I have a form on an .html page that I have a visitor submit the results from which redirects to an ASP script. The problem is the visitors are viewing the source of the page and going directly to the .asp file instead of filling out the form.
I'm trying to use the following script so the page can only be accessed if the user is sent from the form. If they try to access it directly, it will send them back to the page with the form. Here is what I'm using, but it keeps blocking access to the page wheter the form is filled out, or access directly:
If Request.Form("email") <> "Yes" Then
Response.Redirect "http://www.domain.com/form.asp"
End If
The client I'm working for has an internal website and an external website. They would like to combine the two into a single website. Basically, we own an IP domain and any requests to the site from an internal source will be made by a client with said domain. So I would like some content on the pages and some directories to block access if the requester does not have the correct ip.
They're running Windows Server 2K3 with ASP enabled. Now, I've already done something like this with php and .htaccess (basically I block any page content with php and block directory access, listing etc with .htaccess) but I'm really not sure how to go about it with this Microsoft stuff.
On my site holypal.com got about 100 ips of users from nigeria spamming, the coder installed a ban ip feature and I banned them one by one manually through admin panel, but then more are coming. Most of my members are from the us, also banning/blocking ips daily is a hassle as it goes to the mssql database and is blcoked from there, how to block all countries like nigeria and ivory coast at once. oh my site is using easycgi windows host, so I can not configure the server. so I didn't know if I can use .htaccess ?
we have a intranet project that we intend to develope ,basicly we like to prevent the users to logins with the same username to the system multiple times , now i really don't know what would be the best methods to control the users ( sessions , coockie , mac adderess ) , so i was thinking to open a mac address column inside the users table and limite the user by mac address machine ?
Is there a way to block an IP from entering a website on IIS? I do not have MOD-Rewrite and I have been told not to do this wih a PHP script. IS there a way in IIS?
Does anyone know of a way to disallow a user to refresh a certain page? I ask because I have a page that duplicates itself when it is refreshed and would prefer to not allow the user to refresh at all.
I run a web site that uses various forms to send email to customers. For example, I have a "Forgot your password?" script and a "Email this page" script.I've found out that when a user sends an email via my site to a Hotmail address, the email just "disappears." I'm assuming Hotmail is considering the email SPAM because it was send by my web server? The site uses ASP and I've tried using CDONTS and CDOSYS (which I specified a SMTP server for) and nothing seems to work for Hotmail.
A large portion of my customers user Hotmail, so banning it really isn't an option.Is there anything I can do to prevent Hotmail from blocking my site's emails?
I have a website I just built. On the index.asp page I have an employee login section. When the employee inputs his username and password he is redirected to www.mydomain.org/employees/employeesonly.asp. how do I go about making the employees/employeesonly.asp require a password if someone was to paste www.mydomain.org/employees/employeesonly.asp into their browser? The way it is set up now anyone can paste the url into their broowser and access the page.
I have a site using Access 2K and ASP. The site uses frames and the ASP page appears in between two of the frames; so I have a limited amount of space to present the DB information. I want the ASP page to have a restricted number of characters showing horizontally and to automatically wrap if the line limit is surpassed. Can this formatting be set in the ASP code for particular fields?
Also, I'd like to indent some of the data that's being pulled from the DB.
I am designing an app with multiple users. User 1 logs in and navigates to a Page 1 where a page template is modified. When modifications are over User 1 saves the page and logs out of the system.
I need to block access to every other user to Page 1 until User 1 "releases" the page. At the moment I am using a field on my Access DB called locked that I set when any user enters Page 1, and upon saving locked field is cleared... Is there a more efficient way to do this?
Suppose I have one website www.mywebsite.com and I have one page in this sitte "myrestrictedpage.asp".
The page "myrestrictedpage.asp" should NOT be accesible from the hosted website (www.mywebsite.com) instead of that the page can only be accessible only from : 1) www.OtherWeb1.com/welcomeuser.asp 2) www.OtherWeb5.com/
how to open a mde file from a web page (asp,html,shtml,apsx) ? I know there is a security setting that don't allows web server to run/launch executable files but can it be turned off.
Supressing the "Save password" prompt: Are there any good approaches to keeping a password from being stored client-side if auto-fill is on? Ideally I'd like to supress the prompt. The only other option I can find is to use a timestamp as part of the form name and pass it (the name as well as the value) in a hidden field to the login script.
Unique concurrent logins: Are there any good ways to prevent userX from being logged in from 3 different locations simultaneously? -I can code for a 'logged in / out" field, but that relies on the user actually login out. And if I use a variation of the "who's online" approach the user may have to wait until the seeion expires befor logging in again (suppose thier net connection dropped for a moment and they need to get back online) - At least I think this assumption is correct.
I use the windows 2003 server with IIS 6 and my web pages are created with ASP script.I am trying to block some web pages (not all) that is created only for internal users like an intraweb.To do this, how can i control it and how should i block to prevent access from external users.
