Asp.net 广告过滤器:删除属性中的空格
我得到了一个vbs asp脚本并使用了这个过滤器Asp.net 广告过滤器:删除属性中的空格,asp.net,vbscript,Asp.net,Vbscript,我得到了一个vbs asp脚本并使用了这个过滤器 strFilter = "(&(objectCategory=person)(objectClass=user)(givenName=" & sFirstName & "*)(sn=" & sLastName & "*)(telephonenumber=*)" 电话号码有空位。我如何修剪空间 谢谢关于这个问题的信息有限,我假设您希望从收到的电话号码结果中去掉空格 或者,如果您想了解有关过滤器更改的更多信息
strFilter = "(&(objectCategory=person)(objectClass=user)(givenName=" & sFirstName & "*)(sn=" & sLastName & "*)(telephonenumber=*)"
谢谢关于这个问题的信息有限,我假设您希望从收到的电话号码结果中去掉空格 或者,如果您想了解有关过滤器更改的更多信息,请查看此处:
Set rootDSE=GetObject(“LDAP://rootDSE”)
base=“”
strFilter=“(&(objectCategory=person)(objectClass=user)(givenName=“&sFirstName&”*)(sn=“&sLastName&”*)(电话号码=*)”
attr=“电话号码”
Set conn=CreateObject(“ADODB.Connection”)
连接提供程序=“ADsDSOObject”
连接打开“Active Directory提供程序”
Set cmd=CreateObject(“ADODB.Command”)
设置cmd.ActiveConnection=conn
cmd.CommandText=base&“;”&fltr&“;”&attr&“;”
设置rs=cmd.Execute
直到R.EOF为止
WScript.Echo替换(rs.Fields(“电话号码”).Value、“”)
下一个
环
rs.Close
<%@ Language="VBScript" %>
<%
' List script
'Option Explicit
%>
<%
response.ContentType="text/xml"
response.Expires = -1
Dim objCon, objCom, objRS
Dim strDNSDomain, strBase, strQuery, strFilter, strAttributes
Dim sFirstName: sFirstName = request.querystring("f")
Dim sLastName: sLastName = request.querystring("l")
Dim sSearchparam: sSearchparam = request.querystring("searchparam")
Dim strPage: strPage = request.querystring("page")
' Define the AD OU that contains our users and filter and attributes
strBase = "<LDAP://server.com/DC=server,DC=com>"
strFilter = "(&(objectCategory=person)(objectClass=user)(givenName=" & sFirstName & "*)(sn=" & sLastName & "*)(telephonenumber=*))"
strAttributes = "givenName,sn,displayName,telephonenumber,mobile,c"
' Make AD connection and run query
Set objCon = Server.CreateObject("ADODB.Connection")
objCon.provider ="ADsDSOObject"
objCon.Properties("User ID") = "DOMAIN\USERNAME"
objCon.Properties("Password") = "PASSWORD"
objCon.Properties("Encrypt Password") = TRUE
objCon.open "Active Directory Provider"
Set objCom = CreateObject("ADODB.Command")
Set objCom.ActiveConnection = objCon
strQuery = strBase & ";" & strFilter & ";" & strAttributes & ";subtree"
objCom.CommandText = strQuery
objCom.Properties("Sort On") = "displayName"
Set objRS = objCom.Execute
''''''''''
' Loop over returned recordset and output HTML
response.write ("<CiscoIPPhoneDirectory>")
response.write ("<Title>Phone Directory</Title><Prompt>Search Results</Prompt>")
'''''
If objRS.RecordCount <=30 then
while not objRS.EOF
response.write ("<DirectoryEntry>")
response.write ("<Name>" & objRS("displayName") & " " & objRS("c") & "</Name>")
response.write ("<Telephone>" & objRS("telephonenumber") & "</Telephone>")
response.write ("</DirectoryEntry>")
objRS.MoveNext
Response.Flush
wend
response.write ("<SoftKeyItem><Name>Dial</Name><URL>SoftKey:Dial</URL><Position>1</Position></SoftKeyItem>")
response.write ("<SoftKeyItem><Name>Exit</Name><URL>SoftKey:Exit</URL><Position>4</Position></SoftKeyItem>")
Else
If strPage = "" then strPage = 1
objRS.absoluteposition = 30 * strPage - 29
For intRecord = 1 to 30
response.write ("<DirectoryEntry>")
response.write ("<Name>" & objRS("displayName") & " " & objRS("c") & "</Name>")
response.write ("<Telephone>" & objRS("telephonenumber") & "</Telephone>")
response.write ("</DirectoryEntry>")
objRS.MoveNext
Response.Flush
