File Manager
Back to List
| Current Directory: ~/
Editing: sub_res.asp
Full path: C:\ict\ICT\sub_res.asp
Permissions: rwx
Write test: File appears not directly writable
Current process identity: IIS APPPOOL\DefaultAppPool
<%response.cachecontrol="private"%> <!--#INCLUDE FILE="ConnectDB.asp"--> <!--#include file="chk_login.asp"--> <% pern=session("username") per="2" tb="research" sqlnc="select * from tb_permission where id_staff='"&pern&"' and tb_edit='"&per&"' and tb_name='"&tb&"'" set orsnc=server.createobject("adodb.recordset") orsnc.open sqlnc,conn,1,3 ' if not orsnc.eof then %> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html><!-- InstanceBegin template="/Templates/ICT.dwt" codeOutsideHTMLIsLocked="false" --> <head> <!-- InstanceBeginEditable name="doctitle" --> <title>�к����ʹ�����͡�ú�����</title> <!-- InstanceEndEditable --> <meta http-equiv="Content-Type" content="text/html; charset=windows-874"> <!-- InstanceBeginEditable name="head" --> <style type="text/css"> <!-- .style2 {color: #003366; } --> </style> <style type="text/css"> <!-- .style3 {color: #cc9933} --> </style> <!-- InstanceEndEditable --> <link href="bsri2006.css" rel="stylesheet" type="text/css"> <link href="image/favicon.ico" rel="shortcut icon" type="image/x-icon"> </head> <body leftmargin="0" topmargin="0" marginwidth="0" marginheight="0"> <table width="100%" border="0"> <tr> <td colspan="2"><div align="right"><img src="Image/head1.gif" width="800" height="61"></div></td> </tr> <tr> <td colspan="2" background="Image/bghead1.gif"><div align="right"><font size="2" face="MS Sans Serif, Tahoma, sans-serif"><strong>| <a href="http://www.swu.ac.th" target=_blank>SWU</a> | <a href="http://bsri.swu.ac.th" target=_blank>BSRI</a> |<a href="chaPW.asp"><strong>Change Password</strong></a>|<a href="log_out.asp">Log Out </a></strong></font>|</div></td> </tr> <tr> <td width="20%" align="left" valign="top" bgcolor="#FFCCCC"><!-- InstanceBeginEditable name="EditRegion5" --><!--#include file="chk_menu.asp"--><!-- InstanceEndEditable --></td> <td width="77%" align="left" valign="top"><!-- InstanceBeginEditable name="EditRegion3" --> <div align="center"> <p><strong>�����ç�������</strong> <% id=request("id") sql="select * from research where id_contact='"&id&"'" set ors=server.createobject("adodb.recordset") ors.open sql,conn,1,3 if not ors.eof then %> </p> <p>[<a href=detail_research.asp?id=<%=ors("id_contact")%>><%=ors("id_contact")%></a>]<br><%response.write ors("research_t")%> <br> ��ª����ç������¢ͧ�ç��ù��</p> <table width="90%" border="1"> <tr> <td width="8%" bgcolor="#660000"><div align="center" class="style3">�Ţ����ѭ��</div></td> <td width="82%" bgcolor="#660000"><div align="center" class="style3">�����ç���</div></td> <%if not orsnc.eof then%> <td width="10%" bgcolor="#660000"><div align="center" class="style3">Action</div></td> <%end if%> </tr> <% sql1="select * from sub_res where id_contact='"&id&"'" set ors1=server.CreateObject("adodb.recordset") ors1.open sql1,conn,1,3 if not ors1.eof then ors1.movefirst do while not ors1.eof response.write "<tr><td>" response.write "[<a href=detail_research.asp?id="&ors1("id_contact_sub")&">"&ors1("id_contact_sub")&"</a>]" sql2="select * from research where id_contact='"&ors1("id_contact_sub")&"'" set ors2=server.CreateObject("adodb.recordset") ors2.open sql2,conn,1,3 if not ors2.eof then response.write "<td>" response.write ors2("research_t") if not orsnc.eof then response.write "<td>" response.write "[<a href=del_sub_res.asp?id="&id&"&id_sub="&ors1("id_contact_sub")&">Del</a>]" end if end if ors1.movenext loop end if %> </table> <p><br> <%'if not orsnc.eof then%> ��ª����ç������·�����</p> <table width="90%" border="1"> <tr> <td width="66" bgcolor="#99ccFF"><div align="center" class="style2">�Ţ����ѭ��</div></td> <td bgcolor="#99ccFF"><div align="center" class="style2"> <div align="center">�����ç���</div> </div></td> <td width="81" bgcolor="#99ccFF"><div align="center" class="style2">Action</div></td> </tr> <% sub1="3" sqlsub="select * from research where id_type_res='"&sub1&"'" set orssub=server.CreateObject("adodb.recordset") orssub.open sqlsub,conn,1,3 if not orssub.eof then orssub.movefirst do while not orssub.eof response.write "<tr>" response.write "<td>[<a href=detail_research.asp?id="&orssub("id_contact")&">"&orssub("id_contact")&"</a>]" 'response.write "<td>" response.write "<td>"&orssub("research_t") response.write "<td>" sqlcsub="select * from sub_res where id_contact_sub='"&orssub("id_contact")&"'" set orscsub=server.CreateObject("adodb.recordset") orscsub.open sqlcsub,conn,1,3 if not orscsub.eof then response.write orscsub("id_contact") else response.write "[<a href=add_sub_res.asp?id="&id&"&id_sub="&orssub("id_contact")&">Add</a>]" end if orssub.movenext loop else end if %> </table> <%end if%> <p> </p> <% 'end if %> <p> </p> <p> </p> <p> </p> <p></p> <p></p> </div> <!-- InstanceEndEditable --></td> </tr> <tr> <td colspan="2" background="Image/bghead1.gif">Contact Admin:: wassanaw@swu.ac.th tel.02-649-5000 ext 17600</td> </tr> </table> </body> <!-- InstanceEnd --></html>