File Manager
Back to List
| Current Directory: ~/
Editing: สำรองdetail_letterin.asp
Full path: C:\ict\ICT\สำรองdetail_letterin.asp
Permissions: rwx
Write test: File appears not directly writable
Current process identity: IIS APPPOOL\DefaultAppPool
<%response.cachecontrol="private"%> <!--#INCLUDE FILE="ConnectDB.asp"--> <!--#include file="chk_login.asp"--> <% pern=session("username") per="2" tb="letterin" sqlnc="select * from tb_permission where id_staff='"&pern&"' and tb_edit='"&per&"' and tb_name='"&tb&"'" set orsnc=server.createobject("adodb.recordset") orsnc.open sqlnc,conn,1,3 %> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html><!-- InstanceBegin template="/Templates/ICT.dwt" codeOutsideHTMLIsLocked="false" --> <head> <!-- InstanceBeginEditable name="doctitle" --> <title>�к����ʹ�����͡�ú�����</title> <!-- InstanceEndEditable --> <meta http-equiv="Content-Type" content="text/html; charset=windows-874"> <!-- InstanceBeginEditable name="head" --><!-- InstanceEndEditable --> <link href="bsri2006.css" rel="stylesheet" type="text/css"> <link href="image/favicon.ico" rel="shortcut icon" type="image/x-icon"> </head> <body leftmargin="0" topmargin="0" marginwidth="0" marginheight="0"> <table width="100%" border="0"> <tr> <td colspan="2"><div align="right"><img src="Image/head1.gif" width="800" height="61"></div></td> </tr> <tr> <td colspan="2" background="Image/bghead1.gif"><div align="right"><font size="2" face="MS Sans Serif, Tahoma, sans-serif"><strong>| <a href="http://www.swu.ac.th" target=_blank>SWU</a> | <a href="http://bsri.swu.ac.th" target=_blank>BSRI</a> |<a href="chaPW.asp"><strong>Change Password</strong></a>|<a href="log_out.asp">Log Out </a></strong></font>|</div></td> </tr> <tr> <td width="20%" align="left" valign="top" bgcolor="#FFCCCC"><!-- InstanceBeginEditable name="EditRegion5" --><!--#include file="chk_menu.asp"--><!-- InstanceEndEditable --></td> <td width="77%" align="left" valign="top"><!-- InstanceBeginEditable name="EditRegion3" --> <div align="center"> <p><strong>˹ѧ������ʶҺѹ�Ԩ�¾ĵԡ�����ʵ��<br> [<a href="all_letterin.asp">˹ѧ��ͷ�����</a>][<a href="searchletter.asp">����˹ѧ���</a>][<a href=letterin_staff.asp>˹ѧ��������ºؤ��</a>]</strong></p> <form name="form1" method="post" action="add_letter.asp"> ��������´˹ѧ��� <%id=request("id") set orsid=server.CreateObject("adodb.recordset") sqlid="select * from letterin where id_letter='"&id&"'" orsid.open sqlid,conn,1,3 if not orsid.eof then %> <table width="100%" border="0" cellspacing="0"> <tr> <td bgcolor="#FFFFCE">������˹ѧ���</td> <td bgcolor="#FFFFCE"><% id_itletter=orsid("id_itletter") sqlo="select * from itletter where id_itletter='"&id_itletter&"'" set orso=server.CreateObject("adodb.recordset") orso.open sqlo,conn,1,3 if not orso.eof then response.write orso("itletter") end if %></td> </tr> <tr> <td bgcolor="#FFFFFF" width="20%">�ѵ�ػ��ʧ��ͧ˹ѧ���</td> <td bgcolor="#FFFFFF"> <% id_typeletin=orsid("id_typeletin") sqlty="select * from type_letterin where id_typeletin='"&id_typeletin&"'" set orsty=server.CreateObject("adodb.recordset") orsty.open sqlty,conn,1,3 if not orsty.eof then response.write orsty("typeletin") end if %> </td> </tr> <tr> <td width="152" bgcolor="#FFFFCC">�Ţ����Ѻ</td> <td width="411" bgcolor="#FFFFCC"><%=orsid("id_letter")%></td> </tr> <tr> <td>�ѹ �� �� ����Ѻ </td> <td><%=orsid("dreceive")%>- <%=orsid("mreceive")%>- <%=orsid("yreceive")%></td> </tr> <tr> <td bgcolor="#FFFFCC">�Ţ���˹ѧ�����</td> <td bgcolor="#FFFFCC"><%=orsid("id_sent")%></td> </tr> <tr> <td>�ѹ �� �� ˹ѧ����� </td> <td><%=orsid("dletter")%>- <%=orsid("mletter")%>- <%=orsid("yletter")%></td> </tr> <tr> <td bgcolor="#FFFFCC">˹��§ҹ�����</td> <td bgcolor="#FFFFCC"><%=orsid("originletter")%></td> </tr> <tr> <td>����ͧ</td> <td><%=orsid("titleletter")%></td> </tr> <tr> <td bgcolor="#FFFFCC">���¹</td> <td bgcolor="#FFFFCC"><%=orsid("toname")%></td> </tr> <tr> <td>��ͤ��������</td> <td><%=orsid("wordding")%></td> </tr> <tr> <td bgcolor="#FFFFCC">��á�������</td> <td bgcolor="#FFFFCC"><%=orsid("forsum")%></td> </tr> <tr> <td>���ŧ����˹ѧ���</td> <td><%=orsid("fromname")%></td> </tr> <tr> <td