admin_upfile.asp

本人仅业余学习一些基础的ASP知识以供系统设计之用,并非专业人员,相关服务器设置、MSSQL/MySQL数据库方面的专业问题请自行解决。 本人仅提供本系统相关的一些技术问题的解释、解答。

					end if
					fileExt=lcase(right(file.filename,4))
					uploadsuc=false
					if fileEXT=".jpg" or fileEXT=".gif" or fileEXT=".bmp" or fileEXT=".png" then
						uploadsuc=true
					else
						uploadsuc=false
					end if
					if uploadsuc=false then
						response.write "您要上传的文件格式不正确　[ <a href='javascript:onclick=history.go(-1)'>重新上传</a> ]"
						response.end
					end if
					randomize
					ranNum=int(90000*rnd)+10000
					filename=year(now)&month(now)&day(now)&hour(now)&minute(now)&second(now)&ranNum&fileExt
				if file.FileSize>0 then
					if TrueStr(FileName)=false then
					    response.write "非法文件"
					    response.end
					end if
					file.SaveAs Server.mappath(formPath&FileName)
					If not CheckFileType(Server.mappath(formPath&FileName)) then
						Set fso = CreateObject("Scripting.FileSystemObject")
							Set ficn = fso.GetFile(Server.mappath(formPath&FileName))
								ficn.delete
							set ficn=nothing
						set fso=nothing
						response.write "您要上传的文件格式不正确　[ <a href='javascript:onclick=history.go(-1)'>重新上传</a> ]"
						response.end  
					end if
						set rsfile=server.createobject("adodb.recordset") 
						if IsSqlDataBase = 2 then
							strSQL ="select id,fileurl_info,fileurl_name,fileurl_user,fileurl_size,fileurl_path,fileurl_class,fileurl_Types from filetest where fileurl_name='"&FileName&"' order by id desc"
						else
							strSQL ="select id,fileurl_info,fileurl_name,fileurl_user,fileurl_size,fileurl_path,fileurl_class,fileurl_Types from [filetest] where fileurl_name='"&FileName&"' order by id desc"
						end if
						rsfile.open strSQL,conn,1,3
						rsfile.addnew
						rsfile("fileurl_name")=FileName
						rsfile("fileurl_info")=file.filename
						rsfile("fileurl_user")="管理员："&request.cookies("CnendWeb")("admininfo_loginname")
						rsfile("fileurl_size")=int(file.FileSize/1000)
						rsfile("fileurl_path")=formPath
						rsfile("fileurl_class")=4
						rsfile("fileurl_Types")=Replace(fileExt,".","")
						rsfile.update
						if IsSqlDataBase = 0 then
							attachid=rsfile("id")
						end if
						rsfile.close
						if IsSqlDataBase = 1 then
							rsfile.open strSQL,conn,1,1
							attachid=rsfile("id")
							rsfile.close
						end if
						set rsfile=nothing 
					response.write "<script>parent.input.Ar_pic.value+='"&formPath&FileName&"'</script>"
					response.write "<script>parent.input.attach.value+='[attach]"&attachid&"[/attach];'</script>"
				end if
				set file=nothing
				next
			Htmend "上传成功 "
		elseif session("CnendWeb_info")="articleview" then
		formPath=session("CnendWeb_filepath")
		if right(formPath,1)<>"/" then formPath=formPath&"/" 
			response.write "<body>"
			iCount=0
			for each formName in upload.file
			set file=upload.file(formName)
				if file.filesize<10 then
					response.write "您要上传的文件过小或不存在,请选择你要上传的文件　[ <a href='javascript:onclick=history.go(-1)'>重新上传</a> ]"
					response.end
				end if
				if file.filesize>ArticleviewMaxFileSize*1000 then
					response.write "您要上传的文件大小超过了限制"&MaxFileSize&"K　[ <a href='javascript:onclick=history.go(-1)'>重新上传</a> ]"
					response.end
				end if
				fileExt=lcase(right(file.filename,4))
				uploadsuc=false
	
