对于非法的木马图片,检查文件内容.

<%

set MyFile = server.CreateObject("Scripting.FileSystemObject")
set MyText = MyFile.OpenTextFile(Server.mappath(filename)) '读取文本文件
sTextAll = lcase(MyText.ReadAll())
MyText.close
set MyFile = nothing
sStr=".getfolder|.createfolder|.deletefolder|.createdirectory|.deletedirectory|"
sStr=sStr&".saveas|wscript.shell|script.encode|server.|.createobject|execute|activexobject|language="
snum = split(sStr,"|")
for i=0 to ubound(snum)
     if instr(sTextAll,snum(i)) then
       set filedel = server.CreateObject("Scripting.FileSystemObject")
       filedel.deletefile Server.mappath(filename)
       set filedel = nothing
       Response.Write("<script>alert('上传失败!你想传木马文件呀，我BS你');window.close();</script>")
       Response.End()
     end if
next 

%>