📄 user_upload.asp
字号:
<!--#include file="mdb.asp"-->
<!--#include file="inc/config.asp"-->
<!--#include file="inc/inc.asp"-->
<!--#include file="Inc/format.asp"-->
<%
'****************************************************
if UserLogined<>True then
response.write"<SCRIPT language=JavaScript>alert(' 请登陆后操作,谢谢您的支持 !');"
response.write"JavaScript:window.close()</SCRIPT>"
response.end
end if
%>
<script language=javascript>
if (top.location==self.location){
top.location="index.asp"
}
</script>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<style type="text/css">
<!--
Body
{
background-position: center center;
font-size: 12px;
line-height: 20px;
color: #333333;
}
a{font-style:normal;text-decoration:none;font-size:9pt;color:#000000;}
-->
</style>
<body leftmargin="0" topmargin="0" bgColor="#FFFFFF">
<%
dim uploadingnum,i,action,savepath,mymoney,ckuname
userid=Hx66_uid
action=request("action")
if Hx66_name="" or userid="" then response.end
userid=checknum(userid)
if isnull(userid) or userid="" then response.end
uploadsize=checknum(uploadsize)
uploadnum=checknum(uploadnum)
if action="headpic" then uploadtype="gif|jpg":uploadsize=30:savepath="upload/headpic"
if action="pic" then uploadtype=lcase(uploadtype):savepath="upload"
if action="url" then uploadtype=lcase(uploadtype):savepath="upload"
if Hx66_name<>"" then
sql="select count(*) from upload where name='"&Hx66_name&"' and uploadtime>=#"&formatdatetime(formatdatetime(now,2))&"#"
set rs=conn.execute(sql)
today_num=rs(0)
rs.close
if not(isnumeric(today_num)) then today_num=0
if int(today_num)>=int(uploadnum) then
'upload_nums=false
response.write "<font color=red>注意</font>:您今天已上传<font color=red>"&today_num&"</font>个文件,每天只能上传<font color=red>"&uploadnum&"</font>个文件。"
response.end
end if
end if
uploadingnum=checknum(session("uploadingnum"))
if uploadingnum>uploadnum-1 then
response.write " 一次只能上传 <b>"&uploadingnum&"</b> 个文件!"
response.end
end if
UserGrade=conn.execute("select top 1 UserGrade from [user] where username='"&Hx66_name&"'")(0)
if UserGrade+1<canupload then
response.write" <font color=red>你没有文件上传的权限或上传已关闭</font>"
response.end
end if
%>
<SCRIPT RUNAT=SERVER LANGUAGE=VBSCRIPT>
dim upfile_hx66_Stream
Class upload_hx66
dim Form,File,Version
Private Sub Class_Initialize
dim iStart,iFileNameStart,iFileNameEnd,iEnd,vbEnter,iFormStart,iFormEnd,theFile
dim strDiv,mFormName,mFormValue,mFileName,mFileSize,mFilePath,iDivLen,mStr
Version=""
if Request.TotalBytes<1 then Exit Sub
set Form=CreateObject("Scripting.Dictionary")
set File=CreateObject("Scripting.Dictionary")
set upfile_hx66_Stream=CreateObject("Adodb.Stream")
upfile_hx66_Stream.mode=3
upfile_hx66_Stream.type=1
upfile_hx66_Stream.open
upfile_hx66_Stream.write Request.BinaryRead(Request.TotalBytes)
vbEnter=Chr(13)&Chr(10)
iDivLen=inString(1,vbEnter)+1
strDiv=subString(1,iDivLen)
iFormStart=iDivLen
iFormEnd=inString(iformStart,strDiv)-1
while iFormStart < iFormEnd
iStart=inString(iFormStart,"name=""")
iEnd=inString(iStart+6,"""")
mFormName=subString(iStart+6,iEnd-iStart-6)
iFileNameStart=inString(iEnd+1,"filename=""")
if iFileNameStart>0 and iFileNameStart<iFormEnd then
iFileNameEnd=inString(iFileNameStart+10,"""")
mFileName=subString(iFileNameStart+10,iFileNameEnd-iFileNameStart-10)
iStart=inString(iFileNameEnd+1,vbEnter&vbEnter)
iEnd=inString(iStart+4,vbEnter&strDiv)
if iEnd>iStart then
mFileSize=iEnd-iStart-4
else
mFileSize=0
end if
set theFile=new FileInfo
theFile.FileName=getFileName(mFileName)
