程序代码：

'防范get注入 
If Request.QueryString <> ""  Then StopInjection(Request.QueryString) 
'防范post注入 
If Request.Form <> ""  Then StopInjection(Request.Form) 
'防范cookies注入 
If Request.Cookies <> ""  Then StopInjection(Request.Cookies) 
'正则子函数 
Function StopInjection(Values) 
    Dim regEx 
    Set regEx = New RegExp 
    regEx.IgnoreCase = True 
    regEx.Global = True 
    regEx.Pattern = "'|;|([\s\b+()]+([email=select%7Cupdate%7Cinsert%7Cdelete%7Cdeclare%7C@%7Cexec%7Cdbcc%7Calter%7Cdrop%7Ccreate%7Cbackup%7Cif%7Celse%7Cend%7Cand%7Cor%7Cadd%7Cset%7Copen%7Cclose%7Cuse%7Cbegin%7Cretun%7Cas%7Cgo%7Cexists)[/s/b]select|update|insert|delete|declare|@|exec|dbcc|alter|drop|create|backup|if|else|end|and|or|add|set|open|close|use|begin|retun|as|go|exists)[\s\b[/email]+]*)" 
    Dim sItem, sValue 
    For Each sItem In Values 
        sValue = Values(sItem) 
        If regEx.Test(sValue) Then 
            Response.Write "<Script Language=javascript>alert('非法注入！你的行为已被记录！！');history.back(-1);</Script>" 
            Response.End 
        End If 
    Next 
    Set regEx = Nothing 
End function