Files
sms_host20170829/content/board/down.asp
T
2026-02-23 10:01:00 +09:00

61 lines
1.4 KiB
Plaintext

<%
a_tablename = Request.QueryString("a_tablename")
filename = Request.QueryString("filename")
a_tablename = Replace(a_tablename, "../", "" )
a_tablename = Replace(a_tablename, "/", "" )
filename = Replace(filename, "../", "" )
filename = Replace(filename, "/", "" )
fileDir = server.mappath( "/data/board/" ) & "\" & a_tablename & "\"
downFileName = filename
filepath = fileDir & filename
set objFS = Server.CreateObject("Scripting.FileSystemObject")
If objFS.FileExists(filepath) = False Then
%>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="ko" lang="ko">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<SCRIPT LANGUAGE="JavaScript">
<!--
alert("파일이 존재하지 않습니다.");
history.go(-1);
//-->
</SCRIPT>
</head>
<body>
</body>
</html>
<%
response.end
End If
set objFS = nothing
Response.charset = "ISO-8859-1"
Response.addHeader "Content-Type", "charset=ISO-8859-1"
Response.contenttype = "application/unknown"
Response.addheader "content-disposition", "attachment;filename=" & downFileName
Set objstream = Server.CreateObject("adodb.stream")
objstream.open
objstream.type = 1
objstream.loadfromfile filepath
download = objstream.read
response.binarywrite download
Set objstream = Nothing
%>