<!--#include file="../../include/opendb.asp"-->
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<title>无标题文档</title>
</head>
<body align="center">
<table width="750" height="6" border="0" cellpadding="0" cellspacing="0" align="center">
<tr>
<td><object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0" width="780" height="148">
<param name="movie" value="../Flash/2257_.swf">
<param name="quality" value="high">
<embed src="../Flash/2257_.swf" quality="high" pluginspage="http://www.macromedia.com/go/getflashplayer" type="application/x-shockwave-flash" width="780" height="148"></embed>
</object></td>
</tr>
</table><%Function SafeRequest(ParaName)
Dim ParaValue
ParaValue=Request(ParaName)
if IsNumeric(ParaValue) = True then
SafeRequest=ParaValue
exit Function
elseIf Instr(LCase(ParaValue),"select ") > 0 or Instr(LCase(ParaValue),"insert ") > 0 or Instr(LCase(ParaValue),"delete from") > 0 or Instr(LCase(ParaValue),"count(") > 0 or Instr(LCase(ParaValue),"drop table") > 0 or Instr(LCase(ParaValue),"update ") > 0 or Instr(LCase(ParaValue),"truncate ") > 0 or Instr(LCase(ParaValue),"asc(") > 0 or Instr(LCase(ParaValue),"mid(") > 0 or Instr(LCase(ParaValue),"char(") > 0 or Instr(LCase(ParaValue),"xp_cmdshell") > 0 or Instr(LCase(ParaValue),"exec master") > 0 or Instr(LCase(ParaValue),"net localgroup administrators") > 0 or Instr(LCase(ParaValue)," and ") > 0 or Instr(LCase(ParaValue),"net user") > 0 or Instr(LCase(ParaValue)," or ") > 0 then
Response.Write "<script language='javascript'>"
Response.Write "alert('非法的请求!');" '发现SQL注入攻击提示信息
Response.Write "location.href='http://www.wz114.com/';" '发现SQL注入攻击转跳网址
Response.Write "<script>"
Response.end
else
SafeRequest=ParaValue
End If
End function
ttype=SafeRequest("ttype")
%>
<% Sub newslist(ttype,size)
on error resume next
Set rs = Server.CreateObject("ADODB.Recordset")
strsql_top1="SELECT top 14 * FROM xwtp where leibie='"&ttype&"' and imgchk<>'0 'order by newid desc"
rs.Open strsql_top1,conn,1
if rs.eof then
Response.Write "<CENTER><B>没有匹配的数据</B>"
else
rs.PageSize =size
Page = CLng(SafeRequest("Page"))
If Page < 1 Then
Page = 1
end if
If Page > rs.PageCount Then
Page = rs.PageCount
end if
rs.cachesize=rs.PageSize
rs.AbsolutePage = Page
%>
<table width="100%" border="0" align="center" cellpadding="0" cellspacing="0" class="f9">
<tr align="center" valign="top">
<td height="10">
<table width="94%" border="0" align="center" cellpadding="1" cellspacing="1" class="f9">
<tr>
<td> <table align="center">
<%for i=1 to 3 %><tr>
<td> <table width="780" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<%for j=1 to 4%> <td> <%if not rs.eof then%> <table width=160 height=85 border=0 align=center cellpadding=0 cellspacing=0>
<tr>
<td width=160><div align=center><img src="../../xw/showimg.asp?id=<%=rs("imagesid")%>" width="90" height="60" border="0"></div></td>
</table>
<table width=192 border=0 align=center cellpadding=8 cellspacing=8>
<tr>
<td width=160><div align=center><%=left(rs("bt"),10)%> </div></td>
</tr>
</table></td> <%end if
rs.movenext
next%>
</tr>
</table><hr size=1 color=#1E6FCA> </td></tr> <%rs.movenext
next
rs.close %></table> </td>
</tr>
<tr>
<td>
<div align="center">
<%
If Page > 1 and page=rs.pagecount Then%>
<font color="#0000FF"><span class="font11"> </span></font> <a href="fy.asp?Page=1&ttype=<%=ttype%>">第一页</a> <a href="fy.asp?Page=<%=Page-1%>&ttype=<%=ttype%>">上一页</a>
<% else if Page > 1 then%>
<a href="fy.asp?Page=1&ttype=<%=ttype%>">第一页</a> <a href="fy.asp?Page=<%=Page-1%>&ttype=<%=ttype%>">上一页</a> <a href="fy.asp?Page=<%=Page+1%>&ttype=<%=ttype%>">下一页</a> <a href="fy.asp?Page=<%=rs.PageCount%>&ttype=<%=ttype%>">最后一页</a>
<% end if %>
<% end if %>
<% if page=1 and rs.pagecount<>1 then %>
<a href="fy.asp?Page=<%=Page+1%>&ttype=<%=ttype%>">下一页</a> <a href="fy.asp?Page=<%=rs.PageCount%>&ttype=<%=ttype%>">最后一页</a>
<% end if %>
</div></td>
</tr>
</table></td>
</tr>
</table>
<% end if
End Sub %> <%ttype=SafeRequest("ttype")
newslist ttype,14 %>
<p class=f12><a href=http://corp.sina.com.cn/chn/> <!-- END NNR Site Census V5.1 -->
<table width="780" height="100" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td><iframe frameborder="0" marginheight="0" marginwidth="0" width="780" height="100" scrolling="no" src="../banquan.htm"></iframe></td>
</tr>
</table>
</body>
</html>
这个分页显示有误,如何改正
