1、通过HttpModule防止SQL注入式攻击,适用于.net1.1程序
(1)新建类文件SqlHttpModule.cs,具体代码类似如下:
SqlHttpModule.cs
using
System;
using System.Data;
using System.Configuration;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.HtmlControls;
using System.Text.RegularExpressions;
namespace HttpModule.Class
{
/// <summary>
/// SqlInPost 的摘要说明
/// </summary>
public class SqlHttpModule : System.Web.IHttpModule
{
public SqlHttpModule()
{
}
public void Dispose()
{
}
public void Init(HttpApplication context)
{
context.AcquireRequestState += new EventHandler(context_AcquireRequestState);
}
private void context_AcquireRequestState( object sender, EventArgs e)
{
HttpContext context = ((HttpApplication)sender).Context;
try
{
string getkeys = string .Empty;
string keyvalue = string .Empty;
string strErrorAlertScript = " <script type=\"text/javascript\">alert('字符串格式非法,请重新输入!');history.go(-1);</script> " ;
string requestUrl = context.Request.Path.ToString();
#region URL提交数据
if (context.Request.QueryString != null )
{
for ( int i = 0 ; i < context.Request.QueryString.Count; i ++ )
{
getkeys = context.Request.QueryString.Keys[i];
keyvalue = context.Server.UrlDecode(context.Request.QueryString[getkeys]).Replace( " ' " , "" );
if ( ! IsSafeString(keyvalue))
{
context.Response.Write(strErrorAlertScript);
context.Response.End();
break ;
}
}
}
#endregion
#region 表单提交数据
if (context.Request.Form != null )
{
for ( int i = 0 ; i < context.Request.Form.Count; i ++ )
{
getkeys = context.Request.Form.Keys[i].ToUpper();
if (getkeys == " __VIEWSTATE " || getkeys == " __EVENTARGUMENT " || getkeys == " __EVENTTARGET " || getkeys == " __CLIENTPOSTDATA__ " ) continue ;
keyvalue = context.Server.HtmlDecode(context.Request.Form[i]).Replace( " ' " , "" );
if ( ! IsSafeString(keyvalue))
{
context.Response.Write(strErrorAlertScript);
context.Response.End();
break ;
}
}
}
#endregion
}
catch (Exception ex)
{
}
}
// 判断是否为安全字符串
public bool IsSafeString( string strText)
{
bool bResult = true ;
// strText = Regex.Replace(strText, "[\\s]{1,}", ""); // two or more spaces
strText = Regex.Replace(strText, " (<[b|B][r|R]/*>)+|(<[p|P](.|\\n)*?>) " , " \n " ); // <br>
string FilterSql = System.Configuration.ConfigurationSettings.AppSettings[ " SqlHttpModule_KeyWord " ]; // 将关键词组配置在webconfig中
if (FilterSql == null || FilterSql == "" )
{
string [] UnSafeArray = new string [ 23 ];
UnSafeArray[ 0 ] = " ' " ;
UnSafeArray[ 1 ] = " xp_cmdshell " ;
UnSafeArray[ 2 ] = " declare " ;
UnSafeArray[ 3 ] = " netlocalgroupadministrators " ;
UnSafeArray[ 4 ] = " delete " ;
UnSafeArray[ 5 ] = " truncate " ;
UnSafeArray[ 6 ] = " netuser " ;
UnSafeArray[ 7 ] = " /add " ;
UnSafeArray[ 8 ] = " drop " ;
UnSafeArray[ 9 ] = " update " ;
UnSafeArray[ 10 ] = " select " ;
UnSafeArray[ 11 ] = " union " ;
UnSafeArray[ 12 ] = " exec " ;
UnSafeArray[ 13 ] = " create " ;
UnSafeArray[ 14 ] = " insertinto " ;
UnSafeArray[ 15 ] = " sp_ " ;
UnSafeArray[ 16 ] = " exec " ;
UnSafeArray[ 17 ] = " create " ;
UnSafeArray[ 18 ] = " insert " ;
UnSafeArray[ 19 ] = " masterdbo " ;
UnSafeArray[ 20 ] = " sp_ " ;
UnSafeArray[ 21 ] = " ;-- " ;
UnSafeArray[ 22 ] = " 1= " ;
