public void ProcessRequest(HttpContext context) { context.Response.ContentType = "text/plain"; string order = context.Request["order"]; string fileRootPath = ConfigurationManager.AppSettings["filePath"]; string path = context.Request["path"]; string search = context.Request["search"]; string rootPath = fileRootPath; path = rootPath + "\\" + path; PostJSON p = new PostJSON(); JavaScriptSerializer jss = new JavaScriptSerializer(); if (!Directory.Exists(rootPath))//如果用户根路径不存在则创建 { Directory.CreateDirectory(rootPath); } if (path.IndexOf("..\\") == -1 && path.IndexOf("../") == -1)//如果包含上一级符号则屏蔽 { if (Directory.Exists(path)) { folder folder = new folder(); folder = fileBLL.getFloder(path); switch (order) { case "order_nameascending": folder.sortByName(); break; case "order_sizeascending": folder.sortBySize(); break; case "order_ModifiedDateascending": folder.sortByModifiedDate(); break; case "order_CreatDateTimeascending": folder.sortByCreatDateTime(); break; case "order_namedesc": folder.sortByNameDesc(); break; case "order_sizedesc": folder.sortBySizeDesc(); break; case "order_ModifiedDatedesc": folder.sortByModifiedDateDesc(); break; case "order_CreatDateTimedesc": folder.sortByCreatDateTimeDesc(); break; default: break; } p.obj = folder; } else { p.isError = true; p.errorMsg = "指定的目录不存在!"; } } else { p.isError = false; p.errorMsg = "不允许使用上一级符号"; } context.Response.Write(jss.Serialize(p)); context.Response.End(); }