File Manager
Back to List
| Current Directory: ~/
Editing: add_reward.asp
Full path: C:\ict\ICT\add_reward.asp
Permissions: rwx
Write test: File appears not directly writable
Current process identity: IIS APPPOOL\DefaultAppPool
<!--#INCLUDE FILE="ConnectDB.asp"--> <!--#include file="chk_login.asp"--> <% pern=session("username") per="2" tb="research" sqlnc="select * from tb_permission where id_staff='"&pern&"' and tb_edit='"&per&"' and tb_name='"&tb&"'" set orsnc=server.createobject("adodb.recordset") orsnc.open sqlnc,conn,1,3 if not orsnc.eof then %> <% id_=request("id_") set orscr=server.createobject("adodb.recordset") sqlcr="select * from reward" orscr.open sqlcr,Conn,1,3 if not orscr.eof then orscr.movelast a=orscr("id_reward") if a="" then a=0 end if a=a+1 end if date_mo=now username=session("username") sqldata="insert into reward(username,date_mo,reward_name,id_reward) values('"&username&"','"&date_mo&"','"&id_&"','"&a&"')" ' response.write sqldata set orsdata = Server.CreateObject("adodb.recordset") sqlcheck="select * from reward where reward_name='"&id_&"'" set orscheck=server.createobject("adodb.recordset") orscheck.open sqlcheck,conn,1,3 if orscheck.eof then orsdata.open sqldata,conn,1,3 'response.write sqldata %> <SCRIPT LANGUAGE="JavaScript"> <% response.write "alert('�ѹ�֡�����Ź�����º��������');" response.write "window.location.href='reward.asp';" %> --> </SCRIPT> <% else %> <SCRIPT LANGUAGE="JavaScript"> <% response.write "alert('�ѹ�֡�����ū��++ ��ҹ��ѹ�֡�����Ź�������');" response.write "window.location.href='reward.asp';" %> --> </SCRIPT> <% end if else %> <SCRIPT LANGUAGE="JavaScript"> <% response.write "window.location.href='index_academic.asp';" %> --> </SCRIPT> <% end if %>