File Manager
Back to List
| Current Directory: ~/
Editing: qe_regis_all.asp.bak
Full path: C:\ict\ICT\qe_regis_all.asp.bak
Permissions: rwx
Write test: File appears not directly writable
Current process identity: IIS APPPOOL\DefaultAppPool
<!--#include file="connectdb.asp"--> <!--#include file="inc_cache_control.asp"--> <!--#include file="inc_access_control.asp"--> <!--#include file="chk_login.asp"--> <% pern=session("username") per="2" tb="qe" sqlnc="select * from tb_permission where id_staff='"&pern&"' and tb_edit='"&per&"' and tb_name='"&tb&"'" set orsnc=server.createobject("adodb.recordset") orsnc.open sqlnc,conn,1,3 %> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html><!-- InstanceBegin template="/Templates/ict.dwt" codeOutsideHTMLIsLocked="false" --> <head> <!-- InstanceBeginEditable name="doctitle" --> <title>�к����ʹ�����͡�ú����� ʾ��</title> <!-- InstanceEndEditable --> <meta http-equiv="Content-Type" content="text/html; charset=windows-874"> <!-- InstanceBeginEditable name="head" --><!-- InstanceEndEditable --> <link href="bsri2006.css" rel="stylesheet" type="text/css"> <link href="image/favicon.ico" rel="shortcut icon" type="image/x-icon"> </head> <body leftmargin="0" topmargin="0" marginwidth="0" marginheight="0"> <table width="100%" border="0"> <tr> <td colspan="2"><div align="right"><img src="Image/head1.gif" width="800" height="61"></div></td> </tr> <tr> <td colspan="2" background="Image/bghead1.gif"><div align="right"><font size="2" face="MS Sans Serif, Tahoma, sans-serif"><strong>| <a href="http://www.swu.ac.th" target=_blank>SWU</a> | <a href="http://bsri.swu.ac.th" target=_blank>BSRI</a> |<a href="chaPW.asp"><strong>Change Password</strong></a>|<a href="log_out.asp">Log Out </a></strong></font>|</div></td> </tr> <tr> <td width="20%" align="left" valign="top" bgcolor="#FFCCCC"><!-- InstanceBeginEditable name="EditRegion5" --><!--#include file="chk_menu.asp"--> <!-- InstanceEndEditable --></td> <td width="77%" align="left" valign="top"><!-- InstanceBeginEditable name="EditRegion3" --> <% '***************************************************************** session("tb_name")="qe" %> <!--#include file="chk_permission.asp"--> <% '***************************************************************** ' if session("tb_preview") <> 1 or session("id_lecturer1") = id_lecturer then '���Է��� �����㹰ҹ ��� ����Ңͧ�������ͧ %> <br><a href=qe_index.asp>˹���á QE></a><br> <table width="100%" border="0" cellspacing="0"> <tr> <td width="892" align="left" valign="top"><div align="center"> <% tquerry=request.form("idquerry") if tquerry="" then else sql end if qe_id=request("id") if qe_id = "" then qe_id=request.form("qe_id") end if qe_schedule=request("id2") if qe_schedule="" then qe_schedule=request.form("qe_schedule") end if sqlq="select * from qe_schedule where qe_schedule='"&qe_schedule&"'" set orsq=server.createobject("adodb.recordset") orsq.open sqlq,conn,1,3 if not orsq.eof then %> ��ª����Ե���ŧ����¹�ͺ[<a href=qe_schedule.asp?id=<%=orsq("qe_semeter")%>&id2=<%=orsq("qe_year_edu")%>>QE</a>] <% sqlcourse="select * from qe where qe_schedule='"&orsq("qe_schedule")&"' and qe_id='"&qe_id&"'" set orscourse=server.createobject("adodb.recordset") orscourse.open sqlcourse,conn,1,3 if not orscourse.eof then 'response.write orscourse("qe_status") id_course=orscourse("qe_course") 'sqlt="select * from qe_type_test where id_type_test='"&orsq("id_type_test")&"'" 'set orst=server.createobject("adodb.recordset") 'orst.open sqlt,conn,1,3 'if not orst.eof then response.write "<br><b>����ͺ���駷�� </b>"&orsq("qe_semeter")&"/"&orsq("qe_year_edu")& "<b> �ѹ����ͺ </b>"&orscourse("qe_day")&"/"&orscourse("qe_month")&"/"&orscourse("qe_year") 'response.write " <B>����������ͺ </B>"&orst("type_test") 'end if sqlc1="select * from qe_course where qe_course='"&orscourse("qe_course")&"'" set orsc1=server.createobject("adodb.recordset") orsc1.open sqlc1,conn,1,3 if not orsc1.eof then response.write "<b> ��ҹ</b> "&orsc1("qe_cname") end if end if end if %><br> <br> <table border="0" width=100% > <tr bgcolor=#FFFFCC> <td><strong>�ӴѺ���</td> <td><div align=center><strong>����</td> <td align=center><strong>����-ʡ��</td><td align=center><strong>��ṹ��� <%=orscourse("qe_score")%></td><td align=center><strong>�š���ͺ</td><td align=center ><strong>Action</td><% %><!