Encrypting Critical Data
After reading several articles on securing web applications, hackers can not only perform SQL injection attacks easily but can get hold of the information in the global.asa.
This really worries me because the connection string is stored in this file and it contains critical information such as uid and pwd. Most people suggested that we should encrypt this information but the solutions that are provided are all in ASP .NET. Does anyone know how to do this or is there any better and easier way?
View Replies
ADVERTISEMENT
For the register and login pages, etc (ie, any pages with forms), I'm wanting to encrypt the data using the basic form encryption method: Code:
enctype="multipart/form-data"
However, I have no idea how to get ASP to de-encrypt the data on the other side.
View Replies
View Related
Is this safe to store important/critical information in session objects by security point of view, like userID, or any primary key which I dont want users to see.
The scenario is, I'm using XMLHTTP, and server.Execute to include files' outputs dynamically. so I can't share any code variable with them, session is the only way I can share variables with.
View Replies
View Related
I use cookies on my website to store details such as the colour scheme, email and username though I do not want people editing this data so I need to encrypt the cookie due to data such as post counts being stored in this way.
View Replies
View Related
Our web site is hosted on our providers site where ASP is installed. On our
website, we generate an email containing personal data including credit card
info whenever someone orders a product on-line from us (we only do a
transaction per day avg.) Becuase the email contains credit card info, we
want to encrypt it. I have downloaded/installed and generated a private and
public key using GPG and have distributed the public key I generated to the
provider that is hosting our website. They have imported it onto their
system.
How can you generate an encrypted email using the public key on the
providers system , using ASP?
Currently we are simply generating a plain text email containing this data -
and this has to stop.
View Replies
View Related
tell me what is the best way to encrypt ASP code?
View Replies
View Related
Are using this practice? If yes which method are you using?
View Replies
View Related
I have done a search on this and it seems to be a topic of some interest (700) views, but has not been fully explained.
I have a page which validates a username and password and then, if both are correct, the applicantid is retrieved and passed by querystring using a response.redirect. Apparently it would be wise to encrypt the applicantid when passing it.
<% else
strApplicantID = rsPandU("ApplicantID")
'Response.Write strApplicantID - this works
Response.Redirect "memberarea.asp?id=" & strApplicantID
View Replies
View Related
I want to know how can I encrypt my ASP code using VBScript & also when I use JScript so that people who see the source of my file cannot read my ASP code.
View Replies
View Related
I have a website for our online store. Until now we have received payment through email, which we then run in our local store's Credit Card machine.
We want to move up from there. I have signed up for Paypal and that is easy.
We want to also be able to accept the CC info in our own website securely. We are not looking to actually run the Credit Card, we just want to get the information from the user and pass it on to ourselves in a secure manner, so that we can run the information locally on our Credit Card machine.
So, I guess, my questionj is not really about credit card's at all. Rather I am asking, how can I get a form's data sent to my computer 100% (or close to that) securely.
View Replies
View Related
I'm using DW MX 2004 to build an asp based eStore. I have a checkout page created with both the billing and shipping information in the same form. I'd like to add some code and a button to activate it to copy the code to the shipping info (but it can't submit form). Also the State choice is a drop down list based on a recordset. There are other behaviors attached.
View Replies
View Related
We are running into problems with the script below, whose purpose is to allow users to choose values from drop downs populated by an MS Access DB.
THE RESULTS:
(returns a blank page with only HTML Titles)
THE SCRIPT:
(you may notice this is a modified sample script): Code:
View Replies
View Related
Dreamweaver created code to update to data base. But when testing on website i get the following message. I have no clue what it might be.
Microsoft JET Database Engine error '80040e14'
Syntax error in UPDATE statement.
/admin/update.asp, line 111
line 11 is strName.execute
I read it might be forbiden characters in the data base field names or spaces...
but i don't have that. the names are userName, userLevel, ID, Password.
View Replies
View Related
This seems a very complicated task, so I welcome any
input. My boss wants a data grid or matrix of the top 6
orders with ordered items, and products, for a particular
customer and he wants to see it like this:
products down the left side
orders across the top
number of items under the respective order number column
across from the corresponding product.
I hope that makes sense.
I have three tables. Products, Orders, Orderitems. I
don't even know where to start. Many thanks in advance
for any input offered.
View Replies
View Related
how do i get data from a user on one page and display the result on the other page
actually i have written a prgoram that displays a set of checkboxes and based on the checkboxes selected the related data is displayed .but the problem is the data is displayed on the same page below the list of check boxes. Code:
View Replies
View Related
I have a form that has the option to upload a file at the bottom. If you select a file it works fine but if you leave file selection blank the forms bombs. This is not how I want it to work. On the form you need to use ENCTYPE="multipart/form-data" in the form tag.
