delfiels.asp

绿叶办公自动化系统

<%@LANGUAGE="VBSCRIPT"%>
<%Response.Expires = -1
Response.ExpiresAbsolute = Now() - 1
Response.cachecontrol = "no-cache"%>
<%
MM_authorizedUsers=""
MM_authFailedURL="../../../../index.asp"
MM_grantAccess=false
If Session("userssdfgfhtrh") <> "" Then
  If (true Or CStr(Session("MM_UserAuthorization"))="") Or _
         (InStr(1,MM_authorizedUsers,Session("MM_UserAuthorization"))>=1) Then
    MM_grantAccess = true
  End If
End If
If Not MM_grantAccess Then
  MM_qsChar = "?"
  If (InStr(1,MM_authFailedURL,"?") >= 1) Then MM_qsChar = "&"
  MM_referrer = Request.ServerVariables("URL")
  if (Len(Request.QueryString()) > 0) Then MM_referrer = MM_referrer & "?" & Request.QueryString()
  MM_authFailedURL = MM_authFailedURL & MM_qsChar & "accessdenied=" & Server.URLEncode(MM_referrer)
  Response.Redirect(MM_authFailedURL)
End If
%>
<%
server_vv=len(Request.ServerVariables("SERVER_NAME"))
server_v1=left(Cstr(Request.ServerVariables("HTTP_REFERER")),server_vv)
server_v2=left(Cstr("http://"&Request.ServerVariables("SERVER_NAME")),server_vv)
if server_v1<>server_v2 and server_v1<>"" and server_v2<>"" then
response.write("<script>alert('错误：禁止从站点外部提交数据!.')</script>")
response.end
end if
%>
<%dim re
re= Request.ServerVariables("http_referer")
if re = "" then %>
<script language="javascript">
alert("非法访问！");history.go(-1)
</script>
<%response.end()
end if%>
<!--#include file="../../../../Connections/oavbsconn.asp" -->
<% if left(request("u"),33)<> "../../../../dataandfiles/files/hr" then%>
<script language="javascript">
{
alert("您不能删除远程或系统图片,图片记录已为你删除!")
}
</script>
<%'response.end()
end if%>

<%
Dim Recordset2__d
Recordset2__d = "1"
If (request("d")  <> "") Then 
  Recordset2__d = request("d") 
End If
%>
<%
Dim Recordset2
Dim Recordset2_numRows
Set Recordset2 = Server.CreateObject("ADODB.Recordset")
Recordset2.ActiveConnection = MM_oavbsconn_STRING
Recordset2.Source = "SELECT *  FROM 用户基本自资料vfsrgftvrtrefverfcadfc  WHERE id=" + Replace(Recordset2__d, "'", "''") + ""
Recordset2.CursorType = 0
Recordset2.CursorLocation = 2
Recordset2.LockType = 3
Recordset2.Open()
if not Recordset2.eof or not Recordset2.bof then 
Recordset2("照片路径")="../bbs/oabbsimg/noimg.gif"
Recordset2("照片名")=""
Recordset2("照片大小")=""
Recordset2.update
Recordset2_numRows = 0
Recordset2.Close()
Set Recordset2 = Nothing
end if
%>
<%on error resume next
  Dim objFSO
  Set objFSO = Server.CreateObject("Scripting.FileSystemObject")
If objFSO.FileExists(Server.MapPath(request("u"))) Then
objFSO.DeleteFile Server.MapPath(request("u")),True
   Else
    ' Response.Write Server.MapPath(request("u"))&"不存在，无法进行删除"
   End If
  Set objFSO = Nothing
%>
<%
if(request("id") <> "") then Command1__varid = request("id")
%>
<%
set Command1 = Server.CreateObject("ADODB.Command")
Command1.ActiveConnection = MM_oavbsconn_STRING
Command1.CommandText = "DELETE FROM 电子附件  WHERE ID=" + Replace(Command1__varid, "'", "''") + " and 属性='照片' "
Command1.CommandType = 1
Command1.CommandTimeout = 0
Command1.Prepared = true
Command1.Execute()
%>
<script language="javascript">
{
("数据不存在！");history.go(-1)
}
</script>

<%'response.redirect ("../../upimg.asp")%>