asp上传类
1.UpLoadClass.asp
<%
Class UpLoadClass
Private p_MaxSize,p_FileType,p_SavePath,p_AutoSave,p_Error
Private objForm,binForm,binItem,strDate,lngTime
Public FormItem,FileItem
Public Property Get Version
Version=""
End Property
Public Property Get Error
Error=p_Error
End Property
Public Property Get MaxSize
MaxSize=p_MaxSize
End Property
Public Property Let MaxSize(lngSize)
if isNumeric(lngSize) then
p_MaxSize=clng(lngSize)
end if
End Property
Public Property Get FileType
FileType=p_FileType
End Property
Public Property Let FileType(strType)
p_FileType=strType
End Property
Public Property Get SavePath
SavePath=p_SavePath
End Property
Public Property Let SavePath(strPath)
p_SavePath=replace(strPath,chr(0),"")
End Property
Public Property Get AutoSave
AutoSave=p_AutoSave
End Property
Public Property Let AutoSave(byVal Flag)
select case Flag
case 0:
case 1:
case 2:
case false:Flag=2
case else:Flag=0
end select
p_AutoSave=Flag
End Property
Private Sub Class_Initialize
p_Error = -1
p_MaxSize = 153600
p_FileType = "gif/jpg/bmp"
p_SavePath = "UpLoadFace/"
p_AutoSave = 0
strDate = replace(cstr(Date()),"-","")
lngTime = clng(timer()*1000)
Set binForm = Server.CreateObject("ADODB.Stream")
Set binItem = Server.CreateObject("ADODB.Stream")
Set objForm = Server.CreateObject("Scriptin
相关文档:
探索软件工作室长期专业承接中小型商业软件或网站,最优惠的价格和高质量的服务期待您的惠顾!
本工作室承接 JSP ASP VB PB LotusNotes 等语言要求的应用系统开发业务
java jsp实战源程序代码:
......
连接代码1直接输入
<%
Dim my_conn, sql,rs
Set my_conn = createobject("ADODB.Connection")
my_conn.open = "DRIVER={MySQL ODBC 3.51 Driver};"_
& "SERVER=localhost;"_ '服务器名
& "DATABASE=mybase;"_ '数据库名
& "UID=root;PWD=111; OPTION=35;" '用户名和密码
Set rs = Server.Crea ......
var loader:URLLoader = new URLLoader();
var url:URLRequest = new URLRequest("test.asp");
url.method = URLRequestMethod.POST;
var values:URLVariables = new URLVariables();
values.message="hello im flash!";
url.data = values;
loader.dataFormat = URLLoaderDataFormat.VARI ......
按照跳转页面的方式,一一来总结
首先说接受页面获取参数的方式:
1)request.querystring。只要url中含有参数,即可传递
比如 地址:index.aspx?label=da
则用Request.QueryString["label"]即 ......
1.放注入函数
sub aspsql()
SQL_injdata = "'|;|and|exec|insert|select|delete|update|count|*|%|chr|mid|master|truncate|char|declare"
SQL_inj = split(SQL_Injdata,"|")
If Request.Form<>"" Then
For Each Sql_Post In Request.Form
For SQL_Data=0 To Ubound(SQL_inj)
if instr(Request.Form(Sql_Post) ......
