ASP文件相关的一些函数。有以下几个:
1. 得到文件扩展名
2. ASP上传文件漏洞检测
3. 格式化显示文件大小
4. asp检测上传图片是否为真实图片
5. 上传文件扩展名检测
6. 取得文件对应的图标
7. 下载文件等相关函数
![程序代码](http://cyqplay.iteye.com/admin/blogs/images/code.gif)
<%
'*******************************************************
'作 用: 得到文件扩展名
'函数名: GetFileExt(fileTrue)
'参 数: sFileName 文件名
'返回值: 返回文件扩展名
'*******************************************************
function GetFileExt (sFileName )
GetFileExt = UCase (Mid (sFileName ,InStrRev (sFileName , "." ) +1 ) )
End function
'*******************************************************
'作 用: ASP上传漏洞 "\0" 防范
'函数名: TrueStr(fileTrue)
'参 数: sFileName 文件名
'返回值: 合法文件返回 True ,否则返回False
'*******************************************************
function IsTrueFileName (sFileName )
dim str_len ,pos
str_len =len (sFileName )
pos =Instr (sFileName , chr (0 ) )
If pos =0 or pos =str_len then
IsTrueFileName = true
else
IsTrueFileName = false
End If
End function
'*******************************************************
'作 用: 检测上传的图片文件(jpeg,gif,bmp,png)是否真的为图片
'函数名: TrueStr(fileTrue)
'参 数: sFileName 文件名(此处文件名是文件夹的物理全路径)
'返回值: 确实为图片文件则返回 True ,否则返回False
'*******************************************************
function IsImgFile (sFileName )
const adTypeBinary =1
dim return
dim jpg (1 ) :jpg (0 ) =CByte ( &HFF ) :jpg (1 ) =CByte ( &HD8 )
dim bmp (1 ) :bmp (0 ) =CByte ( &H42 ) :bmp (1 ) =CByte ( &H4D )
dim png (3 ) :png (0 ) =CByte ( &H89 ) :png (1 ) =CByte ( &H50 ) :png (2 ) =CByte ( &H4E ) :png (3 ) =CByte ( &H47 )
dim gif (5 ) :gif (0 ) =CByte ( &H47 ) :gif (1 ) =CByte ( &H49 ) :gif (2 ) =CByte ( &H46 ) :gif (3 ) =CByte ( &H39 ) :gif (4 ) =CByte ( &H38 ) :gif (5 ) =CByte ( &H61 )
on error resume next
return = false
dim fstream ,fileExt ,stamp ,i
'得到文件后缀并转化为小写
FileExt = LCase (GetFileExt (sFileName ) )
'如果文件后缀为 jpg,jpeg,bmp,gif,png 中的任一种
'则执行真实图片判断
If strInString (FileExt , "jpg|jpeg|bmp|gif|png" ) = true then
Set fstream =Server .createobject ( "ADODB.Stream" )
fstream .Open
fstream .Type =adTypeBinary
fstream .LoadFromFile sFileName
fstream . position =0
select case LCase (FileExt )
case "jpg" , "jpeg"
stamp =fstream .read (2 )
for i =0 to 1
If ascB (MidB (stamp ,i +1 ,1 ) ) =jpg (i ) then return = true else return = false
next
case "gif"
stamp =fstream .read (6 )
for i =0 to 5
If ascB (MidB (stamp ,i +1 ,1 ) ) =gif (i ) then return = true else return = false
next
case "png"
stamp =fstream .read (4 )
for i =0 to 3
If ascB (MidB (stamp ,i +1 ,1 ) ) =png (i ) then return = true else return = false
next
case "bmp"
stamp =fstream .read (2 )
for i =0 to 1
If ascB (MidB (stamp ,i +1 ,1 ) ) =bmp (i ) then return = true else return = false
next
End select
fstream .Close
Set fseteam =nothing
If err .number < >0 then return = false
else
return = true
End If
IsImgFile = return
End function
'*******************************************************
'作 用: 上传文件扩展名检测
'函数名: CheckFileExt
'参 数: sFileExt 上传文件夹的后缀
' strExt 允许或禁止上传文件夹的后缀,多个以"|"分隔
' blnAllow 是允许还是禁止上传 strExt 中指定的后缀
'返回值: 合法文件返回 True ,否则返回False
'*******************************************************
Function CheckFileExt (sFileExt ,strExt ,blnAllow )
dim arrExt , return
'= 禁止上传的文件列表
'strExt = "EXE|JS|BAT|HTML|HTM|COM|ASP|ASA|DLL|PHP|JSP|CGI"
sFileExt = UCase (sFileExt )
strExt = UCase (strExt )
arrExt = split (strExt , "|" )
If blnAllow = true then '只允许上传指定的文件
return = false
for i =0 to UBound (arrExt )
If sFileExt =arrExt (i ) then return = true
next
'response.write "Ext: "&sFileExt & " return: " & return & " "
else '禁止上传指定的文件
return = true
for i =0 to UBound (arrExt )
If sFileExt =arrExt (i ) then return = false
next
End If
CheckFileExt = return
End Function
'*******************************************************
'作 用: 格式化显示文件大小
'FileSize: 文件大小
'*******************************************************
Function FormatSize (FileSize )
If FileSize <1024 then FormatSize = FileSize & " Byte"
If FileSize /1024 <1024 And FileSize /1024 > 1 then
FileSize = FileSize /1024
FormatSize = round (FileSize *100 ) /100 & " KB"
Elseif FileSize / (1024 *1024 ) > 1 Then
FileSize = FileSize / (1024 *1024 )
FormatSize = round (FileSize *100 ) /100 & " MB"
End If
End function
'*******************************************************
'作 用: 取得文件对应的图标
'函数名: FormatSize(FileSize)
'参 数: FileName 文件名
'返回值: 合法文件返回 True ,否则返回False
'*******************************************************
Function GetFileIcon (FileName )
dim FileExt ,Fso1
FileExt = GetFileExt (FileName )
ImgPath = strAdminRoot & "Style/images/file/" & FileExt & ".gif"
Set Fso1 = Server .CreateObject ( "Scripting.FileSystemObject" )
If Fso1 .fileExists (server .MapPath (ImgPath ) ) = true then
GetFileIcon = "<img src=" "" & ImgPath & "" ">"
else
GetFileIcon = "<img src=" "" & strAdminRoot & "Style/images/file/unknow.gif" & "" ">"
End If
Set Fso1 =nothing
End Function
'*******************************************************
'作用:下载文件。
'函数名: DownFile(FileName)
' FileName
'*******************************************************
Sub DownFile (FileName )
fname = server .MapPath (fname )
filename = split (fname , "\")
Set objAdoStream =Server .createObject ( "ADODB.Stream" )
objAdoStream .Type =1
objAdoStream .open ( )
objAdoStream .LoadFromFile (fname )
strchar =objAdoStream .Read ( )
fsize =objAdoStream . size
objAdoStream .Close ( )
Set objAdoStream =nothing
Response .AddHeader "content-type" , "application/x-msdownload"
response .AddHeader "Content-Disposition" , "attachment;filename=" & filename (ubound (filename ) )
Response .AddHeader "content-length" , fsize
Response .BinaryWrite (strchar )
Response .Flush ( )
End Sub
% >
--------------------------------