<% ' Fruibile - L'elemento CMS Open Source che mancava ' Copyright (C) 2002-2006 Roberto Scano ' ' Licensed under the terms of the GNU Lesser General Public License: ' http://www.opensource.org/licenses/lgpl-license.php ' ' For further information visit: ' http://www.fruibile.it/ ' ' File Author: ' Roberto Scano (mail@robertoscano.info) %> <% '' This code is absolute freeware. you can do with it as you please. '' There are no restrictions what so ever, but the code is AS IS, no warrenty or liabilty '' Please leave these commentlines intact '' Netherlands, February 2004 '' M.Blokdijk '' maarten@blokdijk.com '' V 1.0 'controllo sicurezza -------------- if Session("WEBGODLogin") <> "W3C_VALIDATOR" then If session("argomenti")<> 1 Then response.Redirect "/backoffice/noentry.asp" end if end if '---------------------------------- 'Prevent your website from cross website attacks --------- refererUrl = Cstr(Request.ServerVariables("HTTP_REFERER")) serverName = Cstr(Request.ServerVariables("SERVER_NAME")) refererName = mid(refererUrl,8,len(serverName)) if refererName <> serverName then response.Redirect "/backoffice/noentry.asp" response.end end if '--------------------------------------------------------- if Request("Back") <> "" then response.redirect Session("lastpage") end if Sub EditDb 'On error resume next If fs.FileExists(server.mappath(dbfile)) Then Response.Redirect dbfile & "?db=" & sFile Else Response.Write "

" & DICLanguage(276) & DICLanguage(0) & "

" &vbCrLf End If End Sub Sub CreateNewFolder 'CREAZIONE NUOVA CARTELLA %>

<%=DICLanguage(270)%>

<% End Sub Sub EditFile 'MODIFICA DOCUMENTO Session("lastpage") = Request.ServerVariables("HTTP_REFERER") Set ReadStream = fs.OpenTextFile(server.mappath(sFile)) filename=request.querystring("file") response.write "

" & DICLanguage(104) & "

" Response.write "

" & DICLanguage(278) & ": " response.write ""&filename&"

" Response.Write "" &vbCrLf End Sub Sub UploadFiles 'TRASFERISCI DOCUMENTI Session("lastpage") = Request.ServerVariables("HTTP_REFERER") %>

<%=DicLanguage(271)%>

<%=DICLanguage(281)%>: <%=spath%>

<%=DICLanguage(282)%><%=DICLanguage(0)%>

&submnu=<%=request("submnu")%>" enctype="multipart/form-data">

<%=replace(DICLanguage(283),"[N]","1")%>:

<%=replace(DICLanguage(283),"[N]","2")%>:

<%=replace(DICLanguage(283),"[N]","3")%>:

<%=replace(DICLanguage(283),"[N]","4")%>:

<%=replace(DICLanguage(283),"[N]","5")%>:

<%=replace(DICLanguage(283),"[N]","6")%>:

<%=replace(DICLanguage(283),"[N]","7")%>:

<%=replace(DICLanguage(283),"[N]","8")%>:

<%=replace(DICLanguage(283),"[N]","9")%>:

<%=DICLanguage(20)%>

<% End Sub Sub CreateFile 'CREA DOCUMENTO response.write "

" & DICLanguage(128) & "

" Session("lastpage") = Request.ServerVariables("HTTP_REFERER") Response.Write "" &vbCrLf End Sub Sub SaveFile 'SALVA DOCUMENTO '' the save as a new file routine response.write "

" & DICLanguage(383) & "