				Forumupload=split(AllowFileExtStr,",")
				for i=0 to ubound(Forumupload)
				if fileEXT="."&trim(Forumupload(i)) then
					uploadsuc=true
					exit for
				else
					uploadsuc=false
				end if
				next
				if uploadsuc=false then
					response.write "您要上传的文件格式不正确　[ <a href='javascript:onclick=history.go(-1)'>重新上传</a> ]"
					response.end
				end if
			randomize
			ranNum=int(90000*rnd)+10000
			filename=year(now)&month(now)&day(now)&hour(now)&minute(now)&second(now)&ranNum&fileExt
				if file.FileSize>0 then
					if TrueStr(FileName)=false then
					    response.write "非法文件"
					    response.end
					end if
					file.SaveAs Server.mappath(formPath&FileName)
					if fileEXT=".jpg" or fileEXT=".gif" or fileEXT=".bmp" or fileEXT=".png" then
						If not CheckFileType(Server.mappath(formPath&FileName)) then
							Set fso = CreateObject("Scripting.FileSystemObject")
								Set ficn = fso.GetFile(Server.mappath(formPath&FileName))
									ficn.delete
								set ficn=nothing
							set fso=nothing
							response.write "您要上传的文件格式不正确　[ <a href='javascript:onclick=history.go(-1)'>重新上传</a> ]"
							response.end  
						end if
						set rsfile=server.createobject("adodb.recordset") 
						if IsSqlDataBase = 2 then
							strSQL ="select id,fileurl_info,fileurl_name,fileurl_user,fileurl_size,fileurl_path,fileurl_class,fileurl_Types from filetest where fileurl_name='"&FileName&"' order by id desc"
						else
							strSQL ="select id,fileurl_info,fileurl_name,fileurl_user,fileurl_size,fileurl_path,fileurl_class,fileurl_Types from [filetest] where fileurl_name='"&FileName&"' order by id desc"
						end if
						rsfile.open strSQL,conn,1,3
						rsfile.addnew
						rsfile("fileurl_name")=FileName
						rsfile("fileurl_info")=file.filename
						rsfile("fileurl_user")="管理员："&request.cookies("CnendWeb")("admininfo_loginname")
						rsfile("fileurl_size")=int(file.FileSize/1000)
						rsfile("fileurl_path")=formPath
						rsfile("fileurl_class")=2
						rsfile("fileurl_Types")=Replace(fileExt,".","")
						rsfile.update
						if IsSqlDataBase = 0 then
							attachid=rsfile("id")
						end if
						rsfile.close
						if IsSqlDataBase = 1 then
							rsfile.open strSQL,conn,1,1
							attachid=rsfile("id")
							rsfile.close
						end if
						set rsfile=nothing 
						response.write "<script>parent.input.message.value+='[attachimg]"&SiteSystemPath&"attachment.asp?id="&attachid&"[/attachimg]'</script>"
					else
						set rsfile=server.createobject("adodb.recordset") 
						if IsSqlDataBase = 2 then
							strSQL ="select id,fileurl_info,fileurl_name,fileurl_user,fileurl_size,fileurl_path,fileurl_class,fileurl_Types from filetest where fileurl_name='"&FileName&"' order by id desc"
						else
							strSQL ="select id,fileurl_info,fileurl_name,fileurl_user,fileurl_size,fileurl_path,fileurl_class,fileurl_Types from [filetest] where fileurl_name='"&FileName&"' order by id desc"
						end if
						rsfile.open strSQL,conn,1,3
						rsfile.addnew
						rsfile("fileurl_name")=FileName
						rsfile("fileurl_info")=file.filename
						rsfile("fileurl_user")="管理员："&request.cookies("CnendWeb")("admininfo_loginname")
						rsfile("fileurl_size")=int(file.FileSize/1000)
						rsfile("fileurl_path")=formPath
						rsfile("fileurl_class")=2
						rsfile("fileurl_Types")=Replace(fileExt,".","")
						rsfile.update
						if IsSqlDataBase = 0 then
							attachid=rsfile("id")
						end if
						rsfile.close
						if IsSqlDataBase = 1 then
							rsfile.open strSQL,conn,1,1
							attachid=rsfile("id")
							rsfile.close
						end if
						set rsfile=nothing 
						response.write "<script>parent.input.message.value+='[attach]"&attachid&"[/attach]'</script>"
					end if
						response.write "<script>parent.input.attach.value+='[attach]"&attachid&"[/attach];'</script>"
				end if
			set file=nothing
			next
		 	Htmend "上传成功 [ <a href='javascript:onclick=history.go(-1)'>继续上传</a> ]"
		elseif session("CnendWeb_info")="gonggao" then
		formPath=session("CnendWeb_filepath")
		if right(formPath,1)<>"/" then formPath=formPath&"/" 
			response.write "<body>"
			iCount=0
			for each formName in upload.file
			set file=upload.file(formName)
				if file.filesize<10 then
					response.write "您要上传的文件过小或不存在,请选择你要上传的文件　[ <a href='javascript:onclick=history.go(-1)'>重新上传</a> ]"
					response.end
				end if
				if file.filesize>MaxFileSize*1000 then
					response.write "您要上传的文件大小超过了限制"&MaxFileSize&"K　[ <a href='javascript:onclick=history.go(-1)'>重新上传</a> ]"
					response.end
				end if
				fileExt=lcase(right(file.filename,4))
				uploadsuc=false
	
