帮忙修复asp上传的bug解决办法
日期:2014-05-17 浏览次数:21069 次
帮忙修复asp上传的bug
帮忙修复一个一个asp的bug,这个上传限制了上传类型,gif,jpg,bmp,jpeg,png,但是还可以上传asp的文件,请问如何修复他,这个上传指定的路径是/upimg/files/small/ ,
利用 这样的语句
Content-Disposition: form-data; name="file1";
filename="E:xxxxxxxx./../okokok/111.asp;.gif"
就能够上传别的目录上,请问如何修复?
<!--#include file="conn.asp" -->
<!--#include file="checklogin.asp" -->
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<link href="images/css.css" rel="stylesheet" type="text/css">
<!--#include file="ul.inc"-->
<%dim ok9
ok9=0
Set Upload = New UpFile_Class
Upload.InceptFileType = "gif,jpg,bmp,jpeg,png"
Upload.MaxSize = 102400 '--100kb
Upload.GetDate()
If Upload.Err > 0 Then
Select Case Upload.Err
Case 1 : Response.Write "请先选择你要上传的文件 [ <a href=# onclick=history.go(-1)>重新上传</a> ]"
Case 2 : Response.Write "图片大小超过了限制 "&Dvbbs.Forum_Setting(56)&"K [ <a href=# onclick=history.go(-1)>重新上传</a> ]"
Case 3 : Response.Write "所上传类型不正确 [ <a href=# onclick=history.go(-1)>重新上传</a> ]"
End Select
Else
FormPath=Upload.Form("filepath")
For Each FormName in Upload.file
Set File = Upload.File(FormName)
If File.Filesize<1 Then
Response.Write "请先选择你要上传的图片 [ <a href=# onclick=history.go(-1)>重新上传</a> ]"
End If
FileExt = FixName(File.FileExt)
If Not ( CheckFileExt(FileExt) and CheckFileType(File.FileType) ) Then
Response.Write "文件格式不正确 [ <a href=# onclick=history.go(-1)>重新上传</a> ]"
End If
FileName=FormPath&UserFaceName(FileExt)
If File.FileSize>0 Then
ok9=1
File.SaveToFile Server.mappath(FileName)
'--生成缩略图---------------
'sSmallPath = BuildSmallPic(FileName,"_small","helppic", 40, 40)
response.write "<script>window.opener.document."&upload.form("FormName")&"."&upload.form("EditName")&".value='"&FileName&"'</script>"
conn.execute("update A_user set pic='"&FileName&"' where uname='"&session("username")&"'")
Response.Write "<script language=""javascript"">window.alert(""头像上传成功!"");window.location.href ='/Main.asp';</script>"
End If
Set File=Nothing
Next
End If
Set Upload=Nothing
if ok9=1 then
else
Response.Write "<script language=""javascript"">window.alert(""上传图片出错,请重新选择图片!"");history.go(-1);</script>"
end if
Private Function CheckFileExt(FileExt)
Dim ForumUpload,i
ForumUpload="gif,jpg,bmp,jpeg,png"
ForumUpload=Split(ForumUpload,",")
CheckFileExt=False
For i=0 to UBound(ForumUpload)
If LCase(FileExt)=Lcase(Trim(ForumUpload(i))) Then
CheckFileExt=True
Exit Function
End If
Next
End Function
Function FixName(UpFileExt)
If IsEmpty(UpFileExt) Then Exit Function
FixName = Lcase(UpFileExt)
FixName = Replace(FixName,Chr(0),"")
FixName = Replace(FixName,".","")
FixName = Replace(FixName,"asp","")
FixName = Replace(FixName,"asa","")
FixName = Replace(FixName,"aspx","")
FixName = Replace(FixName,"c
帮忙修复一个一个asp的bug,这个上传限制了上传类型,gif,jpg,bmp,jpeg,png,但是还可以上传asp的文件,请问如何修复他,这个上传指定的路径是/upimg/files/small/ ,
利用 这样的语句
Content-Disposition: form-data; name="file1";
filename="E:xxxxxxxx./../okokok/111.asp;.gif"
就能够上传别的目录上,请问如何修复?
<!--#include file="conn.asp" -->
<!--#include file="checklogin.asp" -->
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<link href="images/css.css" rel="stylesheet" type="text/css">
<!--#include file="ul.inc"-->
<%dim ok9
ok9=0
Set Upload = New UpFile_Class
Upload.InceptFileType = "gif,jpg,bmp,jpeg,png"
Upload.MaxSize = 102400 '--100kb
Upload.GetDate()
If Upload.Err > 0 Then
Select Case Upload.Err
Case 1 : Response.Write "请先选择你要上传的文件 [ <a href=# onclick=history.go(-1)>重新上传</a> ]"
Case 2 : Response.Write "图片大小超过了限制 "&Dvbbs.Forum_Setting(56)&"K [ <a href=# onclick=history.go(-1)>重新上传</a> ]"
Case 3 : Response.Write "所上传类型不正确 [ <a href=# onclick=history.go(-1)>重新上传</a> ]"
End Select
Else
FormPath=Upload.Form("filepath")
For Each FormName in Upload.file
Set File = Upload.File(FormName)
If File.Filesize<1 Then
Response.Write "请先选择你要上传的图片 [ <a href=# onclick=history.go(-1)>重新上传</a> ]"
End If
FileExt = FixName(File.FileExt)
If Not ( CheckFileExt(FileExt) and CheckFileType(File.FileType) ) Then
Response.Write "文件格式不正确 [ <a href=# onclick=history.go(-1)>重新上传</a> ]"
End If
FileName=FormPath&UserFaceName(FileExt)
If File.FileSize>0 Then
ok9=1
File.SaveToFile Server.mappath(FileName)
'--生成缩略图---------------
'sSmallPath = BuildSmallPic(FileName,"_small","helppic", 40, 40)
response.write "<script>window.opener.document."&upload.form("FormName")&"."&upload.form("EditName")&".value='"&FileName&"'</script>"
conn.execute("update A_user set pic='"&FileName&"' where uname='"&session("username")&"'")
Response.Write "<script language=""javascript"">window.alert(""头像上传成功!"");window.location.href ='/Main.asp';</script>"
End If
Set File=Nothing
Next
End If
Set Upload=Nothing
if ok9=1 then
else
Response.Write "<script language=""javascript"">window.alert(""上传图片出错,请重新选择图片!"");history.go(-1);</script>"
end if
Private Function CheckFileExt(FileExt)
Dim ForumUpload,i
ForumUpload="gif,jpg,bmp,jpeg,png"
ForumUpload=Split(ForumUpload,",")
CheckFileExt=False
For i=0 to UBound(ForumUpload)
If LCase(FileExt)=Lcase(Trim(ForumUpload(i))) Then
CheckFileExt=True
Exit Function
End If
Next
End Function
Function FixName(UpFileExt)
If IsEmpty(UpFileExt) Then Exit Function
FixName = Lcase(UpFileExt)
FixName = Replace(FixName,Chr(0),"")
FixName = Replace(FixName,".","")
FixName = Replace(FixName,"asp","")
FixName = Replace(FixName,"asa","")
FixName = Replace(FixName,"aspx","")
FixName = Replace(FixName,"c
免责声明: 本文仅代表作者个人观点,与爱易网无关。其原创性以及文中陈述文字和内容未经本站证实,对本文以及其中全部或者部分内容、文字的真实性、完整性、及时性本站不作任何保证或承诺,请读者仅作参考,并请自行核实相关内容。