I have a problem with an asp page:some users get the error:Bad Request(Request Header Too Long) when accesing the page with IE (IE6) , but the same users can access the page using Mozilla Firefox...
I developed an ASP page which has 2 input fields- First Name and Last Name.I used Access 2002 as database. Once I click the Submit button,
it has to perform 3 tasks----- 1) It has to update the First Name and Last Name in the MS-Access database in their corresponding fields. 2) It has to go to the Home Page(which I already did) 3) It has to update the date/time in the "Time" field in the MS-Access database.
The following is the code I wrote to connect to the database and update the fields in the Access table---
<% set MyConn = Server.CreateObject("ADODB.Connection") set rs = Server.CreateObject("ADODB.RecordSet") MyConn.Open "driver={Microsoft Access Driver
(*.mdb)};;DBQ=c:/documents and
settings/adcguest/desktop/webpage_html ewsecurity.mdb;" rs.Open sqlqry,MyConn,2,2 rs.AddNew rs("firstname") = first name rs("lastname") = last name rs.update
rs.close myconn.close %>
Can somebody please help me in figuringout if I am missing something.
Does anyone know how to access a WORD document using ASP? I have a few users that fill in fields in a WORD document and I need to be able to open that document and read these fields once the document is uploaded to my web server.
I've created a db field with Memo type, and I have stored some text with carriage returns (no html) So the 3 words start on a differnt line. In access this displays correctly ( each word starts on a new line). However when I display these on a web page all the words appear on the same line.
I need the words to be displayed on a seperate line.
I have created a asp project local.and have created a access database local. Iam trying to use the access database from the asp page. But It is not accessing the database file.
once i changed the rights of the access file and checked it.It inserted the records.And after some time, iam not able to access it.some times it accesses and some times it doesnt.
I wrote a script to compact my access databases from my admin section. Everything is working except I get this error:
Provider error '80040e4d'
Authentication failed.
Is their some reason the JRO.JetEngine needs authentication? I don't have direct access to this server and was wondering how to get around this problem or how to fix it. It fails when this link is run:
None of the databases have a username or password. Would I have to have the host company setup an account for this action to take place? And why could I do everything except compact the database? Is their a vulnerability issue when accessing this function?
I got this message ' HTTP 403.9 - Access Forbidden: Too many users are connected Internet Information Services' on my testing page , I'm doing an ASP e-commerce website. I am not sure whats wrong. i am running on Windows Xp using IIS version 5.1 . how can rectify this problem? would really appreciate cos I cant seem to solve it.
I'm using sql server 2000 database and trying to access it using asp. when i installed sql server, i selected the mixed mode of authentication(windows and sql server). Code:
we have web users that have requested the web application access an existing excel spreadsheet directly.
Users have an excle spreadsheet with complex functions, macros, formatting etc. They have data in the database that is accessed via a web applciation. They would like to use the web app to get the data they want on screen and then click a button to get that data and put it into specifc cells in the spreadsheet. is this possible?
strSQL="SELECT * FROM MyTable;" rsSet.Open strSQL, adoCon ...do some stuff... rsSet.Close adoCon.Close
Set rsSet=Nothing Set adoCon=Nothing
I have a couple queries stored in the database that I use when in MS Access. Can I call these queries instead of using a string to specify the SQL command?
The above seems kind of verbose for making use of a database. Can it be simplified at all?
Unless you declared those session variables earlier, they have no data in them. Assuming this information is coming from a form, try using request.form("fieldname") instead of the session variables.
If this doesn't address your problem, give more detail about what "isn't working"
I am trying to establish a connection in Dreamweaver MX 2004 and an Access database for a log in ASP page, but keep getting an error. I am trying to establish "Custom Connection String" and here's what I type into the boxes that pop up:
1) CONNECTION NAME: ConnectToMyDB (I know, here I can put anything) 2) CONNECTION STING: Provider=Microsoft.Jet.OLEDB.4.0; Data Source=C:Documents_and_SettingsJohn_SmithMy_Doc umentsJohnsSitedbJohnsWeb.mdb;
(tried with and without quotes around this)
3) Dreamweaver should connect: Using driver on Testing server
4) When I hit "TEST" I get an error "An unidentified error has occurred"
I am using Windows 2000. The database is in a db folder in the my defined site (moved it there). Is it the path I am typing in Dweaver or my Win2000 settings?
Hope someone can tell me what I am doing wrong. Is it my path to the database?
I have a page which works fine testing locally on my win XP PC, using an access database file. When I place it on the server (all code and database file being the same)... it gives an SQL error :
Error Type: Microsoft OLE DB Provider for ODBC Drivers (0x80040E10) [Microsoft][ODBC Microsoft Access Driver] Too few parameters. Expected 2
