<% dim upLoader, ArtworkID,imgType,ImageFile dim rs, sSQL, Msg, ok, File Msg = "" ok = 0 imgType=request("Type")&"" 'response.write imgType ArtworkID = request("ArtworkID") & "" func =request("func") &"" if func ="delete" then if imgType ="Large" then strSQL ="Update Artworks set Largepic ='' where ArtworkID= " & ArtworkID else strSQL ="Update Artworks set ThumbPic ='' where ArtworkID= " & ArtworkID end if cn.execute strSQL end if if request("REQUEST_METHOD") = "POST" then strPath = server.MapPath("\Uploads") Set Uploader = New FileUploader Uploader.Upload() for each File in Uploader.Files.Items 'check file type arrFileType = split(File.FileName, ".", -1,1) fileType = arrFileType(1) if fileType = "vbs" or fileType = "asp" or fileType = "jsp" or fileType = "cgi" or fileType = "exe" or fileType = "bat" or fileType = "scr" or fileType = "com" then terror = "1" exit for end if FileLocation = File.FileName ImageFile = File.FileName File.SaveToDisk strPath next if terror = "1" then response.write "Cannot upload a file of that type!" response.end end if Update if msg = "" then ok = 1 msg = "Record sucessfully saved" end if set Uploader = nothing else ok = 0 set rs = Server.CreateObject("ADODB.Recordset") strSQL = "select * from Artworks where ArtworkID= " & ArtworkID rs.open strSQL, Cn if not rs.bof and not rs.eof then if imgType ="Large" then ImageFile = rs("LargePic") & "" else ImageFile = rs("ThumbPic") & "" end if end if 'response.write ImageFile rs.close set rs = nothing end if Sub Update () dim Cmd 'set cmd = Server.CreateObject("ADODB.Command") 'response.write "ImageFile=" & ImageFile 'response.end 'Cmd.Parameters.Append Cmd.CreateParameter(,adVarchar, , 50, ImageFile) 'Set Cmd.ActiveConnection = Cn if imgType ="Large" then sSQL = "UPDATE Artworks SET " & _ " LargePic='"&ImageFile& "'" & _ " WHERE ArtworkID= " & ArtworkID else sSQL = "UPDATE Artworks SET " & _ " ThumbPic='"&ImageFile& "'"& _ " WHERE ArtworkID= " & ArtworkID end if Cn.Execute sSQL 'response.write "PicUpload.asp?ArtworkID=" & ArtworkID&"Type="&Imgtype 'response.End() response.redirect "PicUpload.asp?ArtworkID=" & ArtworkID&"&Type="&Imgtype End Sub %>

<%if imgType = "Large" then header("Large Picture upload") else header("Thumbnail upload") end if %> <% if ImageFile <> "" then response.write "" & vbcrlf response.write "" & vbcrlf response.write "" & vbcrlf end if %>

View file: [" & ImageFile & "] [Delete]
File name: