<%
'-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
' Loja Exemplo Locaweb
' Versão: 6.5
' Data: 12/09/06
' Arquivo: funcoes_valida.asp
' Versão do arquivo: 0.0
' Data da ultima atualização: 16/10/08
'
'-----------------------------------------------------------------------------
' Licença Código Livre: http://comercio.locaweb.com.br/gpl/gpl.txt
'-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
'##########################################################################################################
'SUB Valida_Request
' - Verifica se os valores postados não possuem informações que podem causar danos ao banco de dados
'##########################################################################################################
Sub Valida_Request()
Set objRegExpr = New RegExp
objRegExpr.Global = True
objRegExpr.IgnoreCase = True
objRegExpr.Pattern = "([\s]*(insert|update|cast|exec|set|upload|delete|drop|select|create|information_schema)[\s])|(""|'|;)"
For Each obj In Request.Form
If objRegExpr.Test(Request.Form(obj)) Then
Response.Write "A palavra ou caracter "& Request.Form(obj) &" é invalido para o Campo " & obj & " favor substituí-lo ou retirá-lo.
CLIQUE AQUI PARA VOLTAR "
Response.End
End If
Next
For Each obj In Request.QueryString
If objRegExpr.Test(Request.QueryString(obj)) Then
Response.Write "A palavra ou caracter "& Request.Form(obj) &" é invalido para o Campo " & obj & " favor substituí-lo ou retirá-lo.
CLIQUE AQUI PARA VOLTAR "
Response.End
End If
Next
Set objRegExpr = Nothing
End Sub
'########################################################################################################
'--> FIM SUB Valida_Request
'########################################################################################################
'========================================================================================================
'########################################################################################################
'SUB Valida_RequestCarrinho
' - Verifica se os valores postados não possuem informações que podem causar danos ao banco de dados
'##########################################################################################################
Sub Valida_RequestCarrinho()
Set objRegExpr = New RegExp
objRegExpr.Global = True
objRegExpr.IgnoreCase = True
objRegExpr.Pattern = """|'|;"
For Each obj In Request.Form
If objRegExpr.Test(Request.Form(obj)) Then
Response.Write "A palavra ou caracter "& Request.Form(obj) &" é invalido para o Campo " & obj & " favor substituí-lo ou retirá-lo.
CLIQUE AQUI PARA VOLTAR "
Response.End
End If
Next
For Each obj In Request.QueryString
If objRegExpr.Test(Request.QueryString(obj)) Then
Response.Write "A palavra ou caracter "& Request.Form(obj) &" é invalido para o Campo " & obj & " favor substituí-lo ou retirá-lo.
CLIQUE AQUI PARA VOLTAR "
Response.End
End If
Next
Set objRegExpr = Nothing
End Sub
'########################################################################################################
'--> FIM SUB Valida_RequestCarrinho
'########################################################################################################
%>