File Manager
Back to List
| Current Directory: ~/
Editing: detail_letterin.asp
Full path: C:\ict\ICT\detail_letterin.asp
Permissions: rwx
Write test: File appears not directly writable
Current process identity: IIS APPPOOL\DefaultAppPool
<%response.cachecontrol="private"%> <!--#INCLUDE FILE="ConnectDB.asp"--> <!--#include file="chk_login.asp"--> <% pern=session("username") per="2" tb="letterin" sqlnc="select * from tb_permission where id_staff='"&pern&"' and tb_edit='"&per&"' and tb_name='"&tb&"'" set orsnc=server.createobject("adodb.recordset") orsnc.open sqlnc,conn,1,3 %> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html><!-- InstanceBegin template="/Templates/ICT.dwt" codeOutsideHTMLIsLocked="false" --> <head> <!-- InstanceBeginEditable name="doctitle" --> <title>�к����ʹ�����͡�ú�����</title> <!-- InstanceEndEditable --> <meta http-equiv="Content-Type" content="text/html; charset=windows-874"> <!-- InstanceBeginEditable name="head" --><!-- InstanceEndEditable --> <link href="bsri2006.css" rel="stylesheet" type="text/css"> <link href="image/favicon.ico" rel="shortcut icon" type="image/x-icon"> </head> <body leftmargin="0" topmargin="0" marginwidth="0" marginheight="0"> <table width="100%" border="0"> <tr> <td colspan="2"><div align="right"><img src="Image/head1.gif" width="800" height="61"></div></td> </tr> <tr> <td colspan="2" background="Image/bghead1.gif"><div align="right"><font size="2" face="MS Sans Serif, Tahoma, sans-serif"><strong>| <a href="http://www.swu.ac.th" target=_blank>SWU</a> | <a href="http://bsri.swu.ac.th" target=_blank>BSRI</a> |<a href="chaPW.asp"><strong>Change Password</strong></a>|<a href="log_out.asp">Log Out </a></strong></font>|</div></td> </tr> <tr> <td width="20%" align="left" valign="top" bgcolor="#FFCCCC"><!-- InstanceBeginEditable name="EditRegion5" --><!--#include file="chk_menu.asp"--><!-- InstanceEndEditable --></td> <td width="77%" align="left" valign="top"><!-- InstanceBeginEditable name="EditRegion3" --> <div align="center"> <p><strong>˹ѧ������ʶҺѹ�Ԩ�¾ĵԡ�����ʵ��<br> <%if not orsnc.eof then%> [<a href="indexletterin.asp">+����˹ѧ������+</a>] <% end if%> [<a href="all_letterin.asp">˹ѧ��ͷ�����</a>][<a href="searchletter.asp">����˹ѧ���</a>][<a href=letterin_staff.asp>˹ѧ��������ºؤ��</a>][<a href="letterin_dued.asp">˹ѧ�������ա�˹���</a>]</strong></p> ��������´˹ѧ��� <% id=request("id") set orsid=server.CreateObject("adodb.recordset") sqlid="select * from letterin where id_letter='"&id&"'" orsid.open sqlid,conn,1,3 if not orsid.eof then %> <table width="100%" border="0" cellspacing="0"> <tr> <td bgcolor="#FFFFFF" width="20%">��Ǵ</td> <td bgcolor="#FFFFFF"> <% id_cate=orsid("id_categorylet") sqlcate="select * from let_category where id_categorylet='"&id_cate&"'" set orscate=server.CreateObject("adodb.recordset") orscate.open sqlcate,conn,1,3 if not orscate.eof then response.write orscate("categorylet") end if %> </td> </tr> <tr> <td bgcolor="#FFFFCE">������˹ѧ���</td> <td bgcolor="#FFFFCE"><% id_itletter=orsid("id_itletter") sqlo="select * from itletter where id_itletter='"&id_itletter&"'" set orso=server.CreateObject("adodb.recordset") orso.open sqlo,conn,1,3 if not orso.eof then response.write orso("itletter") end if %></td> </tr> <tr> <td bgcolor="#FFFFFF" width="20%">�ѵ�ػ��ʧ��ͧ˹ѧ���</td> <td bgcolor="#FFFFFF"> <% id_typeletin=orsid("id_typeletin") sqlty="select * from type_letterin