[Javascript] Permision Denied error - reg
Jai Sankar N
pnjaisan at yahoo.com
Wed Sep 21 07:00:13 CDT 2005
Sir,
i'm developing dynamic website for our university. i have small editor for update the data's through website. it's working fine but when i try to using format like as bold, italic ... while give permision denied error in status bar but that data successfuly stored in database. in same time when i insert image, the same error occur and image is not store in specified folder.
i give's permision(IUSR_<servername>, IWAM_<servername>, Guest and all system users with FULL Control and SCRRUN.DLL file also) for my relative and absolute folder.
but same error occur.
this is a my code
<!--#include file="../library/include/source.asp"-->
<%if(session("user")<>"")then
Set fileobject = Server.CreateObject("Scripting.FileSystemObject")
set scriptobject=server.CreateObject("scripting.filesystemobject")
set scriptobject1=server.CreateObject("scripting.filesystemobject")
set rs_temp=server.CreateObject("adodb.recordset")
set rs_tempbot=server.CreateObject("adodb.recordset")
fld_nm="/Common"
createfolder(fld_nm)
fld_nm="/Common\Images"
createfolder(fld_nm)
img_ref_fldnm="/Common\Temp"
'lkcode=1----------About university
'lkcode=2----------Trust
'lkcode=3----------Exam&Result
'lkcode=4----------Online
'lkcode=5----------Webmail
if request.QueryString("lkcode")=1 then
ph_ref="About"
Com=1
val="About VMRF - Deemed University "
elseif request.QueryString("lkcode")=2 then
ph_ref="Trust"
Com=2
val="About Trust"
elseif request.QueryString("lkcode")=3 then
ph_ref="Exams"
Com=11
val="Examinations And Results"
elseif request.QueryString("lkcode")=4 then
ph_ref="Online"
Com=14
val="Online Programs"
elseif request.QueryString("lkcode")=5 then
ph_ref="Webmail"
Com=15
val="WEBMAIL"
end if
if request.QueryString("fw")="ls" then
rs_temp.open "select * from cont_type where lk_code_in="&request.QueryString("lkcode"),con,2,2
if rs_temp.eof then
response.Redirect("un_com_det.asp?fw=nw&Com="&Com&"&lkcode="&request.QueryString("lkcode"))
end if
elseif request.QueryString("fw")="sv" then
rs_temp.Open "select max(t1_code_in) from cont_type",con,2,2
if rs_temp.Fields (0)>0 then
inc=rs_temp.Fields(0)+1
else
inc=1
end if
rs_temp.Close
ref_ref=0 'this is for increment var for image count. like ..0,1,2,3,4,..etc.
quizpath=""
if(not Request.Cookies("ref")="")then
'set scriptobject=server.CreateObject("scripting.filesystemobject")
if scriptobject.FolderExists (server.MapPath (img_ref_fldnm)) then
set img_det=ScriptObject.GetFolder(server.MapPath(img_ref_fldnm))
for each img_name in img_det.files
final_val=split(img_name,"\")
value=split(final_val(ubound(final_val)),".")
val_ref=split(value(ubound(value)-1),"_")
img_value_ref=""
for idx_idx=0 to ubound(val_ref)-1
if img_value_ref="" then
img_value_ref=val_ref(idx_idx)
else
img_value_ref=img_value_ref&"_"&val_ref(idx_idx)
end if
next
if img_value_ref=ph_ref&"_"&trim(Request.Cookies("ref")) then
scriptobject.CopyFile server.MapPath(img_ref_fldnm&"\"&final_val(ubound(final_val))),server.MapPath(fld_nm&"\"&final_val(ubound(final_val)))
scriptobject.DeleteFile server.MapPath(img_ref_fldnm&"\"&final_val(ubound(final_val)))
end if
next
end if
end if
Response.Cookies("ref")=""
rs_temp.open "select * from cont_type",con,2,2
rs_temp.addnew
rs_temp.fields("t1_code_in")=inc
rs_temp.fields("lk_code_in")=request.QueryString("lkcode")
'rs_temp.fields("t1_desc_nt")=getText(Request.Form("Description1"),Request.Form("images"),inc,ph_ref,fld_nm)
rs_temp.fields("t1_desc_nt")=Request.Form("Description")
rs_temp.fields("t1_date_vc")=cstr(date)
rs_temp.update
response.Redirect("un_com_det.asp?fw=ls&sv=ok&Com="&Com&"&name="&request.Form("title_rcp")&"&lkcode="&request.QueryString("lkcode"))
elseif request.QueryString("fw")="edsv" then
if not Request.Form("images")="" then
img=split(Request.Form("images"),",")
for idx=0 to ubound(img)
img_ref=split(img(idx),"/")
allow=false
value=""
for idx1=0 to ubound(img_ref)-1
if allow=true then
if value="" then
value=img_ref(idx1)
else
value=value&"/"&img_ref(idx1)
end if
end if
Response.Write(value)
if Request.ServerVariables("HTTP_HOST")=img_ref(idx1) then
allow=true