foreach ( string strValue in UnSafeArray)
{
if (strText.ToLower().IndexOf(strValue) > - 1 )
{
bResult = false ;
break ;
}
}
}
else
{
string sqlStr = FilterSql;
string [] sqlStrs = sqlStr.Split( ' | ' );
foreach ( string ss in sqlStrs)
{
if (strText.ToLower().IndexOf(ss) >= 0 )
{
bResult = false ;
break ;
}
}
}
return bResult;
}
}
}
using System.Data;
using System.Configuration;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.HtmlControls;
using System.Text.RegularExpressions;
namespace HttpModule.Class
{
/// <summary>
/// SqlInPost 的摘要说明
/// </summary>
public class SqlHttpModule : System.Web.IHttpModule
{
public SqlHttpModule()
{
}
public void Dispose()
{
}
public void Init(HttpApplication context)
{
context.AcquireRequestState += new EventHandler(context_AcquireRequestState);
}
private void context_AcquireRequestState( object sender, EventArgs e)
{
HttpContext context = ((HttpApplication)sender).Context;
try
{
string getkeys = string .Empty;
string keyvalue = string .Empty;
string strErrorAlertScript = " <script type=\"text/javascript\">alert('字符串格式非法,请重新输入!');history.go(-1);</script> " ;
string requestUrl = context.Request.Path.ToString();
#region URL提交数据
if (context.Request.QueryString != null )
{
for ( int i = 0 ; i < context.Request.QueryString.Count; i ++ )
{
getkeys = context.Request.QueryString.Keys[i];
keyvalue = context.Server.UrlDecode(context.Request.QueryString[getkeys]).Replace( " ' " , "" );
if ( ! IsSafeString(keyvalue))
{
context.Response.Write(strErrorAlertScript);
context.Response.End();
break ;
}
}
}
#endregion
#region 表单提交数据
if (context.Request.Form != null )
{
for ( int i = 0 ; i < context.Request.Form.Count; i ++ )
{
getkeys = context.Request.Form.Keys[i].ToUpper();
if (getkeys == " __VIEWSTATE " || getkeys == " __EVENTARGUMENT " || getkeys == " __EVENTTARGET " || getkeys == " __CLIENTPOSTDATA__ " ) continue ;
keyvalue = context.Server.HtmlDecode(context.Request.Form[i]).Replace( " ' " , "" );
if ( ! IsSafeString(keyvalue))
{
context.Response.Write(strErrorAlertScript);
context.Response.End();
break ;
}
}
}
#endregion
}
catch (Exception ex)
{
}
}
// 判断是否为安全字符串
public bool IsSafeString( string strText)
{
bool bResult = true ;
// strText = Regex.Replace(strText, "[\\s]{1,}", ""); // two or more spaces
strText = Regex.Replace(strText, " (<[b|B][r|R]/*>)+|(<[p|P](.|\\n)*?>) " , " \n " ); // <br>
string FilterSql = System.Configuration.ConfigurationSettings.AppSettings[ " SqlHttpModule_KeyWord " ]; // 将关键词组配置在webconfig中
if (FilterSql == null || FilterSql == "" )
{
string [] UnSafeArray = new string [ 23 ];
UnSafeArray[ 0 ] = " ' " ;
UnSafeArray[ 1 ] = " xp_cmdshell " ;
UnSafeArray[ 2 ] = " declare " ;
UnSafeArray[ 3 ] = " netlocalgroupadministrators " ;
UnSafeArray[ 4 ] = " delete " ;
UnSafeArray[ 5 ] = " truncate " ;
UnSafeArray[ 6 ] = " netuser " ;
UnSafeArray[ 7 ] = " /add " ;
UnSafeArray[ 8 ] = " drop " ;
UnSafeArray[ 9 ] = " update " ;
UnSafeArray[ 10 ] = " select " ;
UnSafeArray[ 11 ] = " union " ;
UnSafeArray[ 12 ] = " exec " ;
UnSafeArray[ 13 ] = " create " ;
UnSafeArray[ 14 ] = " insertinto " ;
