如果要确保信息是从本站点提交而来,而不是从其他站点提交过来的信息,可以对来源网址进行如下验证。
' 确定是本站点提交的信息
Public Function IsValidSource(ByRef sReferer)
Dim s
s = Trim(sReferer)
If Len(s) <= 0 Then
IsValidSource = False
Else
If Left(s, 7) <> "http://" Then
s = "http://" & s
End If
IsValidSource = InStr(1, s, GetBaseUrl()) > 0
End If
End Function
' 确定基准URL
Public Function GetBaseUrl()
Dim sServerName, sAPPL_MD_Path
sServerName = Trim(LCase(Request.ServerVariables("SERVER_NAME")))
sAPPL_MD_Path = Trim(LCase(Request.ServerVariables("APPL_MD_PATH")))
If Right(sAPPL_MD_Path, 1) <> "/" Then
sAPPL_MD_Path = sAPPL_MD_Path & "/"
End If
' 后面带有"/"
GetBaseUrl = "http://" & sServerName & "/" & Right(sAPPL_MD_Path, Len(sAPPL_MD_Path) - InStrRev(sAPPL_MD_Path, "root") - Len("root"))
End Function