<% ' *** Restrict Access To Page: Grant or deny access to this page MM_authorizedUsers="" MM_authFailedURL="login.asp" MM_grantAccess=false If Session("MM_Username") <> "" Then If (true Or CStr(Session("MM_UserAuthorization"))="") Or _ (InStr(1,MM_authorizedUsers,Session("MM_UserAuthorization"))>=1) Then MM_grantAccess = true End If End If If Not MM_grantAccess Then MM_qsChar = "?" If (InStr(1,MM_authFailedURL,"?") >= 1) Then MM_qsChar = "&" MM_referrer = Request.ServerVariables("URL") if (Len(Request.QueryString()) > 0) Then MM_referrer = MM_referrer & "?" & Request.QueryString() MM_authFailedURL = MM_authFailedURL & MM_qsChar & "accessdenied=" & Server.URLEncode(MM_referrer) Response.Redirect(MM_authFailedURL) End If %> <% '*************************************** ' File: Upload.asp ' Author: Jacob "Beezle" Gilley ' Email: avis7@airmail.net ' Date: 12/07/2000 ' Comments: The code for the Upload, CByteString, ' CWideString subroutines was originally ' written by Philippe Collignon...or so ' he claims. Also, I am not responsible ' for any ill effects this script may ' cause and provide this script "AS IS". ' Enjoy! '**************************************** Class FileUploader Public Files Private mcolFormElem Private Sub Class_Initialize() Set Files = Server.CreateObject("Scripting.Dictionary") Set mcolFormElem = Server.CreateObject("Scripting.Dictionary") End Sub Private Sub Class_Terminate() If IsObject(Files) Then Files.RemoveAll() Set Files = Nothing End If If IsObject(mcolFormElem) Then mcolFormElem.RemoveAll() Set mcolFormElem = Nothing End If End Sub Public Property Get Form(sIndex) Form = "" If mcolFormElem.Exists(LCase(sIndex)) Then Form = mcolFormElem.Item(LCase(sIndex)) End Property Public Default Sub Upload() Dim biData, sInputName Dim nPosBegin, nPosEnd, nPos, vDataBounds, nDataBoundPos Dim nPosFile, nPosBound biData = Request.BinaryRead(Request.TotalBytes) nPosBegin = 1 nPosEnd = InstrB(nPosBegin, biData, CByteString(Chr(13))) If (nPosEnd-nPosBegin) <= 0 Then Exit Sub vDataBounds = MidB(biData, nPosBegin, nPosEnd-nPosBegin) nDataBoundPos = InstrB(1, biData, vDataBounds) Do Until nDataBoundPos = InstrB(biData, vDataBounds & CByteString("--")) nPos = InstrB(nDataBoundPos, biData, CByteString("Content-Disposition")) nPos = InstrB(nPos, biData, CByteString("name=")) nPosBegin = nPos + 6 nPosEnd = InstrB(nPosBegin, biData, CByteString(Chr(34))) sInputName = CWideString(MidB(biData, nPosBegin, nPosEnd-nPosBegin)) nPosFile = InstrB(nDataBoundPos, biData, CByteString("filename=")) nPosBound = InstrB(nPosEnd, biData, vDataBounds) If nPosFile <> 0 And nPosFile < nPosBound Then Dim oUploadFile, sFileName Set oUploadFile = New UploadedFile nPosBegin = nPosFile + 10 nPosEnd = InstrB(nPosBegin, biData, CByteString(Chr(34))) sFileName = CWideString(MidB(biData, nPosBegin, nPosEnd-nPosBegin)) oUploadFile.FileName = Right(sFileName, Len(sFileName)-InStrRev(sFileName, "\")) nPos = InstrB(nPosEnd, biData, CByteString("Content-Type:")) nPosBegin = nPos + 14 nPosEnd = InstrB(nPosBegin, biData, CByteString(Chr(13))) oUploadFile.ContentType = CWideString(MidB(biData, nPosBegin, nPosEnd-nPosBegin)) nPosBegin = nPosEnd+4 nPosEnd = InstrB(nPosBegin, biData, vDataBounds) - 2 oUploadFile.FileData = MidB(biData, nPosBegin, nPosEnd-nPosBegin) If oUploadFile.FileSize > 0 Then Files.Add LCase(sInputName), oUploadFile Else nPos = InstrB(nPos, biData, CByteString(Chr(13))) nPosBegin = nPos + 4 nPosEnd = InstrB(nPosBegin, biData, vDataBounds) - 2 If Not mcolFormElem.Exists(LCase(sInputName)) Then mcolFormElem.Add LCase(sInputName), CWideString(MidB(biData, nPosBegin, nPosEnd-nPosBegin)) End If nDataBoundPos = InstrB(nDataBoundPos + LenB(vDataBounds), biData, vDataBounds) Loop End Sub 'String to byte string conversion Private Function CByteString(sString) Dim nIndex For nIndex = 1 to Len(sString) CByteString = CByteString & ChrB(AscB(Mid(sString,nIndex,1))) Next End Function 'Byte string to string conversion Private Function CWideString(bsString) Dim nIndex CWideString ="" For nIndex = 1 to LenB(bsString) CWideString = CWideString & Chr(AscB(MidB(bsString,nIndex,1))) Next End Function End Class Class UploadedFile Public ContentType Public FileName Public FileData Public Property Get FileSize() FileSize = LenB(FileData) End Property Public Sub SaveToDisk(sPath) Dim oFS, oFile Dim nIndex If sPath = "" Or FileName = "" Then Exit Sub If Mid(sPath, Len(sPath)) <> "\" Then sPath = sPath & "\" Set oFS = Server.CreateObject("Scripting.FileSystemObject") If Not oFS.FolderExists(sPath) Then Exit Sub Set oFile = oFS.CreateTextFile(sPath & FileName, True) For nIndex = 1 to LenB(FileData) oFile.Write Chr(AscB(MidB(FileData,nIndex,1))) Next oFile.Close End Sub Public Sub SaveToDatabase(ByRef oField) If LenB(FileData) = 0 Then Exit Sub If IsObject(oField) Then oField.AppendChunk FileData End If End Sub End Class %> <% 'NOTE - YOU MUST HAVE VBSCRIPT v5.0 INSTALLED ON YOUR WEB SERVER ' FOR THIS LIBRARY TO FUNCTION CORRECTLY. YOU CAN OBTAIN IT ' FREE FROM MICROSOFT WHEN YOU INSTALL INTERNET EXPLORER 5.0 ' OR LATER. ' Create the FileUploader Dim Uploader, File Set Uploader = New FileUploader ' This starts the upload process Uploader.Upload() '****************************************** ' Use [FileUploader object].Form to access ' additional form variables submitted with ' the file upload(s). (used below) '****************************************** 'Define directory dim thePath thePath = Request.ServerVariables("PATH_INFO") thePath = Trim(Mid(thePath,1,InStrRev(thePath,"/")) & "") thePath = Server.mappath(thePath) thePath = Server.MapPath(Session("path")) 'Response.Write "Thank you for your upload
" ' Check if any files were uploaded If Uploader.Files.Count = 0 Then 'Response.Write "File(s) not uploaded." Else ' Loop through the uploaded files For Each File In Uploader.Files.Items 'Save the file File.SaveToDisk thePath ' Output the file details to the browser 'Response.Write "File Uploaded: " & File.FileName & "
" 'Response.Write "Size: " & File.FileSize & " bytes
" 'Response.Write "Type: " & File.ContentType & "

" thepage = Request.ServerVariables("HTTP_REFERER") Response.Redirect(thepage) Next End If %>