File Manager
Back to List
| Current Directory: ~/
Editing: add_dis_res.asp
Full path: C:\ict\ICT\add_dis_res.asp
Permissions: rwx
Write test: File appears not directly writable
Current process identity: IIS APPPOOL\DefaultAppPool
<!--#INCLUDE FILE="ConnectDB.asp"--> <!--#include file="chk_login.asp"--> <% pern=session("username") per="2" tb="research" sqlnc="select * from tb_permission where id_staff='"&pern&"' and tb_edit='"&per&"' and tb_name='"&tb&"'" set orsnc=server.createobject("adodb.recordset") orsnc.open sqlnc,conn,1,3 if not orsnc.eof then %> <% id=request.form("id") id_type_dis_res=request.form("id_type_dis_res") d_dis_res=request.form("d_dis_res") y_dis_res=request.form("y_dis_res") m_dis_res=request.form("m_dis_res") name_dis_res=request.form("name_dis_res") place_dis_res=request.form("place_dis_res") d_begin=request.form("d_begin") m_begin=request.form("m_begin") y_begin=request.form("y_begin") m_end=request.form("m_end") d_end=request.form("d_end") y_end=request.form("y_end") detail_dis_res=request.form("detail_dis_res") set orscr=server.createobject("adodb.recordset") sqlcr="select * from distribute_res" orscr.open sqlcr,Conn,1,3 if not orscr.eof then orscr.movelast a=orscr("id_dis_res") do while not orscr.eof a=a+1 orscr.movenext loop else a=1 end if date_mo=now username=session("username") sqldata="insert into distribute_res(username,id_contact,date_mo,id_type_dis_res,name_dis_res,detail_dis_res,place_dis_res,m_dis_res,d_dis_res,y_dis_res,m_begin,d_begin,y_begin,m_end,d_end,y_end,id_dis_res) values('"&username&"','"&id&"','"&date_mo&"','"&id_type_dis_res&"','"&name_dis_res&"','"&detail_dis_res&"','"&place_dis_res&"','"&m_dis_res&"','"&d_dis_res&"','"&y_dis_res&"','"&m_begin&"','"&d_begin&"','"&y_begin&"','"&m_end&"','"&d_end&"','"&y_end&"','"&a&"')" ' response.write sqldata set orsdata = Server.CreateObject("adodb.recordset") ' sqlcheck="select * from other_lec where firstname='"&firstname&"' and lastname='"&lastname&"'" 'set orscheck=server.createobject("adodb.recordset") 'orscheck.open sqlcheck,conn,1,3 'if orscheck.eof then orsdata.open sqldata,conn,1,3 'response.write sqldata %> <SCRIPT LANGUAGE="JavaScript"> <% response.write"alert('�ѹ�֡���������º��������');" %> --> </SCRIPT> <% response.write "<meta http-equiv='refresh' content ='0;url=distribute_res.asp?id="&id&"'>" 'else %> <SCRIPT LANGUAGE="JavaScript"> <% ' response.write"alert('�ѹ�֡�����ū��++ ��ҹ��ѹ�֡�����Ź�������');" ' response.write "window.location.href='distribute_res.asp';" %> --> </SCRIPT> <% 'response.write "�����ū�� " 'response.write "<meta http-equiv='refresh' content ='7;url=index.asp'>" 'end if %><% else %> <SCRIPT LANGUAGE="JavaScript"> <% response.write "window.location.href='index_academic.html';" %> </SCRIPT> <% end if %>