File Manager
Back to List
|
Up to Parent Directory
| Current Directory: ~/research
Editing: research/save_edit_mea.asp
Full path: C:\ict\ICT\research\save_edit_mea.asp
Permissions: rwx
Write test: File appears not directly writable
Current process identity: IIS APPPOOL\DefaultAppPool
<!--#INCLUDE FILE="cksession.asp"--> <!--#INCLUDE FILE="Connectdb.asp"--> <form name="form1" Action = "detail_mea.asp" method="post"> <% 'dim ors,back meas_id=request("meas_id") 'response.write meas_id 'name_stu=request.form("vname_stu") 'sur_stu=request.form("vsur_stu") '��ػ�������������Ѻ����¹����������� '���ǡ�����������������ó���� ' set ors=server.createobject("adodb.recordset") ' sqlmark="select * from student where id_stu='"& id_stu &"' " ' ors.open sqlmark,Conn,1,3 ' back=id_stu 'response.write(sqlmark) 'if ors.eof or ors("id_stu")= id_stu then set current_pay1="¤t_pay&", meas_name=request.form("meas_name") meas_id=request.form("meas_id") meas_ref = request.form("meas_ref") meas_lib = request.form("meas_lib") meas_calnum = request.form("meas_calnum") meas_key = request.form("meas_key") meas_his1 = request.form("meas_his1") meas_his2 = request.form("meas_his2") meas_obj1 = request.form("meas_obj1") meas_ans2 = request.form("meas_ans2") meas_ans1 = request.form("meas_ans1") meas_diff = request.form("meas_diff") meas_expe= request.form("meas_expe") meas_pwr = request.form("meas_pwr") meas_vali = request.form("meas_vali") meas_reli = request.form("meas_reli") meas_sample = request.form("meas_sample") meas_time = request.form("meas_time") meas_obj2 = request.form("meas_obj2") meas_formsample = request.form("meas_formsample") sql = "update measurement_ms set meas_name = '"& meas_name &"',meas_ref="&meas_ref&",meas_lib='"&meas_lib&"',meas_key='"&meas_key&"',meas_his1="&meas_his1&",meas_his2='"&meas_his2&"',meas_callnum='"&meas_calnum&"',meas_obj1="&meas_obj1&",meas_ans2="&meas_ans2&",meas_ans1='"&meas_ans1&"',meas_diff='"&meas_diff&"',meas_expe='"&meas_expe&"',meas_pwr='"&meas_pwr&"',meas_vali='"&meas_vali&"',meas_reli='"&meas_reli&"',meas_sample='"&meas_sample&"',meas_time='"&meas_time&"',meas_obj2='"&meas_obj2&"',meas_formsample='"&meas_formsample&"' where meas_id = " & meas_id &" " 'sql = sql & " meas_id = '" & request.form("meas_id")& "', " ' sql = sql & " where meas_id = "& request.form("meas_id") &"" response.write"��䢢������������º�������Ǩ��" 'response.write sql 'else 'response.write "<html><head><meta http-equiv=""Content-Type"" content=""text/html; charset=windows-874""></head><body><script Language='JavaScript'>" ' response.write "alert(' ���������ʹѡ�֡�ҫ�� '+'\n ��س�����ʹѡ�֡������ ');" ' response.write "window.location = 'detail_mea.asp?meas_id="&meas_id&"';" ' response.write "</script></body></html>" 'end if ',meas_key='"&meas_key&"',meas_his1="&meas_his1&",meas_his2='"&meas_his2&"' set ors=server.createobject("adodb.recordset") ors.open sql,Conn,1,3 'set rs = conn.Execute(sql) 'ors.close set conn = nothing '<SCRIPT LANGUAGE="JavaScript"> 'form1.submit(); '</SCRIPT> %> <meta http-equiv="refresh" content ="3;url=detail_mea.asp?meas_id=<%=meas_id%>"> </FORM>