" if request.form("NewFileName")<>"" then NewFileName=request.form("NewFileName") spath=request("path") if spath="/" then slashvalue="" else slashvalue="/" end if filestuff=request.form("filestuff") NewPathFileName= spath&slashvalue&newfilename''creating the right path and filename Set fso = CreateObject("Scripting.FileSystemObject") Set textStreamObject = fso.CreateTextFile(server.mappath(NewPathFileName),true,false) textStreamObject.write filestuff Response.Redirect("" & Session("lastpage") & "") else '' done saving as routine If Request.Querystring("overwrite") = "yes" Then set fs=Server.CreateObject("Scripting.FileSystemObject") Set WriteFile = fs.CreateTextFile(server.mappath(sFile), true) WriteFile.Write Request.Form("filestuff")''filestuff''Session("filestuff") WriteFile.Close Response.Redirect("" & Session("lastpage") & "") Else Session("lastpage") = Request.ServerVariables("HTTP_Referer") If fs.FileExists(server.mappath(sFile)) Then Session("sFile") = sFile spath=request.querystring("path") Session("newfilestuff") = Request.Form("newfilestuff") Response.Write "

" & replace(DICLanguage(285),"[NOMEDOC]","" & sFile & "") & DICLanguage(0) & "

" Response.Write "

" & DICLanguage(286) & "
" & DICLanguage(2) & "

" Else Set WriteFile = fs.CreateTextFile(server.mappath(sFile), false) WriteFile.Write Request.Form("newfilestuff") WriteFile.Close Response.Redirect("default.asp?action=viewfolder&path="&spath&"&mnu=" & request("mnu") & "&submnu=" & request("submnu")) End If End If end if End Sub Sub CreateFolder 'CREAZIONE CARTELLA response.write "

" & DICLanguage(270) & "

" Session("lastpage") = request.querystring("path") If fs.FolderExists(server.mappath(sFolder)) Then response.write "

" & replace(DICLanguage(287),"[CARTELLA]","" & sFolder & "") & DICLanguage(0) & "

" Else fs.CreateFolder(server.mappath(sFolder)) response.redirect("default.asp?action=viewfolder&path="&session("lastpage")& "&mnu=" & request("mnu") & "&submnu=" & request("submnu")) End If End Sub Sub DeleteFile 'ELIMINAZIONE FILE response.write "

" & DICLanguage(384) & "

" If Request.Querystring("commit") <> "yes" Then Session("lastpage") = Request.ServerVariables("HTTP_REFERER") Session("sFile") = sFile Response.Write "

" & replace(DICLanguage(288),"[NOMEDOC]","" & sFile & "") & DICLanguage(0) & "

" If ucase(sFileType) = "JPG" OR ucase(sFileType) = "GIF" OR ucase(sFileType) = "PNG" OR ucase(sFileType) = "JPEG" Then Response.Write "

" End If Response.Write "

"& DICLanguage(290) & "

" Response.Write "

" & DICLanguage(102) & "
"& DICLanguage(2) & "

" Else fs.DeleteFile(server.mappath(Session("sFile"))) Response.Redirect("" & Session("lastpage") & "") End If End Sub Sub DeleteFolder 'ELIMINAZIONE CARTELLA response.write "

" & DICLanguage(385) & "

" If Request.Querystring("commit") <> "yes" Then Session("lastpage") = Request.ServerVariables("HTTP_REFERER") Session("sFolder") = sFolder Response.Write "

" & replace(DICLanguage(291),"[CARTELLA]","" & sFolder & "") & DICLanguage(0) & "

" Response.Write "

"& DICLanguage(290) & "

" Response.Write "

" & DICLanguage(102) & "
"& DICLanguage(2) & "

" Else fs.DeleteFolder(server.mappath(Session("sFolder"))) Response.Redirect("" & Session("lastpage") & "") End If End Sub Sub RenameFolder 'RINOMINARE CARTELLA response.write "

" & DICLanguage(292) & "

" If Request.querystring("commit") <> "yes" Then Session("lastpage") = Request.ServerVariables("HTTP_REFERER") Response.Write "

" & replace(DICLanguage(293),"[CARTELLA]","" & request.querystring("folder") & "") & DICLanguage(0) & "

