <select id="cat" name="cat">
        <option class="group" label="All categories" value="all" <%if request.querystring("cat") = "all" then response.write("selected") %>></option>
        <option class="group" label="Strategic brand, marketing and communications advice" value="a" <%if request.querystring("cat") = "a" then response.write("selected") %>></option>
        <option class="group" label="Graphic design and layout" value="b" <%if request.querystring("cat") = "b" then response.write("selected") %>></option>
        <option class="group" label="Forms design" value="c" <%if request.querystring("cat") = "c" then response.write("selected") %>></option>
        <option class="group" label="Web design and development" value="d" <%if request.querystring("cat") = "d" then response.write("selected") %>></option>
        <option class="group" label="Authoring services" value="e" <%if request.querystring("cat") = "e" then response.write("selected") %>></option>
        <option class="group" label="Editorial services" value="f" <%if request.querystring("cat") = "f" then response.write("selected") %>></option>
        <option class="group" label="Translation services" value="g" <%if request.querystring("cat") = "g" then response.write("selected") %>></option>
        <option class="group" label="Photography and film services" value="h" <%if request.querystring("cat") = "h" then response.write("selected") %>></option>
        <option class="group" label="Scanning and digitisation services" value="i" <%if request.querystring("cat") = "i" then response.write("selected") %>></option>
        <option class="group" label="Multimedia editing services" value="j" <%if request.querystring("cat") = "j" then response.write("selected") %>></option>
      </select>
    </p>
    <input type="submit" value="Search" />
  </form>
  <br /><hr />
<p>No records match your query.</p>
<p><a href="dbtest.htm">Return to search page</a></p>
<%
  end if
  con.close
%>


<!-- End of main content -->
</div> <!-- end contentPad div -->
</div> <!-- end twocolumncontent div -->
<div class="twoColumnLinks">

<!--<div class="relatedLinks">
<h3>Related Links</h3>
<ul>
<li><a href="/index.htm">Related link 1</a></li>
</ul>
</div>--> <!-- end relatedlinks div -->
<!--#INCLUDE VIRTUAL="/_lib/include/quicklinks.htm"-->
<!--#INCLUDE VIRTUAL="/_lib/include/mylinks.htm"-->
</div> <!-- end twocolumnlinks div -->
</div> <!-- end twocolumnrow div -->
<!--#INCLUDE VIRTUAL="/_lib/include/footer.htm"-->
4

1 回答 1

3

尝试更改con.BOFcon.EOF.

除此之外,您的代码中存在严重的 SQL 注入漏洞。我希望你知道这一点:-)

例如,你想改变这样的事情

conDB = "SELECT * FROM cont.csv WHERE ucase(abn) LIKE ucase('%"+src_abn+"%')"

进入那个

conDB = "SELECT * FROM cont.csv WHERE ucase(abn) LIKE ucase('%"+ Replace(src_abn, "'", "''") + "%')"

从这些开始:

  1. 经典 ASP SQL 注入保护
  2. 防止 ASP 中的 SQL 注入
  3. 从经典 ASP 过滤 SQL 注入
于 2013-01-10T22:42:47.093 回答