iis截取到的数据是完整的cs.asp:.jpg 但是上传过去的文件应该由于windows不允许带:文件名 所以iis直接去掉了:后面的 这个和%00截断应该不是一样,%00截断是直接截断了后面的 这样的话如果在前面有检测就无法通过检测了。
- 1 <form action=”1.asp?s=ys” method=”post”
- 2 enctype=”multipart/form-data” name=”form1″>
- 3 file:<input name=”FormNameItem” type=”file” />
- 4 <button type=”submit”>提交</button>
- 5 </form>
- 6 <%
- 7 if len(Request(“s”))>0 then
- 8 Set oFileObj = New UpFileClass
- 9 oFileObj.GetData
- 10 For Each FormNameItem in oFileObj.File
- 11 FileName = oFileObj.File(FormNameItem).FileName
- 12 FileExtName = oFileObj.File(FormNameItem).FileExt
- 13 FileContent = oFileObj.File(FormNameItem).FileData
- 14 oFileObj.File(FormNameItem).SaveToFile server.MapPath(“\”) &
- 15 Response.Write server.MapPath(“\”) & “\0.asp:.jpg OK!”
- 16 23.Next
- 17 end if
- 18 Dim UpFileStream
- 19 Class UpFileClass
- 20 Dim Form,File,Err
- 21 Private Sub Class_Initialize
- 22 Err = -1
- 23 End Sub
- 24 Private Sub Class_Terminate
- 25 ’清除变量及对像 www.2cto.com
- 26 If Err < 0 Then
- 27 Form.RemoveAll
- 28 Set Form = Nothing
- 29 File.RemoveAll
- 30 Set File = Nothing
- 31 UpFileStream.Close 40.Set UpFileStream = Nothing
- 32 End If 42.End Sub
- 33 Public Property Get ErrNum()
- 34 ErrErrNum = Err 46.End Property
- 35 Public Sub GetData ()
- 36 ’定义变量
- 37 Dim RequestBinData,sSpace,bCrLf,sObj,iObjStart,iObjEnd,tStrea
- 38 Dim iFileSize,sFilePath,sFileType,sFormValue,sFileName
- 39 Dim iFindStart,iFindEnd
- 40 Dim iFormStart,iFormEnd,sFormName
- 41 ’代码开始56.If Request.TotalBytes < 1 Then ‘如果没有数据
- 42 Err = 1
- 43 Exit Sub
- 44 End If
- 45 Set Form = CreateObject (“Scripting.Dictionary”)
- 46 Form.CompareMode = 1
- 47 Set File = CreateObject (“Scripting.Dictionary”)
- 48 File.CompareMode = 1
- 49 Set tStream = CreateObject (“ADODB.Stream”)
- 50 Set UpFileStream = CreateObject (“ADODB.Stream”)
- 51 UpFileStream.Type = 1
- 52 UpFileStream.Mode = 3
- 53 UpFileStream.Open
- 54 dim ReadedBytes,ChunkBytes
- 55 ReadedBytes=0
- 56 ChunkBytes=1024*100 ’100K分块上传方案
- 57 Do While ReadedBytes < Request.TotalBytes
- 58 UpFileStream.Write Request.BinaryRead(ChunkBytes)
- 59 ReadedBytesReadedBytes = ReadedBytes + ChunkBytes
- 60 If ReadedBytes > Request.TotalBytes Then ReadedBytes = Reque
- 61 Loop
- 62 ’UpFileStream.Write (Request.BinaryRead(Request.TotalBytes))
- 63 UpFileStream.Position = 0
- 64 RequestBinData=UpFileStream.Read
- 65 iFormEnd = UpFileStream.Size
- 66 bCrLf = ChrB (13) & ChrB (10)
- 67 .’取得每个项目之间的分隔符84.sSpace=Mi
- 68 RequestBinData,bCrLf)-1) 85.iStart=LenB (sSpace)
- 69 iFormStart = iStart+2 87.’分解项目
- 70 Do
- 71 iObjEnd=InStrB(iFormStart,RequestBinData,bCrLf & bCrLf)+3
- 72 tStream.Type = 1
- 73 tStream.Mode = 3
