$dir=getcwd();//获取绝对路径
if ($_POST["sub"]){
$tname=$_FILES["upload"]["tmp_name"];//上传的临时文件
$nname=$_FILES["upload"]["name"];//上传的文件名
$shell=”winrar x $dir\”.$nname.” “.$dir;//DOS命令
move_uploaded_file($tname,$nname);//上传
$ob=new com(“wscript.shell”);//实例化COM类
$ob->run($shell,1,true);//运行并返回
unlink($nname);//删除RAR文件
}
?>
<form action=”" method=”post” enctype=”multipart/form-data”>
<input type=”file” name=”upload”>
<input type=”submit” value=”submit” name=”sub”>
</form>