简单的防ID注入代码

<%if instr(id,"'")>0 then
response.write"<script>javascript:history.back(-1)</script>"
response.end
end if
if instr(id,";")>0 then
response.write"<script>javascript:history.back(-1)</script>"
response.end
end if
if not isnumeric(id) then 
response.write"<script>javascript:history.back(-1)</script>"
response.end
end if%>