📄 admin_uploadfiles.asp
字号:
<%
Option Explicit
Response.Buffer = True
Response.Expires = -1
Response.ExpiresAbsolute = Now() - 1
%>
<!--#Include File="../Conn.asp"-->
<!--#Include File="Admin_CheckPurview.asp"-->
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312" />
<link href='Admin_Style.css' type='text/css' rel='stylesheet'>
<title><%=EL_Channel.ChannelName%></title>
<script language="javascript" src="../js/Common.js"></script>
<script language="javascript" src="../js/InstallDir.js"></script>
</head>
<body>
<%
If EL_Admin.Purview <> 1 And EL_Admin.Purview <> 2 Then
EL_Admin.ShowPurviewError("对不起!您没有足够的管理权限")
End If
Dim ArrHack
ArrHack = Split(EL_PicHack, ",")
%>
<table width="100%" border="0" cellpadding="0" cellspacing="1" class="Border">
<tr>
<td align="center" class="top_25"><strong><%=EL_Channel.ChannelName%> 上传文件管理</strong></td>
</tr>
<tr>
<td class="td_50">管理导航:<a href="Admin_Uploadfiles.asp?ChannelID=<%=EL_Channel.ChannelID%>">文件管理首页</a> | <a href="Admin_Uploadfiles.asp?ChannelID=<%=EL_Channel.ChannelID%>&Action=CheckHack">检测图片木马文件</a></td>
</tr>
</table>
<br>
<%
Select Case Action
Case "": Call Main()
Case "Delete": Call DeleteFile()
Case "Clear": Call ClearFolder()
Case "CheckHack": Call Check()
End Select
Call EL_Common.Bottom()
Call ApplicationTerminate()
Sub ClearFolder()
On Error Resume Next
Dim Folder, FSO, TheFolder, TempName
Folder = EL_Common.ELRequest("Folder", 1)
Set FSO = Server.CreateObject(Object_FSO)
Set TheFolder = FSO.GetFolder(Server.MapPath(Folder))
TempName = TheFolder.Name
TheFolder.Delete
Call FSO.CreateFolder(TempName)
Set TheFolder = Nothing
Set FSO = Nothing
Response.Redirect ComeURL
End Sub
Sub DeleteFile()
On Error Resume Next
Dim FSO, FileName, CheckObject, i
FileName = EL_Common.ELRequest("FileName", 1)
CheckObject = EL_Common.ELRequest("CheckObject", 1)
If CheckObject <> "" Then FileName = EL_Common.Join2String(FileName, CheckObject, ",")
FileName = Split(FileName, ",")
Set FSO = Server.CreateObject(Object_FSO)
For i = 0 To Ubound(FileName)
FSO.GetFile(Server.MapPath(FileName(i))).Delete
Next
Set FSO = Nothing
EL_Common.ShowScriptError()
Response.Redirect ComeURL
End Sub
Function GetSubFolder(ByVal ParentFolder)
Dim FSO, SubFolder, Folder, CurrentFolder
Set FSO = Server.CreateObject(Object_FSO)
Set CurrentFolder = FSO.GetFolder(Server.MapPath(ParentFolder))
Set SubFolder = CurrentFolder.SubFolders
GetSubFolder = ""
For Each Folder In SubFolder
GetSubFolder = GetSubFolder &"<div style='float:left; margin-right:20px;'><a href='Admin_Uploadfiles.asp?ChannelID="& EL_Channel.ChannelID &"&Folder="& EL_Common.ServerURLEncode(ParentFolder &"/"& Folder.Name) &"'><span style='text-decoration:underline; color:blue;'>"& Folder.Name &"</span></a></div>"
Next
If GetSubFolder = "" Then
GetSubFolder = "<span class=graytext>[该目录下无子目录]</span>"
Else
GetSubFolder = "<div style='float:left;'>子目录:</div>"& GetSubFolder
End If
Set SubFolder = Nothing
Set CurrentFolder = Nothing
Set FSO = Nothing
End Function
Function CheckHack(FilePath)
Dim FSO, TheFile, FileContent
Dim i
Set FSO = Server.CreateObject(Object_FSO)
Set TheFile = FSO.OpenTextFile(FilePath)
FileContent = TheFile.ReadAll
CheckHack = False
For i = 0 To Ubound(ArrHack)
If Instr(LCase(FileContent), LCase(ArrHack(i))) > 0 Then
CheckHack = True
Exit For
End If
Next
TheFile.Close()
Set TheFile = Nothing
Set FSO = Nothing
End Function
Sub SetStatus(str)
Response.Write "<scr"&"ipt>getObject('CheckStatus').innerHTML='"& Replace(str, "'", "\'") &"'</scr"&"ipt>"
Response.Flush()
End Sub
Sub Check()
On Error Resume Next
Dim CheckAction
Dim CheckResult, FolderNum, FileNum, ArrResult, HackNum, i
CheckAction = EL_Common.ELRequest("CheckAction", 2)
%>
<script language="javascript">
function CheckedAll(){
for (var i=0;i<document.myform.elements.length;i++){
var e = document.myform.elements[i];
if (e.type == 'checkbox' && e.name=='CheckObject' && e.disabled == false){
