File Manager
Back to List
| Current Directory: ~/
Editing: hitc_researchWitchCapcha.asp
Full path: C:\ict\ICT\hitc_researchWitchCapcha.asp
Permissions: rwx
Write test: File appears not directly writable
Current process identity: IIS APPPOOL\DefaultAppPool
<%@LANGUAGE="VBSCRIPT"%> <% Response.CacheControl = "no-cache" Response.AddHeader "pragma","no-cache" Response.Expires = -1 %> <!--#INCLUDE FILE="ConnectDB.asp"--> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=windows-874" /> <title>��ǹ���Ŵ �ҹ�Ԩ��ʶҺѹ�Ԩ�¾ĵԡ�����ʵ�� (BSRI) Behavioral Science Research Institute</title> </head> <script type="text/javascript" language="javascript"> function RefreshImage(valImageId) { var objImage = document.getElementById(valImageId) if (objImage == undefined) { return; } var now = new Date(); objImage.src = objImage.src.split('?')[0] + '?x=' + now.toUTCString(); } </script> <script language="javascript"> function doSubmit() { if( document.form1.keyword1.value == "" ) { alert("��سҡ�͡���Ӥѭ") document.form1.keyword1.focus() return false; } if( document.form1.keyword2.value == "" ) { alert("��سҡ�͡���Ӥѭ") document.form1.keyword2.focus() return false; } if( document.form1.keyword3.value == "" ) { alert("��سҡ�͡���Ӥѭ") document.form1.keyword3.focus() return false; } } </script> <body> <form name="form1" id="form1" method="post"> <div style="text-align: center; margin-top: 20px;"> <% if Request.ServerVariables("REQUEST_METHOD") = "POST" and IsEmpty(Request.Form("btnRetry")) then Dim lblResult, lblColor if IsEmpty(Session("ASPCAPTCHA")) or Trim(Session("ASPCAPTCHA")) = "" then lblResult = "This test has expired." lblColor = "red" else Dim TestValue : TestValue = Trim(Request.Form("txtCaptcha")) '//Uppercase fix for turkish charset// TestValue = Replace(TestValue, "i", "I", 1, -1, 1) TestValue = Replace(TestValue, "?", "I", 1, -1, 1) TestValue = Replace(TestValue, "?", "I", 1, -1, 1) '//////////////////// TestValue = UCase(TestValue) if StrComp(TestValue, Trim(Session("ASPCAPTCHA")), 1) = 0 then '////vazza ipclient=request.servervariables("remote_addr") response.write ipclient 'if ipclient<>"" then pern=session("username") pern=1 if pern<>"" then id=request("id") sql="select * from attachment_res where id_attach='"&id&"'" set ors=server.createobject("adodb.recordset") ors.open sql,conn,1,3 if not ors.eof then ors.movelast hits=ors("hitc") if hits="" then hits=0 end if hitc=hits+1 id_contact=ors("id_contact") datetimeread=now sqla="select * from res_checkread" set orsa=server.createobject("adodb.recordset") orsa.open sqla,conn,1,3 if not orsa.eof then orsa.movelast id_read=orsa("id_read") if id_read="" then id_read=1 else id_read=cint(id_read)+1 ''id_read=id_read+1 end if end if sqlb="insert into res_checkread(id_read,ipclient,datetimeread,id_contact,id_attach) values ("&id_read&",'"&ipclient&"','"&datetimeread&"','"&id_contact&"',"&id&")" set orsb = Server.CreateObject("adodb.recordset") orsb.open sqlb,conn,1,3 ' response.write sqlb usercreate=session("username") sqldata="update attachment_res set hitc='"&hitc&"' where id_attach='"&id&"'" set orsdata=server.createobject("adodb.recordset") orsdata.open sqldata,conn,1,3 ' response.write sqldata response.redirect "http://bsris.swu.ac.th/upload/"&ors("file_name") end if else response.write "no ip" response.redirect ("http://bsri.swu.ac.th") end if 'ors.close 'orsdata.close conn.close '///vazza lblResult = "CAPTCHA PASSED" lblColor = "green" else lblResult = "CAPTCHA FAILED" lblColor = "red" end if '//IMPORTANT: You must remove session value for security after the CAPTCHA test// Session("ASPCAPTCHA") = vbNullString Session.Contents.Remove("ASPCAPTCHA") '//////////////////// end if %> <p><span style="color: <%=lblColor%>; font-weight: bold;"><%=lblResult%></span></p> <input type="submit" name="btnRetry" id="btnRetry" value="Take another test" /> <%else%> <img src="captcha.asp" id="imgCaptcha" /> <a href="javascript:void(0);" onclick="RefreshImage('imgCaptcha');">Get a new challenge</a><br /> Write the characters in the image above<br /> <input type="text" name="txtCaptcha" id="txtCaptcha" value="" /><br /> <input type="submit" name="btnSubmit" id="btnSubmit" value="Submit" /> <%end if%> </div> </form> <form name="form1" method="post" action="add_keyword_thesis.asp"> <table width="75%" border="0" align="center" cellpadding="0" cellspacing="0"> <tr > <td colspan="2"><CENTER>����ǹ���Ŵ �ͤ���������ͨҡ�ء��ҹ ��˹� <B>���Ӥѭ</B> ���Դ��Ҩ�����Ǣ�ͧ�Ѻ�ҹ����ҹ��ǹ���Ŵ</CENTER></td> </tr> <tr> <td height="20"><div align="right">���Ӥѭ�ӷ�� 1</div></td><td> <input type="text" name="keyword1" ></td> </tr> <tr> <td><div align="right">���Ӥѭ�ӷ�� 2</div></td><td><input type="text" name="keyword2"></input> <tr> <td><div align="right">���Ӥѭ�ӷ�� 3</div></td><td><input type="text" name="keyword3"></input> <tr> <%'id=request("id_thesis")%> <%'=id%> <!-- <input name="id" type="hidden" value=<%'=id%>>--> <td> </td><td><input type="submit" name="Submit" value="Submit" onmousedown="doSubmit();"> <input type="reset" name="Submit2" value="Reset"></td></tr> </table> </form> <% %> </body> </html>