private void EditFile()
{
int _id = Utils.ParseInt(Utils.GetRequest("id", "all", 1, @"^\d*$", "0"));
Master.Title = "编辑内容";
BCW.MobileSlider.Model.MobileSlider _data = new BCW.MobileSlider.BLL.MobileSlider().GetModel(_id);
if (_data == null)
{
Utils.Error("参数错误", "");
}
string strOthe = string.Empty;
string strIdea = string.Empty;
string sUpType = string.Empty;
string sText = string.Empty;
string sName = string.Empty;
string sType = string.Empty;
string sValu = string.Empty;
string sEmpt = string.Empty;
sText = "内容类型:/,参数(|分隔多个)/,,";
sName = "id,contentType,params,backurl";
sType = "hidden,text,text,hidden";
sValu = "" + _data.id + "'" + _data.contentType + "'" + _data.param + "'";
sEmpt = "false,false,false,";
strOthe = "确定修改," + "Slider.aspx?ptype=" + pType + "&act=SaveFile" + ",post,2,blue";
builder.Append(Out.wapform(sText, sName, sType, sValu, sEmpt, strIdea, strOthe));
builder.Append(Out.Tab("<div>", ""));
builder.Append("<a href=\"" + Utils.getUrl("Slider.aspx?ptype=" + pType) + "\"> 取消修改</a><br />");
builder.Append(Out.Tab("</div>", ""));
}
private void SaveFile()
{
int _id = Utils.ParseInt(Utils.GetRequest("id", "post", 1, @"^\d*$", "0"));
string _contentType = Utils.GetRequest("contentType", "post", 1, "", "");
string _params = Utils.GetRequest("params", "post", 1, "", "");
BCW.MobileSlider.Model.MobileSlider _data = new BCW.MobileSlider.BLL.MobileSlider().GetModel(_id);
if (_data == null)
{
Utils.Error("参数错误", "");
}
_data.contentType = _contentType;
_data.param = _params.Replace("&", "&");
new BCW.MobileSlider.BLL.MobileSlider().Update(_data);
Utils.Success("编辑内容", "修改成功", Utils.getUrl("Slider.aspx?ptype=" + pType), "2");
}
private void DelFile()
{
int _id = Utils.ParseInt(Utils.GetRequest("id", "get", 1, @"^\d*$", "0"));
BCW.MobileSlider.Model.MobileSlider _data = new BCW.MobileSlider.BLL.MobileSlider().GetModel(_id);
if (_data == null)
{
Utils.Error("参数错误", "");
}
builder.Append(Out.Tab("<div>", ""));
builder.Append(System.Web.HttpContext.Current.Request.MapPath(_data.url));
builder.Append(Out.Tab("</div>", ""));
if (FileTool.DeleteFile(_data.url) == true)
{
new BCW.MobileSlider.BLL.MobileSlider().Delete(_id);
Utils.Success("删除文件", "成功删除文件", Utils.getUrl("Slider.aspx?ptype=" + pType), "2");
}
}
private void ListFile()
{
builder.Append(Out.Tab("<div class=\"text\">", ""));
builder.Append("<a href=\"" + Utils.getUrl("Slider.aspx?act=addFile&ptype=" + pType) + "" + "\">添加文件...</a><br />");
builder.Append(Out.Tab("</div>", ""));
builder.Append(Out.Tab("<div>", ""));
DataSet _ds = new BCW.MobileSlider.BLL.MobileSlider().GetList("ptype=" + (int)pType);
for (int i = 0; i < _ds.Tables[0].Rows.Count; i++)
{
builder.Append("url:" + _ds.Tables[0].Rows[i]["url"].ToString() + " <br />");
builder.Append("contentType:" + _ds.Tables[0].Rows[i]["contentType"].ToString() + " <br />");
builder.Append("param:" + _ds.Tables[0].Rows[i]["param"].ToString() + " <br />");
builder.Append("<a href=\"" + Utils.getUrl(_ds.Tables[0].Rows[i]["url"].ToString()) + "\">查看图片</a>");
builder.Append("|");
builder.Append("<a href=\"" + Utils.getUrl("Slider.aspx?act=EditFile&ptype=" + pType + "&id=" + _ds.Tables[0].Rows[i]["id"].ToString()) + "\">编辑参数</a>");
builder.Append("|");