theFile.FilePath=getFilePath(mFileName)
theFile.FileSize=mFileSize
theFile.FileStart=iStart+4
theFile.FormName=FormName
file.add mFormName,theFile
else
iStart=inString(iEnd+1,vbEnter&vbEnter)
iEnd=inString(iStart+4,vbEnter&strDiv)
if iEnd>iStart then
mFormValue=subString(iStart+4,iEnd-iStart-4)
else
mFormValue=""
end if
form.Add mFormName,mFormValue
end if
iFormStart=iformEnd+iDivLen
iFormEnd=inString(iformStart,strDiv)-1
wend
End Sub
Private Function subString(theStart,theLen)
dim i,c,stemp
upfile_hx66_Stream.Position=theStart-1
stemp=""
for i=1 to theLen
if upfile_hx66_Stream.EOS then Exit for
c=ascB(upfile_hx66_Stream.Read(1))
If c > 127 Then
if upfile_hx66_Stream.EOS then Exit for
stemp=stemp&Chr(AscW(ChrB(AscB(upfile_hx66_Stream.Read(1)))&ChrB(c)))
i=i+1
else
stemp=stemp&Chr(c)
End If
Next
subString=stemp
End function
Private Function inString(theStart,varStr)
dim i,j,bt,theLen,str
InString=0
Str=toByte(varStr)
theLen=LenB(Str)
for i=theStart to upfile_hx66_Stream.Size-theLen
if i>upfile_hx66_Stream.size then exit Function
upfile_hx66_Stream.Position=i-1
if AscB(upfile_hx66_Stream.Read(1))=AscB(midB(Str,1)) then
InString=i
for j=2 to theLen
if upfile_hx66_Stream.EOS then
inString=0
Exit for
end if
if AscB(upfile_hx66_Stream.Read(1))<>AscB(MidB(Str,j,1)) then
InString=0
Exit For
end if
next
if InString<>0 then Exit Function
end if
next
End Function
Private Sub Class_Terminate
form.RemoveAll
file.RemoveAll
set form=nothing
set file=nothing
upfile_hx66_Stream.close
set upfile_hx66_Stream=nothing
End Sub
Private function GetFilePath(FullPath)
If FullPath <> "" Then
GetFilePath = left(FullPath,InStrRev(FullPath, "\"))
Else
GetFilePath = ""
End If
End function
Private function GetFileName(FullPath)
If FullPath <> "" Then
GetFileName = mid(FullPath,InStrRev(FullPath, "\")+1)
Else
GetFileName = ""
End If
End function
Private function toByte(Str)
dim i,iCode,c,iLow,iHigh
toByte=""
For i=1 To Len(Str)
c=mid(Str,i,1)
iCode =Asc(c)
If iCode<0 Then iCode = iCode + 65535
If iCode>255 Then
iLow = Left(Hex(Asc(c)),2)
iHigh =Right(Hex(Asc(c)),2)
toByte = toByte & chrB("&H"&iLow) & chrB("&H"&iHigh)
Else
toByte = toByte & chrB(AscB(c))
End If
Next
End function
End Class
Class FileInfo
dim FormName,FileName,FilePath,FileSize,FileStart
Private Sub Class_Initialize
FileName = ""
FilePath = ""
FileSize = 0
FileStart= 0
FormName = ""
End Sub
Public function SaveAs(FullPath)
dim dr,ErrorChar,i
SaveAs=1
if trim(fullpath)="" or FileSize=0 or FileStart=0 or FileName="" then exit function
if FileStart=0 or right(fullpath,1)="/" then exit function
set dr=CreateObject("Adodb.Stream")
dr.Mode=3
dr.Type=1
dr.Open
upfile_hx66_Stream.position=FileStart-1
upfile_hx66_Stream.copyto dr,FileSize
dr.SaveToFile FullPath,2
dr.Close
set dr=nothing
SaveAs=0
end function
End Class
</SCRIPT>
<%
dim upNum
dim uploadsuc
dim Forumupload
dim ranNum
dim uploadfiletype
dim upload,file,formName,iCount,filename,fileExt
call upload_0()
sub upload_0()
set upload=new upload_hx66 ''建立上传对象
response.write "<body leftmargin=5 topmargin=3>"
iCount=0
for each formName in upload.file ''列出所有上传了的文件
set file=upload.file(formName) ''生成一个文件对象
if file.filesize<100 then
response.write "请先选择你要上传的文件 [ <a href=# onclick=history.go(-1)>重新上传</a> ]"
response.end
end if
if file.filesize>uploadsize*1000 then
response.write "文件大小超过了限制 "&uploadsize&" K [ <a href=# onclick=history.go(-1)>重新上传</a> ]"
response.end
end if
dim sfileExt
sfileExt=split(file.filename,".")
