因为比较简单，我就不说什么了。一看就明白的！
Function ChkStr(InString)
If InString"" Then
InString=Replace(LCase(InString)," ","")
InString=Replace(LCase(InString),";","")
InString=Replace(LCase(InString),"'","")
InString=Replace(LCase(Instring),"--","")
Instring=Replace(LCase(Instring),"%","")
InString=Replace(LCase(InString),"%20","")
InString=Replace(LCase(InString),"admin","")
InString=Replace(LCase(InString),"and","")
InString=Replace(LCase(InString),"or","")
InString=Replace(LCase(InString),"asc","")
InString=Replace(LCase(Instring),"chr","")
InString=Replace(LCase(InString),"mid","")
InString=Replace(LCase(InString),"len","")
InString=Replace(LCase(InString),"select","")
InString=Replace(LCase(InString),"insert","")
InString=Replace(LCase(InString),"delete","")
InString=Replace(LCase(InString),"update","")
ChkStr=InString
End I
End Function
Function CheckFileExt(FileExt)
Dim FileAccessExt,AccessExt
AccessExt="gif,jpg,jpeg,bmp,doc,txt,png"
FileAccessExt=Split(AccessExt,",")
For i=LBound(FileAccessExt) to UBound(FileAccessExt)
If LCase(FileExt)=LCase(FileAccessExt(i)) Then
CheckFileExt=True
Else
CheckFileExt=False
End I
Next
End Function
Function CheckStr(str,IsStr)
CheckStr=str
If IsStr And InStr(str,",")0 Then
Call errmsg("提交字符中包含非法字符")
ElseIf (Not IsStr) And (Not IsNumeric(str)) Then
Call errmsg("提交不是数字型")
End I
End Function
Sub errmsg(str)
If Not IsNull(str) Then
Response.Write(str)"lt br gt"
Call ASCpy()
Response.End() 'Very Improtan.Stop execute program.
End I
End Sub
Sub ASCpy()
Response.Write "link href='Css/Maincss.css' rel='stylesheet' type='text/css'"
Response.Write "div align='center' class='Maincss'"
 Response.Write("CenterError happed!brPlease Contract ")
Response.Write("Name:a href='mailto:jdqn@sjzu.edu.cn'">jdqn@sjzu.edu.cn">jdqn@sjzu.edu.cn' style='text-decoration:none'")
Response.Write("font Color=redAloneSword/font")
Response.Write("/a.brThank you!!!/Centerbr")
Response.Write "hrCopyright copy; By a href='#' style='text-decoration:none'建大网络/a #8482;br"
 Response.Write "Last Modified：21/08/2004br"
Response.Write("Author:a href='http://blog.csdn.net/alonesword/'style='text-decoration:none' target=_blank>http://blog.csdn.net/alonesword/'">http://blog.csdn.net/alonesword/'style='text-decoration:none' target='_blank'AloneSword/a")
Response.Write "/div"
End Sub
小结：
最值得学习的还是response.End()的合理使用，非常的好。只要出现错误马上终止程序的运行，不给后面的机会，保证数据的安全。