2
In this modified version there are two groups that use this upload script. Members of one group get automatically re-directed after uploading.
However, this member group never gets the benefit of knowing if they've uploaded an incorrect file size or incorrect file extension.
Members from the second group do see the "exceeds max file size”, and the error “invalid filetype”.
Can you take a look at the script below and suggest how I can adjust the script so that PPL members, will trigger the "Exceeds max file size error" and "invalid filetype" error, if appropriate, before they're automatically re-directed? Thank you. Any help would be appreciated.
Expand|Select|Wrap|Line Numbers
- <%@ Language=VBScript %>
- <%
- 'option explicit
- Response.Expires = -1
- Server.ScriptTimeout = 600
- Dim MMS_GROUP_NUMBER
- MMS_GROUP_NUMBER = "2,3"
- Call OPEN_DB()
- set PPLRS = MyConn.Execute( "SELECT * from mms_tbl_user_cate where fldUSER_ID = " & session( "PMMS_ID" ) & " AND fldCATE_ID = 3" )
- IF NOT PPLRS.EOF THEN
- PPL_GROUP_MEMBER = "Y"
- END IF
- set PPLRS = nothing
- MyConn.close
- Set MyConn = Nothing
- %>
- <!--#include virtual="aspUpload.asp" -->
- <!--#include VIRTUAL="app_config.asp"-->
- <!--#include VIRTUAL="inc_enforce.asp"-->
- <!--#include file="inc_header.asp"-->
- <%
- ' ****************************************************
- Dim uploadsDirVar
- uploadsDirVar = "C:\Input"
- 'response.write uploadsDirVar
- ' ****************************************************
- function OutputForm()
- %>
- <form name="frmSend" method="POST" enctype="multipart/form-data" action="upload.asp" onSubmit="return onSubmitForm();">
- <B></B><br><input name="attach1" type="file" size=35><br>
- <!--File 2: <input name="attach2" type="file" size=35><br>-->
- <!--File 3: <input name="attach3" type="file" size=35><br>-->
- <!--File 4: <input name="attach4" type="file" size=35><br>-->
- <br>
- <!-- These input elements are obviously optional and just included here for demonstration purposes -->
- <!--<B>Additional fields (demo):</B><br>-->
- <!--Enter a number: <input type="text" name="enter_a_number" size="20"><br>-->
- <!--Checkbox values: <input type="checkbox" value="1" name="checkbox_values">-1 <input type="checkbox" value="2" name="checkbox_values">-2<br>-->
- <!-- End of additional elements -->
- <input style="margin-top:4" type=submit value="Upload">
- </form>
- <%
- end function
- function TestEnvironment()
- Dim fso, fileName, testFile, streamTest
- TestEnvironment = ""
- Set fso = Server.CreateObject("Scripting.FileSystemObject")
- if not fso.FolderExists(uploadsDirVar) then
- TestEnvironment = "<B>Folder " & uploadsDirVar & " does not exist.</B><br>The value of your uploadsDirVar is incorrect. Open upload.asp in an editor and change the value of uploadsDirVar to the pathname of a directory with write permissions."
- exit function
- end if
- fileName = uploadsDirVar & "\test.txt"
- on error resume next
- Set testFile = fso.CreateTextFile(fileName, true)
- If Err.Number<>0 then
- TestEnvironment = "<B>Folder " & uploadsDirVar & " does not have write permissions.</B><br>The value of your uploadsDirVar is incorrect. Open upload.asp in an editor and change the value of uploadsDirVar to the pathname of a directory with write permissions."
- exit function
- end if
- Err.Clear
- testFile.Close
- fso.DeleteFile(fileName)
- If Err.Number<>0 then
- TestEnvironment = "<B>Folder " & uploadsDirVar & " does not have delete permissions</B>, although it does have write permissions.<br>Change the permissions for IUSR_<I>computername</I> on this folder."
- exit function
- end if
- Err.Clear
- Set streamTest = Server.CreateObject("ADODB.Stream")
- If Err.Number<>0 then
- TestEnvironment = "<B>The ADODB object <I>Stream</I> is not available in your server.</B><br>Check the Requirements page for information about upgrading your ADODB libraries."
- exit function
- end if
- Set streamTest = Nothing
- end function
- function SaveFiles
- Dim Upload, fileName, fileSize, ks, i, fileKey
- Set Upload = New FreeASPUpload
- Upload.setMaxFileSize 2, "k"
- Upload.Save(uploadsDirVar)
- ' If something fails inside the script, but the exception is handled
- If Err.Number<>0 then Exit function
- SaveFiles = ""
- ks = Upload.UploadedFiles.keys
- if (UBound(ks) <> -1) then
- SaveFiles = "<B>Files uploaded:</B> "
- for each fileKey in Upload.UploadedFiles.keys
- SaveFiles = SaveFiles & Upload.UploadedFiles(fileKey).FileName & " (" & Upload.UploadedFiles(fileKey).Length & "B) "
- next
- else
- SaveFiles = "The file name specified in the upload form does not correspond to a valid file in the system."