fileExt="."&sfileExt(ubound(sfileExt))
fileExt=lcase(fileExt)
uploadsuc=false
Forumupload=split(uploadtype,"|")
for i=0 to ubound(Forumupload)
if fileEXT="."&trim(Forumupload(i)) then
uploadsuc=true
exit for
else
uploadsuc=false
end if
next
'添加禁止上传脚本类型 2006.2.3 Hxcms
if fileExt=".asp" or fileExt=".php" or fileExt=".jsp" or fileExt=".cer" or fileExt=".htr" or fileExt=".cdx" or fileExt=".shtml" or fileExt=".asa" then uploadsuc=false
'结束
if uploadsuc=false then
response.write "文件格式不正确 [ <a href=# onclick=history.go(-1)>重新上传</a> ]"
response.end
end if
filename=ctime&"-"&userid&fileExt
if action="headpic" then filename=userid&fileExt
if file.FileSize>0 then ''如果 FileSize > 0 说明有文件数据
file.SaveAs Server.mappath(savepath&"/"&FileName) ''保存文件
for i=0 to ubound(Forumupload)
if fileEXT="."&trim(Forumupload(i)) then
if action="pic" then
conn.execute("insert into upload(filename,filetype,name,totable) values('"&filename&"','"&fileExt&"','"&Hx66_name&"',0)")
response.write "<script>parent.form2.pic.value+='upload/"&FileName&"'</script>"
end if
if action="url" then
conn.execute("insert into upload(filename,filetype,name,totable) values('"&filename&"','"&fileExt&"','"&Hx66_name&"',0)")
response.write "<script>parent.form2.url.value+='upload/"&FileName&"'</script>"
end if
if action="headpic" then
response.write "<script>parent.form2.mypic.value='upload/headpic/"&FileName&"'</script>"
end if
exit for
end if
next
iCount=iCount+1
end if
set file=nothing
next
set upload=nothing
Htmend iCount&" 个文件上传结束!"
end sub
sub HtmEnd(Msg)
if action="pic" or action="url" or action="body" then
session("uploadingnum")=uploadingnum+1
response.write " <b>"&session("uploadingnum")&"</b>文件上传成功:<a href='upload/"&action&"/"&FileName&"' target=_blank>"&FileName&"</a>>> <a href=user_upload.asp?action="&action&">继续上传</a>"
response.end
elseif action="headpic" then
response.write"头像上传成功,<a href=user_upload.asp?action=headpic>重新上传</a>。"
end if
end sub
function ctime
ctime = now()
ctime = replace(ctime,"-","")
ctime = replace(ctime," ","")
ctime = replace(ctime,":","")
ctime = replace(ctime,"/","")
ctime = replace(ctime,"\","")
ctime = replace(ctime,"PM","")
ctime = replace(ctime,"AM","")
ctime = replace(ctime,"上午","")
ctime = replace(ctime,"下午","")
end function
action=request("action")
select case action
case"headpic"
%>
<form name="form1" method="post" action="?action=headpic" enctype="multipart/form-data" >
<input type="hidden" name="act" value="upload">
<input type="file" name="file1" size=10>
<input type="submit" name="Submit" value="上传"> <select size="1" name="D1" style="font-size: 9pt">
<option>类型</option>
<option>gif</option>
<option>jpg</option>
</select> 头像限制:<%=uploadsize%> K
</form>
<%case"pic"%>
<form name="form" method="post" action="?action=pic" enctype="multipart/form-data">
<input type="hidden" name="act" value="upload">
<input type="file" name="file1" size=10><input type="submit" name="Submit" value="上传"> <select size="1" name="D1" style="font-size: 9pt">
<option>类型</option>
<%
uploadtype=split(uploadtype,"|")
for i=0 to ubound(uploadtype)
response.write"<option>"&uploadtype(i)&"</option>"
next
%>
</select>(今天<font color=red><%=today_num%></font>个,每天<b><font color=red><%=uploadnum%></font></b>个,<=<b><%=uploadsize%></b>K)
</form>
<%case"url"%>
<form name="form2" method="post" action="?action=url" enctype="multipart/form-data">
<input type="hidden" name="act" value="upload">
<input type="file" name="file1" size=10><input type="submit" name="Submit" value="上传"> <select size="1" name="D1" style="font-size: 9pt">
<option>类型</option>
<%
uploadtype=split(uploadtype,"|")
for i=0 to ubound(uploadtype)
response.write"<option>"&uploadtype(i)&"</option>"
next
%>
</select>(今天<font color=red><%=today_num%></font>个,每天<b><font color=red><%=uploadnum%></font></b>个,<=<b><%=uploadsize%></b>K)
</form>
<%end select%>
</body>
</html>⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -