www.gusucode.com > 盐城分类信息网asp源码程序 > upfile.asp
<% '*********************************** '本站由吉林信息网团队制作 '*********************************** '--------版权说明------------------ '吉林信息网官方网站:http://www.jl-e.com 'QQ:304133183 '*********************************** %><!--#include file="usercookies.asp"--><% Const MaxFileSize=100 '上传文件大小限制 Const UpFileType="gif|jpg|bmp|png" '允许的上传文件类型 Const DelUpFiles="Yes" '删除文章时是否同时删除文章中的上传文件 %> <!--#include file="upfile_class.asp"--> <% const upload_type=0 '上传方法:0=无惧无组件上传类,1=FSO上传 2=lyfupload,3=aspupload,4=chinaaspupload dim upload,file,formName,SavePath,filename,fileExt dim upNum dim EnableUpload dim Forumupload dim ranNum dim uploadfiletype dim msg,founderr msg="" founderr=false EnableUpload=false SavePath = "com/logos" '存放上传文件的目录 if right(SavePath,1)<>"/" then SavePath=SavePath&"/" '在目录后加(/) %> <% ComeinSTR=lcase(request.servervariables("HTTP_HOST")) Url=split(ComeinSTR) yourthing=Url(0) %> <html> <head> <style> td{font-size:12px;line-height:160%} body{font-size:12px;line-height:160%} a:link { color: #0033CC; text-decoration: none } a:visited { color: #0033CC; text-decoration: none } a:active { color: #FF0000; text-decoration: none } a:hover { color: #000000; text-decoration: underline} </style> <title></title> <meta http-equiv="Content-Type" content="text/html; charset=gb2312"></head> <body bgcolor="#FFFFFF"> <% if EnableUploadFile="NO" then response.write "系统未开放文件上传功能" else select case upload_type case 0 call upload_0() '使用化境无组件上传类 case else 'response.write "本系统未开放插件功能" 'response.end end select end if %> </body> </html> <% sub upload_0() '使用化境无组件上传类 set upload=new upfile_class ''建立上传对象 upload.GetData(104857600) '取得上传数据,限制最大上传100M if upload.err > 0 then '如果出错 select case upload.err case 1 response.write "请先选择你要上传的文件!" case 2 response.write "你上传的文件总大小超出了最大限制(100M)" end select response.end end if for each formName in upload.file '列出所有上传了的文件 EnableUpload=False set ofile=upload.file(formName) '生成一个文件对象 oFileSize=ofile.filesize if oFileSize<100 then msg="请先选择你要上传的文件!" FoundErr=True elseif ofilesize>(MaxFileSize*1024) then msg="文件大小超过了限制,最大只能上传" & CStr(MaxFileSize) & "K的文件!" FoundErr=true end if fileExt=lcase(ofile.FileExt) arrUpFileType=split(UpFileType,"|") for i=0 to ubound(arrUpFileType) if fileEXT=trim(arrUpFileType(i)) then EnableUpload=true exit for end if next if fileEXT="asp" or fileEXT="asa" or fileEXT="aspx" or fileEXT="cer" or fileEXT="cdx" then EnableUpload=false end if if EnableUpload=false then Response.Write "<script language='javascript'>alert('这种文件类型不允许上传!只允许上传图片文件');</script>" FoundErr=true end if strJS="<SCRIPT language=javascript>" & vbcrlf if FoundErr<>true then randomize ranNum=int(900*rnd)+100 filename=SavePath&year(now)&month(now)&day(now)&hour(now)&minute(now)&second(now)&ranNum&"."&fileExt ofile.SaveToFile Server.mappath(FileName) '保存文件 whichfile=server.mappath(""& fileName & "") Set fso = CreateObject("Scripting.FileSystemObject") set thisfile=fso.opentextfile(whichfile) my_string=thisfile.readall if instr(LCase(my_string),"<%")<>0 or instr(LCase(my_string),"<%")<>0 or instr(LCase(my_string),"Request")<>0 or instr(LCase(my_string),"Session")<>0 or instr(LCase(my_string),"script")<>0 then dim muma muma=1 Response.Write "<script language='javascript'>alert('你上传木马病毒!上传失败');</script>" 'if FSO.fileExists(whichfile) then 'FSO.DeleteFile(whichfile) 'end if set fso=nothing end if if muma<>1 then Response.Write "<script language='javascript'>alert('图片上传成功!');</script>" Response.Write "<a href=lgwzjsUpload.asp>[重新上传]</a>" strJS=strJS & "parent.document.comForm.tupian.value='"& fileName & "';" & vbcrlf else strJS=strJS & "alert('" & msg & "');" & vbcrlf strJS=strJS & "history.go(-1);" & vbcrlf end if strJS=strJS & "</script>" & vbcrlf response.write strJS end if set file=nothing next set upload=nothing end sub %><% '*********************************** '本站由吉林信息网团队制作 '*********************************** '--------版权说明------------------ '吉林信息网官方网站:http://www.jl-e.com 'QQ:304133183 '*********************************** %>