-- <td><strong>Action</td>--></div> </tr> <% sqlall="select * from qe_regis where qe_id='"&qe_id&"' order by id_stu asc" set orsall=server.createobject("adodb.recordset") orsall.open sqlall,conn,1,3 if not orsall.eof then orsall.movefirst a=0 do while not orsall.eof a=a+1 'response.write sqlall bgcolor=a mod 2 if bgcolor>0 then bg1="ffffff" else bg1="#F2F2F2" end if response.write "<tr bgcolor='"&bg1&"'><td>"&a&"</td>" sqlstu="select * from student where id_stu='"&orsall("id_stu")&"'" set orsstu=server.createobject("adodb.recordset") orsstu.open sqlstu,conn,1,3 if not orsstu.eof then response.write "<td>"&orsstu("id_stu")&"</td><td>[<a href=qe_regis.asp?id_stu="&orsall("id_stu")&">"&orsstu("name_stu")&" "&orsstu("sur_stu")&"</a>]" sqlg="select * from qe_grade where qe_grade='"&orsall("qe_result")&"'" set orsg=server.createobject("adodb.recordset") orsg.open sqlg,conn,1,3 if not orsg.eof then if orsall("qe_result")="2" then fc="#CC0033" elseif orsall("qe_result")="3" then fc="#CC66FF" elseif orsall("qe_result")="4" then fc="#FFCC00" else fc="#66FF00" end if response.write "<td>"&orsall("qe_score") response.write "<td><font color="&fc&">"&orsg("qe_qname")&"</font>" end if end if response.write "<td>" sqlc2="select * from qe where qe_id='"&qe_id&"'" set orsc2=server.createobject("adodb.recordset") orsc2.open sqlc2,conn,1,3 if not orsc2.eof then id_status=orsc2("qe_status") end if if id_status="1" then nable="enabled" else nable="disabled" end if %> <%if not orsnc.eof then%> <FORM METHOD=POST ACTION="qe_regis_del.asp"> <INPUT TYPE="hidden" NAME="id_stu" value=<%=orsall("id_stu")%>> <INPUT TYPE="hidden" NAME="qe_id" value=<%=qe_id%> > <INPUT TYPE="hidden" NAME="qe_schedule" value=<%=qe_schedule%>> <INPUT TYPE="hidden" NAME="checkfw" value=<%=2%>> <input name="submit" type="submit" id="submit" <%=nable%> value="�" ></td> </form> <%end if%> </tr> <% 'end if response.write "</td>" orsall.movenext loop else response.write "<tr><td colspan=4>No Course Select</td></tr>" end if '������ª����Ե %></table><br> <TABLE > <% sqlc2="select * from qe where qe_id='"&qe_id&"'" set orsc2=server.createobject("adodb.recordset") orsc2.open sqlc2,conn,1,3 if not orsc2.eof then id_status=orsc2("qe_status") end if if id_status="1" then if int(orsc2("qe_num"))>1 then 'if orsq("id_type_test")=2 then '������ͺ�����ʴ��з���ͺ������ҹ�� %> <tr bgcolor=#FFFFCC><td colspan=4><div align=center><strong>��ª����Ե������Է����ͺ����</strong></td></tr> <TR> <TD div align="center" bgcolor="#FFCCFF">�ӴѺ���</TD> <TD div align="center" bgcolor="#FFCCFF">����</TD> <TD div align="center" bgcolor="#FFCCFF">����-ʡ��</TD> <TD div align="center" bgcolor="#FFCCFF">ŧ����¹</TD> </TR> <% 'sqlsche="select * from qe_schedule where qe_semeter='"&orsq("qe_semeter")&"' and qe_year_edu='"&orsq("qe_year")&"' order by qe_schedule desc" qe_num=int(orsc2("qe_num"))-1 sqlche="select * from qe where qe_schedule="&qe_schedule&" and qe_course='"&id_course&"' and qe_num='"&qe_num&"'" 'set orsctest=server.createobject("adodb.recordset") 'if not orsctest.eof then 'response.write "<tr><td>"&sqlche set orsche=server.createobject("adodb.recordset") orsche.open sqlche,conn,1,3 if not orsche.eof then orsche.movefirst do while not orsche.eof 'sqlqes="select * from qe where