到底它在哪里就插入了数据库……有请高手指教
admin_upload.asp--------------------------------
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<title></title>
<link href="style.CSS" rel="stylesheet" type="text/css">
<style type="text/css">
<!--
body {
margin-left: 0px;
margin-top: 0px;
margin-right: 0px;
margin-bottom: 0px;
}
-->
</style><body>
<table width="100%" border="0" cellpadding="0" cellspacing="0">
<tr>
<td>
<form action="admin_upfile.asp" method="post" enctype="multipart/form-data" name="form">
<input type="hidden" name="filepath" value="UploadFile">
产品缩略图:
<input name="p_pic" type="text" class="textarea" id="p_pic" value="" size="30" maxlength="100">
<input name="file" type="file" class="login_input">
<input type="submit" name="Submit" value="上传" class="login_btn">
</form></td>
</tr>
</table>
</body>
</html>
admin_upfile.asp
--------------------------------
<!--#include file="upload.asp"-->
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<title></title>
</head>
<style type="text/css">
<!--
body {
margin-left: 0px;
margin-top: 0px;
margin-right: 0px;
margin-bottom: 0px;
}
-->
</style>
<script language="JavaScript">
function click1(t)
{
parent.form1.p_pic.value = t;
}
</script>
<body>
<%
server_v1=Cstr(Request.ServerVariables("HTTP_REFERER"))
server_v2=Cstr(Request.ServerVariables("SERVER_NAME"))
if mid(server_v1,8,len(server_v2))<>server_v2 then
response.write "<br><br><center><table border=1 cellpadding=20 bordercolor=black bgcolor=#EEEEEE width=450>"
response.write "<tr><td style='font:9pt Verdana'>"
response.write "你提交的路径有误,禁止从站点外部提交数据请不要乱该参数!"
response.write "</td></tr></table></center>"
response.end
end if
dim FilePath,Object,upload,iCount,FormPath,FileExt,ArtID,FileName
FilePath=request("filepath")
set upload=new UpFile_Class
upload.GetData(10240000)
if upload.err>0 then
select case upload.err
case 1
response.write("请您先选取择要上传达室的文件 [<a href='history.go(-1)'>重新上传</a>]")
case 2
response.write("您上传的文件超出我们的限制,最大10M [<a href='history.go(-1)'>重新上传</a>]")
end select
else
FormPath=upload.Form("FilePath")
if right(FormPath,1)<>"/" then FormPath=FormPath&"/"
for each FormName in upload.File
set file=upload.file(formName)
FileExt=Lcase(file.FileExt)
if file.filesize<100 then
response.write "请先取选择您要上传的图片 [ <a href='javascript:history.go(-1)'>重新上传</a> ]"
response.end
end if
'判断文件类型
if CheckFileExt(FileExt)=False then
response.write("上传文件格式不正确 [<a href='javascript:history.go(-1)'>重新上传</a> ]")
response.end
end if
if not CheckFileContentType(file.FileType) then
response.write "格式不正确 <a href=javascript:history.go(-1)>返回</a>"
response.end
end if
tempfilename=year(now)&month(now)&day(now)&hour(now)&minute(now)&second(now)
FileName="../UploadFile/"&tempfilename&"."&FileExt
FileName1="UploadFile/"&tempfilename&"."&FileExt
if file.Filesize>0 then
file.savetoFile server.mapPath(FileName)
checksave()
end if
next
set upload=nothing
response.write ("图片上传成功! [<a href='javascript:history.go(-1)'>继续上传</a>]")
end if
Private sub checksave()
if lcase(FileExt)="swf" then
response.write "<script>parent.form1.p_jianjie.value+='[FLASH]"&filename&"[/FLASH]'</script>"
elseif lcase(FileExt)="zip" or lcase(FileExt)="rar" or lcase(FileExt)="doc" or lcase(FileExt)="xls" or lcase(FileExt)="ppt"then
response.write "<script>parent.form1.p_jianjie.value+='[URL="&filename&"]点击下载[/URL]'</script>"
elseif lcase(FileExt)="avi" or lcase(FileExt)="ram" or lcase(FileExt)="ra" then
response.write "<script>parent.form1.p_jianjie.value+='[RM=500,350]"&filename&"[/RM]'</script>"
elseif lcase(FileExt)="div" then
response.write "<script>parent.form1.p_jianjie.value+='[DIR=500,350]"&filename&"[/DIR]'</script>"
elseif lcase(FileExt)="mpg" or lcase(FileExt)="wav" or lcase(FileExt)="mp3" or lcase(FileExt)="mp4" then
response.write "<script>parent.form1.p_jianjie.value+='[MP=500,350]"&filename&"[/MP]'</script>"
elseif lcase(FileExt)="mov" or lcase(FileExt)="MiniDV" or lcase(FileExt)="AVR" or lcase(FileExt)="MPEG-1" or lcase(FileExt)="DVCPro" or lcase(FileExt)="DVCam" or lcase(FileExt)="OpenDML" or lcase(FileExt)="movie" or lcase(FileExt)="qt" or lcase(FileExt)="midi" then
response.write "<script>parent.form1.p_jianjie.value+='[QT=500,350]"&filename&"[/QT]'</script>"
else
response.write "<script>parent.form1.p_pic.value='"&FileName1&"'</script>"
end if
end sub
Private Function CheckFileExt(FileExt)
dim FileType
FileType="jpg|gif|swf|png|rar|doc|zip|xls|txt"
