*** 以上两行在源码中应为同一语句
dim objconn as oledbconnection = new oledbconnection(objconnstr)
dim sql1 as string="select * from userlist where xh='"+xh1+"' and kl='"+kl1+"'" dim objrscc as oledbcommand= new oledbcommand(sql1,objconn)
objconn.open()
dim objrs as oledbdatareader = objrscc.executereader()
dim ix as integer=0 dim maxs as long dim nows as long while ix=0 if objrs.read() then if objrs.item("xh")=xh1 then if objrs.item("kl")=kl1 then if objrs.item("checkx")=1 then ix=ix+1 maxs=objrs.item("maxspace")
nows=objrs.item("nowspace")
end if else ix=-1 end if end while
*** 以上判定帐号与口令是否合法
if ix<=0 then errors.text="帐号口令错!或用户尚未通过认证,请等待管理员认证!" else
if fileup.postedfile.contentlength>maxs-nows then if fileup.postedfile.contentlength>=maxs then errors.text="文件长度大于赋予空间大小,不能上传!" else errors.text="可用空间不足,请删除旧文件!" end if
*** 以上判定用户空间的可用性else dim obj4str as string="provider=microsoft.jet.oledb.4.0;data source=" & server.mappath("filelist.mdb")
*** 以上两行在源码中为同一语句dim obj4 as oledbconnection = new oledbconnection(obj4str)
dim sql10 as string="select * from files" dim objrc1 as oledbcommand= new oledbcommand(sql10,obj4)
obj4.open()
dim objrsx as oledbdatareader = objrc1.executereader()
dim fn11 as long =0 while objrsx.read()
fn11=objrsx("filename")
end while dim fn1 as string fn1=cstr(fn11+1)
*** 以上为用户上传文件起一个唯一的主文件名dim objc1str as string="provider=microsoft.jet.oledb.4.0;data source=" & server.mappath("filelist.mdb")
*** 以上两行在源码中为同一语句dim objc1 as oledbconnection = new oledbconnection(objc1str)
dim sql3 as string="insert into files(filename,fsize, xh,filescript,upday)
values("+cstr(fn1)+","+cstr(fileup.postedfile.contentlength)+",'" +xh1+"','"+fileup.postedfile.filename+"','"+cstr(now())+"')"
*** 以上三行在源码中为同一语句objc1.open()
dim objrs1 as oledbcommand=new oledbcommand(sql3,objc1)
dim fn2 as string fn2="d:/netspace/spacenet/myspace/"&cstr(fn1)&".zip"
*** 给出用户上传文件的绝对路径及完整文件名fsize.text=cstr(fileup.postedfile.contentlength)
ftype.text=fileup.postedfile.contenttype fname.text=fileup.postedfile.filename username.text=user1.value fileup.postedfile.saveas(fn2)
objrs1.ExecuteNonQuery()
objrs.close dim sql5 as string="update userlist set nowspace ="+cstr(nows+fileup.postedfile.contentlength)+ ",lastaccessday='"+cstr(now())+"' where xh='"+xh1+"'"
*** 以上两行在源码中为同一语句
dim objrnc as oledbcommand= new oledbcommand(sql5,objconn)
objrnc.executenonquery()
respace.text=cstr(maxs-nows-fileup.postedfile.contentlength)&"字节。" nowspace.text=cstr(nows+fileup.postedfile.contentlength)&"字节。"
*** 以上作上传动作,并计算用户的已用总空间及剩余总空间end if end sub </script> <body> <form enctype="multipart/form-data" runat="server"> <table> <tr><td>帐号:</td><td><input id="user1" runat="server"></td></tr> <tr><td>口令:</td><td><input type="password" id="pass1" runat="server"></td></tr> <tr><td>文件:</td><td><input type="file" id="fileup" runat="server"></td></tr> <tr><td></td><td><asp:button id="upload" onclick="uploadfile" text="上传" runat="server"/></td></tr> </table> </form><hr> <div id="fileinfo" visible="false" runat="server">原文件名:<asp:label id="fname" runat="server"/><br>字节大小:<asp:label id="fsize" runat="server"/><br>文件类型:<asp:label id="ftype" runat="server"/><br>用户帐号:<asp:label id="username" runat="server"/><br>剩余空间:<asp:label id="respace" runat="server"/><br>已用空间:<asp:label id="nowspace" runat="server"/><br>上传状态:<asp:label id="errors" runat="server"/> </div> *** 以上在浏览器中告诉用户文件上传前后的相关信息</body> </html>
结束语
本文所述的方法基于无组件技术,在文件的安全性及个人隐私方面考虑的比较多,最适合在windows server 2003配合IIS6.0平台上使用,方法简单安全,稍加扩展,如在userlist里添加用户号、组号,在files里添加组号,即可对文件的权限进行设定,可方便实现文件的网络提交、验证、共享。配合磁盘阵列,则在数据安全方面将有质的提升。
【责编:yuan】
相关文章编辑推荐
相关产品和培训
文章评论
认证培训 专题推荐
今日更新 社区讨论 博客论点 频道精选
您现在的位置: 
佚名
2006-3-13