where id_typeletin='"&id_typeletin&"'" set orsty=server.CreateObject("adodb.recordset") orsty.open sqlty,conn,1,3 if not orsty.eof then response.write orsty("typeletin") end if %> </td> </tr> <tr> <td width="152" bgcolor="#FFFFCC">�Ţ����Ѻ</td> <td width="411" bgcolor="#FFFFCC"><%=orsid("id_letter")%></td> </tr> <tr> <td>�ѹ �� �� ����Ѻ </td> <td><%=orsid("dreceive")%>- <%=orsid("mreceive")%>- <%=orsid("yreceive")%></td> </tr> <tr> <td bgcolor="#FFFFCC">�Ţ���˹ѧ�����</td> <td bgcolor="#FFFFCC"><%=orsid("id_sent")%> <% id_sent=orsid("id_sent") 'Response.write id_sent %></td> </tr> <tr> <td>˹ѧ���ŧ�ѹ��� </td> <td><%=orsid("dletter")%>- <%=orsid("mletter")%>- <%=orsid("yletter")%></td> </tr> <tr> <td bgcolor="#FFFFCC">��ǹ�Ҫ�����Ңͧ˹ѧ���</td> <td bgcolor="#FFFFCC"><%=orsid("originletter")%></td> </tr> <tr> <tr> <td>�ա�˹��觡�Ѻ</td> <% If orsid("dued")="1" Then sdue=orsid("duedate")&"-"&orsid("duemonth")&"-"&orsid("duey") Else sdue="����ա�˹���" End if %> <td>(Ǵ�)<%=sdue%></td> </tr> <tr> <td bgcolor="#ccffcc">��ô��Թ���</td> <td bgcolor="#ccffcc"> <%=orsid("dued_detail")%> </td> </tr> <tr> <td>�����������</td> <td><%=orsid("titleletter")%> <% titleletter=orsid("titleletter") %></td> </tr> <tr> <td bgcolor="#FFFFCC">���¹</td> <td bgcolor="#FFFFCC"><%=orsid("toname")%></td> </tr> <tr> <td >������</td> <td ><%=orsid("directorcommand")%></td> </tr> <tr><!-- --> <td> </td> <td> <% if not orsnc.eof then %>[<a href="edit_letterin_form.asp?id=<%=orsid("id_letter")%>">Edit</a>] [<a href=del_letterin.asp?id=<%=orsid("id_letter")%> onClick="return confirm('�س��ͧ���ź?');">Del</a>] <%end if%></td> </tr> <tr> <td bgcolor="#FFFFCE"><% if not orsnc.eof then %><a href="attachname.asp?id=<%=orsid("id_letter")%>">��觷�����Ҵ���</a> <%else%>��觷�����Ҵ���<%end if%></td> <td bgcolor="#FFFFCE"><table> <% idl=orsid("id_letter") set ors=server.createobject("adodb.recordset") osql = "Select * From attachletter where id_letter='"&idl&"'" ors.Open osql, conn, 1, 3 if not ors.eof then ors.movefirst do while not ors.eof response.write "<tr><td>" response.write "-"&ors("attach_name") response.write "</td><td>" if not orsnc.eof then %> [<a href=del_attlet.asp?id=<%=orsid("id_letter")%>&attn=<%=ors("attach_name")%> onClick="return confirm('�س��ͧ���ź?');">Del</a>] <% 'response.write "[<a href=del_attlet.asp?id="&orsid("id_letter")&"&attn="&ors("attach_name")&">Del</a>]" end if response.write "</td></tr>" ors.MoveNext loop end if %> </table> </td> </tr> <tr> <td><% if not orsnc.eof then %><a href="uplet_form.asp?id=<%=orsid("id_letter")%>&t2=1">˹ѧ���1(pdf)</a><%else%>˹ѧ���1(pdf)<%end if%></td> <td><% response.write "[<a href=countletin.asp?id="&orsid("id_letter")&"&t2=1>"&orsid("filename")&"</a>][��:"&orsid("hitc")&" ����] " if not orsnc.eof then if not orsid("filename")="" then%> [<a href=del_filelet.asp?id=<%=orsid("id_letter")%>&t2=1 onClick="return confirm('�س��ͧ���ź?');">Remove</a>] <%end if end if %></td> </tr> <tr> <td><% if not orsnc.eof then %><a href="uplet_form.asp?id=<%=orsid("id_letter")%>&t2=2">˹ѧ���2(pdf)</a><%else%>˹ѧ���2(pdf)<%end if%></td> <td><% response.write "[<a href=countletin.asp?id="&orsid("id_letter")&"&t2=2>"&orsid("filename2")&"</a>]" if not orsnc.eof then if not orsid("filename")="" then%> [<a href=del_filelet.asp?id=<%=orsid("id_letter")%>&t2=2 onClick="return confirm('�س��ͧ���ź?');">Remove</a>] <%end if end if %></td> </tr> <tr> <td