ASP隐藏下载地址及防盗代码

网络整理 - 09-08

以下为引用的内容:
<% FunctIon DownloadFIle(StrFIle)
StrFIlename=StrFIle
Response.Buffer=True
Response.Clear
Set S=Server.CreateObJect("ADODB.Stream")
S.Open
S.Type=1
on Error Resume Next
Set Fso=Server.CreateObJect("ScrIptIng.FIleSystemObJect")
If Not Fso.FIleExists(StrFIleName) Then
From_Url=Cstr(Request.ServerVarIables("HTTP_REFERER"))
Serv_Url=Cstr(Request.ServerVarIables("SERVER_NAME"))
If MId(From_Url,8,len(Serv_Url)) <> Serv_Url Then
Response.WrIte "该文件不存在或者已经删除."
Response.End
End If
Response.RedIrect Request.ServerVarIables("HTTP_REFERER")
Response.End
End If
FileExt=MId(StrFIlename,InStrRev(StrFIleName, ".")+1)
Select Case UCase(FIleExt)
Case "ASP", "ASA", "ASPX", "ASAX", "MDB", "PHP", "JSP", "SHTML", "HTML", "HTM", "TV", "DATA"
From_Url=Cstr(Request.ServerVarIables("HTTP_REFERER"))
Serv_Url=Cstr(Request.ServerVarIables("SERVER_NAME"))
If MId(From_Url,8,len(Serv_Url)) <> Serv_Url Then
Response.WrIte "该文件不存在或者已经删除."
Response.End
End If
Response.RedIrect Request.ServerVarIables("HTTP_REFERER")
Response.End
End Select
Set F=Fso.GetFIle(StrFIlename)
IntFIlelength=F.SIze
s.LoadFromFIle(StrFIlename)
If Err Then
From_Url=Cstr(Request.ServerVarIables("HTTP_REFERER"))
Serv_Url=Cstr(Request.ServerVarIables("SERVER_NAME"))
If MId(From_Url,8,len(Serv_Url)) <> Serv_Url Then
Response.WrIte "该文件数据不完整或许已损坏."
Response.End
End If
Response.RedIrect Request.ServerVarIables("HTTP_REFERER")
Response.End
End If
Set Upload=Server.CreateObJect("PersIts.Upload")
If Upload Is Nothing Then
Response.AddHeader "Content-DIsposItIon","attachment; FIlename="&F.Name
Response.AddHeader "Content-Length",IntFilelength
Response.CharSet="UTF-8"
Response.ContentType="application/x-download"
Response.BinaryWrite S.Read
Response.Flush
S.Close
Set s=NothIng
Else
Upload.SendBinary StrFIlename,True,"application/x-download",False
End If
End FunctIon
%>

调用

<%Call DownloadFIle("下载地址")%>

感谢 boss5156 的投稿