File Level Secuirty
I have made sufficent pages for our site and same have been in use in our LAN since long.
Now my company has asked me to put the same on web and we are buying a domain for the same.
However I am worried for a file level security. When the output comes in asp from cod below: Code:
Response.Write("<td><a href=Documents" & adorst("ProjectNo") & "/" & adorst("Client Drg No") & ".pdf target=NEW>" & adorst("Client Drg No") & "</a></td>")
We can simply open a file from our server's folder. Even if someone knows the full path, he can simply open file. Even someone expert can delete pdf file also.
View Replies
ADVERTISEMENT
On our IIS 5 windows 2000 web server we have many .asp's.most of which (When right clicked / security tab / edit authentication) are
using Integrated Windows Authentication.
Is there an easy way to check ALL of them? Some of the pages require a
higher level of security (Our password reset page for example) and I am just
auditing everything and want to make sure that only the few pages that
require it are using the elevated security level. (By the way this is
accomplished by using anonymous access with a domain account that is
'elevated'...
I hate right clicking on 1000 different .asps to see the file / directory
level authentication methods... is there an easy way to do this? Maybe
through resource kit command line tools or some meta edit type tool
View Replies
View Related
It has been said that When attempting to load an XML file saved as UTF-7 (a transfer encoding format for Unicode), the XML parser in Internet Explorer generates the following error message: Invalid at the top level of the document. The same error also occurs when using the MSXML parser from server-side or client-side script.
I am getting this error when I use MSXML 3.0 as reference in a VB DLL function called by a ASP file.
View Replies
View Related
I have a website that is running perfectly on windows 2000 server and IIS 5. However we are now moving it to server 2003 and IIS6. No problem there however after setting everything up a problem has occurred. My directory structure is websites then webroot within that which contains the site files. Within webroot is also a directory called connections, which contains the database connection asp file.
It is a mysql database. Ok the problem is that I am calling the connection in my asp pages as follows (<!--#include file="../Connections/connLUKTrading.asp" -->). but the server will not navigate up a directory level as the ../ indicates. The site works fine if I place the directory connections in at the same level the site works but then I will have to do this at each of wwwroot's sub directories I should not have to. I believe it is a permissions problem to do with IIS6 but not sure. I have spent hours trying to find it.
View Replies
View Related
In our application, we have noticed on two rare occasion where the
data stored in application level arrays has disappeared. We have 3
application level arrays, and many other data types stored at
application scope as well. The other data types appear to have been
unharmed.
All session level data remained unharmed as well. The data
in the arrays seemed to have disappeared all of the sudden. No IIS
restarts, for example, were performed. Is there any known issues with
arrays being stored at application level.
View Replies
View Related
I am creating a simple XML file via asp and want the XML to appear in the browser. Here is what I have tried: Code:
View Replies
View Related
I have to create a web base application program, I think to use ASP but I would like to see If it supports comparison Graph. Does it support different levels of access because I have different kind of users or i have to do it manual?
View Replies
View Related
I am using Request.ServerVariables("SCRIPT_NAME") to get the extention from the url and need to know if I am in the root or down a directory. i have two folders, one called 'local' and one called 'group'
View Replies
View Related
how I can make a dhtml menu into a dynamic menu that pulls its links from an access database instead of the hardcoded html.
I would like to know because I'm working on a site that needs such a menu and most of my administrators using my site don't understand html and won't be able to update the menu unless I can give them a simple form that allows them to add links.
View Replies
View Related
How do I create an array inside an array? This certainly doesnt work...
Dim TmpArray(0 to 10)(0 to 50)
View Replies
View Related
I want to open the MS Access file with user-level Security. I know that if I do NOT setup user-level Security in the MS Access file, and create the table for login in the MS Access file (Put the MS Access file in the server), then it works.
I did that. But, I want to know whether or not we can use ASP code to open the MS Access (MS Access user-level Security setting). This way I can put the MS Access file in the public place.
Can we do it in ASP?
The following code cannot do that:
<%
set conn=Server.CreateObject("ADODB.Connection")
conn.Provider="Microsoft.Jet.OLEDB.4.0"
conn.Open "c:/try.mdb"
%>
View Replies
View Related
give me a session level timer code? I'm trying to time a quiz.
View Replies
View Related
I need to know how to disable a button based on the username that logs onto the web application.
View Replies
View Related
I tried to make our menu differend for Users for example :
If user level = 2 than
show Menu (Add Contact)
I used this code:
View Replies
View Related
I want to display a different message deppending on the amount of stock left. For example if there is no stock i would like to display "out of stock", if the item is in stock display "in stock". Code:
View Replies
View Related
i'm going to ask the way to use database to check user permission level in asp..
View Replies
View Related
how can i retrict user to only access the web page iif and only if they have the username and password, they neeed to login before can access the certain pages. How is the coding for that web pages?
