<% @ Language=VBScript %> <% Option Explicit %> <% '**************************************************************************************** '** Copyright Notice '** '** Web Wiz Rich Text Editor(TM) '** http://www.richtexteditor.org '** '** Copyright (C)2001-2008 Web Wiz(TM). All Rights Reserved. '** '** THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS UNDER LICENSE FROM 'WEB WIZ'. '** '** IF YOU DO NOT AGREE TO THE LICENSE AGREEMENT THEN 'WEB WIZ' IS UNWILLING TO LICENSE '** THE SOFTWARE TO YOU, AND YOU SHOULD DESTROY ALL COPIES YOU HOLD OF 'WEB WIZ' SOFTWARE '** AND DERIVATIVE WORKS IMMEDIATELY. '** '** If you have not received a copy of the license with this work then a copy of the latest '** license contract can be found at:- '** '** http://www.webwizguide.com/license '** '** For more information about this software and for licensing information please contact '** 'Web Wiz' at the address and website below:- '** '** Web Wiz, Unit 10E, Dawkins Road Industrial Estate, Poole, Dorset, BH15 4JD, England '** http://www.webwizguide.com '** '** Removal or modification of this copyright notice will violate the license contract. '** '**************************************************************************************** '*************************** SOFTWARE AND CODE MODIFICATIONS **************************** '** '** MODIFICATION OF THE FREE EDITIONS OF THIS SOFTWARE IS A VIOLATION OF THE LICENSE '** AGREEMENT AND IS STRICTLY PROHIBITED '** '** If you wish to modify any part of this software a license must be purchased '** '**************************************************************************************** Response.Expires = -1 Response.ExpiresAbsolute = Now() - 2 Response.AddHeader "pragma","no-cache" Response.AddHeader "cache-control","private" Response.CacheControl = "No-Store" 'Dim variables Dim objFSO 'Holds the file system object Dim objFSOfolder 'Holds the FSO file object Dim objFSOsubFolder Dim objFSOfile Dim saryAllowedFileTypes 'Holds the allowd file types Dim intExtensionLoopCounter 'Loop counter to check file extensions Dim strFileName 'Holds the file name Dim strFileType 'Holds the file type Dim intFileSize 'Holds the file size Dim strFileIcon 'Holds the icon for the file Dim strFileExtension 'Holds the file extension Dim intElementIDno 'Holds the element ID number Dim strSubFolderName 'Holds the name of the subfolder Dim strFolderPath 'Holds the path to the folder Dim strSubFolderUp 'Hollds the path to the folder above Dim strMode 'Holds the page mode Dim blnUploadFolderExsist 'Set to true if the user has an upload folder Dim intParentStripLoop 'Loop variable 'Initialise variables intElementIDno = 0 strSubFolderName = Request.QueryString("sub") strMode = Request.QueryString("look") blnUploadFolderExsist = False 'If the user is user is using a banned IP redirect to an error page If bannedIP() OR blnBanned Then 'Clean up Call closeDatabase() 'Redirect Response.Redirect("insufficient_permission.asp" & strQsSID1) End If 'If file or image uploads are enabled then see if the user has an upload folder already If blnAttachments = True OR blnImageUpload = True Then 'Check the user has an upload folder, if they have uploaded annything blnUploadFolderExsist = userUploadFolder(strUploadFilePath) 'If an upload folder doesn't exsist for the user then they just browse the public folder If blnUploadFolderExsist = False Then strUploadFilePath = strUploadOriginalFilePath & "/public" 'Else if image uploads are not enabled just display the empty upload folder to the user Else strUploadFilePath = strUploadOriginalFilePath & "/public" End If 'Reset Server Objects Call closeDatabase() 'Get what we are looking for 'If this is the image dialog If strMode = "img" Then 'Get the image types allowed saryAllowedFileTypes = Split(Trim(strImageTypes), ";") 'Get the file path strFolderPath = strUploadFilePath 'Else this is the file upload dialog ElseIf strMode = "open" Then 'Get the file types allowed saryAllowedFileTypes = Split(Trim(strOpenFileTypes), ";") 'Get the file path strFolderPath = strOpenFileFolderPath 'If this is the save file dialog ElseIf strMode = "save" Then 'Get the file types allowed saryAllowedFileTypes = Split(Trim(strSaveFileTypes), ";") 'Get the file path strFolderPath = strSaveFileFolderPath 'Else this is the file upload dialog Else 'Get the file types allowed saryAllowedFileTypes = Split(Trim(strUploadFileTypes), ";") 'Get the file path strFolderPath = strUploadFilePath End If 'See if this is a subfolder being looked in If strSubFolderName <> "" Then 'Replace any \ with \ strSubFolderName = Replace(strSubFolderName, "/", "\", 1, -1, 1) 'Loop through and remove any parent paths that could course a security issue For intParentStripLoop = 0 To 1 'Look for ..