dcovington
/
asp-classic-unified-framework
1
0
Rozštěpit 0
Zdrojový kód Úkoly 0 Požadavky na natažení 0 Vydání 0 Wiki Aktivita
Consolidated ASP Classic MVC framework from best components
Nelze vybrat více než 25 témat Téma musí začínat písmenem nebo číslem, může obsahovat pomlčky („-“) a může být dlouhé až 35 znaků.
5 Revize
1 Větev
207KB
Strom: 27e1b5a927
Větve Značky
${ item.name }
Vytvořit větev ${ searchTerm }
z „27e1b5a927“
${ noResults }
asp-classic-unified-framework/core/lib.ControllerRegistry.asp

114 řádky
4.7KB
Surový Blame Historie 

  1. <%

  2. '=======================================================================================================================

  3. ' Controller Registry

  4. ' Provides a whitelist of valid controllers to prevent code injection attacks

  5. '=======================================================================================================================

  6. 

  7. Class ControllerRegistry_Class

  8.     Private m_controllers

  9. 

  10.     Private Sub Class_Initialize()

  11.         Set m_controllers = Server.CreateObject("Scripting.Dictionary")

  12.         m_controllers.CompareMode = 1 ' vbTextCompare for case-insensitive

  13. 

  14.         ' Register all valid controllers here

  15.         ' Format: m_controllers.Add "controllername", True

  16.         RegisterController "homecontroller"

  17.         RegisterController "errorcontroller"

  18.         RegisterController "territorycontroller"

  19.         RegisterController "householdcontroller"

  20.         RegisterController "householdernamecontroller"

  21.     End Sub

  22. 

  23.     Private Sub Class_Terminate()

  24.         Set m_controllers = Nothing

  25.     End Sub

  26. 

  27.     '---------------------------------------------------------------------------------------------------------------------

  28.     ' Register a controller as valid

  29.     '---------------------------------------------------------------------------------------------------------------------

  30.     Public Sub RegisterController(controllerName)

  31.         Dim key : key = LCase(Trim(controllerName))

  32.         If Not m_controllers.Exists(key) Then

  33.             m_controllers.Add key, True

  34.         End If

  35.     End Sub

  36. 

  37.     '---------------------------------------------------------------------------------------------------------------------

  38.     ' Check if a controller is registered (valid)

  39.     '---------------------------------------------------------------------------------------------------------------------

  40.     Public Function IsValidController(controllerName)

  41.         Dim key : key = LCase(Trim(controllerName))

  42.         IsValidController = m_controllers.Exists(key)

  43.     End Function

  44. 

  45.     '---------------------------------------------------------------------------------------------------------------------

  46.     ' Get list of all registered controllers

  47.     '---------------------------------------------------------------------------------------------------------------------

  48.     Public Function GetRegisteredControllers()

  49.         GetRegisteredControllers = m_controllers.Keys()

  50.     End Function

  51. 

  52.     '---------------------------------------------------------------------------------------------------------------------

  53.     ' Validate controller name format (alphanumeric and underscore only)

  54.     '---------------------------------------------------------------------------------------------------------------------

  55.     Public Function IsValidControllerFormat(controllerName)

  56.         If IsEmpty(controllerName) Or Len(controllerName) = 0 Then

  57.             IsValidControllerFormat = False

  58.             Exit Function

  59.         End If

  60. 

  61.         Dim i, ch

  62.         For i = 1 To Len(controllerName)

  63.             ch = Mid(controllerName, i, 1)

  64.             ' Allow a-z, A-Z, 0-9, and underscore

  65.             If Not ((ch >= "a" And ch <= "z") Or _

  66.                     (ch >= "A" And ch <= "Z") Or _

  67.                     (ch >= "0" And ch <= "9") Or _

  68.                     ch = "_") Then

  69.                 IsValidControllerFormat = False

  70.                 Exit Function

  71.             End If

  72.         Next

  73. 

  74.         IsValidControllerFormat = True

  75.     End Function

  76. 

  77.     '---------------------------------------------------------------------------------------------------------------------

  78.     ' Validate action name format (alphanumeric and underscore only)

  79.     '---------------------------------------------------------------------------------------------------------------------

  80.     Public Function IsValidActionFormat(actionName)

  81.         If IsEmpty(actionName) Or Len(actionName) = 0 Then

  82.             IsValidActionFormat = False

  83.             Exit Function

  84.         End If

  85. 

  86.         Dim i, ch

  87.         For i = 1 To Len(actionName)

  88.             ch = Mid(actionName, i, 1)

  89.             ' Allow a-z, A-Z, 0-9, and underscore

  90.             If Not ((ch >= "a" And ch <= "z") Or _

  91.                     (ch >= "A" And ch <= "Z") Or _

  92.                     (ch >= "0" And ch <= "9") Or _

  93.                     ch = "_") Then

  94.                 IsValidActionFormat = False

  95.                 Exit Function

  96.             End If

  97.         Next

  98. 

  99.         IsValidActionFormat = True

  100.     End Function

  101. 

  102. End Class

  103. 

  104. ' Singleton instance

  105. Dim ControllerRegistry_Class__Singleton

  106. Function ControllerRegistry()

  107.     If IsEmpty(ControllerRegistry_Class__Singleton) Then

  108.         Set ControllerRegistry_Class__Singleton = New ControllerRegistry_Class

  109.     End If

  110.     Set ControllerRegistry = ControllerRegistry_Class__Singleton

  111. End Function

  112. 

  113. %>

Powered by TurnKey Linux.