File Manager
Back to List
| Current Directory: ~/
Editing: add_sletin.asp
Full path: C:\ict\ICT\add_sletin.asp
Permissions: rwx
Write test: File appears not directly writable
Current process identity: IIS APPPOOL\DefaultAppPool
<!--#INCLUDE FILE="ConnectDB.asp"--> <!--#include file="chk_login.asp"--> <% pern=session("username") per="2" tb="letterin" sqlnc="select * from tb_permission where id_staff='"&pern&"' and tb_edit='"&per&"' and tb_name='"&tb&"'" set orsnc=server.createobject("adodb.recordset") orsnc.open sqlnc,conn,1,3 if not orsnc.eof then %> <% Dim myMail,HTML,strMsg type_login=session("type_login") username=session("username") select case type_login case 1 sql="select * from lecturer where login_name_l="&username&"" tbl="lecturer" pw="password_l" rowss="id_lecturer" 'set orsall=server.createobject("adodb.recordset") 'orsall.open sqlall,conn,1,3 'if not orsall.eof then 'end if case 2 sql="select * from student where id_stu='"&username&"'" tbl="student" pw="password_s" rowss="id_stu" case 3 sql="select * from staff where id_staff="&username&"" tbl="staff" pw="password_st" rowss="id_staff" end select Set ors = Server.CreateObject("ADODB.Recordset") ors.Open sql, Conn, 1, 3 strMsg = "" id_staff=request.form("id_staff") sqltypelogin="select * from " id_level=request.form("id_level") id=request.form("id") date_mo=now sqldata="insert into staffletter(username,id_staff,datecreate,id_level,id_letter,statusread) values('"&username&"','"&id_staff&"','"&date_mo&"',"&id_level&",'"&id&"','0')" response.write sqldata set orsdata = Server.CreateObject("adodb.recordset") sqlcheck="select * from staffletter where id_staff='"&id_staff&"' and id_letter='"&id&"'" set orscheck=server.createobject("adodb.recordset") orscheck.open sqlcheck,conn,1,3 if orscheck.eof then orsdata.open sqldata,conn,1,3 response.write sqldata 'if not ors.eof then 'toemail=ors("email") 'mailstatus=ors("mailstatus") toemail="wassanaw@swu.ac.th" ' if mailstatus=1 then strMsg="�ô��ԡ����Ţ���˹ѧ��� [<a href=http://bsris.swu.ac.th/countletin.asp?id="&id&">"&id&"</a>] ���ʹ��͡���Ṻ" set mymail=server.createobject("cdo.message") 'myMail.From = "Letter In System (ICT BSRI)<wassanaw@swu.ac.th>" 'myMail.Value("Reply-To") = "lovekann74@hotmail.com" 'myMail.To = toemail 'myMail.Subject = "��˹ѧ��Ͷ֧��ҹ" 'myMail.MailFormat = 0 'myMail.BodyFormat = 0 'myMail.Body = strMsg 'myMail.Send 'Response.write ("Mail Sending.") 'Set myMail = Nothing 'end if 'end if 'set mail=createobject("cdo.message") 'mail.configuration.fields.item("http://schemas.microsoft.com/cdo/configuration/sendusing")=2 'mail.configuration.fields.item("http://schemas.microsoft.com/cdo/configuration/stmpserver")="stmp.gmail.com" 'mail.configuration.fields.item("http://schemas.microsoft.com/cdo/configuration/stmpserverport")=465 'mail.configuration.fields.item("http://schemas.microsoft.com/cdo/configuration/stmpusessl")=1 'mail.configuration.fields.item("http://schemas.microsoft.com/cdo/configuration/stmpconnectiontimeout")=60 'mail.configuration.fields.item("http://schemas.microsoft.com/cdo/configuration/stmpauthenticate")=1 'mail.configuration.fields.item("http://schemas.microsoft.com/cdo/configuration/sendusername")="vazza80@gmail.com" 'mail.configuration.fields.item("http://schemas.microsoft.com/cdo/configuration/sendpassword")="GlVlyd28" 'mail.configuration.fields.update 'mail.from="wassanaw@swu.ac.th" 'mail.to="wassanaw@g.swu.ac.th" 'mail.textbody="this is an email message." 'mail.send 'set mail=nothing %> <SCRIPT LANGUAGE="JavaScript"> <% response.write"alert('�ѹ�֡���������º��������');" %> </SCRIPT> <% response.write "<meta http-equiv='refresh' content ='0;url=staffletter.asp?id="&id&"'>" else %> <SCRIPT LANGUAGE="JavaScript"> <% response.write"alert('�ѹ�֡�����ū��++ ��ҹ��ѹ�֡�����Ź�������');" response.write "window.location.href='staffletter.asp?id="&id&"';" %> </SCRIPT> <% end if %><% else %> <SCRIPT LANGUAGE="JavaScript"> <% 'response.write "window.location.href='index.html';" %> </SCRIPT> <% end if %>