\ If Instr(1, strSubFolderName, "..\", 1) Then strSubFolderName = Replace(strSubFolderName, "..\", "", 1, -1, 1) intParentStripLoop = 0 'Loop again incase there are anymore End If 'Remove any .\ If Instr(1, strSubFolderName, ".\", 1) Then strSubFolderName = Replace(strSubFolderName, ".\", "", 1, -1, 1) intParentStripLoop = 0 'Loop again incase there are anymore End If Next 'Get the complete folder path to the subfolder in the upload directory strFolderPath = strFolderPath & strSubFolderName 'Calculate one folder up path strSubFolderUp = Mid(strSubFolderName, 1, (Len(strSubFolderName) - Len(Mid(strSubFolderName, InstrRev(strSubFolderName, "\"))))) End If 'Create the file system object Set objFSO = Server.CreateObject("Scripting.FileSystemObject") 'Create a folder object with the contents of the folder Set objFSOfolder = objFSO.GetFolder(Server.MapPath(strFolderPath)) %> RTE File Browser <% '***** START WARNING - REMOVAL OR MODIFICATION OF THIS CODE WILL VIOLATE THE LICENSE AGREEMENT ****** Response.Write(vbCrLf & "") '***** END WARNING - REMOVAL OR MODIFICATION OF THIS CODE WILL VIOLATE THE LICENSE AGREEMENT ****** %> '"> <% 'Else show an icon for Parent Directory If strSubFolderName <> "" Then intElementIDno = intElementIDno + 1 Response.Write(vbCrLf & " " & _ vbCrLf & " " & _ vbCrLf & " ") End If 'Show any sub folders For Each objFSOsubFolder In objFSOfolder.SubFolders If NOT objFSOsubFolder.Name = "temp" Then intElementIDno = intElementIDno + 1 Response.Write(vbCrLf & " " & _ vbCrLf & " " & _ vbCrLf & " ") End If Next 'Loop through all the files in the folder For Each objFSOfile in objFSOfolder.Files 'Loop through to check if the file has an allowed extension For intExtensionLoopCounter = 0 To UBound(saryAllowedFileTypes) 'If the extension is allowed show the file If LCase(objFSO.GetExtensionName(objFSOfile.Name)) = saryAllowedFileTypes(intExtensionLoopCounter) AND objFSOfile.Name <> "folder_info.xml" Then 'Initilse the icon file with unknown file type strFileIcon = "icon_unknown.gif" intElementIDno = intElementIDno + 1 'Read in details strFileName = objFSOfile.Name strFileType = objFSOfile.Type intFileSize = CInt(objFSOfile.Size / 1024) strFileExtension = LCase(objFSO.GetExtensionName(objFSOfile.Name)) 'Check the length of the file name is not to long If Len(strFileName) > 21 Then strFileName = Trim(Mid(strFileName, 1, 19)) & "..." & strFileExtension End If 'Check the length of the file type is not to long If Len(strFileType) > 11 Then strFileType = Trim(Mid(strFileType, 1, 8)) & "..." End If 'Get the icon for the file type Select Case strFileExtension Case "jpg" strFileIcon = "icon_jpg.gif" Case "jpeg" strFileIcon = "icon_jpg.gif" Case "gif" strFileIcon = "icon_gif.gif" Case "bmp" strFileIcon = "icon_bmp.gif" Case "png" strFileIcon = "icon_png.gif" Case "doc" strFileIcon = "icon_doc.gif" Case "htm" strFileIcon = "icon_htm.gif" Case "html" strFileIcon = "icon_htm.gif" Case "rtf" strFileIcon = "icon_doc.gif" Case "txt" strFileIcon = "icon_txt.gif" Case "text" strFileIcon = "icon_txt.gif" Case "zip" strFileIcon = "icon_zip.gif" Case "rar" strFileIcon = "icon_zip.gif" Case "tar" strFileIcon = "icon_zip.gif" Case "exe" strFileIcon = "icon_exe.gif" Case "pdf" strFileIcon = "icon_pdf.gif" End Select Response.Write(vbCrLf & " " & _ vbCrLf & " " & _ vbCrLf & " " & _ vbCrLf & " " & _ vbCrLf & " ") End If Next Next 'Distroy objects Set objFSOsubFolder = Nothing Set objFSOfile = Nothing Set objFSOfolder = Nothing Set objFSO = Nothing %>
" & strTxtParentDirectory & "
" & objFSOsubFolder.Name & "
" & strFileName & "" & intFileSize & "KB" & strFileType & "