end if
next
if allow=true then
value=value&"/"&ph_ref&"_"&Request.QueryString ("edcode")&"_"&img_ref(ubound(img_ref))
if ScriptObject.FileExists (server.MapPath (value)) then
scriptobject.CopyFile server.MapPath(value),server.MapPath(fld_nm&"/"&ph_ref&"_"&Request.QueryString ("edcode")&"_"&img_ref(ubound(img_ref)))
end if
end if
next
end if
if(not Request.Cookies("ref")="")then
if scriptobject.FolderExists (server.MapPath (img_ref_fldnm)) then
set img_det=ScriptObject.GetFolder(server.MapPath(img_ref_fldnm))
for each img_name in img_det.files
img_ref=split(img_name,"\")
if ScriptObject.FileExists (server.MapPath (img_ref_fldnm&"\"&img_ref(ubound(img_ref)))) then
if scriptobject.FolderExists (server.MapPath (fld_nm)) then
set img_det1=ScriptObject1.GetFolder(server.MapPath(fld_nm))
for each img_name1 in img_det1.files
img_ref1=split(img_name1,"\")
img_ext=split(img_ref1(ubound(img_ref1)),".")
img_snd=split(mid(img_ref(ubound(img_ref)),instr(1,img_ref(ubound(img_ref)),"_")+1),".")
if cstr(img_ext(ubound(img_ext)-1))=cstr(img_snd(ubound(img_snd)-1)) then
scriptobject1.DeleteFile server.MapPath(fld_nm&"\"&img_ref1(ubound(img_ref1)))
end if
next
end if
scriptobject.CopyFile server.MapPath(img_ref_fldnm&"\"&img_ref(ubound(img_ref))),server.MapPath(fld_nm&"\"&img_ref(ubound(img_ref)))
scriptobject.DeleteFile server.MapPath(img_ref_fldnm&"\"&img_ref(ubound(img_ref)))
end if
next
end if
end if
set scriptobject1=nothing
Response.Cookies("ref")=""
rs_temp.open "select * from cont_type where lk_code_in="&request.QueryString("lkcode"),con,2,2
rs_temp.fields("t1_desc_nt")=getText(request.Form("Description"),Request.Form("images"),Request.QueryString("edcode"),ph_ref,fld_nm)
rs_temp.fields("t1_mdate_vc")=cstr(date)
rs_temp.update
response.Redirect("un_com_det.asp?fw=ls&Com="&Com&"&sv=up&name="&request.Form("title_rcp")&"&lkcode="&request.QueryString("lkcode"))
elseif request.QueryString("fw")="dl" then
set img_det=ScriptObject.GetFolder(server.MapPath(fld_nm))
for each img_name in img_det.files
final_val=split(img_name,"\")
value=split(final_val(ubound(final_val)),".")
val_ref=split(value(ubound(value)-1),"_")
img_value_ref=""
for idx_idx=0 to ubound(val_ref)-1
if img_value_ref="" then
img_value_ref=val_ref(idx_idx)
else
img_value_ref=img_value_ref&"_"&val_ref(idx_idx)
end if
next
if img_value_ref="ConPhoto_"&trim(Request.QueryString("dlcode")) then
ScriptObject.DeleteFile (server.MapPath (fld_nm&"\"&final_val(ubound(final_val))))
end if
next
con.execute "delete from cont_type where lk_code_in="&Request.QueryString("lkcode")
response.Redirect("un_com_det.asp?fw=nw&sv=dok&Com="&Com&"&&name="&name&"&lkcode="&request.QueryString("lkcode"))
set scriptobject=nothing
end if
%>
<html>
<head>
<title><%=prj_tle%>&<%=mPath%></title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<link href="/Library/css/mystyle.css" rel="stylesheet" type="text/css">
<script language="JavaScript" src="/Library/scripts/myscript.js"></script>
<script language="JavaScript" src="/Library/scripts/validation.js"></script>
<script language="JavaScript" src="/Library/scripts/addMore.js"></script>
<script language="JavaScript" src="/Library/scripts/Editor.js"></script>
<script language="JavaScript">
<!--
scrn_chk()
//-->
</script>
<script language="JavaScript">
<!--
function MM_reloadPage(init) { //reloads the window if Nav4 resized
if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) {
document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }}
else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload();
}
MM_reloadPage(true);
// -->
</script>
<script language="javascript">
function valid()
{
var allow=validation(document.frm);
if (allow==true)
{
if(Description.document.body.innerText=="")
{
alert("Sorry, Without Description sadfsdyou can't process further");
Description1.focus();
return false;
}
else
{
document.frm.Description.value=Description1.document.body.innerHTML;
document.frm.images.value=imgCount(Description1);
}
return true;
}
else
return false;
}
function dl_confirm(file_ref)
{
if(confirm("Are you sure want to delete this Template.\n\nClick Ok to delete the Template.\n\nClick Cancel to drop the process."))