FileType=split(FileType,"|")
for i=0 to Ubound(FileType)
if lcase(FileExt)=Lcase(trim(Filetype(i))) then
CheckFileExt=true
exit Function
else
CheckFileExt=False
end if
next
end function
'文件Content-Type判断
Private Function CheckFileContentType(FileType)
CheckFileContentType = False
If Left(Cstr(Lcase(Trim(FileType))),6)="image/" Then CheckFileContentType = True
End Function
%>
</body>
</html>
upload.asp
-----------------------------
<%
Dim oUpFileStream
'----------------------------------------------------------------------
'文件上传类
Class UpFile_Class
Dim Form,File,Version,Err
Private Sub Class_Initialize
Version = "上传文件"
Err = -1
End Sub
Private Sub Class_Terminate
'清除变量及对像
If Err < 0 Then
Form.RemoveAll
Set Form = Nothing
File.RemoveAll
Set File = Nothing
oUpFileStream.Close
Set oUpFileStream = Nothing
End If
End Sub
Public Sub GetData (MaxSize)
'定义变量
Dim RequestBinData,sSpace,bCrLf,sInfo,iInfoStart,iInfoEnd,tStream,iStart,oFileInfo
Dim iFileSize,sFilePath,sFileType,sFormValue,sFileName
Dim iFindStart,iFindEnd
Dim iFormStart,iFormEnd,sFormName
'代码开始
If Request.TotalBytes < 1 Then '如果没有数据上传
Err = 1
Exit Sub
End If
If MaxSize > 0 Then '如果限制大小
If Request.TotalBytes > MaxSize Then
Err = 2 '如果上传的数据超出限制
Exit Sub
End If
End If
Set Form = Server.CreateObject ("Scripting.Dictionary")
= 1
Set File = Server.CreateObject ("Scripting.Dictionary")
= 1
Set tStream = Server.CreateObject ("ADODB.Stream")
Set oUpFileStream = Server.CreateObject ("ADODB.Stream")
oUpFileStream.Type = 1
oUpFileStream.Mode = 3
oUpFileStream.Open
oUpFileStream.Write Request.BinaryRead (Request.TotalBytes)
oUpFileStream.Position = 0
RequestBinData = oUpFileStream.Read
iFormEnd = oUpFileStream.Size
bCrLf = ChrB (13) & ChrB (10)
'取得每个项目之间的分隔符
sSpace = MidB (RequestBinData,1, InStrB (1,RequestBinData,bCrLf)-1)
iStart = LenB (sSpace)
iFormStart = iStart+2
'分解项目
Do
iInfoEnd = InStrB (iFormStart,RequestBinData,bCrLf & bCrLf)+3
tStream.Type = 1
tStream.Mode = 3
tStream.Open
oUpFileStream.Position = iFormStart
oUpFileStream.CopyTo tStream,iInfoEnd-iFormStart
tStream.Position = 0
tStream.Type = 2
tStream.CharSet = "gb2312"
sInfo = tStream.ReadText
'取得表单项目名称
iFormStart = InStrB (iInfoEnd,RequestBinData,sSpace)-1
iFindStart = InStr (22,sInfo,"name=""",1)+6
iFindEnd = InStr (iFindStart,sInfo,"""",1)
sFormName = Mid (sinfo,iFindStart,iFindEnd-iFindStart)
'如果是文件
If InStr (45,sInfo,"filename=""",1) > 0 Then
Set oFileInfo = new FileInfo_Class
'取得文件属性
iFindStart = InStr (iFindEnd,sInfo,"filename=""",1)+10
iFindEnd = InStr (iFindStart,sInfo,"""",1)
sFileName = Mid (sinfo,iFindStart,iFindEnd-iFindStart)
oFileInfo.FileName = trim(Mid (sFileName,InStrRev (sFileName, "\")+1))
oFileInfo.FilePath = trim(Left (sFileName,InStrRev (sFileName, "\")))
oFileInfo.FileExt = trim(Mid (sFileName,InStrRev (sFileName, ".")+1))
iFindStart = InStr (iFindEnd,sInfo,"Content-Type: ",1)+14
iFindEnd = InStr (iFindStart,sInfo,vbCr)
oFileInfo.FileType = Mid (sinfo,iFindStart,iFindEnd-iFindStart)
oFileInfo.FileStart = iInfoEnd
oFileInfo.FileSize = iFormStart -iInfoEnd -2
oFileInfo.FormName = sFormName
file.add sFormName,oFileInfo
else
'如果是表单项目
tStream.Close
tStream.Type = 1
tStream.Mode = 3
tStream.Open
oUpFileStream.Position = iInfoEnd
oUpFileStream.CopyTo tStream,iFormStart-iInfoEnd-2
tStream.Position = 0
tStream.Type = 2
tStream.CharSet = "gb2312"
sFormValue = tStream.ReadText
If Form.Exists (sFormName) Then
Form (sFormName) = Form (sFormName) & ", " & sFormValue
else
form.Add sFormName,sFormValue
End If
End If
tStream.Close
iFormStart = iFormStart+iStart+2
'如果到文件尾了就退出
Loop Until (iFormStart+2) >= iFormEnd
RequestBinData = ""
Set tStream = Nothing
End Sub
End Class
'----------------------------------------------------------------------------------------------------
'文件属性类
Class FileInfo_Class
Dim FormName,FileName,FilePath,FileSize,FileType,FileStart,FileExt
'保存文件方法
Public Function SaveToFile (Path)
On Error Resume Next
Dim oFileStream
Set oFileStream = CreateObject ("ADODB.Stream")
oFileStream.Type = 1
oFileStream.Mode = 3
oFileStream.Open
oUpFileStream.Position = FileStart
oUpFileStream.CopyTo oFileStream,FileSize
oFileStream.SaveToFile Path,2
oFileStream.Close
Set oFileStream = Nothing
End Function
'取得文件数据
Public Function FileData
oUpFileStream.Position = FileStart
FileData = oUpFileStream.Read (FileSize)
End Function
End Class
%>
