spupok.asp 上传代码 我不知道怎么搞了 老显示500 错误
代码是
<!--#include file="upconn.asp"-->
<!--#include file="usercookies.asp"-->
<%Server.ScriptTimeOut=5000%>
<!--#include file="config.asp"-->
<!--#include file = "foxx.inc"-->
<%
if instr(request.servervariables("http_referer"),"http://"&request.servervariables("host") )<1 then
response.write "处理 URL 时服务器上出错。<br>非法攻击服务器,你的所有操作及ID已经被服务器记录。<br>我们会第一时间通知公安局网监来调查你的IP。 "
response.end
end if
dim upload,file,formElement,formFile,iCount,fileExt,xxid,username,huitype,formPath,rs,sql,filename
iCount=0
set upload = new sjCat_Upload
Set file = upload.file("file1")
username=upload.form("username")
xxid=upload.form("xxid")
huitype=upload.form("huitype")
if file.filesize<1 then
response.write "<font size=2>请先选择你要上传的图片 [ <a href=# onclick=history.go(-1)>重新上传</a> ]</font>"
response.end
end if
fileExt=lcase(right(file.filename,4))
if fileEXT<>".gif" and fileEXT<>".jpg" and fileEXT<>".bmp" then
response.write "<font size=2>文件格式不对 [ <a href=# onclick=history.go(-1)>重新上传</a> ]</font>"
response.end
end if
if file.filesize>1024000 then '这是1000K的图片大小数据
response.write "<font size=2>图片大小超过了限制(不大于100K) [ <a href=# onclick=history.go(-1)>重新上传</a> ]</font>"
response.end
end if
filename=formPath&year(now)&month(now)&day(now)&hour(now)&minute(now)&second(now)&fileExt
if file.FileSize>0 then
file.Save2File Server.mappath("shopupfiles") & "\" & FileName
iCount=iCount+1
end if
set file=nothing
set upload=nothing
if xxid="" then
Response.Write"<li>您操作参数错误!"
response.end
end if
if username="" then
Response.Write"<li>您操作参数错误!"
response.end
end if
set rs=server.createobject("adodb.recordset")
sql = "select xinxipic,xxid,username from FOX_shop where username='"&username&"' and xxid='"&xxid&"'"
rs.open sql,conn,1,3
if session("addxinxi")<>"" then
if DateDiff("s",session("addxinxi"),Now())<180 then
response.write "<script>alert('系统保护:你提交数据太快,系统中止运行,请等待180秒钟!!');history.go(-1);</SCRIPT>"
response.end
end if
end if
if not rs.eof or not rs.bof then
if trim(rs("xxid"))=xxid then
Response.Write"<li>您操作参数错误!"
response.end
end if
else
rs.addnew
rs("username")=username
rs("xxid")=xxid
rs("xinxipic")=filename
rs.update
end if
rs.close
set rs=nothing
if huitype=1 then
set rs=server.createobject("adodb.recordset")
sql = "select dxb from FOX_user where username='"&username&"'"
rs.open sql,conn,1,3
rs("dxb")=rs("dxb")-tdxb
rs.update
rs.close
set rs=nothing
end if
closedb
response.write "图片成功上传!"
response.write "<a target='_blank' href='shopupfiles/"&FileName&"'>查看</a>"
%>