Webshell Akmal archtte id

Directory: C:\MyData\WWW\asc365\ <!--#include file="include/Mailsmtp.asp" --> <style type="text/css"> <!-- .STYLE1 { font-size: 16px; font-weight: bold; color: #000000; font-family: Verdana, Arial, Helvetica, sans-serif; } .STYLE4 { font-size: 18px; color:#000000; font-weight: bold; } .STYLE5 { font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 16px; } .STYLE7 {color: #000000} .STYLE8 {font-size: 16px; } .STYLE9 {color:#000000; font-size: 18px;} .STYLE11 {font-family: Verdana, Arial, Helvetica, sans-serif} --> a{ text-decoration:none; } #newtable tr{ height:50px; } #newtable tr td.tit{ text-align:center; width:100px; } #newtable tr td.val{ text-align:center; width:600px; } </style> <script type="text/javascript"> window.onload = function () { var tb = document.getElementById("main_content"); //var tbody = tb.getElementsByTagName("tbody")[0]; var trs = tb.getElementsByTagName("tr"); for (var i = 0; i < trs.length; i++) { if (i % 2 == 0) { trs[i].style.backgroundColor = "#f2f2f2"; } } }; </script> <div style="margin-top:10px; text-align:center" class="STYLE4"> My Message </div> <div id="cms_main" style="margin-top:10px"> <table width="800" id="main_content" border="0" cellpadding="0" cellspacing="0"> <tr class="content_title" height="40"> <td width="155"><div align="center"><strong>Date Created</strong></div></td> <td width="115"><div align="center"><strong>Tracking</strong></div></td> <td width="530" style="text-align:center"><strong>Subject</strong></td> <td width="165"><div align="center"><strong>Last update </strong></div></td> <td width="132"><div align="center"><strong>Status</strong></div></td> </tr> <% Thispage ="http://" & Request.ServerVariables("SERVER_NAME")& Request.ServerVariables("URL") Dim SS(1000,6) UserEmail=session("UserEmail") Set Page = new Cls_Page '�������� Set Page.Conn = conn '�õ����ݿ����Ӷ��� With Page .PageSize = 10 'ÿҳ��¼���� .PageParm = "page" 'ҳ���� '.PageIndex = 10 '��ǰҳ����ѡ������һ�������ɾ�̬ʱ��Ҫ .Database = "ac" '���ݿ�����,ACΪaccess,MSSQLΪsqlserver2000�洢���̰�,MYSQLΪmysql,PGSQLΪPostGreSql .Pkey="id" '���� .Field="id,tracking,subject,content,creatdate,lastdate,status,userid,useremail" '�ֶ� .Table="Question" '���� .Condition="useremail='"&UserEmail&"'" '����,����Ҫwhere .OrderBy="creatdate desc" '����,����Ҫorder by,��Ҫasc����desc .RecordCount = 0 '�ܼ�¼���������ⲿ��ֵ��0�����棨�ʺ���������-1��Ϊsession��-2��Ϊcookies��-3��Ϊapplacation .NumericJump = 5 '��������ҳ��������ѡ������Ĭ��Ϊ3������Ϊ��ת������0Ϊ��ʾ���� .Template = "<div class=""page_list""><div class=""list_info"">{$FirstPage}{$PreviousPage}{$NumericPage}{$NextPage}{$LastPage}</div></div>" '����ģ�壬��ѡ��������Ĭ��ֵ .FirstPage = "&nbsp;&lt;&lt;&nbsp;" '��ѡ��������Ĭ��ֵ '.FirstPage = "��ҳ" .PreviousPage = "&nbsp;&lt;&nbsp;" '��ѡ��������Ĭ��ֵ '.PreviousPage = "��һҳ" .NextPage = "&nbsp;&gt;&nbsp;" '��ѡ��������Ĭ��ֵ '.NextPage = "��һҳ" .LastPage = "&nbsp;&gt;&gt;&nbsp;" '��ѡ��������Ĭ��ֵ '.LastPage = "βҳ" .NumericPage = "{$PageNum}" '���ַ�ҳ����ģ�壬��ѡ��������Ĭ��ֵ End With rs = Page.ResultSet() '��¼�� 'rc = Page.RowCount() '��ѡ������ܼ�¼�� nav = Page.Nav() '��ҳ��ʽ %> <% If IsNull(rs) Then %> <tr> <td colspan="5" align="center" class="content_list">No Message</td> </tr> <% Else For i=0 To Ubound(rs,2) %> <tr> <td><%=rs(4,i)%></td> <td height="43"><%=rs(1,i)%></td> <td align="left"><a href="myaccount.asp?ID=MyAsc365Reply&questionid=<%=rs(0,i)%>&tracking=<%=rs(1,i)%>" target="_blank"><font style="color:#e4007e"><%=rs(2,i)%></font></a></td> <td><%=rs(5,i)%></td> <% state1=rs(6,i) if state1=0 then %> <td> Need Reply </td> <% else %> <td> Replied </td> <% end if %> </tr> <% next end if %> </table> <%Response.Write nav%> </div> <div style="margin-top:20px"> <table width="800px" id="newtable" border="0" cellpadding="0" cellspacing="0"> <form