UnSafeArray[ 15 ] = " sp_ " ;
UnSafeArray[ 16 ] = " exec " ;
UnSafeArray[ 17 ] = " create " ;
UnSafeArray[ 18 ] = " insert " ;
UnSafeArray[ 19 ] = " masterdbo " ;
UnSafeArray[ 20 ] = " sp_ " ;
UnSafeArray[ 21 ] = " ;-- " ;
UnSafeArray[ 22 ] = " 1= " ;
foreach ( string strValue in UnSafeArray)
{
if (strText.ToLower().IndexOf(strValue) > - 1 )
{
bResult = false ;
break ;
}
}
}
else
{
string sqlStr = FilterSql;
string [] sqlStrs = sqlStr.Split( ' | ' );
foreach ( string ss in sqlStrs)
{
if (strText.ToLower().IndexOf(ss) >= 0 )
{
bResult = false ;
break ;
}
}
}
return bResult;
}
}
}
(2)在web.config文件中做以下配置
</system.web>
<httpModules>
<add name="SqlHttpModule" type="HttpModule.Class.SqlHttpModule, HttpModule" />
</httpModules>
</system.web>
2、通过httpHandlers防止SQL注入式攻击,适用于.net2.0及以上程序
(1)新建类文件SqlhttpHandlers.cs,具体代码类似如下:
SqlhttpHandlers.cs
using
System;
using System.Data;
using System.Configuration;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
using System.Text.RegularExpressions;
using System.Collections.Specialized;
namespace httpHandlers
{
/// <summary>
/// SqlInPost 的摘要说明
/// </summary>
public class SqlhttpHandlers : IHttpHandlerFactory
{
public SqlhttpHandlers()
{
//
// TODO: 在此处添加构造函数逻辑
//
}
public virtual IHttpHandler GetHandler(HttpContext context, string requestType, string url, string pathTranslated)
{
// 得到编译实例(通过反射)
PageHandlerFactory factory = (PageHandlerFactory)Activator.CreateInstance( typeof (PageHandlerFactory), true );
IHttpHandler handler = factory.GetHandler(context, requestType, url, pathTranslated);
// 过滤字符串
if (requestType == " POST " )
{
Page page = handler as Page;
if (page != null )
page.PreLoad += new EventHandler(FormFilterStrFactoryHandler_PreLoad);
}
if (requestType == " GET " )
{
Page page = handler as Page;
if (page != null )
page.PreLoad += new EventHandler(RequestFilterStrFactoryRHandler_PreLoad);
}
// 返回
return handler;
}
public virtual void ReleaseHandler(IHttpHandler handler)
{
}
/// <summary>
/// 过滤TextBox、Input和Textarea中非法字符
/// </summary>
/// <param name="sender"></param>
/// <param name="e"></param>
void FormFilterStrFactoryHandler_PreLoad( object sender, EventArgs e)
{
try
{
bool isSafe = true ;
Page page = sender as Page;
NameValueCollection postData = page.Request.Form;
foreach ( string postKey in postData)
{
Control ctl = page.FindControl(postKey);
if (ctl as TextBox != null )
{
((TextBox)ctl).Text = ((TextBox)ctl).Text.Replace( " ' " , " ' " );
string strValue = ((TextBox)ctl).Text.Trim();
if ( ! IsSafeString(strValue))
{
isSafe = false ;
break ;
}
continue ;
}
if (ctl as HtmlInputControl != null )
{
((HtmlInputControl)ctl).Value = ((HtmlInputControl)ctl).Value.Replace( " ' " , " ' " );
string strValue = ((HtmlInputControl)ctl).Value.Trim();
if ( ! IsSafeString(strValue))
{
isSafe = false ;
break ;
}
continue ;
}
if (ctl as HtmlTextArea != null )
{
((HtmlTextArea)ctl).Value = ((HtmlTextArea)ctl).Value.Replace( " ' " , " ' " );
string strValue = ((HtmlTextArea)ctl).Value.Trim();
if ( ! IsSafeString(strValue))
{
isSafe = false ;
break ;
}
continue ;
}
}
if ( ! isSafe)
{
