Webshell Akmal archtte id

Directory: C:\MyData\WWW\asc365\ <%@LANGUAGE="VBSCRIPT" CODEPAGE="936"%> <!--#include file="conn.asp" --> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <!--#include file="include/Mailsmtp.asp" --> <head> <meta http-equiv="Content-Language" content="zh-cn"> <meta http-equiv="Content-Type" content="text/html; charset=gb2312" /> <link rel="stylesheet" href="css/style.css" type="text/css" media="screen" /> <title>Intbuying screen printing, home DIY printing machine, T-shirt printing machine, silk screnning supplies, 6 color 6 station screen press, 4 color 4 station screen printing machine, single color printing, screen starter, screen printing kit, flash dryer, exposure unit, screen, mesh, fabric, screen frame, t-shirt pallet plate�� squeege, emulsion scoop coater�� color pigment, plastisol, pvc ink</title> <% Set fs=Server.CreateObject("Scripting.FileSystemObject") Session("GetType")=263 ID=Request.QueryString("ID") Session("typeid")=0 'if len(ID)=0 then 'ID="FT1" 'end if Thispage ="http://" & Request.ServerVariables("SERVER_NAME")& Request.ServerVariables("URL") %> <%'----------------------------------------------------------------------- %> <% if request("Action")="Search" then searchname=request.Form("Search1") response.redirect(Thispage&"?ID=Search&searchname="&searchname) end if %> <% '-----����Ա���е�¼ 'ɾ������ if request("Action")="deleteorder" then orderid=request.QueryString("orderid") set rs11=server.createobject("adodb.recordset") sql11="select * from orderlist where orderid='"&orderid&"'" rs11.open sql11,conn,3,3 if not rs11.eof then rs11("orderstate")=1 rs11.update rs11.close set rs11=nothing conn.close set conn=nothing Response.write"<script>window.location.href=""index.asp?ID=MyAsc365"";</script>" end if end if 'FAQ�����ύ if request("Action")="AddQuestion" then set rs4=server.createobject("adodb.recordset") sql4="select count(*) as ordercount from Question" rs4.open sql4,conn,1,1 newid="00000"&rs4("ordercount") rs4.close set rs4=nothing userid=Session("UserId") useremail12=Session("UserEmail") tracking=newid subject=request.Form("subject") content=request.Form("content") createddate=now() lastdate=now() status1=0 set rs12=server.createobject("adodb.recordset") rs12.open "select * from Question",conn,1,3 rs12.addnew rs12("tracking")=tracking rs12("subject")=subject rs12("content")=content rs12("creatdate")=createddate rs12("lastdate")=lastdate rs12("status")=status1 rs12("userid")=UserId rs12("useremail")=useremail12 rs12("source")=1 rs12.update rs12.close conn.close set rs12=nothing set conn=nothing Response.write"<script>window.location.href=""index.asp?ID=MyAsc365FAQ"";</script>" end if '-----����Աע�� if request("Action")="Register_email" then useremail2=Trim(Request.form("email2")) userpassword2=Trim(Request.Form("password2")) countryname=Request.Form("T6") 'Md5_Pass=Md5(Md5(password1,16),32) '-----�����ж��û��������롢��֤���Ƿ�Ϊ�� '-----�����ж���֤�롢�û����������Ƿ���ȷ����¼��¼��� set rs=server.createobject("adodb.recordset") sql33="select * from UserInfo where UserEmail='"&useremail2&"' and UserType=2" rs.open sql33,conn,1,3 if not rs.bof then Response.write"<script language=javascript>alert(""The Email Address has already been registered"");location.href='index.asp?ID=Register';</script>" Response.End() else rs.addnew rs("UserName")="" rs("UserPass")=userpassword2 rs("UserEmail")=useremail2 rs("UserType")=2 rs("UserCountry")=countryname rs("Useful")=0 rs.update rs.close set rs=nothing conn.close set conn=nothing D_link="http://intbuying.com/Emailactive.asp?Email="&useremail2 D_message="" D_message=D_message&"<table border='1' width='800' height='113' bordercolor='#CCCCCC' style='border-collapse: collapse'>" & chr(13) & chr(10) D_message=D_message&"<tr>" & chr(13) & chr(10) D_message=D_message&"<td height='85' width='400'><p>Dear" D_message=D_message&useremail2 D_message=D_message&",</p>" & chr(13) & chr(10) D_message=D_message&" <p>Your Password is <span style='color:#FF0000'>" D_message=D_message&"</span></p>"&chr(13)&chr(10) D_message=D_message&" <p>You can click the