Webshell Akmal archtte id

System: Microsoft Windows NT 10.0.20348.0

Server: Microsoft-IIS/10.0

User: buyyou

Directory: C:\MyData\WWW\asc365\

Name	Size	Type	Actions
ASC365_CANADA	-	Directory	Rename Delete
ASC365_Store01	-	Directory	Rename Delete
aspnet_client	-	Directory	Rename Delete
CompanyImage	-	Directory	Rename Delete
TJGS_USA	-	Directory	Rename Delete
zhijian	-	Directory	Rename Delete
Memo.inc	0 bytes	.inc	Edit Rename Delete
web.config	213 bytes	.config	Edit Rename Delete

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />


<%
	CheckAdmin1
'检测菜单是否存在，并查出所属语言，数据表，菜单名称
%>
<%
newproductid=request.QueryString("productid")
if Request("Action")="del" then
     newid=request.QueryString("id")
	 productid=request.QueryString("productid")
	sql="delete from productprice where id="&newid&""
	conn.Execute(sql)
	conn.close
	set conn=nothing
	Response.Write("<script>location.href='Products.asp?productid="&productid&"';</script>")
	Response.End
end if
%>
<%
if Request("Action")="RecomF" then
	conn.Execute("update "&Menu_MDB&" set Recommend='0',Time_Update='"& Now() &"' where id="&id&"")
	conn.close
	set conn=nothing
	Response.Write("<script>location.href='?menuid="&menuid&"&page="&CMSpage&"';</script>")
	Response.End
end if
%>
<%
if Request("Action")="RecomT" then
	conn.Execute("update "&Menu_MDB&" set Recommend='1',Time_Update='"& Now() &"' where id="&id&"")
	conn.close
	set conn=nothing
	Response.write("<script>location.href='?menuid="&menuid&"&page="&CMSpage&"';</script>")
	Response.End
end if
%>
<%
if Request("Action")="change" then
	if Request.Form("Hand_ID")="" then
		Response.Write("<script>alert('请填写手工序号');location.href='?menuid="&menuid&"&page="&CMSpage&"';</script>")
		Response.End
	elseif chk_num(Request.Form("Hand_ID"))=0 then 
		Response.Write("<script>alert('手工序号必须是大于0的整数');location.href='?menuid="&menuid&"&page="&CMSpage&"';</script>")
		Response.End
    end if
	Hand_ID=Request.Form("Hand_ID")
	id=request.QueryString("id")
	Time_Update=Now()
	conn.Execute("update productprice set sort="& Hand_ID &" where id="&id&"")
	conn.close
	set conn=nothing
	Response.Write("<script>alert('修改成功');location.href='?id="&id&"&page="&CMSpage&"';</script>")
	Response.End
end if

if request("Action")="changeproductid" then
newproductid=request.Form("productid")
end if
%>

<title></title>
<%call default_css_js()%>
<link href="css/thickbox.css" rel="stylesheet" type="text/css" />
<script type="text/javascript" src="scripts/jquery-1.4.4.min.js"></script>
<script type="text/javascript" src="scripts/ThickBox/thickbox.js"></script>
</head>
<body>
<div id="cms_main">
  <div class="main_title"><span class="page_content">
<%
'检测菜单是属于哪个语言的，并把语言后台显示名显示出来
%></span></div>
  <div class="height5"></div>
<%
%>
  <table width="94%" id="main_content">
    <tr>
      <td colspan="5" class="content_list">
        <ul class="edit_menu">
		 <li><a href="Products_priceadd.asp" class="edit_add">添加商品</a></li>
		 
		  <li></li>
		  <li></li>
		
          <li></li>
		<form method="post" action="?Action=changeproductid">
        员工名称：
       
            <select>
			<%
			%>
			<option></option>
			<%
			%>
			</select>
            <input name="check" type="submit"  value="查询" />
		 </form>
      </ul>      </td>
    </tr>
    <tr class="content_title">
	 <td width="158">手工序号</td>
      <td width="223">产品ID</td>
      <td width="225">产品数量</td>
      <td width="203">产品价格</td>
      <td width="344" style="background-image:none;">操作</td>
    </tr>
<%
Set Page = new Cls_Page				'创建对象
Set Page.Conn = conn				'得到数据库连接对象
With Page
	.PageSize = 10					'每页记录条数
	.PageParm = "page"					'页参数
	'.PageIndex = 10				'当前页，可选参数，一般是生成静态时需要
	.Database = "ac"				'数据库类型,AC为access,MSSQL为sqlserver2000存储过程版,MYSQL为mysql,PGSQL为PostGreSql
	.Pkey="id"						'主键
	.Field="id,productid,productnumber1,productnumber2,price,sort"	'字段
	.Table="productprice"			'表名
	if len(newproductid)=0 then
	.Condition="use=1 "					'条件,不需要where
	else
	.Condition="use=1 and productid='"&newproductid&"'"
	end if
	.OrderBy="productid,sort asc"						'排序,不需要order by,需要asc或者desc
	.RecordCount = 0				'总记录数，可以外部赋值，0不保存（适合搜索），-1存为session，-2存为cookies，-3存为applacation

