randomize
ranNum=int(90000*rnd)+10000
filename=filepath&year(now)&month(now)&day(now)&hour(now)&minute(now)&second(now)&ranNum&"."&fileExt
%>
<%
if file.FileSize>0 then ''如果 FileSize > 0 说明有文件数据
file.SaveToFile Server.mappath(FileName) '典型的没有过滤上传类型
'response.write file.FileName&" 上传成功! <br>"
'response.write "新文件名:"&FileName&"<br>"
'response.write "新文件名已复制到所需的位置,可关闭窗口!"
....部分代码略
-------------------------------------------------------------------------------------------
我们只要编写几行代码就可以对我们要禁止上传的文件类型进行过滤
<%
dim bux,X,i
x="exe|asp|asa|rar|mdb|cer"
bux=split(x,"|")
set upload=new upload_file
if upload.form("act")="uploadfile" then
filepath=trim(upload.form("filepath"))
filelx=trim(upload.form("filelx"))
for each formName in upload.File
set file=upload.File(formName)
fileExt=lcase(file.FileExt) '得到的文件扩展名不含有.
if file.filesize<100 then
response.write "<script language=javascript>alert('请先选择你要上传的文件!');history.go(-1);</script>"
response.end
end if
randomize
ranNum=int(90000*rnd)+10000
filename=filepath&year(now)&month(now)&day(now)&hour(now)&minute(now)&second(now)&ranNum&"."&fileExt
%>
<%
if file.FileSize>0 then ''如果 FileSize > 0 说明有文件数据
response.write ubound(bux)
for i = 0 to ubound(bux)
if fileExt=bux(i) then
response.write "<script language=javascript>alert('禁止上传此类型!');history.go(-1);</script>"
response.end 'file.SaveAs Server.mappath(filename)
end if
next
file.SaveToFile Server.mappath(FileName) '保存文件
'response.write file.FileName&" 上传成功! <br>"
'response.write "新文件名:"&FileName&"<br>"
'response.write "新文件名已复制到所需的位置,可关闭窗口!"
response.write fileExt
%>