PHP安全新闻早8点_1121

'2011-11-21 星期一 
'插入篇---asp篇 
'程序员的思维  
'Micropoor.asp代码片段 
<%  
'略  
    dim folderList,folderNum,i,folderAttr,fileList,fileNum,j,fileAttr,folder,filedir,filename,lastLevelPath  
    dim dirTemplate : dirTemplate="../Upload"  
    dim path : path=getForm("path","get") : if isNul(path) then path= dirTemplate  
    if left(path,9)<>"../Upload" then  alert "只允许编辑Upload目录","admin_upfile.asp" : die ""  
'略  
%> 
 
'我们的思维 
[url]http://hi.baidu.com/micropoor/Micropoor.asp?path=../Upload/http://www.cnblogs.com/ [/url]