If objRS.EOF then exit for
next
response.write ("<SoftKeyItem><Name>Dial</Name><URL>SoftKey:Dial</URL><Position>1</Position></SoftKeyItem>")
if 30 * strPage - 29 > 1 then
response.write ("<SoftKeyItem><Name>Prev</Name><URL>http://" & request.servervariables("SERVER_NAME") & ":" & request.servervariables("SERVER_PORT") & request.servervariables("url") & "?page=" & strPage - 1 & "&f=" & sFirstName & "&l=" & sLastName & "&searchparam=" & server.urlencode(sSearchparam) & "</URL><Position>2</Position></SoftKeyItem>")
end if
if objRS.RecordCount > strPage * 30 then
response.write ("<SoftKeyItem><Name>Next</Name><URL>http://" & request.servervariables("SERVER_NAME") & ":" & request.servervariables("SERVER_PORT") & request.servervariables("url") & "?page=" & strPage + 1 & "&f=" & sFirstName & "&l=" & sLastName & "&searchparam=" & server.urlencode(sSearchparam) & "</URL><Position>3</Position></SoftKeyItem>")
end if
response.write ("<SoftKeyItem><Name>Exit</Name><URL>SoftKey:Exit</URL><Position>4</Position></SoftKeyItem>")
End If
'''''
response.write ("</CiscoIPPhoneDirectory>")
''''''''''
' Clean up
objRS.Close
objCon.Close
Set objRS = Nothing
Set objCon = Nothing
Set objCom = Nothing
%>
<%@ Language="VBScript" %>
<%
' List script
'Option Explicit
%>
<%
response.ContentType="text/xml"
response.Expires = -1
Dim objCon, objCom, objRS
Dim strDNSDomain, strBase, strQuery, strFilter, strAttributes
Dim sFirstName: sFirstName = request.querystring("f")
Dim sLastName: sLastName = request.querystring("l")
Dim sSearchparam: sSearchparam = request.querystring("searchparam")
Dim strPage: strPage = request.querystring("page")
Dim strNumber
Dim strNumberClean
' Define the AD OU that contains our users and filter and attributes
strBase = "<LDAP://server.com/DC=server,DC=com>"
strFilter = "(&(objectCategory=person)(objectClass=user)(givenName=" & sFirstName & "*)(sn=" & sLastName & "*)(telephonenumber=*))"
strAttributes = "givenName,sn,displayName,telephonenumber,mobile,c"
' Make AD connection and run query
Set objCon = Server.CreateObject("ADODB.Connection")
objCon.provider ="ADsDSOObject"
objCon.Properties("User ID") = "DOMAIN\USERNAME"
objCon.Properties("Password") = "PASSWORD"
objCon.Properties("Encrypt Password") = TRUE
objCon.open "Active Directory Provider"
Set objCom = CreateObject("ADODB.Command")
Set objCom.ActiveConnection = objCon
strQuery = strBase & ";" & strFilter & ";" & strAttributes & ";subtree"
objCom.CommandText = strQuery
objCom.Properties("Sort On") = "displayName"
Set objRS = objCom.Execute
''''''''''
' Loop over returned recordset and output HTML
response.write ("<CiscoIPPhoneDirectory>")
response.write ("<Title>Phone Directory</Title><Prompt>Search Results</Prompt>")
'''''
If objRS.RecordCount <=30 then
while not objRS.EOF
response.write ("<DirectoryEntry>")
response.write ("<Name>" & objRS("displayName") & " " & objRS("c") & "</Name>")
'Remove spaces in the Telephone Number - 20170127 Louis-Philippe Descamps
strNumber = objRS("telephonenumber")
strNumberClean = Replace(strNumber," ","",1,-1)
response.write ("<Telephone>" & strNumberClean & "</Telephone>")
response.write ("</DirectoryEntry>")
objRS.MoveNext
Response.Flush
wend
response.write ("<SoftKeyItem><Name>Dial</Name><URL>SoftKey:Dial</URL><Position>1</Position></SoftKeyItem>")
response.write ("<SoftKeyItem><Name>Exit</Name><URL>SoftKey:Exit</URL><Position>4</Position></SoftKeyItem>")
