简单写一个。至于安全性方面自已想吧。
<!--#include file="conn.asp"-->
<!--#include file="upload_5xsoft.inc"-->
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<body bgcolor="#CCCCCC" leftmargin="0" topmargin="0" marginwidth="0" marginheight="0">
<%
if Request.Querystring("Post")="OK" then
set upload=new upload_5xsoft
set file=upload.file("pic")
if file.fileSize>0 then
fname=file.FileName
if inStr(fname,"jpg")=0 and inStr(fname,"gif")=0 and inStr(fname,"png")=0 then
response.Write("您输入了错误的图片信息,请<a href=# onCLICK='history.back(-1)'>返回</a>")
response.end
end if
fname="upfile/"&fname
linklocal=server.mappath(session("imgpath")) '删除服务器图片文件
Set fso=Server.CreateObject("Scripting.FileSystemObject")
fso.DeleteFile linklocal
set fso=nothing
set rs=server.createobject("adodb.recordset") '替换数据库图片路径
sql="select * from img where imgpath='"&session("imgpath")&"' "
rs.open sql,conn,3,2
rs("imgpath")=fname
rs.update
rs.close
file.saveAs Server.mappath(fname)
end if
j=len(fname)
fname=Mid(fname,4,j)
session("upflower")=fname
response.Write "<div style='color:white;font-size:9pt;'>图片: <b>"&fname&"</b> 已经成功上传并替换!</div>"
response.end
set file=nothing
set upload=nothing
end if
%><br>
<%
set rs=conn.execute("select * from img where id="&request("id")&" ")
%>
您要覆盖的文件是:<font color=red><%=rs("imgpath")%></font>
<%session("imgpath")=rs("imgpath")%>
<form action="<%=filename%>?Post=OK" method="post" enctype="multipart/form-data" name="up2">
<input name="pic" type="file" id="pic">
<input type="submit" name="Submit3" value="上传">
</form>