qe_schedule='"&orsche("qe_schedule")&"' and qe_course='"&id_course&"'and qe_status=1" 'set orsqes=server.createobject("adodb.recordset") 'orsqes.open sqlqes,conn,1,3 'if not orsqes.eof then 'orsqes.movelast 'do while not orsqes.eof 'response.write "<tr><td>"&sqlqes sqledittest="select * from qe_regis where qe_id='"&orsche("qe_id")&"' and qe_result=4" set orsedittest=server.createobject("adodb.recordset") orsedittest.open sqledittest,conn,1,3 'response.write sqledittest a=0 if not orsedittest.eof then orsedittest.movefirst do while not orsedittest.eof sqledit1="select * from student where id_stu='"&orsedittest("id_stu")&"'" set orsedit1=server.createobject("adodb.recordset") orsedit1.open sqledit1,conn,1,3 if not orsedit1.eof then sqlcheck="select * from qe_regis where qe_id='"&qe_id&"' and id_stu='"&orsedittest("id_stu")&"'" set orscheck=server.createobject("adodb.recordset") orscheck.open sqlcheck,conn,1,3 if orscheck.eof then a=a+1 if a mod 2 =0 then bg1="#EBEBEB" else bg1="#ffffff" end if response.write "<tr bgcolor="&bg1&"><td>"&a response.write "<td align=center>" response.write "[<a href=detail_stu.asp?id_stu="&orsedit1("id_stu")&">"&orsedit1("id_stu")&"</a>]" response.write "<td>" response.write orsedit1("name_stu")&" "&orsedit1("sur_stu") response.write "<td>" if not orsnc.eof then%> <FORM METHOD=POST ACTION="qe_regis_add.asp"> <INPUT TYPE="hidden" NAME="id_stu" value=<%=orsedit1("id_stu")%>> <INPUT TYPE="hidden" NAME="qe_id" value=<%=qe_id%>> <INPUT TYPE="hidden" NAME="qe_schedule" value=<%=qe_schedule%>> <INPUT TYPE="hidden" NAME="checkfw" value=<%=2%>> <input name="submit" type="submit" id="submit" value="Regis"></td></tr> </FORM> <% end if end if 'orscheck.eof end if 'orsedit1 orsedittest.movenext loop end if 'orsedittest 'orsqes.movenext 'loop 'end if 'orsqes orsche.movenext loop end if 'orsche ' end if 'orsctest ���Ͷ����� �繡���ͺ���駷�� 2 �ͧ�Ԫҹ�� �������������� else '������ͺ�����ʴ��з���ͺ������ҹ�� if not orsnc.eof then%> <tr bgcolor=#FFFFCC><td colspan=4 ><div align=center><strong>���Ҫ����Ե���ŧ����¹�ͺ QE</strong></td></tr> <form name="form2" method="post" action="qe_regis_all.asp"> <tr><td colspan=4 align=center> Keyword <input type="text" name="keyword1"> ���Ҩҡ <select name="type_search" id="type_search"> <option value="1">����</option> <option value="2">ʡ��</option> <option value="3">����</option> </select> <input name="id2" type="hidden" value=<%=qe_schedule%>> <input name="id" type="hidden" value=<%=qe_id%>> <input name="submit" type="submit" id="submit" value="Go"> </td></tr> <%end if end if '��������ͺ�����ʴ��з���ͺ������ҹ�� end if%> </form> <%'end if 'ʶҹТͧ����ͺ�١�Դ�����%> </div> <div align=center><strong> <p><% search_name=request.form("keyword1") type_search=request.form("type_search") 'response.write orsq("qe_status") if type_search<>"" then %> <p>�š�ä��ҹ��Ե���ŧ����¹�ͺ QE</p></strong> <% 'idc=request.form("idc") 'idq=request.form("idq") if type_search="2" then sqlname="select * from student where sur_stu like '%"&search_name&"%' and id_status_edu=1 " 'response.write sqlname 'set orsname=server.CreateObject("adodb.recordset") 'orsname.open sqlname,conn,1,3 elseif type_search="1" then sqlname="select * from student where name_stu like '%"&search_name&"%' and id_status_edu=1" 'response.write sqlname 'set orsname=server.CreateObject("adodb.recordset") 'orsname.open sqlname,conn,1,3 elseif type_search="3" then sqlname="select * from student where id_stu like '%"&search_name&"%' and id_status_edu=1" 'response.write sqlname end if set orsname=server.CreateObject("adodb.recordset") orsname.open sqlname,conn,1,3 if not orsname.eof then %> <TR> <TD div align="center" bgcolor="#FFCCFF">�ӴѺ���</TD> <TD div align="center" bgcolor="#FFCCFF">����</TD> <TD div align="center" bgcolor="#FFCCFF">����-ʡ��</TD> <TD