*** 以上两行在源码中应为同一语句
dim objconn as oledbconnection = new oledbconnection(objconnstr)
dim sql1 as string="select * from userlist where xh='"+xh1+"' and kl='"+kl1+"'"
dim objrscc as oledbcommand= new oledbcommand(sql1,objconn)
objconn.open()
dim objrs as oledbdatareader = objrscc.executereader()
dim ix as integer=0
dim maxs as long
dim nows as long
while ix=0
if objrs.read() then
if objrs.item("xh")=xh1 then
if objrs.item("kl")=kl1 then
if objrs.item("checkx")=1 then
ix=ix+1
maxs=objrs.item("maxspace")
nows=objrs.item("nowspace")
end if
end if
end if
else
ix=-1
end if
end while
*** 以上判定帐号与口令是否合法
if ix<=0 then
errors.text="帐号口令错!或用户尚未通过认证,请等待管理员认证!"
else
if fileup.postedfile.contentlength>maxs-nows then
if fileup.postedfile.contentlength>=maxs then
errors.text="文件长度大于赋予空间大小,不能上传!"
else
errors.text="可用空间不足,请删除旧文件!"
end if
*** 以上判定用户空间的可用性
else
dim obj4str as string="provider=microsoft.jet.oledb.4.0;
data source=" & server.mappath("filelist.mdb")
*** 以上两行在源码中为同一语句
dim obj4 as oledbconnection = new oledbconnection(obj4str)
dim sql10 as string="select * from files"
dim objrc1 as oledbcommand= new oledbcommand(sql10,obj4)
obj4.open()
dim objrsx as oledbdatareader = objrc1.executereader()
dim fn11 as long =0
while objrsx.read()
fn11=objrsx("filename")
end while
dim fn1 as string
fn1=cstr(fn11+1)
*** 以上为用户上传文件起一个唯一的主文件名
dim objc1str as string="provider=microsoft.jet.oledb.4.0;
data source=" & server.mappath("filelist.mdb")
*** 以上两行在源码中为同一语句
dim objc1 as oledbconnection = new oledbconnection(objc1str)
dim sql3 as string="insert into files(filename,fsize, xh,filescript,upday)
values("+cstr(fn1)+","+cstr(fileup.postedfile.contentlength)+",'"
+xh1+"','"+fileup.postedfile.filename+"','"+cstr(now())+"')"
*** 以上三行在源码中为同一语句
objc1.open()
dim objrs1 as oledbcommand=new oledbcommand(sql3,objc1)
dim fn2 as string
fn2="d:/netspace/spacenet/myspace/"&cstr(fn1)&".zip"
*** 给出用户上传文件的绝对路径及完整文件名
fsize.text=cstr(fileup.postedfile.contentlength)
ftype.text=fileup.postedfile.contenttype
fname.text=fileup.postedfile.filename
username.text=user1.value
fileup.postedfile.saveas(fn2)
objrs1.ExecuteNonQuery()
objrs.close
dim sql5 as string="update userlist set nowspace ="+cstr(nows+fileup.postedfile.contentlength)+
",lastaccessday='"+cstr(now())+"' where xh='"+xh1+"'"
*** 以上两行在源码中为同一语句
dim objrnc as oledbcommand= new oledbcommand(sql5,objconn)
objrnc.executenonquery()
respace.text=cstr(maxs-nows-fileup.postedfile.contentlength)&"字节."
nowspace.text=cstr(nows+fileup.postedfile.contentlength)&"字节."
*** 以上作上传动作,并计算用户的已用总空间及剩余总空间
end if
end if
end sub
</script>
<body>
<form enctype="multipart/form-data" runat="server">
<table>
<tr><td>帐号:</td><td><input id="user1" runat="server"></td></tr>
<tr><td>口令:</td><td><input type="password" id="pass1" runat="server"></td></tr>
<tr><td>文件:</td><td><input type="file" id="fileup" runat="server"></td></tr>
<tr><td></td><td><asp:button id="upload" onclick="uploadfile" text="上传"
runat="server"/></td></tr>
</table>
</form><hr>
<div id="fileinfo" visible="false" runat="server">
原文件名:<asp:label id="fname" runat="server"/><br>
字节大小:<asp:label id="fsize" runat="server"/><br>
文件类型:<asp:label id="ftype" runat="server"/><br>
用户帐号:<asp:label id="username" runat="server"/><br>
剩余空间:<asp:label id="respace" runat="server"/><br>
已用空间:<asp:label id="nowspace" runat="server"/><br>
上传状态:<asp:label id="errors" runat="server"/>
</div>
*** 以上在浏览器中告诉用户文件上传前后的相关信息
</body>
</html>
结束语
本文所述的方法基于无组件技术,在文件的安全性及个人隐私方面考虑的比较多,最适合在windows server 2003配合IIS6.0平台上使用,方法简单安全,稍加扩展,如在userlist里添加用户号、组号,在files里添加组号,即可对文件的权限进行设定,可方便实现文件的网络提交、验证、共享。配合磁盘阵列,则在数据安全方面将有质的提升。
