File Manager
Back to List
| Current Directory: ~/
Editing: upload_thesis_progress_student_form.asp.bak
Full path: C:\ict\ICT\upload_thesis_progress_student_form.asp.bak
Permissions: rwx
Write test: File appears not directly writable
Current process identity: IIS APPPOOL\DefaultAppPool
<!--#include file="chk_permission.asp"--> <!--#include file="inc_cache_control.asp"--> <!--#include file="inc_access_control.asp"--> <!--#include file="chk_login.asp"--> <script language="javascript"> function doSubmit() { if( document.form3.attach1.value == "" ) { alert("��س����͡������ͧ�����§ҹ") document.form3.attach1.focus() return false; } } </script> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html><!-- InstanceBegin template="/Templates/ict.dwt" codeOutsideHTMLIsLocked="false" --> <head> <!-- InstanceBeginEditable name="doctitle" --> <title>�к����ʹ�����͡�ú�����</title> <!-- InstanceEndEditable --> <meta http-equiv="Content-Type" content="text/html; charset=windows-874"> <!-- InstanceBeginEditable name="head" --><!-- InstanceEndEditable --> <link href="bsri2006.css" rel="stylesheet" type="text/css"> <link rel="stylesheet" href="./css/icomoon.css"> <link rel="stylesheet" href="./css/style.css"> <link href="image/favicon.ico" rel="shortcut icon" type="image/x-icon"> <link href="./css/bootstrap.min.css" rel="stylesheet"> <link href="./css/templatemo-style.css" rel="stylesheet"> </head> <body leftmargin="0" topmargin="0" marginwidth="0" marginheight="0"> <table width="100%" border="0"> <tr> <td colspan="2"><div align="right"><img src="Image/head1.gif" width="800" height="61"></div></td> </tr> <tr> <td colspan="2" background="Image/bghead1.gif"><div align="right"><font size="2" face="MS Sans Serif, Tahoma, sans-serif"><strong>| <a href="http://www.swu.ac.th" target=_blank>SWU</a> | <a href="http://bsri.swu.ac.th" target=_blank>BSRI</a> |<a href="chaPW.asp"><strong>Change Password</strong></a>|<a href="log_out.asp">Log Out </a></strong></font>|</div></td> </tr> <tr> <td width="20%" align="left" valign="top" bgcolor="#FFCCCC"><!-- InstanceBeginEditable name="EditRegion5" --><!--#include file="chk_menu.asp"--><!-- InstanceEndEditable --></td> <td width="77%" align="left" valign="top"><!-- InstanceBeginEditable name="EditRegion3" --> <table width="100%" border="0" cellspacing="0"> <tr> <td width="892" align="left" valign="top"> <% '***************************************************************** session("tb_name")="student" %> <% id_stu=request("id_stu") 'response.write session("id_stu1") &"aaa" 'response.write "bbb"&id_stu '***************************************************************** 'if session("tb_preview") =2 or session("id_stu1") = id_stu then '���Է��� �����㹰ҹ ��� ����Ңͧ�������ͧ pern=session("username") per="2" tb="student" sqlnc="select * from tb_permission where id_staff='"&pern&"' and tb_edit='"&per&"' and tb_name='"&tb&"'" set orsnc=server.createobject("adodb.recordset") orsnc.open sqlnc,conn,1,3 %> <div align="left"> <%'if session("tb_edit") = 2 then %> <!--��§ҹ��������˹�ҡ�÷ӻ�ԭ�ҹԾ���>Upload file ��ѡ�ҹ�����Թ���Ἱ�--> <%'end if%><br> <table border="0" align="center" cellpadding="0" cellspacing="0" width="100%"> <tr > <td colspan=3> <table border=0 width=100%><!