id="form1" method="POST" action="myaccount.asp?id=MyAsc365FAQ&Action=AddQuestion"> <tr> <td colspan="2"> <span class="STYLE1">Creat a new question </span></td> </tr> <tr> <td>Email Address</td><td><input type="text" style="width:600px; height:20px;" name="email" <%if len(trim(session("UserEmail"))) <> 0 then%> onfocus="this.blur()" <%end if%> value='<%=session("UserEmail")%>' /></td> </tr> <tr> <td class="tit">Subject</td> <td class="val"> <input type="text" id="subject" name="subject" style="width:600px; height:20px;" size="70" /> </td> </tr> <tr> <td class="tit">Specific Questions</td> <td class="val"><textarea id="content" name="content" style="width:600px; height:200px;"></textarea></td> </tr> <tr> <td colspan="2"><input style="margin-left:30px" type="submit" name="B2" value="submit" /></td> </tr> </form> </table> <% Dim id_max id_max = 0 action = request.QueryString("Action") set rsaddque = server.CreateObject("adodb.recordset") sqladdque = "select ID from Question order by id desc" rsaddque.open sqladdque,conn,1,1 if not rsaddque.eof then id_max = rsaddque("ID") rsaddque.close sqladdque = "select * from Question" rsaddque.open sqladdque,conn,1,3 if action = "AddQuestion" then if len(trim(Request.Form("email"))) = 0 or len(trim(Request.Form("subject"))) = 0 or len(trim(Request.Form("content"))) = 0 or len(trim(Request.Form("content")))*1 > 1000 then if len(trim(Request.Form("email"))) = 0 then response.write("<font color='red'>Please input your Email.</font></br>") if len(trim(Request.Form("subject"))) = 0 then response.write("<font color='red'>Please input your Subject.</font></br>") if len(trim(Request.Form("content"))) = 0 then response.write("<font color='red'>Please input your Question.</font></br>") if len(trim(Request.Form("content")))*1 > 1000 then response.write("<font color='red'>Your question is too long.</font></br>") else rsaddque.addnew rsaddque("userid") = session("UserId") rsaddque("useremail") = Request.Form("email") rsaddque("subject") = Request.Form("subject") rsaddque("content") = Request.Form("content") rsaddque("creatdate") = now rsaddque("lastdate") = now 'If IsNull(rs) = false Then ' temp=rs(0,0)*1+1 'else temp = id_max * 1 + 1 'end if rsaddque("tracking") = Right("00000" & temp, 6) rsaddque("status") = 0 rsaddque.update '******************** WW = "<table border='0' width='95%' style='table-layout:fixed;border-collapse: collapse' algin='left'>" WW = WW& "<tr bgcolor='#F2F2F2' align='left' height='20'>" &"<td><span>"& Request.Form("email") &"</span><span style='float:right;'>" & now &"</span></td></tr>"&"<tr bgcolor='#FFFFFF' align='left' height='30'><td style='table-layout:fixed; clear:both;word-break:break-all;color:#000000'>"& Request.Form("content") & "</td></tr>" WW = WW & "</table>" 'set newmail=server.CreateObject("cdonts.newmail") ' 'newmail.From=Request.Form("email") '����������ʽ���ͣ��˷�������ͨ������˱��������֤ 'newmail.value("Reply-To")=Request.Form("email") 'Ĭ�ϻظ���ַ���������ύ�ĵ�ַ�������ⱻ�ظ���"webmaster@www.yourdomain.com" ''newmail.To ="asc365web@asc365.com" '��ҵ�ʾ��ռ��˵�ַ asc365web 'newmail.To ="asc3652014@hotmail.com" '��ҵ�ʾ��ռ��˵�ַ asc365web 'newmail.Subject= Right("00000"&temp, 6) &"_"& Request.Form("subject") 'newmail.Body = WW 'newmail.BodyFormat =0 'newmail.MailFormat =0 'newmail.Send 'set newmail=nothing MailFrom = Request.Form("email") MailTo = "website@eezglobal.com" MailSubject = Right("00000"&temp, 6) &"_"& Request.Form("subject") mailtext = "<html><body>" & WW & "</body></html>" MySendEmail MailFrom,MailTo,MailSubject,mailtext response.Write("<script type=""text/javascript"">alert('Message Success');top.location.href='myaccount.asp?id=MyAsc365FAQ';</script>") end if end if rsaddque.close set rsaddque = nothing %> </div>