builder.Append("<a href=\"" + Utils.getUrl("Slider.aspx?act=delFile&ptype=" + pType + "&id=" + _ds.Tables[0].Rows[i]["id"].ToString()) + "\">删除</a><br /><br />");
}
builder.Append(Out.Tab("</div>", ""));
}
/// <summary>
/// 上传文件
/// </summary>
private void SaveFiles(string _contentType, string _params)
{
int AddNum = 0;
//遍历File表单元素
System.Web.HttpFileCollection files = System.Web.HttpContext.Current.Request.Files;
//int j = 1;
int j = files.Count;
try
{
string GetFiles = string.Empty;
for (int iFile = files.Count - 1; iFile > -1; iFile--)
{
//检查文件扩展名字
System.Web.HttpPostedFile postedFile = files[iFile];
string fileName, fileExtension;
fileName = System.IO.Path.GetFileName(postedFile.FileName); //上传的文件名字
string UpExt = ".jpg,.jpeg,.png,.bmp"; //文件格式a
int UpLength = Convert.ToInt32(ub.GetSub("UpaMaxFileSize", xmlPath)); //文件大小限制
if (fileName != "")
{
fileExtension = System.IO.Path.GetExtension(fileName).ToLower();
//检查是否允许上传格式
if (UpExt.IndexOf(fileExtension) == -1)
{
continue;
}
//非法上传
if (fileExtension == ".asp" || fileExtension == ".aspx" || fileExtension == ".jsp" || fileExtension == ".php" || fileExtension == ".asa" || fileExtension == ".cer" || fileExtension == ".cdx" || fileExtension == ".htr" || fileExtension == ".exe")
{
continue;
}
if (postedFile.ContentLength > Convert.ToInt32(UpLength * 1024)) //超过文件大小限制
{
continue;
}
string DirPath = string.Empty;
string prevDirPath = string.Empty;
string Path = "/Files/Mobile/Slider";
int IsVerify = 0;
if (FileTool.CreateDirectory(Path, out DirPath))
{
//生成随机文件名
fileName = DT.getDateTimeNum() + iFile + fileExtension;//现在系统时间+数组下标+文件后缀名
string SavePath = System.Web.HttpContext.Current.Request.MapPath(DirPath) + fileName;
postedFile.SaveAs(SavePath);
//=============================图片木马检测,包括TXT===========================
string vSavePath = SavePath;
if (fileExtension == ".jpg" || fileExtension == ".jpeg" || fileExtension == ".png" || fileExtension == ".bmp") //加点
{
bool IsPass = true;
System.IO.StreamReader sr = new System.IO.StreamReader(vSavePath, System.Text.Encoding.Default);
string strContent = sr.ReadToEnd().ToLower();
sr.Close();
string str = "system.|request|javascript|script |script>|.getfolder|.createfolder|.deletefolder|.createdirectory|.deletedirectory|.saveas|wscript.shell|script.encode|server.|.createobject|execute|activexobject|language=";
foreach (string s in str.Split('|'))
{
if (strContent.IndexOf(s) != -1)
{
System.IO.File.Delete(vSavePath);
IsPass = false;
break;
}
}
if (IsPass == false)
{
continue;
}
}
//=============================图片木马检测完毕,包括TXT===========================
BCW.MobileSlider.Model.MobileSlider model = new BCW.MobileSlider.Model.MobileSlider();
model.url = DirPath + fileName;
model.contentType = _contentType;
model.param = _params;
model.ptype = pType;
new BCW.MobileSlider.BLL.MobileSlider().Add(model);
DataSet _ds = new BCW.MobileSlider.BLL.MobileSlider().GetList(1, "", "id desc");
if (_ds.Tables[0].Rows.Count > 0)
{
int mid = int.Parse(_ds.Tables[0].Rows[0]["id"].ToString());
BCW.MobileSlider.Model.MobileSlider _model2 = new BCW.MobileSlider.BLL.MobileSlider().GetModel(mid);
_model2.sortid = _model2.id;
new BCW.MobileSlider.BLL.MobileSlider().Update(_model2);
}
}
//j++;
j--;
}
}
}
catch
{
}
}
