コード例 #1
0
        private void processBlackListAndLog()
        {
            string[] array = "and|exec|insert|select|delete|update|chr|truncate|char|declare".ToUpper().Split(new char[]
            {
                '|'
            });
            for (int i = 0; i < array.Length; i++)
            {
                string value = array[i];
                if (base.Request.QueryString.ToString().ToUpper().IndexOf(value) >= 0)
                {
                    base.Response.End();
                }
            }
            if (this._session != null)
            {
                switch (this._session.BlockType)
                {
                case BlockType.Deny:
                    base.Response.End();
                    return;

                case BlockType.NoLog:
                    break;

                case BlockType.NoBlock:
                    if (this.WriteLog)
                    {
                        LogService.AppendSysLog(this._session.ClientIP, this.Page.Request.RequestType, "WEB_SERVICE", this._session.ClientID, this._session.SessionID, this._session.AccountID, this.Page.Request.Url.Query, this.Page.Request.Url.AbsolutePath);
                    }
                    break;

                default:
                    return;
                }
            }
        }