File Manager
Back to List
| Current Directory: ~/
Editing: add_getreward.asp
Full path: C:\ict\ICT\add_getreward.asp
Permissions: rwx
Write test: File appears not directly writable
Current process identity: IIS APPPOOL\DefaultAppPool
<!--#INCLUDE FILE="ConnectDB.asp"--> <!--#include file="chk_login.asp"--> <% pern=session("username") per="2" tb="research" sqlnc="select * from tb_permission where id_staff='"&pern&"' and tb_edit='"&per&"' and tb_name='"&tb&"'" set orsnc=server.createobject("adodb.recordset") orsnc.open sqlnc,conn,1,3 if not orsnc.eof then %> <% id=request.form("id") id_reward=request.form("id_reward") d_reward=request.form("d_reward") y_reward=request.form("y_reward") m_reward=request.form("m_reward") author_reward=request.form("author_reward") detail_reward=request.form("detail_reward") set orscr=server.createobject("adodb.recordset") sqlcr="select * from getreward" orscr.open sqlcr,Conn,1,3 if not orscr.eof then orscr.movelast a=orscr("id_no") do while not orscr.eof a=a+1 orscr.movenext loop else a=1 end if date_mo=now username=session("username") sqldata="insert into getreward(username,id_contact,date_mo,id_reward,author_reward,detail_reward,m_reward,d_reward,y_reward,id_no) values('"&username&"','"&id&"','"&date_mo&"','"&id_reward&"','"&author_reward&"','"&detail_reward&"','"&m_reward&"','"&d_reward&"','"&y_reward&"','"&a&"')" ' response.write sqldata set orsdata = Server.CreateObject("adodb.recordset") ' sqlcheck="select * from other_lec where firstname='"&firstname&"' and lastname='"&lastname&"'" 'set orscheck=server.createobject("adodb.recordset") 'orscheck.open sqlcheck,conn,1,3 'if orscheck.eof then orsdata.open sqldata,conn,1,3 'response.write sqldata %> <SCRIPT LANGUAGE="JavaScript"> <% response.write"alert('�ѹ�֡���������º��������');" %> --> </SCRIPT> <% response.write "<meta http-equiv='refresh' content ='0;url=getreward_res.asp?id="&id&"'>" 'else %> <SCRIPT LANGUAGE="JavaScript"> <% ' response.write"alert('�ѹ�֡�����ū��++ ��ҹ��ѹ�֡�����Ź�������');" ' response.write "window.location.href='distribute_res.asp';" %> --> </SCRIPT> <% 'response.write "�����ū�� " 'response.write "<meta http-equiv='refresh' content ='7;url=index.asp'>" 'end if %><% else %> <SCRIPT LANGUAGE="JavaScript"> <% response.write "window.location.href='index_academic.html';" %> </SCRIPT> <% end if %>