.NumericJump = 5 '数字上下页个数，可选参数，默认为3，负数为跳转个数，0为显示所有
	.Template = "<div class=""page_list""><div class=""list_info"">每页{$PageSize}个&nbsp;|&nbsp;共({$RecordCount}个/{$PageCount}页)&nbsp;|&nbsp;当前第{$PageIndex}页 {$FirstPage}{$PreviousPage}{$NumericPage}{$NextPage}{$LastPage}</div></div>" '整体模板，可选参数，有默认值
	.FirstPage = "&nbsp;&lt;&lt;&nbsp;" '可选参数，有默认值
	'.FirstPage = "首页"
	.PreviousPage = "&nbsp;&lt;&nbsp;" '可选参数，有默认值
	'.PreviousPage = "上一页"
	.NextPage = "&nbsp;&gt;&nbsp;" '可选参数，有默认值
	'.NextPage = "下一页"
	.LastPage = "&nbsp;&gt;&gt;&nbsp;" '可选参数，有默认值
	'.LastPage = "尾页"
	.NumericPage = "{$PageNum}" '数字分页部分模板，可选参数，有默认值
End With

rs = Page.ResultSet() '记录集
'rc = Page.RowCount() '可选，输出总记录数
nav = Page.Nav() '分页样式

If IsNull(rs) Then
%>
    <tr>
      <td colspan="5" align="center" class="content_list">暂无信息</td>
    </tr>
<%
Else
	For i=0 To Ubound(rs,2)
%>
<script type="text/javascript">
function check<%=rs(0,i)%>()
{
	if(document.change<%=rs(0,i)%>.Hand_ID.value=="")
	{
		alert("请填写手工序号");
		document.change<%=rs(0,i)%>.Hand_ID.focus();
		return false
	}
//正则表达式判断
     //var re = /^[0-9]+.?[0-9]*$/;//判断字符串是否为数字
	 var re = /^[1-9]+[0-9]*]*$/;//判断字符串是否为正整数
	 if (!re.test(document.change<%=rs(0,i)%>.Hand_ID.value))
	 {
		 alert("手工序号必须是正整数");
		 document.change<%=rs(0,i)%>.Hand_ID.focus();
		 return false;
	 }
	 
	return true;
}
</script>
<form name="change<%=rs(0,i)%>" method="post" action="?Action=change&id=<%=rs(0,i)%>&productid=<%=rs(1,i)%>&page=<%=CMSpage%>" onSubmit="return check<%=rs(0,i)%>()">
    <tr class="content_list" onMouseOver="this.style.backgroundColor='#D3E1F6'" onMouseOut="this.style.backgroundColor=''">
	 <td style="padding-left:10px">
        <ul class="list_input">
          <li class="input_l"></li>
          <li class="input_mb"><input name="Hand_ID" type="text" id="Hand_ID" style="text-align:center" value="<%=rs(5,i)%>" maxlength="4" /></li>
          <li class="input_mn"><input type="image" name="info_num" id="info_num" src="images/info_num.gif" /></li>
          <li class="input_r"></li>
        </ul>      </td>
      <td><%=rs(1,i)%></td>
      <td><%=rs(2,i)&"---"&rs(3,i)%></td>
	  <td><%=rs(4,i)%></td>
      <td style="background-image:none;"><a href="Products_priceedit.asp?id=<%=rs(0,i)%>&productid=<%=trim(rs(1,i))%>&page=<%=CMSpage%>"><img src="images/info_edit.gif" alt="编辑<%=rs(5,i)%>" /></a>|<a title="确认删除" href="Products_pricedel.asp?height=105&width=380&id=<%=rs(0,i)%>&productid=<%=trim(rs(1,i))%>&page=<%=CMSpage%>" class="thickbox"><img src="images/info_del.gif" alt="删除<%=rs(5,i)%>" /></a></td>
    </tr>
</form>
<%
	Next
End If
%>
</table>
<%Response.Write nav%>
<%
rs.close
set rs=nothing

%>
</div>
<%
%>
</body>
</html>