www.gusucode.com > 化境ASP文件管理系统 1.1源码程序 > include.asp
<!--METADATA TYPE="TypeLib" UUID="{00000205-0000-0010-8000-00aa006d2ea4}"-->
<%
dim fo,gPath,gAct,gFileName,gFilePath,g,gRootUrl,gBaseUrl,gPage,gSearch,gEachPage,gFolder,gFilter
dim gPageSize,sTemp,gNoFile
dim sfor(28,2)
gPageSize=100
gRootUrl=Session("webeditbase")
if right(gRootUrl,1)<>"/" then gRootUrl=gRootUrl&"/"
gNoFile=array("asp","aspx") '禁止访问的脚本
set fo=Server.CreateObject("Scripting.FileSystemObject")
sFor(0,0)="txt":sFor(0,1)=1
sFor(1,0)="chm":sFor(1,1)=2
sFor(2,0)="hlp":sFor(2,1)=2
sFor(3,0)="doc":sFor(3,1)=3
sFor(4,0)="pdf":sFor(4,1)=4
sFor(5,0)="gif":sFor(5,1)=6
sFor(6,0)="jpg":sFor(6,1)=6
sFor(7,0)="png":sFor(7,1)=6
sFor(8,0)="bmp":sFor(8,1)=6
sFor(9,0)="asp":sFor(9,1)=7
sFor(10,0)="jsp":sFor(10,1)=7
sFor(11,0)="js" :sFor(11,1)=7
sFor(12,0)="htm":sFor(12,1)=8
sFor(13,0)="html":sFor(13,1)=8
sFor(14,0)="shtml":sFor(14,1)=8
sFor(15,0)="zip":sFor(15,1)=9
sFor(16,0)="rar":sFor(16,1)=9
sFor(17,0)="exe":sFor(17,1)=10
sFor(18,0)="avi":sFor(18,1)=11
sFor(19,0)="mpg":sFor(19,1)=11
sFor(20,0)="ra" :sFor(20,1)=12
sFor(21,0)="ram":sFor(21,1)=12
sFor(22,0)="mid":sFor(22,1)=13
sFor(23,0)="wav":sFor(23,1)=13
sFor(24,0)="mp3":sFor(24,1)=13
sFor(25,0)="asf":sFor(25,1)=11
sFor(26,0)="php":sFor(26,1)=7
sFor(27,0)="php3":sFor(27,1)=7
sFor(28,0)="aspx":sFor(28,1)=7
gFilePath=Request.ServerVariables("SCRIPT_NAME")
gFileName=mid(gFilePath,instrRev(gFilePath,"/")+1)
gFilePath=lcase(left(gFilePath,instrRev(gFilePath,"/")))
gPath=lcase(getVar("path","str",gRootUrl))
if left(gPath,1)<>"/" then gPath=gRootUrl&gPath
gPage=getVar("page","num",1)
gAct=getVar("act","str","")
gFilter=getVar("filter","str","")
setBaseUrl
sub setBaseUrl()
gBaseUrl=gFileName&"?page="&gPage&"&path="&gPath
if gFilter<>"" then gBaseUrl=gBaseUrl&"&filter="&gFilter
end sub
function getVar(theStr,strType,defValue)
select case strType
case "str"
if isEmpty(Request.QueryString(theStr)) or trim(Request.QueryString(theStr))="" then
getVar=defValue
else
getVar=trim(Request.QueryString(theStr))
end if
case "num"
if isEmpty(Request.QueryString(theStr)) or not isNumeric(Request.QueryString(theStr)) then
getVar=defValue
else
getVar=cint(Request.QueryString(theStr))
end if
case else
getStr=defValue
end select
end function
function getForm(theStr,strType,defValue)
select case strType
case "str"
if isEmpty(Request.form(theStr)) or trim(Request.form(theStr))="" then
getForm=defValue
else
getForm=trim(Request.form(theStr))
end if
case "num"
if isEmpty(Request.form(theStr)) or not isNumeric(Request.form(theStr)) then
getForm=defValue
else
getForm=cint(Request.form(theStr))
end if
case else
getForm=defValue
end select
end function
sub HtmEnd(info,isback,dir)
set fo=nothing
set gFolder=nothing
if info<>"" then Response.Write("<script language=""javascript"">alert('"&info&"');</script>")
select case isback
case 1
Response.Write("<script language=""javascript"">history.back();</script>")
case 2
Response.Write("<script language=""javascript"">location.href='"&dir&"';</script>")
end select
Response.write("</body></html>")
Response.End
end sub
function procIsEdit(sName)
dim i1,i,isEdit
isEdit=Array(1,7,8)
procIsEdit=0
i1=procGetFormat(sName)
for i=0 to ubound(isEdit)
if isEdit(i)=i1 then
procIsEdit=1
exit for
end if
next
end function
function procGetExtName(sName)
procGetExtName=""
if instrRev(sName,".")<1 then exit function
procGetExtName=lcase(mid(sName,instrRev(sName,".")+1))
end function
function procGetFormat(sName)
dim i,str
procGetFormat=0
if instrRev(sName,".")=0 then exit function
str=lcase(mid(sName,instrRev(sName,".")+1))
for i=0 to uBound(sFor,1)
if str=sFor(i,0) then
procGetFormat=sFor(i,1)
exit for
end if
next
end function
function procCheckFile(sName,ischeck)
dim sExt,sPath,i,errorchar
errorchar=array("'","""","\","/","*","?","&","|","<",">")
procCheckFile="ok"
sExt=lcase(procGetExtName(sName))
if gFilter<>"" then
if instr(sName,gFilter)<1 then
procCheckFile="没有权限访问此文件!"
exit function
end if
end if
if Session("webeditrun")="0" then
for i=0 to ubound(gNoFile)
if gNoFile(i)=sExt then
procCheckFile="没有权限访问此文件!"
exit function
end if
next
end if
if ischeck>0 then
sPath=left(sName,instrRev(sName,"/"))
sPath=procCheckDir(sPath,1)
if sPath<>"ok" then
procCheckFile=sPath
exit function
end if
if ischeck=1 and not fo.FileExists(Server.MapPath(sName)) then
procCheckFile="文件没有找到!"
exit function
end if
else
for i=0 to ubound(errorchar)
if instr(sName,errorchar(i))>0 then
procCheckFile="文件名中含有非法字符!"
exit function
end if
next
end if
procCheckFile="ok"
end function
function procCheckDir(sPath,mode)
dim errorchar,i,hd,str
sPath=lcase(sPath)
procCheckDir="ok"
errorchar=array("'","""","\","..","//","*","?","&","|","<",">")
if isempty(sPath) or trim(sPath)="" then
procCheckDir="目录不能为空!"
exit function
end if
for i=0 to ubound(errorchar)
if instr(sPath,errorchar(i))>0 then
procCheckDir="目录名中含有非法字符"
exit function
end if
next
if gFilePath=left(sPath,len(gFilePath)) then
procCheckDir="没有权限访问此目录!"
exit function
end if
if mode=0 then exit function
if not fo.FolderExists(Server.MapPath(sPath)) then
procCheckDir="目录"&sPath&"没有找到!"
exit function
end if
if left(sPath,len(gRootUrl))<>gRootUrl then
procCheckDir="没有权限访问此目录!"
exit Function
end if
end function
%>