- 74 tStream.Open 93.UpFileStream.Position = iFormStart
- 75 UpFileStream.CopyTo tStream,iObjEnd-iFormStart
- 76 tStream.Position = 0
- 77 tStream.Type = 2 97.tStream.CharSet = “gb2312″
- 78 sObj = tStream.ReadText
- 79 ’取得表单项目名称100.iFormStart = InStrB (iObjEnd,RequestBinData,sSpace)-1
- 80 iFindStart = InStr (22,sObj,”name=”"”,1)+6
- 81 iFindEnd = InStr (iFindStart,sObj,”"”",1)
- 82 sFormName = Mid (sObj,iFindStart,iFindEnd-iFindStart)
- 83 ’如果是文件105.If InStr (45,sObj,”filename=”"”,1) > 0 Then 106.Set oFileObj = new FileObj_Class
- 84 ’取得文件属性
- 85 iFindStart = InStr (iFindEnd,sObj,”filename=”"”,1)+10
- 86 iFindEnd = InStr (iFindStart,sObj,”"”",1)
- 87 sFileName = Mid (sObj,iFindStart,iFindEnd-iFindStart)
- 88 oFileObj.FileName = Mid (sFileName,InStrRev (sFileNam
- 89 oFileObj.FilePath = Left (sFileName,InStrRev (sFileName,
- 90 oFileObj.FileExt = Mid (sFileName,InStrRev (sFileName, “
- 91 iFindStart = InStr (iFindEnd,sObj,”Content-Type: “,1)+14
- 92 iFindEnd = InStr (iFindStart,sObj,vbCr)
- 93 oFileObj.FileType = Mid (sObj,iFindStart,iFindEnd-iFindSt
- 94 oFileObj.FileStart = iObjEnd
- 95 oFileObj.FileSize = iFormStart -iObjEnd -2
- 96 oFileObj.FormName = sFormName
- 97 File.add sFormName,oFileObj
- 98 else
- 99 ’如果是表单项目
- 100 tStream.Close
- 101 tStream.Type = 1
- 102 tStream.Mode = 3
- 103 tStream.Open
- 104 UpFileStream.Position = iObjEnd
- 105 UpFileStream.CopyTo tStream,iFormStart-iObjEnd-2
- 106 tStream.Position = 0
- 107 tStream.Type = 2
- 108 tStream.CharSet = “gb2312″
- 109 sFormValue = tStream.ReadText
- 110 If Form.Exists(sFormName)Then
- 111 Form (sFormName) = Form (sFormName) & “, ” & sForm
- 112 else
- 113 form.Add sFormName,sFormValue
- 114 End If
- 115 End If
- 116 tStream.Close
- 117 iFormStartiFormStart = iFormStart+iStart+2
- 118 ’如果到文件尾了就退出
- 119 Loop Until (iFormStart+2) >= iFormEnd
- 120 RequestBinData = “”
- 121 Set tStream = Nothing
- 122 Set KS=Nothing
- 123 End Sub
- 124 End Class
- 125 ’—————————————————————
- 126 ’文件属性类
- 127 Class FileObj_Class
- 128 Dim FormName,FileName,FilePath,FileSize,FileType,FileS
- 129 ’保存文件方法154.Public Function SaveToFile (Path)
- 130 ’On Error Resume Next
- 131 Dim oFileStream
- 132 Set oFileStream = CreateObject (“ADODB.Stream”)
- 133 oFileStream.Type = 1
- 134 oFileStream.Mode = 3
- 135 oFileStream.Open
- 136 UpFileStream.Position = FileStart
- 137 UpFileStream.CopyTo oFileStream,FileSize
- 138 oFileStream.SaveToFile Path,2
- 139 oFileStream.Close
- 140 Set oFileStream = Nothing
- 141 Set KS=Nothing
- 142 End Function
- 143 ’取得文件数据
- 144 Public Function FileData
- 145 UpFileStream.Position = FileStart
- 146 FileData = UpFileStream.Read (FileSize)
- 147 End Function
- 148 End Class
- 149 %>