• 当前位置:首页>>ASP教程>>ASP综合技巧>>编写一个asp代码执行器
  • 编写一个asp代码执行器
  • 保存为runASP.ASP运行。账号密码admin,登陆后输入代码就可执行了!!

    <% @ LANGUAGE="VBSCRIPT" %>

    <%Option Explicit
    response.buffer=true
    dim Spassword,SUserName
    SUserName="admin"
    Spassword="admin"
    dim SQLMutiStr
    dim i
    dim action
    action=request.querystring("action")

    IF action="GetCode" then '---------TOT
    NumCodeJS
    ELSE '--------TOT
    Response.Write("<!DOCTYPE HTML PUBLIC ""-//W3C//DTD HTML 4.0 Transitional//EN"">")
    Response.Write("<HTML>")
    Response.Write("<HEAD>")
    Response.Write("<TITLE>ASP RunCode SCR V1.0 / Create By PaintBlue.Net V37</TITLE>")
    Response.Write("<META NAME=""Generator"" CONTENT=""EditPlus,V37,PaintBlue.Net"">")
    Response.Write("<META NAME=""Author"" CONTENT=""V37,PaintBlue.Net"">")
    Response.Write("<META NAME=""Keywords"" CONTENT=""PaintBlue.Net,,V37,RunCode,ASP,Script,BlueIdea.COM,Lfgbox.com"">")
    Response.Write("<META NAME=""Description"" CONTENT=""运行ASP代码的ASP脚本!"">")
    Response.Write("</HEAD>")
    Response.Write("<BODY bgcolor=#D4D0C8>")

    SQLMutiStr=trim(Request.Form("SQLMutiStr"))
    if session("login")="" and action="chkpass" then
    session("login")=checkPass()
    end if
    if action="exit" then session("login")=""
    if session("login")="1" then
    if action="RunCode" then
    if SQLMutiStr="" then
    Response.write "没有输入要运行的代码!"
    Response.write "<br><br><a href=""javascript:window.history.back();"">返回运行页面</a><br><br>"
    Response.write "<a href=../../""?action=exit"">退出登陆</a>"
    response.end
    else
    dim ExeStrArr
    dim re
    dim tempSQL,tempSQL2
    dim ScriptArr,ScriptSubArr
    tempSQL2=""
    tempSQL=split(SQLMutiStr,vbcrlf)
    if inStr(lcase(tempSQL(0)),"language")>0 then
    tempSQL2=tempSQL(1)
    if ubound(tempSQL)>1 then
    for i=1 to ubound(tempSQL)
    tempSQL2=tempSQL2&tempSQL(i)
    next
    end if
    tempSQL2=trim(tempSQL2)
    else
    tempSQL2=SQLMutiStr
    end if
    tempSQL2=replace(tempSQL2,"<%"&"=","<"&"%response.write ")
    do
    tempSQL2=replace(tempSQL2,vbcrlf&vbcrlf,vbcrlf)
    loop while instr(tempSQL2,vbcrlf&vbcrlf)>0
    tempSQL2=trim(tempSQL2)
    tempSQL2="<"&"%%"&">"&tempSQL2&"<"&"%%"&">"
    ScriptArr=split(tempSQL2,"%"&">")
    dim ub,kub
    ub=ubound(ScriptArr)
    for i=0 to ub-1
    ScriptSubArr=split(ScriptArr(i),"<"&"%")
    if i>0 then response.write (ScriptSubArr(0))
    ExeCuteIt(ScriptSubArr(1))
    next
    call EndProc("<font color=#009900>代码运行完毕!</font>")
    end if
    else
    %>
    输入要运行的ASP代码:
    <FORM METHOD=POST ACTION="?action=RunCode" style="margin:0px;">
    <TEXTAREA NAME="SQLMutiStr" wrap='OFF' ROWS="20" style="width:100%;height:100%;table-layout:fixed;word-break:break-all;"><%=Server.HTMLencode(SQLMutiStr)%></TEXTAREA>
    <br>
    <INPUT TYPE="button" onclick="window.location.href='?action=exit';" Value="LouOut">
    <INPUT TYPE="reset" Value="Clear">
    <INPUT TYPE="submit" value="Run ASPCode">
    </FORM>
    <% end if
    else
    call loginmain()
    end if
    Response.write ("</BODY></HTML>")
    END IF '-------TOT

    SUB loginMain()
    %>

    <FORM METHOD=POST ACTION="?action=chkpass">&nbsp;UserName:<INPUT TYPE="text" NAME="UserName"><br>
    &nbsp;Password:<INPUT TYPE="password" NAME="Runpassword"><br>
    CheckCode:<INPUT TYPE="GetCode" NAME="GetCode"><img src=../../"runASP.ASP?action=GetCode&Time=<%=timer()%>"><br>
    <br><img width=125 height=0><INPUT TYPE="submit" value=" Login "></FORM>
    <%
    End SUB

    function checkPass()
    dim UserName,Runpassword,GetCode
    dim errinfo
    checkPass=""
    UserName=trim(request.form("UserName"))
    Runpassword=trim(request.form("Runpassword"))
    GetCode=request.form("GetCode")
    if UserName="" or Runpassword="" then
    errinfo=errinfo&"<li>用户名和密码输入不能为空"
    end if
    if Not isnumeric(GetCode) then
    errinfo=errinfo&"<li>请输入数字校验码"
    end if
    if errinfo<>"" then
    call loginmain()
    EndProc errinfo
    end if
    if action="chkpass" and Session("GetCode")=int(GetCode) and UserName=SUserName and Runpassword=Spassword then
    Session("GetCode")=0
    checkPass="1"
    else
    call loginmain()
    EndProc "登陆失败!请重新确认正确输入"
    end if
    End function

    SUB ExeCuteIt(ExString)
    on error resume next
    Execute(ExString)
    if err.number<>0 then
    Response.write "<div style=""background-color: #ffeedd;padding: 6px;"">"
    Response.write "<hr size=1>"
    R
  • 上一篇:以下代码如何修改,才能限制上传文件类型?
    下一篇:VC打印实践浅谈