www.gusucode.com > 盐城分类信息网asp源码程序 > admin/upfilexinxi.asp
<%
'***********************************
'本站由吉林信息网团队制作
'***********************************
'--------版权说明------------------
'吉林信息网官方网站:http://www.jl-e.com
'QQ:304133183
'***********************************
%><!--#include file="cookies.asp"-->
<%
Const MaxFileSize=300 '上传文件大小限制
Const UpFileType="gif|jpg|bmp|png" '允许的上传文件类型
Const DelUpFiles="Yes" '删除文章时是否同时删除文章中的上传文件
%>
<!--#include file="upfile_cla.asp"-->
<%
const upload_type=0 '上传方法:0=无惧无组件上传类,1=FSO上传 2=lyfupload,3=aspupload,4=chinaaspupload
dim upload,file,formName,SavePath,filename,fileExt
dim upNum
dim EnableUpload
dim Forumupload
dim ranNum
dim uploadfiletype
dim msg,founderr
msg=""
founderr=false
EnableUpload=false
SavePath = "../ad" '存放上传文件的目录
if right(SavePath,1)<>"/" then SavePath=SavePath&"/" '在目录后加(/)
%>
<%
ComeinSTR=lcase(request.servervariables("HTTP_HOST"))
Url=split(ComeinSTR)
yourthing=Url(0)
%>
<html>
<head>
<style>
td{font-size:12px;line-height:160%}
body{font-size:12px;line-height:160%}
a:link { color: #0033CC; text-decoration: none }
a:visited { color: #0033CC; text-decoration: none }
a:active { color: #FF0000; text-decoration: none }
a:hover { color: #000000; text-decoration: underline}
</style>
<title></title>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312"></head>
<body bgcolor="#FFFFFF">
<%
if EnableUploadFile="NO" then
response.write "系统未开放文件上传功能"
else
select case upload_type
case 0
call upload_0() '使用化境无组件上传类
case else
'response.write "本系统未开放插件功能"
'response.end
end select
end if
%>
</body>
</html>
<%
sub upload_0() '使用化境无组件上传类
set upload=new upfile_class ''建立上传对象
upload.GetData(35000) '取得上传数据,限制最大上传350kb
if upload.err > 0 then '如果出错
select case upload.err
case 1
response.write "请先选择你要上传的文件!"
case 2
response.write "你上传的文件总大小超出了最大限制(350kb)"
end select
response.end
end if
for each formName in upload.file '列出所有上传了的文件
EnableUpload=False
set ofile=upload.file(formName) '生成一个文件对象
oFileSize=ofile.filesize
if oFileSize<100 then
msg="请先选择你要上传的文件!"
FoundErr=True
elseif ofilesize>(MaxFileSize*1024) then
msg="文件大小超过了限制,最大只能上传" & CStr(MaxFileSize) & "K的文件!"
FoundErr=true
end if
fileExt=lcase(ofile.FileExt)
arrUpFileType=split(UpFileType,"|")
for i=0 to ubound(arrUpFileType)
if fileEXT=trim(arrUpFileType(i)) then
EnableUpload=true
exit for
end if
next
if fileEXT="asp" or fileEXT="asa" or fileEXT="aspx" or fileEXT="cer" or fileEXT="cdx" then
EnableUpload=false
end if
if EnableUpload=false then
Response.Write "<script language='javascript'>alert('这种文件类型不允许上传!只允许上传图片文件');</script>"
Response.Write "<a href=adup.asp>[重新上传]</a>"
FoundErr=true
end if
strJS="<SCRIPT language=javascript>" & vbcrlf
if FoundErr<>true then
randomize
ranNum=int(900*rnd)+100
filename=SavePath&year(now)&month(now)&day(now)&hour(now)&minute(now)&second(now)&ranNum&"."&fileExt
ofile.SaveToFile Server.mappath(FileName) '保存文件
whichfile=server.mappath(""& fileName & "")
Set fso = CreateObject("Scripting.FileSystemObject")
set thisfile=fso.opentextfile(whichfile)
my_string=thisfile.readall
if instr(LCase(my_string),"<%")<>0 or instr(LCase(my_string),"<%")<>0 or instr(LCase(my_string),"Request")<>0 or instr(LCase(my_string),"Session")<>0 or instr(LCase(my_string),"script")<>0 then
dim muma
muma=1
Response.Write "<script language='javascript'>alert('你上传木马病毒!上传失败');</script>"
'if FSO.fileExists(whichfile) then
'FSO.DeleteFile(whichfile)
'end if
set fso=nothing
end if
if muma<>1 then
Response.Write "<script language='javascript'>alert('图片上传成功!');</script>"
Response.Write "<a href=adup.asp>[重新上传]</a>图片地址 "& fileName & ""
strJS=strJS & "parent.document.myform1.tupian.value='"& fileName & "';" & vbcrlf
else
strJS=strJS & "alert('" & msg & "');" & vbcrlf
strJS=strJS & "history.go(-1);" & vbcrlf
end if
strJS=strJS & "</script>" & vbcrlf
response.write strJS
end if
set file=nothing
next
set upload=nothing
end sub
%><%
'***********************************
'本站由吉林信息网团队制作
'***********************************
'--------版权说明------------------
'吉林信息网官方网站:http://www.jl-e.com
'QQ:304133183
'***********************************
%>