follow Link to active your email</p></td>"&chr(13)&chr(10) D_message=D_message&"<a href='" D_message=D_message&D_link D_message=D_message&"'>"&D_link D_message=D_message&"</a>"& chr(13) & chr(10) D_message=D_message&"<tr>" & chr(13) & chr(10) D_message=D_message&"</table>" ' set newmail=server.CreateObject("cdonts.newmail") ' newmail.From="sales@asc365.com" //����������ʽ���ͣ��˷�������ͨ������˱��������֤ ' newmail.To =useremail //��ҵ�ʾ��ռ��˵�ַ ' newmail.Subject= "Message of Your Password" ' newmail.Body = D_message ' newmail.BodyFormat =0 ' newmail.MailFormat =0 ' newmail.Send ' set newmail=nothing MailFrom = "sales@asc365.com" MailTo = useremail MailSubject = "Message of Your Password" mailtext = "<html><body>" & D_message & "</body></html>" MySendEmail MailFrom,MailTo,MailSubject,mailtext useremail2="" Response.write"<script>alert('A message has been sent to your mailbox, please activate the mailbox');top.location.href='index.asp?ID=Register'</script>" response.End() end if end if %> <% if request("Action")="forgotPass" then useremail=Trim(request.Form("email_address")) set rs15=server.createobject("adodb.recordset") sql15="select UserEmail,UserPass from UserInfo where UserEmail='"&useremail&"'" rs15.open sql15,conn,1,1 if not(rs15.bof and rs15.eof) then D_message="" D_message=D_message&"<table border='1' width='800' height='113' bordercolor='#CCCCCC' style='border-collapse: collapse'>" & chr(13) & chr(10) D_message=D_message&"<tr>" & chr(13) & chr(10) D_message=D_message&"<td height='85' width='400'><p>Dear" D_message=D_message&rs15("UserEmail") D_message=D_message&",</p>" & chr(13) & chr(10) D_message=D_message&" <p>Your Password is <span style='color:#FF0000'>" D_message=D_message&rs15("UserPass") D_message=D_message&"</span></p>"&chr(13)&chr(10) D_message=D_message&" <p>You can click <a href='http://intbuying.com'>here </a> to go to INTBUYING.</p></td>"&chr(13)&chr(10) D_message=D_message&"<tr>" & chr(13) & chr(10) D_message=D_message&"</table>" 'set newmail=server.CreateObject("cdonts.newmail") ' newmail.From="sales@asc365.com" //����������ʽ���ͣ��˷�������ͨ������˱��������֤ ' newmail.To =useremail //��ҵ�ʾ��ռ��˵�ַ ' newmail.Subject= "Message of Your Password" ' newmail.Body = D_message ' newmail.BodyFormat =0 ' newmail.MailFormat =0 ' newmail.Send ' set newmail=nothing MailFrom = "sales@asc365.com" MailTo = useremail MailSubject = "Message of Your Password" mailtext = "<html><body>" & D_message & "</body></html>" MySendEmail MailFrom,MailTo,MailSubject,mailtext Response.write"<script>alert(""The Email has been send,Please check it. "");location.href=""index.asp?ID=Register"";</script>" response.End() else Response.write"<script>alert(""The Email does not exit"");location.href=""index.asp?ID=Register"";</script>" response.End() end if rs15.close set rs15=nothing conn.close set conn=nothing end if %> <style type="text/css"> <!-- .STYLE9 { font-size: 24px; font-weight: bold; font-family: Verdana, Arial, Helvetica, sans-serif; } .STYLE10 {color: #00a0e9} .STYLE11 {color: #00a0e9} a{ position:relative; text-decoration:none; color:#666666; } a:hover{ position:relative; text-decoration:underline; } --> </style> </head> <body style="background-color:#F1F1F1; margin:0 auto"> <table style="width:1200px; height:auto;margin:auto; background-color:#FFFFFF " cellpadding="0" cellspacing="0"> <tr> <td> <% Server.Execute("head.asp") %> </td> </tr> <tr style="margin:0 auto; padding:0;" > <td > </td> </tr> <tr> <td> <div id="contentdiv" style="width:1000px; z-index:-10; margin-top:1px"> <div style="float:left; width:199px;"> <% server.Execute("daohang.asp") %> </div> <div style="width:799px;float:left;"> <!--��Ʒչʾ --> <div align="center" style="width:999px; height:30px;float:left;" class="STYLE9 STYLE10"></div> <div style="width:999px;float:left;"> <div> <% if id="used" then server.Execute("useditem.asp") else server.Execute("allproduct.asp") end if %> </div> </div> </div> </td> </tr> <tr> <td> <div id="bottomdiv" style=" width:1200px; text-align:center"> <% server.Execute("bottom.asp") %> </div> </td> </tr> </table> </body> </html>