View Replies
View Related
This is a standard ASP application that has several pages at the root
withthe global.asa. I set a session variable session("accountid") =
"123456" within an asp page and then response.redirect to the next page and
immediately response.write session("accountid") and I get back nothing.
But if I set a session variable session("accountid") = "123456" within an
asp page and response.redirect to a page in a sub directory and immediately
response.write session("accountid") I get back 123456 on the screen.
View Replies
View Related
I am developing a simple ASP-Access system for invoicing purpose, and the system is in 98% progress. What I want to do now is to add some sort of "control stock levels".
Let say I have set the quantity of an item/product (eg, pencil=100) in my database (in my database it refer to the table tblProducts with the field called PStockLevel) When one customer want to buy 10 pencil, the system will automatically set the PStockLevel to 90. All the calculation will be done in the page called tasks.asp.
View Replies
View Related
i'm converting an image file to hexa..then the hexa is saved to a text file..
can any one help me how to read the content text of a text file?...
im doing it this way because i don't want to save hexa in my database, because it makes the database slower to open up.
View Replies
View Related
is there a way, using asp, to find out the width and height of an image file?
View Replies
View Related
I have code that loops through a directory reading files..
now the problem is that files are constantly being uploaded and I only want the file system object to read those that are finished being uploaded.
How can I check the properties of the file to see if it's in middle of being written before i read the file?
View Replies
View Related
i am having a problem in how to create a Open File dialog to enable user to select a image file that will be stored into database. i just want the file path to be stored in database, not the image.
View Replies
View Related
It works if the file in on the server side, how to use the component (DSOleFile) with the file on the client side? Also how can I calculate the width of the file. (Page set up - Landscape or porrait). Code:
View Replies
View Related
I need to do online streaming multimedia file on my web portal, just like those online portal that selling MP3. User need to click on the preview link to stream the audio file to listen before they decide to buy the file or not. How do i link my audio file in my web server to allow it to be stream? Totally lost on this function,
View Replies
View Related
This question has to do with MS file search but it is happening only with
..asp pages, so I though someone programming with .asp pages has experienced
the same situation.
I'm trying to find .asp pages with a certain table name (i.e.
"renewalInfo" )
When I ran the search I get no results. I know that I have that string in a
couple of pages. My file system search engine is working fine with other
file types, like Word documents, Excel spreadsheets, etc.
I tried typing the string outside the <% %> tags and when I do the search I
get the file results, so it seems like if the search engine in my file
system was not searching inside the <%%> tags. Code:
View Replies
View Related
I'm having a problem with the fact that I want to allow image files to be uploaded to a remote web server, as the hosting package the web site is on is IIS6 and has a default file upload size limit of 200kb. As it's a shared hosting package, the default limit cannot be changed for me unfortunately.
Anyway - i need to check the size of the file being uploaded, so i can notify the user and prevent them getting the default Microsoft error message page. The problem is that I can't implement a server side size check which works, using either Request.TotalBytes or load.getFileSize (with "load" being an object of my loader class). It seems that I can't carry out any of these operations when the file size is too large.
View Replies
View Related
I'm trying to run the server.execute command inside a executed file. It doesn't work. Can anybody tell me why? I've searched all around and haven't found a reason. Could it be because it's not supose to work, or is the syntax diferent then in the first file?
It's something like this:
File 1
...
<%Server.Execute("File2.asp")%>
...
File 2
...
<%Server.Execute("file3.asp")%>
...
File 3
<HTML>
<body>
Hello!
</body>
</HTML>
Is this possible?
View Replies
View Related
I am using the File System Object to create server side cookies and part of
the Function that I am writing deletes a file but I am getting a permissions
denied error on that line of code.
I am using Integrated security only on this site but how do I get the
IUSER_Machinename account to work with Integrated Security?
View Replies
View Related
I have an asp page written entirely in jscript with a vbscript used as an include file which one variable on the page must access.
When the page runs, I run into jscript complilation errors when it tries to access the include file (since it is written in vbscript), and I can't figure out how to get the two to work together. How do you get both scripting languages to work on the same page?
View Replies
View Related
if i got a file path as a variable say for Example:
c:folder1folder2folder3folder4file.txt (The Path could be any long)
how do i just store the Path of the file name and the file name seperately. like :
File Path=c:folder1folder2folder3folder4
File Name=file.txt
View Replies
View Related
I would like to add a facility to my web page which allows users to upload basic files (word, excel, text, gif, jpg etc) to the server.
I know there's a facility to do this using HMTL forms, but I don't know how to handle the file on the server side.
What I think I need is an ASP file running some code to manipulate the filesystemobject, allowing me to receive the file and store it in the filesystem on the server. It would be nice to access some of the file properties too (name, type etc).
I've seen a few custom components online which allow you to do this, but I can't depend on installing them. I need to be able to script it myself.
View Replies
View Related
I have a page on our intranet that is supposed to stream an Excel sheet to
the user. I'm using pretty standard code:
View Replies
View Related
