重要修改FC编辑器 上传过滤
重要修改FC编辑器 上传过滤
修改文件 \Fckeditor\editor\filemanager\connectors\asp\config.asp
ConfigDeniedExtensions.Add "File", "asp|aspx|asa|asax|java|class|exe|php|pl|dll"
ConfigDeniedExtensions.Add "Image", "asp|aspx|asa|asax|java|class|exe|php|pl|dll"
ConfigDeniedExtensions.Add "Media", "asp|aspx|asa|asax|java|class|exe|php|pl|dll"
ConfigDeniedExtensions.Add "Flash", "asp|aspx|asa|asax|java|class|exe|php|pl|dll"
重要修改FC编辑器 上传过滤
修改文件 \Fckeditor\editor\filemanager\connectors\asp\class_upload.asp
找到 sFileExt = File(sItem).Ext
下面加上
sFileExt = filtfilename(sFileExt) '这里是对文件类型进行循环检查 修改1
Function filtfilename(filename)
If IsEmpty(filename) Then Exit Function
filename = Lcase(filename) '一定要用Lcase不要用Ucase
do '开始循环
dim A_len
A_len=len(filename) '得到字符串长度
filename = Replace(filename,Chr(0),"")
filename = Replace(filename,".","")
filename = Replace(filename,"asp","")
'filename = Replace(filename,"aaspsp","")
filename = Replace(filename,"asa","")
filename = Replace(filename,"aspx","")
filename = Replace(filename,"cer","")
filename = Replace(filename,"cdx","")
filename = Replace(filename,"htr","")
filename = Replace(filename,"asax","")
filename = Replace(filename,"ascx","")
filename = Replace(filename,"ashx","")
filename = Replace(filename,"asmx","")
filename = Replace(filename,"axd","")
filename = Replace(filename,"vsdiso","")
filename = Replace(filename,"rem","")
filename = Replace(filename,"soap","")
filename = Replace(filename,"config","")
filename = Replace(filename,"cs","")
filename = Replace(filename,"csproj","")
filename = Replace(filename,"vb","")
filename = Replace(filename,"vbproj","")
filename = Replace(filename,"webinfo","")
filename = Replace(filename,"licx","")
filename = Replace(filename,"resx","")
filename = Replace(filename,"resou","")
filename = Replace(filename,"jsp","")
filename = Replace(filename,"php","")
filename = Replace(filename,"cgi","")
loop until A_len=len(filename) '如果过滤前的长度等于过滤后的长度说明已经过滤得干干净净了,退出循环。
filtfilename=filename
End Function
修改文件 \Fckeditor\editor\filemanager\connectors\asp\config.asp
ConfigDeniedExtensions.Add "File", "asp|aspx|asa|asax|java|class|exe|php|pl|dll"
ConfigDeniedExtensions.Add "Image", "asp|aspx|asa|asax|java|class|exe|php|pl|dll"
ConfigDeniedExtensions.Add "Media", "asp|aspx|asa|asax|java|class|exe|php|pl|dll"
ConfigDeniedExtensions.Add "Flash", "asp|aspx|asa|asax|java|class|exe|php|pl|dll"
重要修改FC编辑器 上传过滤
修改文件 \Fckeditor\editor\filemanager\connectors\asp\class_upload.asp
找到 sFileExt = File(sItem).Ext
下面加上
sFileExt = filtfilename(sFileExt) '这里是对文件类型进行循环检查 修改1
Function filtfilename(filename)
If IsEmpty(filename) Then Exit Function
filename = Lcase(filename) '一定要用Lcase不要用Ucase
do '开始循环
dim A_len
A_len=len(filename) '得到字符串长度
filename = Replace(filename,Chr(0),"")
filename = Replace(filename,".","")
filename = Replace(filename,"asp","")
'filename = Replace(filename,"aaspsp","")
filename = Replace(filename,"asa","")
filename = Replace(filename,"aspx","")
filename = Replace(filename,"cer","")
filename = Replace(filename,"cdx","")
filename = Replace(filename,"htr","")
filename = Replace(filename,"asax","")
filename = Replace(filename,"ascx","")
filename = Replace(filename,"ashx","")
filename = Replace(filename,"asmx","")
filename = Replace(filename,"axd","")
filename = Replace(filename,"vsdiso","")
filename = Replace(filename,"rem","")
filename = Replace(filename,"soap","")
filename = Replace(filename,"config","")
filename = Replace(filename,"cs","")
filename = Replace(filename,"csproj","")
filename = Replace(filename,"vb","")
filename = Replace(filename,"vbproj","")
filename = Replace(filename,"webinfo","")
filename = Replace(filename,"licx","")
filename = Replace(filename,"resx","")
filename = Replace(filename,"resou","")
filename = Replace(filename,"jsp","")
filename = Replace(filename,"php","")
filename = Replace(filename,"cgi","")
loop until A_len=len(filename) '如果过滤前的长度等于过滤后的长度说明已经过滤得干干净净了,退出循环。
filtfilename=filename
End Function
