Web Development Code Library ASPASP-based file explorer
ASP-based file explorer
Traverse files and folders on your server.
<%Option Explicit %>
<!-- APP001 -->
<%
' APP001 FileDisplay System
' Coded by Brian Hogan
' 11/14/01
' No Database
' No stored Procedures
' No external files
'
' This application allows you to navigate a file structure
' using only this script. This code can be modified to perform other
' tasks as well.
%>
<html>
<head>
<title>File Display</title>
<script language="javascript">
// <!--
// Client side script goes here
// -->
</script>
</head>
<body bgcolor="#ffffff" text="#000000">
<%
dim strPath
if Request.QueryString("Path") = "" then
'Set the root path of your file structure here
session("RootPath") = "c:\inetpub\wwwroot\"
strPath=session("RootPath")
else
strPath=session("RootPath") & Request.QueryString("Path")
end if
'We need to see if they are trying to exploit the path by using a ../ or ..\ notation to navigate.
if instr(1,Request.QueryString("path"),"..\") or instr(1,Request.QueryString("path"),"../") or instr(1,Request.QueryString("path"),"..")then
Response.Write("You have attempted to circumvent the file system of this server. Your IP has been logged")
else
List(strPath)
end if
%>
</body>
</html>
<%
Sub List(Path)
Dim objFSO, strRoot, arrFiles, arrFolders, strFile, strFolder
'Create the file system object
Set objFSO = Server.CreateObject("Scripting.FileSystemObject")
'Continue if there is an error on the next line of code
on error resume next
'Set the root of the file system
Set strRoot = objFSO.getfolder(Path)
'Actually catch the error if there is one
if err.number <> 0 then
%>
<font face="arial">
There has been a problem processing your request. The path that was passed to this script is invalid.<BR><BR>
</font>
<%
else
'Fill the arrays with the files and subfolders
Set arrFiles = strRoot.Files
Set arrFolders = strRoot.SubFolders
%>
<A HREF="<%=Request.ServerVariables("HTTP_REFERER")%>">Parent Directory</a><BR><BR>
Listing for <%=trim(replace(lcase(path),lcase(session("Rootpath"))," "))%>
<blockquote>
<table width="400" border="0" cellspacing="2" cellpadding="2">
<tr bgcolor="#DDE9FB">
<td width="175"><b><font face="Arial, Helvetica, sans-serif"> Folders </font></b></td>
<td width="225"><b><font face="Arial, Helvetica, sans-serif"> Files </font></b></td>
</tr>
<tr valign="top">
<td width="175">
<%
'This displays the subfolders of the current folder
For Each strFolder In arrFolders
%>
<a href="list.asp?Path=<%=trim(replace(lcase(strFolder.path),lcase(session("rootpath"))," "))%>"><%=trim(replace(lcase(strFolder),lcase(strRoot)," "))%></a><br>
<%
Next
%>
</td>
<td width="225">
<%
'This displays the files in the current directory
For Each strFile In arrFiles
%>
<a href="<%=trim(replace(lcase(strFile),lcase(session("rootpath"))," "))%>"><%=trim(replace(lcase(strFile),lcase(strRoot)," "))%></a><br>
<%
Next
%>
</td>
</tr>
</table>
</blockquote>
<%
end if
End Sub
%>