{
window.location=file_ref;
}
}
function list(file_ref)
{
window.location.href=file_ref
}
</script>
</head>
<%if (Request.QueryString ("fw")="nw") then%>
<body bgcolor="#FFFFFF" text="#000000" leftmargin="0" topmargin="0" marginwidth="0" marginheight="0" onLoad="Description1.focus();">
<%elseif (Request.QueryString ("fw")="ed") then%>
<body bgcolor="#FFFFFF" text="#000000" leftmargin="0" topmargin="0" marginwidth="0" marginheight="0" onLoad="Description1.focus();">
<%else%>
<body bgcolor="#FFFFFF" text="#000000" leftmargin="0" topmargin="0" marginwidth="0" marginheight="0">
<%end if%>
<table width="100%" border="0" cellspacing="0" cellpadding="0" height="100%">
<%if (Request.QueryString ("fw")="ls") then%>
<tr><td align=left valign="top" class="cont">
<p class="hding"> <%=val%></p>
<fieldset name="nwfieldset" value="" style='margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 10px; padding-right: 10px; padding-bottom: 10px; padding-left: 10px; border-color: #D2D2D2 #D2D2D2 #D2D2D2 #D2D2D2; border-style: solid; border-top-width: 1px; border-right-width: 1px; border-bottom-width: 1px; border-left-width: 1px;width:100%;height:90%;'>
<table border=0 width=100% cellpadding=2 cellspacing=2 height="100%" >
<tr><td valign="top" align="center" height="100%">
<table border=0 width=100% cellpadding=2 cellspacing=2>
<tr><td valign="top" align="center" class="big" >
<p><b><%
if (request.QueryString("sv")="ok") then
response.Write("<font color=red>Your Template details saved successfully.</font>")
elseif (request.QueryString("sv")="up") then
response.Write("<font color=red>Your Template details updated successfully.</font>")
elseif (request.QueryString("sv")="dok") then
response.Write("<font color=red>Your Template details deleted successfully.</font>")
end if
%></b></p></td></tr>
<tr><td class=big><%=rs_temp.fields("t1_desc_nt")%></td></tr>
<tr><td class=big></td></tr>
<tr><td class=big></td></tr>
<tr><td class=big align=center>
<%
ref="un_com_det.asp?fw=dl&Com="&Com&"&&dlcode="&rs_temp(0)&"&lkcode="&request.QueryString("lkcode")
%>
<a href="un_com_det.asp?fw=ed&Com=<%=Com%>&edcode=<%=rs_temp(0)%>&lkcode=<%=request.QueryString("lkcode")%>"><img border=0 src='/Library\images\edit2.gif' alt='Edit'></a></font> <font class=text><a href="javascript:dl_confirm('<%=ref%>')"><img src='/Library\images\delete2.gif' border=0 alt=' Delete '></a>
</td></tr>
</table>
</td></tr>
</table>
</fieldset>
</td></tr>
<%elseif (Request.QueryString ("fw")="nw") then%>
<tr><td align=left valign="top" class="cont">
<%
rs_temp.Open "select max(t1_code_in) from cont_type",con,2,2
if rs_temp.Fields (0)>0 then
inc_cook=rs_temp.Fields(0)+1
else
inc_cook=1
end if
rs_temp.close()
Response.Cookies ("ref")=inc_cook
%>
<p class="hding"> <%=val%></p>
<fieldset name="nwfieldset" value="" style='margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 10px; padding-right: 10px; padding-bottom: 10px; padding-left: 10px; border-color: #D2D2D2 #D2D2D2 #D2D2D2 #D2D2D2; border-style: solid; border-top-width: 1px; border-right-width: 1px; border-bottom-width: 1px; border-left-width: 1px;width:100%;height:90%;'>
<table border=0 width=100% cellpadding=2 cellspacing=2 height="100%">
<tr><td valign="top" align="center" class="big">
<table border=0 width=100% cellpadding=2 cellspacing=2>
<tr><td valign="top" align="center" class="big" >
<p><b><%
if (request.QueryString("sv")="dok") then
response.Write("<font color=red>"&ucase(request.QueryString("name"))&" deleted successfully.</font>")
end if
%></b></p>
</td></tr>
<tr><td valign="top" height="100%">
<table border=0 width=100% cellpadding=2 cellspacing=2 bgcolor="<%=colorcode2%>">
<form width=50 name="frm" method="post" action="un_com_det.asp?fw=sv&Com=<%=Com%>&lkcode=<%=request.QueryString("lkcode")%>">
<tr><td class=bold colspan=2 align=left bgcolor='<%=colorcode1%>'>Description</td></tr>
