File Manager
Back to List
| Current Directory: ~/
Editing: letins_sumexcel.asp.bak
Full path: C:\ict\ICT\letins_sumexcel.asp.bak
Permissions: rwx
Write test: File appears not directly writable
Current process identity: IIS APPPOOL\DefaultAppPool
<%response.cachecontrol="private"%> <!--#INCLUDE FILE="ConnectDB.asp"--> <!--#include file="chk_login.asp"--> <% Response.ContentType = "application/vnd.ms-excel" Response.AddHeader "Content-Disposition", "filename=individual.xls" pern=session("username") per="2" tb="letterin" sqlnc="select * from tb_permission where id_staff='"&pern&"' and tb_edit='"&per&"' and tb_name='"&tb&"'" set orsnc=server.createobject("adodb.recordset") orsnc.open sqlnc,conn,1,3 %> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <title>�к����ʹ�����͡�ú�����</title> <meta http-equiv="Content-Type" content="text/html; charset=windows-874"> </head> <body leftmargin="0" topmargin="0" marginwidth="0" marginheight="0"> <table width="100%" border="0"> <tr> <td width="77%" align="left" valign="top"> <% id_staff=request.form("ids") If id_staff="" then id_staff=session("ids") else session("ids")=id_staff end if sqls="select * from lecturer where id_lecturer='"&id_staff&"'" set orss=server.createobject("adodb.recordset") orss.open sqls,conn,1,3 if not orss.eof then names=orss("name_lec") surenames=orss("sur_lec") else sqlst="select * from staff where id_staff='"&id_staff&"'" set orsst=server.createobject("adodb.recordset") orsst.open sqlst,conn,1,3 if not orsst.eof then names=orsst("name_st") surenames=orsst("sur_st") end if end if %> <p>˹ѧ�����Ңͧ.....<%=names%>...<% =surenames%></p> <table width="100%" border="1" cellspacing="0" cellpadding="0"> <tr> <td bgcolor="#c0c0c0"><div align="center" >�Ţ����Ѻ</div></td> <td bgcolor="#c0c0c0"><div align="center" >�Ţ���˹ѧ���</div></td> <td bgcolor="#c0c0c0"><div align="center" >�ѹ �� �� </div></td> <td bgcolor="#c0c0c0"><div align="center" >�ҡ</div></td> <td bgcolor="#c0c0c0"><div align="center" >�֧</div></td> <td bgcolor="#c0c0c0"><div align="center" >����ͧ</div></td> <td bgcolor="#c0c0c0"><div align="center" >��û�Ժѵ�</div></td> <td bgcolor="#c0c0c0"><div align="center" >�����˵�</div></td> </tr> <% id_s=session("ids") msearch=request.form("msearch") ysearch=request.form("ysearch") sqlstf="select * from staffletter where id_staff='"&id_s&"'" set orstf=server.CreateObject("adodb.recordset") orstf.open sqlstf,conn,1,3 'response.write sqlstf If msearch="1" Then msearch1="���Ҥ�" ElseIf msearch="2" Then msearch1="����Ҿѹ��" ElseIf msearch="3" Then msearch1="�չҤ�" ElseIf msearch="4" Then msearch1="����¹" ElseIf msearch="5" Then msearch1="����Ҥ�" ElseIf msearch="6" Then msearch1="�Զع�¹" ElseIf msearch="7" Then msearch1="�á�Ҥ�" ElseIf msearch="8" Then msearch1="�ԧ�Ҥ�" ElseIf msearch="9" Then msearch1="�ѹ��¹" ElseIf msearch="10" Then msearch1="���Ҥ�" ElseIf msearch="11" Then msearch1="��Ȩԡ�¹" ElseIf msearch="12" Then msearch1="�ѹ�Ҥ�" Else msearch1="����к���" End If response.write "�� "&msearch1&" �� "&ysearch i=1 if not orstf.eof then orstf.movefirst do while not orstf.eof idletter=orstf("id_letter") statusread=orstf("statusread") sqlse="select * from letterin where mreceive='"&msearch&"' and yreceive='"&ysearch&"' and id_letter='"&idletter&"'" set orse=server.CreateObject("adodb.recordset") orse.open sqlse,conn,1,3 if not orse.eof then orse.movefirst do while not orse.eof ii=i mod 2 if ii=0 then bgc="#e5e5e5" else bgc="#ffffff" end if response.write "<tr bgcolor="&bgc&"><td>" i=i+1 response.write orse("id_letter")&"</td>" response.write "<td>" response.write orse("id_sent")&"</td>" response.write "<td>" 'response.write orse("dletter")&"/"&orse("mletter")&"/"&orse("yletter")&"[�Ţ�����]<br>" response.write orse("dreceive")&"/"&orse("mreceive")&"/"&orse("yreceive")&"</td>" response.write "<td>" response.write orse("originletter")&"</td>" response.write "<td>" response.write orse("toname")&"</td>" response.write "<td>" response.write orse("titleletter")&"</td>" idl=orse("id_letter") response.write "<td>" set ors1=server.CreateObject("adodb.recordset") osql1 = "Select * From staffletter where id_letter='"&idl&"' Order By id_staff Desc" ors1.Open osql1, conn, 1, 3 'response.write osql1 'c=1 if not ors1.eof then ors1.movefirst do while not ors1.eof 'idaaa=ors1("id_letter") 'c=c+1 sqls="select * from lecturer where id_lecturer='"&ors1("id_staff")&"'" set orss=server.createobject("adodb.recordset") orss.open sqls,conn,1,3 if not orss.eof then response.write orss("name_lec")&" "&orss("sur_lec")&"<br>" else sqlst="select * from staff where id_staff='"&ors1("id_staff")&"'" set orsst=server.createobject("adodb.recordset") orsst.open sqlst,conn,1,3 if not orsst.eof then response.write orsst("name_st")&" "&orsst("sur_st") end if end if ors1.MoveNext loop end if response.write "</td>" Response.write "<td>" response.write "</tr>" orse.movenext loop end if orstf.movenext loop end if response.write "</table>" %> <p> </td> </tr> </table> </body> </html> <% %>