" %> <% Else NewFolderName=request.form("NewFolderName") sFolder=request.form("folder") if spath="/" then slashvalue="" else slashvalue="/" end if Set fso = CreateObject("Scripting.FileSystemObject") Set folderObject = fso.GetFolder(Server.MapPath(spath&slashvalue&sFolder)) FolderObject.Name=NewFolderName Set folderObject = Nothing Set fso = Nothing Response.Redirect("" & Session("lastpage") & "") End If End Sub Sub RenameFile 'RINOMINA FILE response.write "

" & DICLanguage(295) & "

" If Request("commit") <> "yes" Then Session("lastpage") = Request.ServerVariables("HTTP_REFERER") Response.Write "

" & replace(DICLanguage(296),"[NOMEDOC]","" & request.querystring("file") & "") & DICLanguage(0) & "

" %> <% Else NewFileName=request.form("NewFileName") Sfile=request.form("filename") if spath="/" then slashvalue="" else slashvalue="/" Set fso = CreateObject("Scripting.FileSystemObject") Set FileObject = fso.GetFile(Server.MapPath(spath&slashvalue&sfile)) FileObject.Name = NewFileName Set FilObject = Nothing Set fso = Nothing Response.Redirect("" & Session("lastpage") & "") End If End Sub Sub FileTypeUnsupported 'TIPO FILE NON SUPPORTATO response.write "

" & DICLanguage(386) & "

" Session("lastpage") = Request.ServerVariables("HTTP_REFERER") filename=request.querystring("file") Response.write "

" & DICLanguage(298) & ": " response.write ""&filename&"

" If ucase(sFileType) = "JPG" OR ucase(sFileType) = "GIF" OR ucase(sFileType) = "PNG" or ucase(sFileType)="JPEG" Then Response.Write "

" else Response.Write "

" & replace(DICLanguage(299),"[TIPODOC]", sfiletype) & " " & DICLanguage(300) & ".

" End If Response.Write "

" & DICLanguage(2) & "" & DICLanguage(0) & "

" End Sub Sub Size(itemsize) Response.Write "" &vbCrLf Select case Len(itemsize) Case "1" if itemsize <= 1 then Response.Write "1 " if ucase(Session("Language")) <> "EN" then response.write "byte" else response.write "byte" end if else if ucase(Session("Language")) <> "EN" then Response.Write itemsize & " bytes" else Response.write itemsize & " bytes" end if end if Case "2", "3" if ucase(Session("Language")) <> "EN" then Response.Write itemsize & " bytes" else Response.write itemsize & " bytes" end if Case "4", "5", "6" if ucase(Session("Language")) <> "EN" then if firstkb <> 1 then Response.Write Round(itemsize/1000) & " Kb" firstkb = 1 else Response.write Round(itemsize/1000) & " Kb" end if else if firstkb <> 1 then response.write Round(itemsize/1000) & " Kb" firstkb = 1 else Response.write Round(itemsize/1000) & " Kb" end if end if Case "7", "8", "9" if ucase(Session("Language")) <> "EN" then if firstmb <> 1 then Response.Write Round(itemsize/1000000) & " Mb" firstmb = 1 else Response.write round(itemsize/1000000) & " Mb" end if else if firstmb <> 1 then Response.write Round(itemsize/1000000) & " Mb" firstmb = 1 else Response.write Round(itemsize/1000000) & " Mb" end if end if End Select Response.Write "" &vbCrLf End Sub Sub ShowList 'INIZIA VISUALIZZAZIONE '------------------------------------ response.write "

" & DICLanguage(387) & "

