File Manager
Back to List
| Current Directory: ~/
Editing: command_save_edit.asp
Full path: C:\ict\ICT\command_save_edit.asp
Permissions: rwx
Write test: File appears not directly writable
Current process identity: IIS APPPOOL\DefaultAppPool
<!--#INCLUDE FILE="ConnectDB.asp"--> <!--#include file="chk_login.asp"--> <% pern=session("username") per="2" tb="command" sqlnc="select * from tb_permission where id_staff='"&pern&"' and tb_edit='"&per&"' and tb_name='"&tb&"'" set orsnc=server.createobject("adodb.recordset") orsnc.open sqlnc,conn,1,3 if not orsnc.eof then crd=request.form("crd") id_stu=request.form("id_stu") id_type_command=request.form("id_type_command") cname=request.form("cname") 'cyear=request.form("cyear") cid=request.form("cid") 'date0=request.form("date0") cdate2=request.form("cdate2") cmon2=request.form("cmon2") cyear2=request.form("cyear2") cday2=cyear2+cmon2+cdate2 'cday3=request.form("date1") cdate3=request.form("cdate3") cmon3=request.form("cmon3") cyear3=request.form("cyear3") cday3=cdate3&"/"&cmon3&"/"&cyear3 cdetail=request.form("cdetail") date_mo=now username=session("username") sqldata="update commando set cname='"&cname&"',cdetail='"&cdetail&"',cdate2='"&cdate2&"',cmonth2= '"&cmon2&"',cyear2='"&cyear2&"',cday2='"&cday2&"',cdate3='"&cdate3&"',cmonth3='"&cmon3&"',cyear3='"&cyear3&"',cday3='"&cday3&"',id_stu='"&id_stu&"',id_type_command='"&id_type_command&"' where cid = '" & cid&"' " 'sqldata="insert into commando(cno,cid_author,cname,cyear,cdetail,cdate2,cmonth2,cyear2,cid,cday2,username,date_mo,cday3,cdate3,cmonth3,cyear3) values('"&cno&"','"&cidauthor&"','"&cname&"','"&cyear&"','"&cdetail&"','"&cdate2&"','"&cmon2&"','"&cyear2&"','"&cid&"','"&cday2&"','"&username&"','"&date_mo&"','"&cday3&"','"&cdate3&"','"&cmon3&"','"&cyear3&"')" 'response.write sqldata response.write "crd="&crd set orsdata = Server.CreateObject("adodb.recordset") ' sqlcheck="select * from other_lec where firstname='"&firstname&"' and lastname='"&lastname&"'" 'set orscheck=server.createobject("adodb.recordset") 'orscheck.open sqlcheck,conn,1,3 'if orscheck.eof then orsdata.open sqldata,conn,1,3 response.write sqldata %> <SCRIPT LANGUAGE="JavaScript"> <% response.write"alert('�ѹ�֡���������º��������');" %> </SCRIPT> <% response.write "<meta http-equiv='refresh' content ='0;url=command_detail.asp?id="&cid&"&crd="&crd&"'>" else %> <SCRIPT LANGUAGE="JavaScript"> <% response.write"alert('�ѹ�֡���������º��������');" response.write "window.location.href='command_detail.asp?id="&cid&"';" %> </SCRIPT> <% end if %>