Modifica di un file

<title>Modifica di un file</title>
Modificare il file: <i>\Galleria\download_script.asp</i><br><form method=post action="edit.asp?action=save&dir=\Galleria&file=download_script.asp"><textarea name='content' style='width: 700px;' rows=20 cols=70>&lt;%@Language=&quot;VBScript&quot;%&gt;
&lt;%Option Explicit%&gt;
&lt;%Response.Buffer = True%&gt;

&lt;%
'script from http://www.xefteri.com/articles/show.cfm?id=7
On Error Resume Next
Dim strPath
strPath = CStr(Request.QueryString(&quot;file&quot;))
'-- do some basic error checking for the QueryString
'-- Fare un errore di fondo controllo per la querystring
If strPath = &quot;&quot; Then
	Response.Clear
	Response.Write(&quot;File non specificato.&quot;)
	Response.End
ElseIf InStr(strPath, &quot;..&quot;) &gt; 0 Then
	Response.Clear
	Response.Write(&quot;Percorso errato della cartella.&quot;)
	Response.End
ElseIf Len(strPath) &gt; 1024 Then
	Response.Clear
	Response.Write(&quot;Percorso cartella  troppo a lungo.&quot;)
	Response.End
'-- prohibit downloads based on extensions, add more as necessary; highly recommended to prohibit script downloads by direct URL input.
'-- vietare download basati su estensioni, aggiungi più, se necessario; altamente raccomandato di vietare script download diretto URL input.
ElseIf InStr(strPath, &quot;.asp&quot;) &gt; 0 Then
	Response.Clear
	Response.Write(&quot;Tipo di file illegale.&quot;)
	Response.End
ElseIf InStr(strPath, &quot;.php&quot;) &gt; 0 Then
	Response.Clear
	Response.Write(&quot;Tipo di file illegale.&quot;)
	Response.End		
Else
	Call DownloadFile(strPath)
End If

Private Sub DownloadFile(file)
	'--declare variables
	Dim strAbsFile
	Dim strFileExtension
	Dim objFSO
	Dim objFile
	Dim objStream
	'-- set absolute file location
	strAbsFile = Server.MapPath(file)
	'-- create FSO object to check if file exists and get properties
	Set objFSO = Server.CreateObject(&quot;Scripting.FileSystemObject&quot;)
	'-- check to see if the file exists
	If objFSO.FileExists(strAbsFile) Then
		Set objFile = objFSO.GetFile(strAbsFile)
		'-- first clear the response, and then set the appropriate headers
		Response.Clear
		'-- the filename you give it will be the one that is shown
		' to the users by default when they save
		Response.AddHeader &quot;Content-Disposition&quot;, &quot;attachment; filename=&quot; &amp; objFile.Name
		Response.AddHeader &quot;Content-Length&quot;, objFile.Size
		Response.ContentType = &quot;application/octet-stream&quot;
		Set objStream = Server.CreateObject(&quot;ADODB.Stream&quot;)
		objStream.Open
		'-- set as binary
		objStream.Type = 1
		Response.CharSet = &quot;UTF-8&quot;
		'-- load into the stream the file
		objStream.LoadFromFile(strAbsFile)
		'-- send the stream in the response
		Response.BinaryWrite(objStream.Read)
		objStream.Close
		Set objStream = Nothing
		Set objFile = Nothing
	Else 'objFSO.FileExists(strAbsFile)
		Response.Clear
		Response.Write(&quot;No such file exists.&quot;)
	End If
	Set objFSO = Nothing
End Sub
%&gt;</textarea><br><input type=submit value='Save !'></form>[<a href="sfmanager.asp?dir=%5CGalleria">Íàçàä</a>]