bgcolor="#FFFFCE"><% if not orsnc.eof then %><a href="staffletter.asp?id=<%=orsid("id_letter")%>">���������Ǣ�ͧ(ᷧ)</a><%else%>���������Ǣ�ͧ(ᷧ)<%end if%></td> <td bgcolor="#FFFFCE"> <table> <% 'form �á���������� 'Response.write "<form name=form2 method=post action=sendmailswu.php>" Response.write "<form name=form2 method=post action=testmaillist.asp>" set ors1=server.createobject("adodb.recordset") osql1 = "Select * From staffletter where id_letter='"&idl&"'" ors1.Open osql1, conn, 1, 3 if not ors1.eof then ors1.movefirst do while not ors1.eof '�����纤��㹵���÷���� �������� %> <input type="hidden" name="id_staff" value=<%=ors1("id_staff")%>> <% response.write "<tr><td>" 'response.write "-"&ors1("id_staff") sqls="select * from lecturer where id_lecturer='"&ors1("id_staff")&"'" set orss=server.createobject("adodb.recordset") orss.open sqls,conn,1,3 if not orss.eof then response.write orss("name_lec")&" "&orss("sur_lec") %> <input type="hidden" name="emailswu" value=<%=orss("emailswu")%>> <% else sqlst="select * from staff where id_staff='"&ors1("id_staff")&"'" set orsst=server.createobject("adodb.recordset") orsst.open sqlst,conn,1,3 if not orsst.eof then response.write orsst("name_st")&" "&orsst("sur_st") %> <input type="hidden" name="emailswu" value=<%=orsst("emailswu")%>> <% end if end if statusread=ors1("statusread") if statusread=0 then response.write "<img src=Image/ftv2folderclosed.gif width=24 height=22 />" else response.write "<img src=Image/ftv2folderopen.gif width=24 height=22 />" end if if not orsnc.eof then %> [<a href=del_sletin.asp?id=<%=orsid("id_letter")%>&id_s=<%=ors1("id_staff")%> onClick="return confirm('�س��ͧ���ź?');">Del</a>]<br> <% 'response.write "[<a href=del_slet.asp?id="&orsid("id_letter")&"&id_s="&ors1("id_staff")&">Del</a>]" end if response.write "</td><td>" response.write "</td></tr>" Response.write "<tr><td colspan=2>" id_s=session("ids") if pern=ors1("id_staff") then set orssr=server.createobject("adodb.recordset") sqlsr="update staffletter set statusread='1' where id_staff='"&ors1("id_staff")&"'and id_letter='"&idl&"'" orssr.open sqlsr,conn,1,3 end if 'response.write sqlsr&"aa"&id_s ors1.MoveNext loop end if '�á���������� 'Response.write "<form name=form2 method=post action=sendmailswu.php>" %> <input type="hidden" name="filename" value=<%=orsid("filename")%>> <textarea name="id_sent" cols="20" rows="20" style="display:none;"><%=id_sent%></textarea> <input type="hidden" name="id_sent1" value=<%=id_sent%>> <textarea name="titleletter" cols="20" rows="20" style="display:none;"><%=titleletter%></textarea> <input type="hidden" name="titleletter1" value=<%=orsid("titleletter")%>> <input type="hidden" name="id_letter" value=<%=orsid("id_letter")%>> <input type="hidden" name="dued" value=<%=orsid("dued")%>> <input type="hidden" name="sdue" value=<%=sdue%>> <input type="submit" value="SendMail" > <% Response.write "</form>" statusmail=orsid("statusmail") If statusmail = "1" Then Response.write "(�����������)"&orsid("dsent") End if Response.write "</td></tr>" '���������� %></table></td> </tr> </table> </div> <!-- InstanceEndEditable --></td> </tr> <tr> <td colspan="2" background="Image/bghead1.gif">Contact Admin:: wassanaw@swu.ac.th tel.02-649-5000 ext 17600</td> </tr> </table> </body> <!-- InstanceEnd --></html> <% else response.write "No Permission" response.write "<a href=index_academic.asp>Return</a>" end if %>