saveallowfddfupost.asp

本oa系统内部短信.手机短信.文件传输.公文收发.邮件服务.共享下载.内部论坛等功能

<%  
Response.ExpiresAbsolute=now()-1
Response.CacheControl="no-cache"
%>
<%
' *** Restrict Access To Page: Grant or deny access to this page
MM_authorizedUsers=""
MM_authFailedURL="../adminlogin666.asp"
MM_grantAccess=false
If Session("MM_Usernamesyslogin") <> "" Then
  If (true Or CStr(Session("MM_UserAuthorization"))="") Or _
         (InStr(1,MM_authorizedUsers,Session("MM_UserAuthorization"))>=1) Then
    MM_grantAccess = true
  End If
End If
If Not MM_grantAccess Then
  MM_qsChar = "?"
  If (InStr(1,MM_authFailedURL,"?") >= 1) Then MM_qsChar = "&"
  MM_referrer = Request.ServerVariables("URL")
  if (Len(Request.QueryString()) > 0) Then MM_referrer = MM_referrer & "?" & Request.QueryString()
  MM_authFailedURL = MM_authFailedURL & MM_qsChar & "accessdenied=" & Server.URLEncode(MM_referrer)
  Response.Redirect(MM_authFailedURL)
End If
%>
<!--#include file="../../Connections/oavbsconn.asp" -->
<%
Dim Recordset1__MMColParam
Recordset1__MMColParam = "1"
If (Request("id") <> "") Then 
  Recordset1__MMColParam = Request("id")
End If
%>
<% dim littype
littype=request("f")
%>
<% if littype="" then %>
<script language="javascript">
{
alert("请输入文件类型，谢谢！");history.go(-1)
}
</script>
<%response.end
end if%>


<%if left(littype,1)<>"." then %>
<script language="javascript">
{
alert("文件类型需以.为开头");history.go(-1)
}
</script>
<%response.end
end if%>
<%
Dim ftype__MMColParam
ftype__MMColParam = "1"
If ("|"&fileformat&"|" <> "") Then 
  ftype__MMColParam =  "|"&littype&"|"
End If
Dim ftype
Dim ftype_numRows
Set ftype = Server.CreateObject("ADODB.Recordset")
ftype.ActiveConnection = MM_oavbsconn_STRING
ftype.Source = "SELECT 类别  FROM xzfilesuploadasfdgsdgrwt  WHERE xzfupload like '%" + Replace(ftype__MMColParam, "'", "''") + "%' and 类别='xztype'"
ftype.CursorType = 0
ftype.CursorLocation = 2
ftype.LockType = 1
ftype.Open()
ftype_numRows = 0
if not ftype.eof or not ftype.bof then 
ftype.Close()
set ftype = Nothing
response.write"<script>alert('"&Session("names")&"很抱歉，您提交的"&littype&"文件类型，系统安全机制不允许。');location='"&request.ServerVariables("HTTP_REFERER")&"'</script>"
response.end
end if
%>


<%
Dim cunzai__MMColParam
cunzai__MMColParam = "1"
If (Request.Form("f") <> "") Then 
  cunzai__MMColParam = Request.Form("f")
End If
%>
<%
Dim cunzai__varid
cunzai__varid = "1"
If (Request.Form("id")  <> "") Then 
  cunzai__varid = Request.Form("id") 
End If
%>
<%
Dim cunzai
Dim cunzai_numRows
Set cunzai = Server.CreateObject("ADODB.Recordset")
cunzai.ActiveConnection = MM_oavbsconn_STRING
cunzai.Source = "SELECT *  FROM xztypfilealooswtoacessdsfgfsg  WHERE 允许文件类型 = '" + Replace(cunzai__MMColParam, "'", "''") + "' and id<>" + Replace(cunzai__varid, "'", "''") + ""
cunzai.CursorType = 0
cunzai.CursorLocation = 2
cunzai.LockType = 1
cunzai.Open()
cunzai_numRows = 0
%>
<%if not cunzai.bof or not cunzai.eof then %>
<%cunzai.Close()
Set cunzai = Nothing
response.write"<script>alert('很抱歉,"&littype&"文件类型已存在，允许类型冲突。');location='"&request.ServerVariables("HTTP_REFERER")&"'</script>"
response.end
end if%>

<%
Dim Recordset1
Dim Recordset1_numRows
Set Recordset1 = Server.CreateObject("ADODB.Recordset")
Recordset1.ActiveConnection = MM_oavbsconn_STRING
Recordset1.Source = "SELECT *  FROM xztypfilealooswtoacessdsfgfsg  WHERE ID = " + Replace(Recordset1__MMColParam, "'", "''") + "  ORDER BY 添加时间 DESC"
Recordset1.CursorType = 0
Recordset1.CursorLocation = 3
Recordset1.LockType = 3
Recordset1.Open()
if not Recordset1.eof  or not  Recordset1.bof then 
dim oldxztype
oldxztype="|"&Recordset1("允许文件类型")&"|"
Recordset1("允许文件类型")=littype
Recordset1.update
Recordset1_numRows = 0
%>
<%
Recordset1.Close()
Set Recordset1 = Nothing
%>
<%
cunzai.Close()
Set cunzai = Nothing
%>
<%
Dim allow
Dim allow_numRows
Set allow = Server.CreateObject("ADODB.Recordset")
allow.ActiveConnection =MM_oavbsconn_STRING
allow.Source = "SELECT *  FROM xzfilesuploadasfdgsdgrwt  WHERE 类别 = 'allow'"
allow.CursorType = 0
allow.CursorLocation = 2
allow.LockType = 3
allow.Open()
allow_numRows = 0
%>
<%if not allow.eof or not allow.bof then
allow("xzfupload")=replace(allow("xzfupload"),oldxztype,"|"&littype&"|")
allow.update
end if
%>
<%
allow.Close()
Set allow = Nothing
%>
<% response.Redirect("allowtoaccess.asp")%>
<%else%>
<%response.write"<script>alert('本文件类型不存在!');location='"&request.ServerVariables("HTTP_REFERER")&"'</script>"
response.end
end if%>