Else
If strPage = "" then strPage = 1
objRS.absoluteposition = 30 * strPage - 29
For intRecord = 1 to 30
response.write ("<DirectoryEntry>")
response.write ("<Name>" & objRS("displayName") & " " & objRS("c") & "</Name>")
'Remove spaces in the Telephone Number - 20170127 Louis-Philippe Descamps
strNumber = objRS("telephonenumber")
strNumberClean = Replace(strNumber," ","",1,-1)
response.write ("<Telephone>" & strNumberClean & "</Telephone>")
response.write ("</DirectoryEntry>")
objRS.MoveNext
Response.Flush
If objRS.EOF then exit for
next
response.write ("<SoftKeyItem><Name>Dial</Name><URL>SoftKey:Dial</URL><Position>1</Position></SoftKeyItem>")
if 30 * strPage - 29 > 1 then
response.write ("<SoftKeyItem><Name>Prev</Name><URL>http://" & request.servervariables("SERVER_NAME") & ":" & request.servervariables("SERVER_PORT") & request.servervariables("url") & "?page=" & strPage - 1 & "&f=" & sFirstName & "&l=" & sLastName & "&searchparam=" & server.urlencode(sSearchparam) & "</URL><Position>2</Position></SoftKeyItem>")
end if
if objRS.RecordCount > strPage * 30 then
response.write ("<SoftKeyItem><Name>Next</Name><URL>http://" & request.servervariables("SERVER_NAME") & ":" & request.servervariables("SERVER_PORT") & request.servervariables("url") & "?page=" & strPage + 1 & "&f=" & sFirstName & "&l=" & sLastName & "&searchparam=" & server.urlencode(sSearchparam) & "</URL><Position>3</Position></SoftKeyItem>")
end if
response.write ("<SoftKeyItem><Name>Exit</Name><URL>SoftKey:Exit</URL><Position>4</Position></SoftKeyItem>")
End If
'''''
response.write ("</CiscoIPPhoneDirectory>")
''''''''''
' Clean up
objRS.Close
objCon.Close
Set objRS = Nothing
Set objCon = Nothing
Set objCom = Nothing
%>
1那么
response.write(“Prevhttp://”和request.servervariables(“SERVER_-NAME”)&“&request.servervariables(“SERVER_-PORT”)&request.servervariables(“url”)和”?page=“&strPage-1&”&;f=“&sFirstName&”&;l=“&sLastName&”&;searchparam=“&SERVER.urlencode(sSearchparam)和“2”)
如果结束
如果objRS.RecordCount>strPage*30,则
response.write(“Nexthttp://”和request.servervariables(“SERVER_NAME”)&“&request.servervariables(“SERVER_PORT”)和request.servervariables(“url”)和”?page=“&strPage+1&&;f=“&sFirstName&&;l=“&sLastName&&;searchparam=“&SERVER.urlencode(sSearchparam)&”3”)
如果结束
response.write(“ExitSoftKey:Exit4”)
如果结束
'''''
response.write(“”)
''''''''''
“清理
objRS,关闭
objCon.关闭
设置objRS=Nothing
设置objCon=Nothing
设置objCom=Nothing
%>
谢谢不要加密密码,当攻击者获得DB时,他也将获得加密密钥。使用随机salt在HMAC上迭代大约100毫秒,并使用哈希保存salt。使用诸如password_hash、PBKDF2、Bcrypt等函数和类似函数。重点是让攻击者花费大量时间查找密码RDS的蛮力。考虑到用户是谁在危险的密码口令很差。谢谢你的评论。不知道如何做到这一点,但看看。cheers@Ask你自己:“用户的安全性是否值得研究如何正确处理密码?”情况就是这样:攻击者可以访问您的站点名称/密码,而您甚至不知道。攻击者使用这些名称/密码访问其他系统上的用户帐户,因为大多数用户重复使用密码。或者,他将被盗的凭据与其他人聚合,然后在黑暗的web上销售。这是一项内部服务,不向o该服务在ip电话上运行。此脚本中使用的帐户是只读服务帐户,只能读取第一个名称、第二个名称和电话分机。
Dim strNumber
Dim strNumberClean
<%@ Language="VBScript" %>
<%
' List script
'Option Explicit
%>
<%
response.ContentType="text/xml"
response.Expires = -1
Dim objCon, objCom, objRS
Dim strDNSDomain, strBase, strQuery, strFilter, strAttributes
Dim sFirstName: sFirstName = request.querystring("f")
Dim sLastName: sLastName = request.querystring("l")
Dim sSearchparam: sSearchparam = request.querystring("searchparam")
Dim strPage: strPage = request.querystring("page")
Dim strNumber
Dim strNumberClean
' Define the AD OU that contains our users and filter and attributes
strBase = "<LDAP://server.com/DC=server,DC=com>"
strFilter = "(&(objectCategory=person)(objectClass=user)(givenName=" & sFirstName & "*)(sn=" & sLastName & "*)(telephonenumber=*))"
strAttributes = "givenName,sn,displayName,telephonenumber,mobile,c"
' Make AD connection and run query
Set objCon = Server.CreateObject("ADODB.Connection")
objCon.provider ="ADsDSOObject"
objCon.Properties("User ID") = "DOMAIN\USERNAME"
objCon.Properties("Password") = "PASSWORD"
objCon.Properties("Encrypt Password") = TRUE
objCon.open "Active Directory Provider"
Set objCom = CreateObject("ADODB.Command")
Set objCom.ActiveConnection = objCon
strQuery = strBase & ";" & strFilter & ";" & strAttributes & ";subtree"
objCom.CommandText = strQuery
objCom.Properties("Sort On") = "displayName"
Set objRS = objCom.Execute
''''''''''
' Loop over returned recordset and output HTML
response.write ("<CiscoIPPhoneDirectory>")
response.write ("<Title>Phone Directory</Title><Prompt>Search Results</Prompt>")
'''''
If objRS.RecordCount <=30 then
while not objRS.EOF
response.write ("<DirectoryEntry>")
response.write ("<Name>" & objRS("displayName") & " " & objRS("c") & "</Name>")
'Remove spaces in the Telephone Number - 20170127 Louis-Philippe Descamps
strNumber = objRS("telephonenumber")
strNumberClean = Replace(strNumber," ","",1,-1)
response.write ("<Telephone>" & strNumberClean & "</Telephone>")
response.write ("</DirectoryEntry>")
objRS.MoveNext
Response.Flush
wend
response.write ("<SoftKeyItem><Name>Dial</Name><URL>SoftKey:Dial</URL><Position>1</Position></SoftKeyItem>")
response.write ("<SoftKeyItem><Name>Exit</Name><URL>SoftKey:Exit</URL><Position>4</Position></SoftKeyItem>")
Else
If strPage = "" then strPage = 1
objRS.absoluteposition = 30 * strPage - 29
For intRecord = 1 to 30
response.write ("<DirectoryEntry>")
response.write ("<Name>" & objRS("displayName") & " " & objRS("c") & "</Name>")
'Remove spaces in the Telephone Number - 20170127 Louis-Philippe Descamps
strNumber = objRS("telephonenumber")
strNumberClean = Replace(strNumber," ","",1,-1)
response.write ("<Telephone>" & strNumberClean & "</Telephone>")
response.write ("</DirectoryEntry>")
objRS.MoveNext
Response.Flush
If objRS.EOF then exit for
next
response.write ("<SoftKeyItem><Name>Dial</Name><URL>SoftKey:Dial</URL><Position>1</Position></SoftKeyItem>")
if 30 * strPage - 29 > 1 then
response.write ("<SoftKeyItem><Name>Prev</Name><URL>http://" & request.servervariables("SERVER_NAME") & ":" & request.servervariables("SERVER_PORT") & request.servervariables("url") & "?page=" & strPage - 1 & "&f=" & sFirstName & "&l=" & sLastName & "&searchparam=" & server.urlencode(sSearchparam) & "</URL><Position>2</Position></SoftKeyItem>")
end if
if objRS.RecordCount > strPage * 30 then
response.write ("<SoftKeyItem><Name>Next</Name><URL>http://" & request.servervariables("SERVER_NAME") & ":" & request.servervariables("SERVER_PORT") & request.servervariables("url") & "?page=" & strPage + 1 & "&f=" & sFirstName & "&l=" & sLastName & "&searchparam=" & server.urlencode(sSearchparam) & "</URL><Position>3</Position></SoftKeyItem>")
end if
response.write ("<SoftKeyItem><Name>Exit</Name><URL>SoftKey:Exit</URL><Position>4</Position></SoftKeyItem>")
End If
'''''
response.write ("</CiscoIPPhoneDirectory>")
''''''''''
' Clean up
objRS.Close
objCon.Close
Set objRS = Nothing
Set objCon = Nothing
Set objCom = Nothing
%>