page.Response.Write( " <b><font color='red' font-size=12pt>字符串格式非法!</font></b> " );
page.Response.End();
}
}
catch (Exception ex)
{
string a = ex.Message;
}
}
/// <summary>
/// 过滤QueryString 中的非法字符串
/// </summary>
/// <param name="sender"></param>
/// <param name="e"></param>
protected void RequestFilterStrFactoryRHandler_PreLoad( object sender, EventArgs e)
{
try
{
Page page = sender as Page;
NameValueCollection QueryNV = page.Request.QueryString;
bool isSafe = true ;
for ( int i = 0 ; i < QueryNV.Count; i ++ )
{
if ( ! IsSafeString(QueryNV.Get(i)))
{
isSafe = false ;
break ;
}
}
if ( ! isSafe)
{
page.Response.Write( " <b><font color='red' font-size=12pt>字符串格式非法!</font></b> " );
page.Response.End();
}
}
catch { }
}
// 判断是否为安全字符串
public bool IsSafeString( string strText)
{
bool bResult = true ;
strText = Regex.Replace(strText, " [\\s]{1,} " , "" ); // two or more spaces
strText = Regex.Replace(strText, " (<[b|B][r|R]/*>)+|(<[p|P](.|\\n)*?>) " , " \n " ); // <br>
string [] UnSafeArray = new string [ 23 ];
UnSafeArray[ 0 ] = " ' " ;
UnSafeArray[ 1 ] = " xp_cmdshell " ;
UnSafeArray[ 2 ] = " declare " ;
UnSafeArray[ 3 ] = " netlocalgroupadministrators " ;
UnSafeArray[ 4 ] = " delete " ;
UnSafeArray[ 5 ] = " truncate " ;
UnSafeArray[ 6 ] = " netuser " ;
UnSafeArray[ 7 ] = " /add " ;
UnSafeArray[ 8 ] = " drop " ;
UnSafeArray[ 9 ] = " update " ;
UnSafeArray[ 10 ] = " select " ;
UnSafeArray[ 11 ] = " union " ;
UnSafeArray[ 12 ] = " exec " ;
UnSafeArray[ 13 ] = " create " ;
UnSafeArray[ 14 ] = " insertinto " ;
UnSafeArray[ 15 ] = " sp_ " ;
UnSafeArray[ 16 ] = " exec " ;
UnSafeArray[ 17 ] = " create " ;
UnSafeArray[ 18 ] = " insertinto " ;
UnSafeArray[ 19 ] = " masterdbo " ;
UnSafeArray[ 20 ] = " sp_ " ;
UnSafeArray[ 21 ] = " ;-- " ;
UnSafeArray[ 22 ] = " 1= " ;
foreach ( string strValue in UnSafeArray)
{
if (strText.ToLower().IndexOf(strValue) > - 1 )
{
bResult = false ;
break ;
}
}
return bResult;
}
}
}
using System.Data;
using System.Configuration;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
using System.Text.RegularExpressions;
using System.Collections.Specialized;
namespace httpHandlers
{
/// <summary>
/// SqlInPost 的摘要说明
/// </summary>
public class SqlhttpHandlers : IHttpHandlerFactory
{
public SqlhttpHandlers()
{
//
// TODO: 在此处添加构造函数逻辑
//
}
public virtual IHttpHandler GetHandler(HttpContext context, string requestType, string url, string pathTranslated)
{
// 得到编译实例(通过反射)
PageHandlerFactory factory = (PageHandlerFactory)Activator.CreateInstance( typeof (PageHandlerFactory), true );
IHttpHandler handler = factory.GetHandler(context, requestType, url, pathTranslated);
// 过滤字符串
if (requestType == " POST " )
{
Page page = handler as Page;
if (page != null )
page.PreLoad += new EventHandler(FormFilterStrFactoryHandler_PreLoad);
}
if (requestType == " GET " )
{
Page page = handler as Page;
if (page != null )
page.PreLoad += new EventHandler(RequestFilterStrFactoryRHandler_PreLoad);
}
// 返回
return handler;
}
public virtual void ReleaseHandler(IHttpHandler handler)
{
}
/// <summary>
/// 过滤TextBox、Input和Textarea中非法字符
/// </summary>
/// <param name="sender"></param>
/// <param name="e"></param>