- end if
- SaveFiles = SaveFiles & "" & Upload.Form("enter_a_number") & "<br>"
- SaveFiles = SaveFiles & "" & Upload.Form("checkbox_values") & "<br>"
- end function
- SUB updateDB_Logout
- Call OPEN_DB()
- MyConn.Execute( "UPDATE mms_tbl_user SET fldSTATUS = '" & drpSTATUS(3) & "' WHERE ID = " & Session("PMMS_ID") )
- IF Session("PMMS_IN") = "True" THEN
- Call APPEND_LOG(False, Session("PMMS_ID"), "Logs out.", Trim(sysVAL(7)))
- END IF
- MyConn.close
- Set MyConn = Nothing
- Session.Abandon
- Response.Redirect( "PPL_Logout.asp" )
- Response.end
- END SUB
- %>
- <HTML>
- <HEAD>
- <Title>TEST</Title>
- <style type="text/css">
- body {margin: 1px 100px; padding: 1px; 0px}
- </style>
- </HEAD>
- <BODY leftMargin=0 topMargin=0 marginheight="0" marginwidth="0" body {border-left: 1px solid #000; }>
- <SCRIPT LANGUAGE="JavaScript">errorcolor = '#eeeeee';</Script>
- <table cellspacing=0 border=0 cellpadding=40 width=100% align=left>
- <tr>
- <td align=left valign=middle>
- <script language="JAVASCRIPT">
- var errfound = false;
- function ValidLength(item, len) {
- return (item.length >= len);
- }
- function error(elem, text) {
- if (errfound) return;
- window.alert(text);
- elem.select();
- elem.focus();
- elem.style.backgroundColor=errorcolor;
- errfound = true;
- }
- function Validate() {
- errfound = false;
- d=document.login
- if (!ValidLength(d.members_username.value,1))error(d.members_username,"Username should not be blank.");
- if (!ValidLength(d.members_password.value,1))error(d.members_password,"Password should not be blank.");
- return !errfound;
- }
- </script>
- <TR valign=top>
- <div style="border:0px solid #000000; width: 705px; padding-left: 75px; text-align:top;">
- <style>
- BODY {background-color: white;font-family:arial; font-size:12}
- </style>
- <script>
- function onSubmitForm() {
- var formDOMObj = document.frmSend;
- if (formDOMObj.attach1.value == "" && formDOMObj.attach2.value == "" && formDOMObj.attach3.value == "" && formDOMObj.attach4.value == "" )
- alert("Please press the browse button and pick a file.")
- else
- return true;
- return false;
- }
- </script>
- </HEAD>
- <BODY>
- <br><br>
- <div style="border-bottom: #A91905 2px solid;font-size:16">1. Select(Click) the Browse Button<br>
- 2. Choose Your File For Uploading<br>
- 3. Select(Click) the Upload Button<br><br></div>
- <%
- Dim diagnostics
- if Request.ServerVariables("REQUEST_METHOD") <> "POST" then
- diagnostics = TestEnvironment()
- if diagnostics<>"" then
- response.write "<div style=""margin-left:20; margin-top:30; margin-right:30; margin-bottom:30;"">"
- response.write diagnostics
- response.write "<p>After you correct this problem, reload the page."
- response.write "</div>"
- else
- response.write "<div style=""margin-left:5"">"
- OutputForm()
- response.write "</div>"
- end if
- else
- response.write "<div style=""margin-left:5"">"
- OutputForm()
- response.write SaveFiles()
- response.write "<br><br></div>"
- IF PPL_GROUP_MEMBER = "Y" THEN
- updateDB_Logout
- end if
- end if
- %><img src="img/linkimg9.jpg" style="vertical-align: middle;" width="32" height="27" alt="" border="0" />
- <span style="color: #ffffff"><%=Trim(Session("PMMS_EMAIL"))%>
- </span>
- <br><br>
- </p></div></tr></td></tr>
- </table></TD></TR><!--#include file="inc_footer.asp"--></TABLE>
- </TD>
- </TR>
- </TABLE>
- <TABLE cellSpacing=0 valign=bottom cellPadding=0 width=100% border=0>
- <TR valign=top height=4>
- </TR>
- <TR valign=middle height=25>
- <TD class=headera2> <FONT class=linksmall><font face="Arial" color="#ffffff" size="2">Copyright © 2007 <a href="" target="_blank"></a>. All Rights Reserved.</FONT></TD>
- <TD align=right class=headera2><font class=linksmall><font face="Arial" color="#ffffff" size="2">Email : <A href=""></A> </font></TD>
- </TR>
- </TABLE>
- </Body>
- </BODY>
- </HTML>
