File Manager
Back to List
| Current Directory: ~/
Editing: add_file_res.asp.bak
Full path: C:\ict\ICT\add_file_res.asp.bak
Permissions: rwx
Write test: File appears not directly writable
Current process identity: IIS APPPOOL\DefaultAppPool
<!--#include file="chk_permission.asp"--> <!--#include file="inc_cache_control.asp"--> <!--#include file="inc_access_control.asp"--> <!--#include file="chk_login.asp"--> <% '***************************************************************** 'session("tb_name")="student" 'id_stu=request("id_stu") %> <% '***************************************************************** 'if session("tb_preview") <> 1 and session("tb_edit")<>1 or session("id_stu1") = id_stu then '���Է��� �����㹰ҹ ��� ����Ңͧ�������ͧ pern=session("username") per="2" tb="research" sqlnc="select * from tb_permission where id_staff='"&pern&"' and tb_edit='"&per&"' and tb_name='"&tb&"'" set orsnc=server.createobject("adodb.recordset") orsnc.open sqlnc,conn,1,3 if not orsnc.eof then %> <html> <meta http-equiv="Content-Type" content="text/html; charset=windows-874"></HEAD> <body> <% id=session("id") response.write id date_mo=now username=session("username") savefile=session("savefile") sqlcheck="select * from attachment_res" set orscheck=server.createobject("adodb.recordset") orscheck.open sqlcheck,conn,1,3 if not orscheck.eof then orscheck.movelast num=orscheck("id_attach") num=num+1 else num=1 end if '...................... '...................... chf=id&""&num chf=chf+".pdf" dim fso set fso=createobject("scripting.filesystemobject") fso.movefile server.mappath("upload/"&savefile&""), server.mappath("upload/"&chf&"") Response.write "bbb" 'response.write (server.mappath("upload/"&chf&"")) '...................... sqlupload="insert into attachment_res(username,datetime_mo,id_contact,file_name,id_attach,id_typeattach,hitc) values('"&username&"','"&date_mo&"',"&id&",'"&chf&"',"&num&",1,0)" set orsupload = Server.CreateObject("adodb.recordset") response.write sqlupload orsupload.open sqlupload,conn,1,3 response.write "aaa"&chf ' %> Upload Complete... <meta http-equiv="refresh" content ="0;url=attachment_file.asp?id=<%=id%>"> </body> </html> <% 'else '���Է� 'response.write "<tr><td colspan=3><center>�س������Է����� �س���ѵԹ��" 'response.write "<meta http-equiv=refresh content =4;url=javascript:history.back();>" '���Է� end if '���Է� %>