div align="center" bgcolor="#FFCCFF">���</TD> <TD div align="center" bgcolor="#FFCCFF">ŧ����¹</TD> </TR> <% a=0 orsname.movefirst do while not orsname.eof chpass=0 '�������ҡ�ü�ҹ����ͺ����� p=0 '��Ǩ�ͺ��ҹ��Ե��ҹ����ͺ�ú����Ԫ������ѧ a=a+1 if a mod 2 = 0 then bg1="#E8E8E8" else bg1="#ffffff" end if response.write "<tr>" response.write "<td>"&a response.write "<td>[<a href=detail_stu.asp?id_stu="&orsname("id_stu")&">"&orsname("id_stu")&"</a>]" response.write "<td>" response.write orsname("name_stu")&" "&orsname("sur_stu") response.write "<td>" 'response.write orsname("id_stugroup") '�������������´��� sql_all="select * from student_group where id_stugroup='"&orsname("id_stugroup")&"' " set ors_all=server.createobject("adodb.recordset") ors_all.open sql_all,Conn,1,3 if not ors_all.eof then 'response.write "" sql_curri="select * from curriculum where id_curriculum='"&ors_all("id_curriculum")&"'" set ors_curri=server.createobject("adodb.recordset") ors_curri.open sql_curri,conn,1,3 if not ors_curri.eof then response.write ors_curri("curriculum_full")&" " end if sqlt="select * from type_curriculum where id_type_curri='"&ors_all("id_type_curri")&"'" set orst=server.createobject("adodb.recordset") orst.open sqlt,conn,1,3 if not orst.eof then response.write orst("type_curri_th") end if response.write " ��� "&ors_all("no_stugroup") end if 'response.write id_course&"=id_course" '���͵�Ǩ�ͺ����� ���Ե��ҹ����ͺ��ҹ����Ԫҹ�����������ѧ sqlcoursepass="select * from qe where qe_course='"&id_course&"'" set orscoursepass=server.createobject("adodb.recordset") orscoursepass.open sqlcoursepass,conn,1,3 if not orscoursepass.eof then 'response.write sqlcoursepass&"=sqlcoursepass" orscoursepass.movefirst do while not orscoursepass.eof sqlcheckpass="select * from qe_regis where id_stu='"&orsname("id_stu")&"' and qe_id='"&orscoursepass("qe_id")&"' " set orscheckpass=server.createobject("adodb.recordset") orscheckpass.open sqlcheckpass,conn,1,3 'response.write sqlcheckpass&"=sqlcheckpass" if not orscheckpass.eof then '����� not ���¶֧ ��ŧ����¹����ͺ����ҹ if int(orscheckpass("qe_result"))=1 or int(orscheckpass("qe_result"))=5 then chpass=1 p=chpass+1 sqlpresult="select * from qe_grade where qe_grade='"&orscheckpass("qe_result")&"'" set orspresult=server.createobject("adodb.recordset") orspresult.open sqlpresult,conn,1,3 if not orspresult.eof then 'response.write "<td>"&orspresult("qe_qname")&""&orscheckpass("qe_result") smspass=orspresult("qe_qname") else smspass="" end if 'orsname.movenext 'response.write "<td>1����ҹ" else 'chpass=0 'response.write "<td>2��ҹ" end if 'response.write "<tr><td>3��ҹ"'&orscheckpass("id_regis") else 'response.write "<tr><td>ŧ����¹������ҹ" 'end if end if'orscheckpass orscoursepass.movenext loop '������Դ�Ԫҹ����� �������� end if 'orscoursepass '����Ǩ�ͺ����� ���Ե��ҹ����ͺ��ҹ����Ԫҹ�����������ѧ 'response.write p&"��ҹ�ú 3 ����" %><td> <FORM METHOD=POST ACTION="qe_regis_add.asp"> <INPUT TYPE="hidden" NAME="id_stu" value=<%=orsname("id_stu")%>> <INPUT TYPE="hidden" NAME="qe_id" value=<%=qe_id%>> <INPUT TYPE="hidden" NAME="qe_schedule" value=<%=qe_schedule%>> <INPUT TYPE="hidden" NAME="checkfw" value=<%=2%>> <%if chpass=1 then response.write smspass elseif chpass=0 then%> <input name="submit" type="submit" id="submit" value="Regis"> <%end if%></td></tr> </FORM> <% orsname.movenext loop else response.write "<tr><td colspan=6>��辺�����ŷ�����<br>"&search_name response.write "</table>" end if 'response.write "</table>" end if response.write "</table>" '����ä��ҹ��Ե %> </table></div> </td> </tr> <tr> <td colspan="3"></td> </tr> <!-- InstanceEndEditable --></td> </tr> <tr> <td colspan="2" background="Image/bghead1.gif">Contact Admin:: wassanaw@swu.ac.th tel.02-649-5000 ext 17600</td> </tr> </table> </body> <!-- InstanceEnd --></html>