Webshell Akmal archtte id

Directory: C:\MyData\WWW\asc365\ <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=gb2312" /> <!--#include file="conn1.asp" --> <title>FAQ</title> <% UserEmail=session("UserEmail") UserId=session("UserId") questionid=request.QueryString("questionid") set rs4=server.createobject("adodb.recordset") sql4="select * from Question where id="&questionid&"" rs4.open sql4,conn,1,1 Tracking=rs4("tracking") subject=rs4("subject") content=rs4("content") createdate=rs4("creatdate") rs4.close set rs4=nothing 'if len(UserEmail)=0 then 'response.End() 'end if if request("action")="UpdateQuestion" then set rs5=server.CreateObject("adodb.recordset") rs5.Open "select * from Reply ",conn,1,3 content1=request.Form("content") rs5.addnew rs5("tracking")=Tracking rs5("replycontent")=content1 rs5("replytime")=now() rs5("userid")=UserId rs5("useremail")=UserEmail rs5("usertype")=1 rs5.update rs5.close set rs5=nothing set rs7=server.CreateObject("adodb.recordset") sql7="select * from Question where id="&questionid response.Write(sql7) rs7.Open "select * from Question where id="&questionid,conn,3,3 rs7("lastdate")=now() rs7("status")=0 response.Write("aaaaa") rs7.Update rs7.close set rs7=nothing conn.close set conn=nothing Response.Write("<script>alert('Update Successed');location.href='index.asp?ID=MyAsc365Reply&questionid="&questionid&"';</script>") end if %> <link href="css/thickbox.css" rel="stylesheet" type="text/css" /> <script type="text/javascript" src="js/jquery-1.4.4.min.js"></script> <script type="text/javascript" src="js/ThickBox/thickbox.js"></script> <style type="text/css"> <!-- .STYLE10 { font-family: Verdana; font-size: 16px; } --> </style> <script type="text/javascript"> function check() { if(document.add.content.value=="") { alert("Please write something first"); document.add.content.focus(); return false } return true; } </script> </head> <body> <div id="cms_main"> <table width="800px" id="main_content" border="0" cellpadding="0" cellspacing="0" style="margin-top:30px"> <tr> <td> <span class="STYLE10">Tracking Number:</span><span class="STYLE10"> <%=Tracking%></span> </td> </tr> <tr> <td> <span class="STYLE10">Subject:</span><span class="STYLE10"> <%response.Write(subject)%></span> </td> </tr> </table> <table width="100%" id="main_content1" border="1" style="margin-top:10px" cellpadding="1" cellspacing="0"> <tr class="content_title" height="40"> <td width="115"><strong>User</strong></td> <td width="530" style="text-align:center"><strong>Content</strong></td> </tr> <tr class="content_title" height="40"> <td width="115"><%response.Write(UserEmail)%></td> <td width="530"><%response.Write(content)%>(<%response.Write(createdate)%>)</td> </tr> <% set rs6=server.createobject("adodb.recordset") sql6="select * from Reply where tracking='"&tracking&"'" rs6.open sql6,conn,1,1 if rs6.eof and rs6.bof then else do while not rs6.eof if rs6("usertype")=1 then username=rs6("useremail") else username="admin" end if %> <tr class="content_title" height="40"> <td width="115"><%=response.Write(username)%></td> <td width="530"><%=rs6("replycontent")%></br>(<%=rs6("replytime")%>)</td> </tr> <% rs6.movenext loop rs6.close set rs6=nothing end if %> </table> </div> <div style="margin-top:20px"> <table width="100%" id="newtable" border="1" cellpadding="1" cellspacing="0"> <form id="form1" method="POST" action="?Action=UpdateQuestion&ID=MyAsc365Reply&questionid=<%=questionid%>" onSubmit="return check()"> <tr> <td width="100%" colspan="2"> <span style="color:#000000; font:Verdana; font-size:18px">update question </span></td> </tr> <tr> <td colspan="2"><textarea id="content" name="content" style="width:600px; height:100px"></textarea></td> </tr> <tr> <td colspan="2"><input style="margin-left:30px" type="submit" name="B2" value="submit" /></td> </tr> </form> </table> <% conn.close set conn=nothing %> </div> </body> </html>