void FormFilterStrFactoryHandler_PreLoad( object sender, EventArgs e)
{
try
{
bool isSafe = true ;
Page page = sender as Page;
NameValueCollection postData = page.Request.Form;
foreach ( string postKey in postData)
{
Control ctl = page.FindControl(postKey);
if (ctl as TextBox != null )
{
((TextBox)ctl).Text = ((TextBox)ctl).Text.Replace( " ' " , " ' " );
string strValue = ((TextBox)ctl).Text.Trim();
if ( ! IsSafeString(strValue))
{
isSafe = false ;
break ;
}
continue ;
}
if (ctl as HtmlInputControl != null )
{
((HtmlInputControl)ctl).Value = ((HtmlInputControl)ctl).Value.Replace( " ' " , " ' " );
string strValue = ((HtmlInputControl)ctl).Value.Trim();
if ( ! IsSafeString(strValue))
{
isSafe = false ;
break ;
}
continue ;
}
if (ctl as HtmlTextArea != null )
{
((HtmlTextArea)ctl).Value = ((HtmlTextArea)ctl).Value.Replace( " ' " , " ' " );
string strValue = ((HtmlTextArea)ctl).Value.Trim();
if ( ! IsSafeString(strValue))
{
isSafe = false ;
break ;
}
continue ;
}
}
if ( ! isSafe)
{
page.Response.Write( " <b><font color='red' font-size=12pt>字符串格式非法!</font></b> " );
page.Response.End();
}
}
catch (Exception ex)
{
string a = ex.Message;
}
}
/// <summary>
/// 过滤QueryString 中的非法字符串
/// </summary>
/// <param name="sender"></param>
/// <param name="e"></param>
protected void RequestFilterStrFactoryRHandler_PreLoad( object sender, EventArgs e)
{
try
{
Page page = sender as Page;
NameValueCollection QueryNV = page.Request.QueryString;
bool isSafe = true ;
for ( int i = 0 ; i < QueryNV.Count; i ++ )
{
if ( ! IsSafeString(QueryNV.Get(i)))
{
isSafe = false ;
break ;
}
}
if ( ! isSafe)
{
page.Response.Write( " <b><font color='red' font-size=12pt>字符串格式非法!</font></b> " );
page.Response.End();
}
}
catch { }
}
// 判断是否为安全字符串
public bool IsSafeString( string strText)
{
bool bResult = true ;
strText = Regex.Replace(strText, " [\\s]{1,} " , "" ); // two or more spaces
strText = Regex.Replace(strText, " (<[b|B][r|R]/*>)+|(<[p|P](.|\\n)*?>) " , " \n " ); // <br>
string [] UnSafeArray = new string [ 23 ];
UnSafeArray[ 0 ] = " ' " ;
UnSafeArray[ 1 ] = " xp_cmdshell " ;
UnSafeArray[ 2 ] = " declare " ;
UnSafeArray[ 3 ] = " netlocalgroupadministrators " ;
UnSafeArray[ 4 ] = " delete " ;
UnSafeArray[ 5 ] = " truncate " ;
UnSafeArray[ 6 ] = " netuser " ;
UnSafeArray[ 7 ] = " /add " ;
UnSafeArray[ 8 ] = " drop " ;
UnSafeArray[ 9 ] = " update " ;
UnSafeArray[ 10 ] = " select " ;
UnSafeArray[ 11 ] = " union " ;
UnSafeArray[ 12 ] = " exec " ;
UnSafeArray[ 13 ] = " create " ;
UnSafeArray[ 14 ] = " insertinto " ;
UnSafeArray[ 15 ] = " sp_ " ;
UnSafeArray[ 16 ] = " exec " ;
UnSafeArray[ 17 ] = " create " ;
UnSafeArray[ 18 ] = " insertinto " ;
UnSafeArray[ 19 ] = " masterdbo " ;
UnSafeArray[ 20 ] = " sp_ " ;
UnSafeArray[ 21 ] = " ;-- " ;
UnSafeArray[ 22 ] = " 1= " ;
foreach ( string strValue in UnSafeArray)
{
if (strText.ToLower().IndexOf(strValue) > - 1 )
{
bResult = false ;
break ;
}
}
return bResult;
}
}
}
(2)在web.config文件中做以下配置
</system.web>
<httpHandlers>
<add verb="*" path="*.aspx" type="httpHandlers.SqlhttpHandlers, httpHandlers"/>
</httpHandlers>
</system.web>