评评这段ＡＳＰ防注入的程序．请高手评评！

sub aspsql()'网站安全防注入
dim SQL_injdata,SQL_inj
SQL_injdata = "'|;| and | exec | insert | select | delete | update | count | * | % | chr | mid | master | truncate | char | declare "
SQL_inj = split(SQL_Injdata,"|")
If Request.Form<>"" Then
For Each Sql_Post In Request.Form
For SQL_Data=0 To Ubound(SQL_inj)
if instr(Request.Form(Sql_Post),Sql_Inj(Sql_DATA))>0 Then
response.write "<script language='javascript'>"
response.write "alert('网站安全提示：请不要在参数中包含非法字符！');"
response.write "location.href='javascript:history.go(-1)';"
response.write "</script>"
response.end
end if
next
next
end if
If Request.QueryString<>"" Then
For Each SQL_Get In Request.QueryString
For SQL_Data=0 To Ubound(SQL_inj)
if instr(Request.QueryString(SQL_Get),Sql_Inj(Sql_DATA))>0 Then
response.write "<script language='javascript'>"
response.write "alert('网站安全提示：请不要在参数中包含非法字符！');"
response.write "location.href='javascript:history.go(-1)';"
response.write "</script>"
response.end
end if
next
Next
end If
end sub
sub aqadmin()'防止从外部提交数据写入数据库
dim server_v1,server_v2
server_v1=lcase(Cstr(Request.ServerVariables("HTTP_REFERER")))
server_v2=lcase(Cstr(Request.ServerVariables("SERVER_NAME")))
if mid(server_v1,8,len(server_v2))<>server_v2 then
response.write "<script language='javascript'>"
response.write "alert('网站安全提示：\n\n请不要从外部服务器提交数据到本站！\n\n请不要乱改参数提交数据！');"
response.write "location.href='javascript:history.go(-1)';"
response.write "</script>"
response.end
end if
end sub