				Forumupload=split(AllowFileExtStr,",")
				for i=0 to ubound(Forumupload)
				if fileEXT="."&trim(Forumupload(i)) then
					uploadsuc=true
					exit for
				else
					uploadsuc=false
				end if
				next
				if uploadsuc=false then
					response.write "您要上传的文件格式不正确　[ <a href='javascript:onclick=history.go(-1)'>重新上传</a> ]"
					response.end
				end if
			randomize
			ranNum=int(90000*rnd)+10000
			filename=year(now)&month(now)&day(now)&hour(now)&minute(now)&second(now)&ranNum&fileExt
				if file.FileSize>0 then
					if TrueStr(FileName)=false then
					    response.write "非法文件"
					    response.end
					end if
					file.SaveAs Server.mappath(formPath&FileName)
					if fileEXT=".jpg" or fileEXT=".gif" or fileEXT=".bmp" or fileEXT=".png" then
						If not CheckFileType(Server.mappath(formPath&FileName)) then
							Set fso = CreateObject("Scripting.FileSystemObject")
								Set ficn = fso.GetFile(Server.mappath(formPath&FileName))
									ficn.delete
								set ficn=nothing
							set fso=nothing
							response.write "您要上传的文件格式不正确　[ <a href='javascript:onclick=history.go(-1)'>重新上传</a> ]"
							response.end  
						end if
						set rsfile=server.createobject("adodb.recordset") 
						if IsSqlDataBase = 2 then
							strSQL ="select id,fileurl_info,fileurl_name,fileurl_user,fileurl_size,fileurl_path,fileurl_class,fileurl_Types from filetest where fileurl_name='"&FileName&"' order by id desc"
						else
							strSQL ="select id,fileurl_info,fileurl_name,fileurl_user,fileurl_size,fileurl_path,fileurl_class,fileurl_Types from [filetest] where fileurl_name='"&FileName&"' order by id desc"
						end if
						rsfile.open strSQL,conn,1,3
						rsfile.addnew
						rsfile("fileurl_name")=FileName
						rsfile("fileurl_info")=file.filename
						rsfile("fileurl_user")="管理员："&request.cookies("CnendWeb")("admininfo_loginname")
						rsfile("fileurl_size")=int(file.FileSize/1000)
						rsfile("fileurl_path")=formPath
						rsfile("fileurl_class")=0
						rsfile("fileurl_Types")=Replace(fileExt,".","")
						rsfile.update
						if IsSqlDataBase = 0 then
							attachid=rsfile("id")
						end if
						rsfile.close
						if IsSqlDataBase = 1 then
							rsfile.open strSQL,conn,1,1
							attachid=rsfile("id")
							rsfile.close
						end if
						set rsfile=nothing 
						response.write "<script>parent.input.message.value+='[attachimg]"&SiteSystemPath&"attachment.asp?id="&attachid&"[/attachimg]'</script>"
					else
						set rsfile=server.createobject("adodb.recordset") 
						if IsSqlDataBase = 2 then
							strSQL ="select id,fileurl_info,fileurl_name,fileurl_user,fileurl_size,fileurl_path,fileurl_class,fileurl_Types from filetest where fileurl_name='"&FileName&"' order by id desc"
						else
							strSQL ="select id,fileurl_info,fileurl_name,fileurl_user,fileurl_size,fileurl_path,fileurl_class,fileurl_Types from [filetest] where fileurl_name='"&FileName&"' order by id desc"
						end if
						rsfile.open strSQL,conn,1,3
						rsfile.addnew
						rsfile("fileurl_name")=FileName
						rsfile("fileurl_info")=file.filename
						rsfile("fileurl_user")="管理员："&request.cookies("CnendWeb")("admininfo_loginname")
						rsfile("fileurl_size")=int(file.FileSize/1000)
						rsfile("fileurl_path")=formPath
						rsfile("fileurl_class")=0
						rsfile("fileurl_Types")=Replace(fileExt,".","")
						rsfile.update
						if IsSqlDataBase = 0 then
							attachid=rsfile("id")
						end if
						rsfile.close
						if IsSqlDataBase = 1 then
							rsfile.open strSQL,conn,1,1
							attachid=rsfile("id")
							rsfile.close
						end if
						set rsfile=nothing 
						response.write "<script>parent.input.message.value+='[attach]"&attachid&"[/attach]'</script>"
					end if
						response.write "<script>parent.input.attach.value+='[attach]"&attachid&"[/attach];'</script>"
				end if
			set file=nothing
			next
			Htmend "上传成功 [ <a href='javascript:onclick=history.go(-1)'>继续上传</a> ]"
		end if
	set upload=nothing
end if

sub HtmEnd(Msg)
		response.write Msg&""
end sub
%>
</body>
</html>