On the processing page I need to use Set to assign a variable to the form data. I tried using IF on the variable assigned to the file path but it bombs out telling me "This function is not supported". Is there any other way I can check to see if curQes has a value assigned to it?
View Replies
View Related
how to call a csv file into a data array. I was told I can use :
csvArr = split(csvLine, ",")
So long as I have no embedded commas in any field. what Im not clear on is the syntax.
how do I call the csv into the script (so the script knows to use the csv)
View Replies
View Related
I only want to input the following information if it is not a zero length string. Any
ideas on how to do it?
Crate&Barrel = Request.Form("Crate&Barrel")
Crate&Barreladdress = Request.Form("Crate&Barreladdress")
View Replies
View Related
How can I display data from an XML file in ASP?I want to use an XML file instead of an Access or SQL database and would like to display this information the same as I would if I were using Access or SQL as the datasource.
View Replies
View Related
Can You Grab Data From Multiple Recordsets?I want to build a search page, but I have data in about 6 databases.
View Replies
View Related
how to add new data. i need to add new data after display the record from database. i click new button and the textbox will be empty. Wat is the code for add new data?
View Replies
View Related
i'm trying to figure out how to use the same page to get different output using .asp?id=.
I have a db table with 5 records & want to on my page to be able to with a listbox/menu be able to switch between these 5 records using the same page.
View Replies
View Related
I had write an asp file to get data from an xml named "data.xml" and below is the coding:
Dim xml
Set xml = Server.CreateObject("Microsoft.XMLDOM")
xml.async = False
xml.load (Server.MapPath("data.xml"))
Dim fText1, fText2
fText1 = xml.documentElement.childNodes(0).text
fText2 = xml.documentElement.childNodes(1).text
Set xml = Nothing
It's all Ok and can run. But my problem here is I want to call an xml file that I don't know its name (not "data.xml"). The xml file pass by the user who call my asp file. The user can pass the xml via anything for example asp or VB component. So I will not know exactly what the name of the xml file.
View Replies
View Related
the actual question is as follows:
i have setup a DSN called "pro"
now i have tables in this database
i m running oracle
if i were using MS Access i know how to insert new fields by using the
RS.Mode = adModeReadWrite
how do i do it for oracle? not just inserting data into tables but also what r the commands that i have to give in the asp code page so that i can even update( edit ) and delete records.
View Replies
View Related
I have a DB called users.mdb and it has the tables:
Myusers-
(fields) ID Name Password DOB Date joined
Messages-
(fields) ID Mailto Mailfrom Subject Content Postdate
I am trying to develop inbox.asp, how do i get it to display the mail for each articular user, and no one elses mail?
View Replies
View Related
some way to access to the content of the HTTP POST? Perhaps throw the request object or something similar to the $HTTP_RAW_POST_DATA gobal variable available in PHP.
View Replies
View Related
I am having a lot of problems with this, I am trying to create a pdf file from data submitted by the user via a form.
Once the details are in the PDF the file needs moving into the secure area of the site.
Anyone have a clue how to do this?
View Replies
View Related
i am trying to use AJAX to get XML data from 3rd party site and display on my site. it works in IE, but does not work in Mozilla. i want to find a method where i can do that.
View Replies
View Related
Is it possible to write out the contents of a database into an exel-type
spreadsheet within an asp page?
View Replies
View Related
I got a database with user and email in it. Now I want when a user logs into my page that it automaticly fills in the email into a email form. How can I do that in Asp.
View Replies
View Related
I want to fix this problem, i dont no how. Bassicly there is blank data appearing in my database, for no apparant reason! Code:
View Replies
View Related
anyone know any homepage that might help me to list the data out in a page. i wanna do it like in 2pages that one is going to be the one who maintain data. another one is to list all the data out from server...
View Replies
View Related
I have two tables having similiar columns ( i had to do this to compare the values given to me, because both the table data came from different sources)
The tables named are
OFFICERS
token
full_name
division
EMPLOYEE
token
full_name
division
Now the table EMPLOYEE contains more than 5000 records and the table OFFICERS contains around 2400 records which are already present in the EMPLOYEE table.
Now I want to build a query that will return me all the records in the EMPLOYEE table that are not present in the OFFICERS table. The criteria for comparing 'full_name'. so the query should return me 2600 records that are not present in the OFFICERS TABLE.
I tried doing this
" SELECT DISTINCT EMPLOYEE.full_name,EMPLOYEE.token,FROM EMPLOYEE,OFFICERS WHERE EMPLOYEE.full_name<> OFFICERS.full_name"
But this query returns me records that is not present in the OFFICERS table as well as some more 1000 records which are present in both tables.
thanks a lot
View Replies
View Related