" %> <% ' Use the GetFolder method of the filesystemobject to get the contents of the directory specified in sPath Set fileobject = fs.GetFolder(server.mappath(sPath)) ' Use the SubFolders property to get the folders contained in the directory specified in sPath Set foldercollection = fileobject.SubFolders ' Start the code to alternate line colors - just to make the display a little less visually confusing. lineid=0 bgcolor = "" bgcolor_off = "colore1" '"#FFFFFF" bgcolor_on = "colore2" '"#f0f0f0" ' Loop through the folders contained in the foldercollection and display their information on the page For Each folder in foldercollection ' Apply our alternating line coloring If lineid = 0 Then bgcolor = bgcolor_off lineid = 1 Else bgcolor = bgcolor_on lineid = 0 End if Response.Write "" &vbCrLf If Right(sPath,1)="/" Then 'NOME DEL FILE Response.Write "" & vbCrLf Else Response.Write "" & vbCrLf End If 'TIPO FILE Response.Write "" 'DIMENSIONI FILE Call Size(folder.size) 'ULTIMO ACCESSO FILE Response.Write "" &vbCrLf 'OPZIONI Response.Write "" &vbCrLf Response.Write "" &vbCrLf Next Set foldercollection=nothing ' Use the Files property to get the files contained in the directory specified in sPath Set filecollection = fileobject.Files ' Loop through the files contained in the filescollection and dislay their information on the page For Each file in filecollection ' Apply our alternating line coloring If lineid = 0 Then bgcolor = bgcolor_off lineid = 1 Else bgcolor = bgcolor_on lineid = 0 End if Response.Write "" &vbCrLf %> <% if fs.GetExtensionName(file.name)="gif" then image="" if fs.GetExtensionName(file.name)="pdf" then image="" if fs.GetExtensionName(file.name)="css" then image="" if fs.GetExtensionName(file.name)="doc" then image="" if fs.GetExtensionName(file.name)="xls" then image="" if fs.GetExtensionName(file.name)="exe" then image="" if fs.GetExtensionName(file.name)="zip" then image="" if fs.GetExtensionName(file.name)="jpg" then image="" if fs.GetExtensionName(file.name)="jpeg" then image="" if fs.GetExtensionName(file.name)="htm" then image="" if fs.GetExtensionName(file.name)="html" then image="" if fs.GetExtensionName(file.name)="swf" then image="" if fs.GetExtensionName(file.name)="asp" then image="" if fs.GetExtensionName(file.name)="txt" then image="" if fs.GetExtensionName(file.name)="inc" then image="" if fs.GetExtensionName(file.name)="js" then image="" if fs.GetExtensionName(file.name)="mdb" then image="" if fs.GetExtensionName(file.name)="lnk" then image="" if fs.GetExtensionName(file.name)="log" then image="" if fs.GetExtensionName(file.name)="shtml" then image="" if image="" then image= "" 'NOME FILE Response.Write "" &vbCrLf image="" 'TIPO Response.Write "" &vbCrLf 'DIMENSIONI Call Size(file.size) 'ULTIMO ACCESSO Response.Write "" &vbCrLf 'AZIONI Response.Write "" &vbCrLf Response.Write "" &vbCrLf Next ' We are done displaying information about files and folders in this directory, so close the table. Response.Write "" &vbCrLf Response.Write "

<%=DICLanguage(32)%>	<%=DICLanguage(302)%>	<%=DICLanguage(303)%>	<%=DICLanguage(124)%>	<%=DICLanguage(304)%>
" & folder.name & "	" & folder.name & "	" & DICLanguage(305) & "	" & day(folder.datelastmodified) & "/" & month(folder.datelastmodified) & "/" & year(folder.datelastmodified) & " - " & formatdatetime(folder.datelastmodified,3) & "	" & DICLanguage(292) & " \| " & DICLanguage(267) & "
"&image&" " & file.name & "	" & fs.GetExtensionName(file.name) & "	" & day(file.datelastmodified) & "/" & month(file.datelastmodified) & "/" & year(file.datelastmodified) & " - " & formatdatetime(file.datelastmodified,3) & "	" & DICLanguage(295) & " \| " & DICLanguage(267) & "

" &vbCrLf End Sub Sub DisplayErrors Response.Write "" & vbcrlf Response.Write "

" & errorcode & DICLanguage(0) & "

" & vbCrlf End Sub %>