Everyone knows that the power and destructiveness of file system object components are the reasons why those providers who support ASP repeatedly ban it. This article is a three-dimensional disable method for FileSystemObject components introduced by the editor of the New Technology Channel. I hope it will be helpful for your learning!
The first type: Use RegSrv32 /u C:/WINDOWS/SYSTEM/scrrun.dll (win98 path) to log out of the group
. This method is too cruel and belongs to the method of dying together. No one can use it. It's a trick.
The second type: modify the value of Progid. The way to call components in ASP is usually Set object name = Server.
CreateObject("Progid"), at this time we can modify the Progid value in the registry to reach
to the method to disable the component. Touch regedit in Start-Run and find HKEY_CLASSES_ROO
T/Scripting.FileSystemObject, then we can change the value of the Progid, such as
To Scripting.FileSystemObject8. This is called in the ASP page:
<%@ Language=Vbscript%>
<%
Set Fs=Server.CreateObject("Scripting.FileSystemObject8")
%>
(If you have not called this component before, you do not need to restart and you can see the effect, otherwise please re-
Look at the effect after starting. )
At this time, let's see the result of using the original call method:
<%@ Language=Vbscript%>
<%
Set Fs=Server.CreateObject("Scripting.FileSystemObject")
%>
The operation result at this time is:
Server object error 'ASP 0177: 800401f3'
Server.CreateObject Failed
/aspimage/testfile2.asp, line 3
800401f3
(OK, meet our requirements)
Because I was two steps late, others rushed to answer this method, which greatly stimulated me.
The third method is produced.
The third type: Careful experts will think that since you can disable the component by modifying the Progid value, then Clsid is
Can I modify it? (OK, you think the same as me) We know that, except for the CreateObject method
In addition, you can also use the general <object> annotation to create a component. We can use HTM in ASP.
L's <object> tag to add a component to the web page. The method is:
<object runat=server id=fs1 scope=page progid="Scripting.FileSystemObj
ect"></object>
Runat means that it is executed on the server side, Scope means the life cycle of the component, you can use Session and Appl.
ication or page (represents the current page, which can also be defaulted)
This way of writing is useless to us, and another way of writing is:
<object runat=server id=fs1 scope=page classid="clsid:clsid value"></obj
ect>
We can also disable the component by modifying the value of the Clsid, such as HKEY_CLASSES_RO in the registry
OT/Scripting.FileSystemObject/CLSID value 0D43FE01-F093-11CF-8940-00A0C90
54228 changed to 0D43FE01-F093-11CF-8940-00A0C9054229 (changed the last one), at this time
The writing method is:
<object runat=server id=fs1 scope=page classid="clsid:0D43FE01-F093-11
CF-8940-00A0C9054229"></object>
Look at the running results, no problem, OK. We'll use it again
<object runat=server id=fs1 scope=page classid="clsid:0D43FE01-F093-11
CF-8940-00A0C9054228"></object>
An error occurred at this time.
Create a new user: iusr_domain
Set the anonymous user IUSR_DOMAIN of the corresponding site in IIS
CACLS: Set directory permissions
This way FSO is available, but it will not affect others
The above article introduces three ways to disable FileSystemObject components. I believe everyone has a good understanding of this aspect! No matter what job we are doing, we need to learn more and make ourselves stronger!