Files
sms_host20170829/content/board/down_org.asp
T
2026-02-23 10:01:00 +09:00

68 lines
1.6 KiB
Plaintext

<%
Response.Buffer = False
a_tablename = Request.QueryString("a_tablename")
filename = Request.QueryString("filename")
a_tablename = Replace(a_tablename, "../", "" )
a_tablename = Replace(a_tablename, "/", "" )
filename = Replace(filename, "../", "" )
filename = Replace(filename, "/", "" )
If a_tablename = "" Or filename = "" Then
%>
<SCRIPT LANGUAGE="JavaScript">
<!--
alert("잘못된 페이지 요청")
history.go(-1);
//-->
</SCRIPT>
<%
response.end
End if
strDirectory = server.mappath( "/data/board/" ) & "\" & a_tablename & "\"
filepath = strDirectory & filename
'filepath = Request.QueryString("file")
'filename = Mid(filepath, InStrRev("\")+1)
set objFS = Server.CreateObject("Scripting.FileSystemObject")
If objFS.FileExists(filepath) = False Then
%>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="ko" lang="ko">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<SCRIPT LANGUAGE="JavaScript">
<!--
alert("파일이 존재하지 않습니다.");
history.go(-1);
//-->
</SCRIPT>
</head>
<body>
</body>
</html>
<%
response.end
End if
set objF = objFS.GetFile(filepath)
Response.AddHeader "Content-Disposition","attachment;filename=" & server.URLPathEncode(filename)
Response.AddHeader "Content-Length", objF.Size
set objF = nothing
set objFS = nothing
Response.ContentType = "application/x-msdownload"
Response.CacheControl = "public"
Set objDownload = Server.CreateObject("DEXT.FileDownload")
objDownload.Download filepath
Set uploadform = Nothing
%>