--<tr> <td bgcolor=#FFCC00>�����Ź��Ե</td> --> <% ' id_stu=request("id_stu") if id_stu="" then id_stu=session("id_stu1") end If sql_data="select * from student where id_stu='"&id_stu&"' " set ors_data=server.createobject("adodb.recordset") ors_data.open sql_data,conn,1,3 if not ors_data.eof then %> </tr> <tr > <td><div align="left"> <div class="col-1"> <div class="templatemo-content-widget white-bg"> <!--<i class="fa fa-times"></i>--> <div class="media"> </div> <div class="media-body"> <h2 class="media-heading text-uppercase"><%=id_stu%>  <%=ors_data("name_stu")%>    <%=ors_data("sur_stu")%> (<%=ors_data("name_eng")%>  <%=ors_data("sur_eng")%>)</h2><p> <% id_status_edu=ors_data("id_status_edu") set ors3=server.createobject("adodb.recordset") sql3="select * from status_edu where id_status_edu='"&id_status_edu&"'" ors3.open sql3,Conn,1,3 if not ors3.eof then 'response.write ors3("status_edu") end if %> <% id_stugroup=ors_data("id_stugroup") sql_all="select * from student_group where id_stugroup='"&ors_data("id_stugroup")&"' " set ors_all=server.createobject("adodb.recordset") ors_all.open sql_all,Conn,1,3 if not ors_all.eof then 'response.write "" sql_curri="select * from curriculum where id_curriculum='"&ors_all("id_curriculum")&"'" set ors_curri=server.createobject("adodb.recordset") ors_curri.open sql_curri,conn,1,3 if not ors_curri.eof then id_curriculum=ors_all("id_curriculum") response.write ors_curri("curriculum_full")&" " end If id_type_curri=ors_all("id_type_curri") sqlt="select * from type_curriculum where id_type_curri='"&ors_all("id_type_curri")&"'" set orst=server.createobject("adodb.recordset") orst.open sqlt,conn,1,3 if not orst.eof then response.write orst("type_curri_th") end if response.write " ��� "&ors_all("no_stugroup")&" " id_major=ors_all("id_major") sql_major="select * from major where id_major='"&id_major&"'" set ors_major=server.createobject("adodb.recordset") ors_major.open sql_major,conn,1,3 if not ors_major.eof then response.write ors_major("major_th") end if end if %></p> </div> </div> </div> </td></tr> <% response.write "<tr >" '���ͻ�ԭ�ҹԾ��� id_thesis=request.form("id") id_activity=request.form("id_activity") session("id_stufile")=request.form("id_stu") sqlt="select * from thesis where id_thesis='"&id_thesis&"'" set orst=server.createobject("adodb.recordset") orst.open sqlt,conn,1,3 if not orst.eof then 'response.write "<td>"&orst("id_thesis") 'response.write "<td><strong>���ͻ�ԭ�ҹԾ���::<strong>"&orst("thesis_th")&"<br>Thesis name::"&orst("thesis_eng") Else 'response.write "<td>����բ�����"&id_thesis End if %> <tr><td align=right> <form name="form12" method="post" action="report_thesis_progress_student_form.asp"> <input type="hidden" name="id_activity" value=<%=id_activity%>> <input type="hidden" name="id_thesis" value=<%=id_thesis%>> <input type="hidden" name="id_stu" value=<%=id_stu%>> <div class="col-xs-12"> <button class="btn-oth" type="submit" role="button" style="margin-left:10px;">��Ѻ˹����§ҹ��������˹��(<%=id_activity%>)</button></div> </form> </td></tr> </table> <tr><td colspan=3><div class="templatemo-content-widget orange-bg col-1 text-center"> <h2 class="text-uppercase">Upload ��ѡ�ҹ</h2><p>(<% sqltheplan="select id_activity,id_table from thesis_plan_activity where id_activity="&id_activity&"" Set orstheplan=server.createobject("adodb.recordset") orstheplan.open sqltheplan,conn,1,3 'Response.write sqltheplan If Not orstheplan.eof Then 'Response.write id_activity sqlta="select id_table, table_sum from rp_table where id_table='"&orstheplan("id_table")&"'" Set