e.checked = true;
}
}
getObject("myselect").innerHTML = "[<a href='javascript:CancelAll()'>取消</a>]";
}
function CancelAll(){
for (var i=0;i<document.myform.elements.length;i++){
var e = document.myform.elements[i];
if (e.type == 'checkbox' && e.name=='CheckObject' && e.disabled == false){
e.checked = false;
}
}
getObject("myselect").innerHTML = "[<a href='javascript:CheckedAll()'>全选</a>]";
}
function CheckObject(){
var frm = getObject("myform");
for (var i=0;i<frm.elements.length;i++){
var e = frm.elements[i];
if (e.type == 'checkbox' && e.name=='CheckObject' && e.disabled == false && e.checked == true ){
return true
}
}
return false;
}
function Check(frm){
SubmitOnce(frm);
return true;
}
var JURL = "<%=EL_CurrentScriptName%>?ChannelID=<%=EL_Channel.ChannelID%>";
function doDelete(){
var frm = getObject("myform");
if(!CheckObject()){
alert("请至少选定1个文件");
return false;
}
frm.action = JURL + "&Action=Delete";
if(confirm("确定要删除选定的木马文件吗?")){
frm.submit();
return;
}
return false;
}
function doClear(f){
var frm = getObject("myform");
frm.action = JURL + "&Action=Delete&FileName="+f;
if(confirm("确定要删除所有木马文件吗?")){
frm.submit();
return;
}
return false;
}
</script>
<table width="100%" border="0" cellpadding="0" cellspacing="1" class="Border">
<tr>
<td class="top_25"><strong>图片木马检测</strong></td>
</tr>
<tr>
<td align="center" class="td_50"><span class="redText">该功能主要检测内容中包含恶意代码的图片文件[jpeg,jpg,gif,bmp,png],<br>
运行原理:遍历频道中的上传文件目录,当文件较多时,消耗资源较大,速度会比较慢!请在访问量相当少时使用。</span></td>
</tr>
<tr>
<td align="center" class="td_50"><input type="button" name="button" id="button" value=" 开始检测 " onClick="location.href='Admin_Uploadfiles.asp?ChannelID=<%=EL_Channel.ChannelID%>&Action=CheckHack&CheckAction=1'"></td>
</tr>
</table>
<%
If CheckAction = 1 Then
Server.ScriptTimeout = 999999
Response.Flush()
Response.Clear()
Response.Flush()
%>
<script language="javascript">
getObject("button").disabled = true;
</script>
<br>
<table width="100%" border="0" cellpadding="0" cellspacing="1" class="Border">
<tr>
<td class="td_50"><span id="CheckStatus"></span></td>
</tr>
</table>
<%
CheckResult = ""
FolderNum = 0
FileNum = 0
Call CheckFolder(InstallDir & EL_Channel.ChannelDir &"/"& EL_Channel.UploadDir, CheckResult, FolderNum, FileNum)
If CheckResult = "" Then
HackNum = 0
Else
ArrResult = Split(CheckResult, "|")
HackNum = Ubound(ArrResult) + 1
End If
Call SetStatus("检测完成!一共 <strong>"& FolderNum &"</strong> 个文件夹,<strong>"& FileNum &"</strong> 个文件,图片木马 <strong>"& HackNum &"</strong> 个")
If HackNum > 0 Then
Response.Write "<form name='myform' method='post' action='' onsubmit='return Check(this)'>"
Response.Write "<br><table width='100%' border='0' cellpadding='0' cellspacing='1' class='Border'>"
For i = 0 To HackNum - 1
Response.Write "<td class=""td_25"" align=""center"" width=""25%"" onmouseover=""this.className='MouseOver_25'"" onmouseout=""this.className='td_25'"">"
Response.Write "<div style='padding:5px'>"
Response.Write "<a href='"& ArrResult(i) &"' target='_blank'>"
Response.Write "<img src='"& InstallDir & AdminDir &"/Images/filetype_virus.gif" &"' width=140 height=100 border=0 >"
Response.Write "</a>"
Response.Write "<div>"
Response.Write Right(ArrResult(i), Len(ArrResult(i))-InstrRev(ArrResult(i), "/"))
Response.Write "<br>"
Response.Write "<input name='CheckObject' id='CheckObject' type='checkbox' class='nomargin' value='"& EL_Common.ServerHTMLEncode(ArrResult(i)) &"'>选择 "
Response.Write " <a href='Admin_Uploadfiles.asp?ChannelID="& EL_Channel.ChannelID &"&Action=Delete&FileName="& EL_Common.ServerURLEncode(ArrResult(i)) &"'>删除</a> "
Response.Write "</div>"
Response.Write "</div></td>"
If ((i+1) Mod 4) = 0 Then Response.Write "</tr><tr>"
Next
Response.Write "</table>"
Response.Write "<table width='100%' border='0' cellspacing='1' cellpadding='0'>"
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -