行加密命令 : screnc c:\backiis\test.asp c:\backiis\testenc.asp
在 testenc.asp中保存加密后代码,代码如下:
<%# @~ ^IQAAAA==7@# @& 7“+ kwW/? ? MkO+ ,Jq+ 2c*+ E@# @& YQcAAA==^#~ @% >
将 test.asp文件保存到另外一台机器上, Client端可以正常访问 testenc.asp(访问是透明的,就像访问 test.asp一样 ),但无论 Server端和 Client端都无法查看 test.asp脚本源代码。
●将 ASP中的关键功能制作成动态链接库,部分隐藏 ASP脚本源代码
在
VB 6.0中建立一个 ActiveX dll工程(设置工程名: Example,类名: GerRec)。在菜单中选择“工程”,然后选择引用“ Microsoft Active Server Pages Object Library”和“ Microsoft ActiveX Data Object 2.0 Library”。输入如下代码:
Private MyScriptingContext As ScriptingContext
Private MyApplication As Application
Private MyRequest As Request
Private MyResponse As Response
Private MyServer As Server
Private MySession As Session
Public Sub OnStartPage(PassedScriptingContext As ScriptingContext)
Set MyScriptingContext = PassedScriptingContext
Set MyApplication = MyScriptingContext.Application
Set MyRequest = MyScriptingContext.Request
Set MyResponse = MyScriptingContext.Response
Set MyServer = MyScriptingContext.Server
Set MySession = MyScriptingContext.Session
End Sub
Public Sub OnEndPage()
Set MyScriptingContext = Nothing
Set MyApplication = Nothing
Set MyRequest = Nothing
Set MyResponse = No
thing
Set MyServer = Nothing
Set MySession = Nothing
End Sub
Public Sub SayTitle(strTitle as string)
MyResponse.Write strTitle
......
End Sub
Public Function GetRecSqlOleDb(strSql As String) As Recordset
’利用 OLEDB打开一个 SQL7.0数据库,返回数据记录
Dim myCnn As Connection
Dim mySet As Recordset
Dim strConnstring As String
Set myCnn = New ADODB.Connection
Set mySet = New ADODB.Recordset
strConnstring=“ Provider=SQLOLEDB.1;Pass
word=1234567;”&“ Persist Security Info=True;User ID=sa;”&“ Initial Catalog=vlog;”&“ Data Source=hplh3;Connect Timeout=15”
myCnn.ConnectionString = strConnstring
myCnn.Open
mySet.ActiveConnection = myCnn
mySet.Open strSql
Set GetRecSqlOleDb = mySet
End Function
编译生成 Example.dll,然后在 InterDev中插入如下代码:
<%
dim MyRec
Set ObjReference=Server.CreateObject
(“ Example.GerRec” )
set MyRec=Server.CreateObject(“ ADODB.Recordset” )
Set MyRec=objReference.GetRecSqlOleDb(“ select* from catalog” )
Response.Write MyRec.fields(0)
% >
在客户端也就是IE访问这个 ASP文件将显示第一条记录的第一个字段内容。该例子通过动态链接库将对数据库的访问隐藏起来,即使有人得到了 ASP源代码,他也不可能通过 ASP源代码得到数据库的用户名和口令,从理论上讲,所有的 ASP源代码都可以用 dll来实现。