orsta=server.createobject("adodb.recordset") orsta.open sqlta,conn,1,3 If Not orsta.eof Then Response.write orsta("table_sum") 'Response.write orstheplan("expect_result") End if End if %>) </p> </div> </td></tr> <% Set ors_file=server.createobject("adodb.recordset") sql_file="select * from thesis_report_file2 where id_activity='"&id_activity&"' and id_status='1'" ors_file.open sql_file,conn,1,3 If Not ors_file.eof Then ors_file.movefirst noa=0 Do While Not ors_file.eof noa=noa+1 if noa mod 2 = 0 then bgp="#EBEBEB" else bgp="#FFFFFF" end If Response.write "<tr bgcolor="&bgp&"><td width=4>"&noa&"." 'Response.write "<td width=40>"&ors_file("doc_name") Response.write "<td width=500 align=left>[<a href=../fileprogress/"&ors_file("file_name")&">"&ors_file("doc_name")&"</a>]" id_file=ors_file("id_file") %> <td align=left><form name="form11" method="post" action="del_file_thesis_progress_student.asp"> <input type="hidden" name="id_activity" value=<%=id_activity%>> <input type="hidden" name="id" value=<%=id_thesis%>> <input type="hidden" name="id_stu" value=<%=id_stu%>> <input type="hidden" name="id_file" value=<%=id_file%>> <div class="col-xs-12"> <button class="btn-oth" type="submit" role="button" style="margin-left:10px;" onclick="return confirm('���㹡��ź?');">Remove</button></div> </form> <% 'Response.write "<td>[<a href=del>"&&"</a>]" ors_file.movenext Response.write "<tr><td colspan=2>" loop Else Response.write "<tr><td>--��������--"'&id_activity End If %> <tr><td colspan=3> <form name="form3" method="post" action="upload_thesis_progress_student.asp" onsubmit="return doSubmit()" enctype="multipart/form-data" > <table border="0" cellspacing="2" align="center" width="100%"> <tr bgcolor=#fcfacb> <td width="55%"><!--File types which can be uploaded = .gif .jpg .doc .pdf .docx .JPG .ppt .htm .html--><!--<td><div align="right"> Upload �͡��ê��ͧ͢�͡���<input type="text" name="doc_name" style="font-size:16px;" size="40" maxlength="40"> <div class="row form-group"> <div class="col-lg-12">--> <label class="control-label templatemo-block"></label> <input type="file" name="attach1" id="fileToUpload" class="filestyle" data-buttonName="btn-primary" data-buttonBefore="true" data-icon="false"> <p>1.Maximum upload size is 10 MB. <br>2.Maximum file name length is 50 characters</p> </div> </div> <!-- <input type="file" name="attach1" style="font-size:16px;">--> <tr><td><div align="left"> <input type="hidden" name="id_activity" value=<%=id_activity%>> <% session("id_activity")=id_activity session("id_thesis")=id_thesis %> <input type="hidden" name="id" value=<%=id_thesis%>> <input type="hidden" name="id_stu" value=<%=id_stu%>> <div class=col-xs-12> <!--<input name="Upload" type="submit" id="Upload" value="Upload" style="font-size:16px;">--> <button class="btn-oth" type="submit" role="button" style="margin-left:10px;">Upload</button></div> </div> <tr><td><td> </table> </form> </table> <% end if %> </div></td> </tr> </table> <% 'else '���Է� 'response.write "<tr><td colspan=3><center>�س������Է����� �س���ѵԹ��" 'response.write "<meta http-equiv=refresh content =3;url=javascript:history.back();>" '���Է� 'end if '���Է� %> <!-- InstanceEndEditable --></td> </tr> <tr> <td colspan="2" background="Image/bghead1.gif">Contact Admin:: wassanaw@swu.ac.th tel.02-649-5000 ext 17600</td> </tr> </table> </body> <!-- InstanceEnd --></html>