<tr><td class=bold colspan=2 align=left></td></tr>
<tr><td width="50%" align=center colspan=2><%=RTAToolBar%></td></tr>
<tr><td align=left colspan=2>
<table align='center' width='100%' height='200' border='1' cellspacing='0' cellpadding='0' bgcolor='#fdfeff' bordercolor='#000000' bordercolordark='#fdfeff'>
<tr><td valign='center' align=left>
<IFRAME ID='Description1' name='Description1' width='100%' height='300' onfocus='setVar(Description1,20,1)' src='iframedefault.html' MARGINHEIGHT=0 MARGINWIDTH=0 frameborder=0></IFRAME>
</td></tr>
</table>
<INPUT type="hidden" id="Description" name="Description" size="100">
</td></tr>
<INPUT type="hidden" id="images" name="images" size="100">
<tr bgcolor="<%=colorcode1%>"><td height="20" align="center" colspan="2">
<input type="submit" class="submitbut" name="Submit" value="Submit" onClick="return valid();">
<input type="reset" name="Reset" value="Reset" class="submitbut">
</td></tr>
</form>
</table>
</table>
</td></tr>
</fieldset>
</td></tr>
<%elseif (Request.QueryString ("fw")="ed") then%>
<tr><td align="left" valign="top" class="cont">
<%rs_temp.open "select * from cont_type where lk_code_in="&request.QueryString("lkcode"),con,2,2
set myfile=fileobject.CreateTextFile(server.MapPath("/Common\Disp\Content.html"),true)
myfile.write("<html><body topmargin=0 leftmargin=0 marginwidth=0 marginheight=0>"&rs_temp("t1_desc_nt")&"</body></html>")
myfile.close()
Response.Cookies ("ref")=Request.QueryString("edcode")%>
<p class="hding"> <%=val%></p>
<fieldset name="nwfieldset" value="" style='margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 10px; padding-right: 10px; padding-bottom: 10px; padding-left: 10px; border-color: #D2D2D2 #D2D2D2 #D2D2D2 #D2D2D2; border-style: solid; border-top-width: 1px; border-right-width: 1px; border-bottom-width: 1px; border-left-width: 1px;width:100%;height:90%;'>
<table border=0 width=100% cellpadding=2 cellspacing=2 height="100%">
<tr><td valign="top" height="100%">
<table border=0 width=100% cellpadding=2 cellspacing=2 bgcolor="<%=colorcode2%>">
<form name="frm" method="post" action="un_com_det.asp?fw=edsv&Com=<%=Com%>&edcode=<%=request.QueryString("edcode")%>&lkcode=<%=request.QueryString("lkcode")%>">
<tr><td width='25%' class=bold colspan=2 align=left bgcolor='<%=colorcode1%>'>Description</td></tr>
<tr><td width='25%' class=bold colspan=2 align=left></td></tr>
<tr><td align=center colspan=2><%=RTAToolBar%></td></tr>
<tr><td align=left colspan=2>
<table align='center' width='100%' height='300' border='1' cellspacing='0' cellpadding='0' bgcolor='#fdfeff' bordercolor='#000000' bordercolordark='#fdfeff'>
<tr><td valign='center' align=left>
<IFRAME ID='Description1' name='Description1' width='100%' height='300' onfocus='setVar(Description1,20,1)' src='/Common\Disp\Content.html' MARGINHEIGHT=0 MARGINWIDTH=0 frameborder=0></IFRAME>
</td></tr>
</table>
<INPUT type="hidden" id="Description" name="Description" size="100">
</td></tr>
<INPUT type="hidden" id="images" name="images" size=100>
<tr bgcolor='<%=colorcode1%>'><td height="20" align="center">
<input type="submit" name="Submit" value=" Update " onClick="return valid();" class='submitbut'>
<input type="reset" name="Reset" value="Reset" class='submitbut'>
<%
file_ref="un_com_det.asp?fw=ls&Com="&Com&"&lkcode="&request.QueryString("lkcode")
Response.Write("<INPUT name='submit' class='submitbut' type='button' value=' View ' onclick=list('"&file_ref&"')>")
%>
</td></tr>
</form>
</table>
</td></tr>
</fieldset>
</td></tr>
<%end if%>
</table>
</body>
</html>
<%else
Response.Redirect ("unauth.asp")
end if%>
sorry for inconvenience...
pls reply me..
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.evolt.org/pipermail/javascript/attachments/20050921/ebafbd98/attachment.htm>
More information about the Javascript
mailing list