bgcolor="#FFFFCC">���˹�</td> <td bgcolor="#FFFFCC"><%=orsid("position_fn")%></td> </tr> <tr> <td>��ͤ����ҡ ��. ����� </td> <td><%=orsid("directorcommand")%></td> </tr> <tr> <td bgcolor="#FFFFCC">�ѹ �� �� �����觡�� </td> <td bgcolor="#FFFFCC"><%=orsid("dcommand")%>- <%=orsid("mcommand")%>- <%=orsid("ycommand")%></td> </tr> <tr> <td> </td> <td><% if not orsnc.eof then %>[<a href="edit_letterin_form.asp?id=<%=orsid("id_letter")%>">Edit</a>] [<a href=del_letterin.asp?id=<%=orsid("id_letter")%> onClick="return confirm('�س��ͧ���ź?');">Del</a>] <%end if%></td> </tr> <tr> <td bgcolor="#FFFFCE"><% if not orsnc.eof then %><a href="attachname.asp?id=<%=orsid("id_letter")%>">��觷�����Ҵ���</a> <%else%>��觷�����Ҵ���<%end if%></td> <td bgcolor="#FFFFCE"><table> <% idl=orsid("id_letter") set ors=server.createobject("adodb.recordset") osql = "Select * From attachletter where id_letter='"&idl&"'" ors.Open osql, conn, 1, 3 if not ors.eof then ors.movefirst do while not ors.eof response.write "<tr><td>" response.write "-"&ors("attach_name") response.write "</td><td>" if not orsnc.eof then %> [<a href=del_attlet.asp?id=<%=orsid("id_letter")%>&attn=<%=ors("attach_name")%> onClick="return confirm('�س��ͧ���ź?');">Del</a>] <% 'response.write "[<a href=del_attlet.asp?id="&orsid("id_letter")&"&attn="&ors("attach_name")&">Del</a>]" end if response.write "</td></tr>" ors.MoveNext loop end if %> </table> </td> </tr> <tr> <td><% if not orsnc.eof then %><a href="uplet_form.asp?id=<%=orsid("id_letter")%>">˹ѧ���(pdf)</a><%else%>˹ѧ���(pdf)<%end if%></td> <td><% response.write "[<a href=countletin.asp?id="&orsid("id_letter")&">"&orsid("filename")&"</a>][��:"&orsid("hitc")&" ����] " if not orsnc.eof then if not orsid("filename")="" then%> [<a href=del_filelet.asp?id=<%=orsid("id_letter")%> onClick="return confirm('�س��ͧ���ź?');">Remove</a>] <%end if end if %></td> </tr> <tr> <td bgcolor="#FFFFCE"><% if not orsnc.eof then %><a href="staffletter.asp?id=<%=orsid("id_letter")%>">���������Ǣ�ͧ(ᷧ)</a><%else%>���������Ǣ�ͧ(ᷧ)<%end if%></td> <td bgcolor="#FFFFCE"> <table> <% set ors1=server.createobject("adodb.recordset") osql1 = "Select * From staffletter where id_letter='"&idl&"'" ors1.Open osql1, conn, 1, 3 if not ors1.eof then ors1.movefirst do while not ors1.eof response.write "<tr><td>" 'response.write "-"&ors1("id_staff") sqls="select * from lecturer where id_lecturer='"&ors1("id_staff")&"'" set orss=server.createobject("adodb.recordset") orss.open sqls,conn,1,3 if not orss.eof then response.write orss("name_lec")&" "&orss("sur_lec") else sqlst="select * from staff where id_staff='"&ors1("id_staff")&"'" set orsst=server.createobject("adodb.recordset") orsst.open sqlst,conn,1,3 if not orsst.eof then response.write orsst("name_st")&" "&orsst("sur_st") end if end if statusread=ors1("statusread") if statusread=0 then response.write "<img src=Image/ftv2folderclosed.gif width=24 height=22 /><br>" else response.write "<img src=Image/ftv2folderopen.gif width=24 height=22 /><br>" end if response.write "</td><td>" if not orsnc.eof then %> [<a href=del_sletin.asp?id=<%=orsid("id_letter")%>&id_s=<%=ors1("id_staff")%> onClick="return confirm('�س��ͧ���ź?');">Del</a>] <% 'response.write "[<a href=del_slet.asp?id="&orsid("id_letter")&"&id_s="&ors1("id_staff")&">Del</a>]" end if response.write "</td></tr>" id_s=session("ids") if pern=ors1("id_staff") then set orssr=server.createobject("adodb.recordset") sqlsr="update staffletter set statusread='1' where id_staff='"&ors1("id_staff")&"'and id_letter='"&idl&"'" orssr.open sqlsr,conn,1,3 end if 'response.write sqlsr&"aa"&id_s ors1.MoveNext loop end if %></table></td> </tr> <tr> <td> </td> <td> </td> </tr> <tr> <td> </td> <td> </td> </tr> </table> <p> </p> <p> </p> </form> <p> </p> <p></p> <p></p> </div> <!-- InstanceEndEditable --></td> </tr> <tr> <td colspan="2" background="Image/bghead1.gif">Contact Admin:: wassanaw@swu.ac.th tel.02-649-5000 ext 17600</td> </tr> </table> </body> <!-- InstanceEnd --></html> <% else response.write "No Permission" response.write "<a href=index_academic.asp>Return</a>" end if %>