We can simply open a file from our server's folder. Even if someone knows the full path, he can simply open file. Even someone expert can delete pdf file also.
On our IIS 5 windows 2000 web server we have many .asp's.most of which (When right clicked / security tab / edit authentication) are using Integrated Windows Authentication. Is there an easy way to check ALL of them? Some of the pages require a higher level of security (Our password reset page for example) and I am just auditing everything and want to make sure that only the few pages that require it are using the elevated security level. (By the way this is accomplished by using anonymous access with a domain account that is 'elevated'... I hate right clicking on 1000 different .asps to see the file / directory level authentication methods... is there an easy way to do this? Maybe through resource kit command line tools or some meta edit type tool
It has been said that When attempting to load an XML file saved as UTF-7 (a transfer encoding format for Unicode), the XML parser in Internet Explorer generates the following error message: Invalid at the top level of the document. The same error also occurs when using the MSXML parser from server-side or client-side script. I am getting this error when I use MSXML 3.0 as reference in a VB DLL function called by a ASP file.
I have a website that is running perfectly on windows 2000 server and IIS 5. However we are now moving it to server 2003 and IIS6. No problem there however after setting everything up a problem has occurred. My directory structure is websites then webroot within that which contains the site files. Within webroot is also a directory called connections, which contains the database connection asp file.
It is a mysql database. Ok the problem is that I am calling the connection in my asp pages as follows (<!--#include file="../Connections/connLUKTrading.asp" -->). but the server will not navigate up a directory level as the ../ indicates. The site works fine if I place the directory connections in at the same level the site works but then I will have to do this at each of wwwroot's sub directories I should not have to. I believe it is a permissions problem to do with IIS6 but not sure. I have spent hours trying to find it.
In our application, we have noticed on two rare occasion where the data stored in application level arrays has disappeared. We have 3 application level arrays, and many other data types stored at application scope as well. The other data types appear to have been unharmed.
All session level data remained unharmed as well. The data in the arrays seemed to have disappeared all of the sudden. No IIS restarts, for example, were performed. Is there any known issues with arrays being stored at application level.
I have to create a web base application program, I think to use ASP but I would like to see If it supports comparison Graph. Does it support different levels of access because I have different kind of users or i have to do it manual?
I am using Request.ServerVariables("SCRIPT_NAME") to get the extention from the url and need to know if I am in the root or down a directory. i have two folders, one called 'local' and one called 'group'
how I can make a dhtml menu into a dynamic menu that pulls its links from an access database instead of the hardcoded html.
I would like to know because I'm working on a site that needs such a menu and most of my administrators using my site don't understand html and won't be able to update the menu unless I can give them a simple form that allows them to add links.
I want to open the MS Access file with user-level Security. I know that if I do NOT setup user-level Security in the MS Access file, and create the table for login in the MS Access file (Put the MS Access file in the server), then it works.
I did that. But, I want to know whether or not we can use ASP code to open the MS Access (MS Access user-level Security setting). This way I can put the MS Access file in the public place.
Can we do it in ASP?
The following code cannot do that: <% set conn=Server.CreateObject("ADODB.Connection") conn.Provider="Microsoft.Jet.OLEDB.4.0" conn.Open "c:/try.mdb" %>
I want to display a different message deppending on the amount of stock left. For example if there is no stock i would like to display "out of stock", if the item is in stock display "in stock". Code:
how can i retrict user to only access the web page iif and only if they have the username and password, they neeed to login before can access the certain pages. How is the coding for that web pages?
This is a standard ASP application that has several pages at the root withthe global.asa. I set a session variable session("accountid") = "123456" within an asp page and then response.redirect to the next page and immediately response.write session("accountid") and I get back nothing.
But if I set a session variable session("accountid") = "123456" within an asp page and response.redirect to a page in a sub directory and immediately response.write session("accountid") I get back 123456 on the screen.
I am developing a simple ASP-Access system for invoicing purpose, and the system is in 98% progress. What I want to do now is to add some sort of "control stock levels".
Let say I have set the quantity of an item/product (eg, pencil=100) in my database (in my database it refer to the table tblProducts with the field called PStockLevel) When one customer want to buy 10 pencil, the system will automatically set the PStockLevel to 90. All the calculation will be done in the page called tasks.asp.
i am having a problem in how to create a Open File dialog to enable user to select a image file that will be stored into database. i just want the file path to be stored in database, not the image.
It works if the file in on the server side, how to use the component (DSOleFile) with the file on the client side? Also how can I calculate the width of the file. (Page set up - Landscape or porrait). Code:
I need to do online streaming multimedia file on my web portal, just like those online portal that selling MP3. User need to click on the preview link to stream the audio file to listen before they decide to buy the file or not. How do i link my audio file in my web server to allow it to be stream? Totally lost on this function,
This question has to do with MS file search but it is happening only with ..asp pages, so I though someone programming with .asp pages has experienced the same situation.
I'm trying to find .asp pages with a certain table name (i.e. "renewalInfo" )
When I ran the search I get no results. I know that I have that string in a couple of pages. My file system search engine is working fine with other file types, like Word documents, Excel spreadsheets, etc.
I tried typing the string outside the <% %> tags and when I do the search I get the file results, so it seems like if the search engine in my file system was not searching inside the <%%> tags. Code:
I'm having a problem with the fact that I want to allow image files to be uploaded to a remote web server, as the hosting package the web site is on is IIS6 and has a default file upload size limit of 200kb. As it's a shared hosting package, the default limit cannot be changed for me unfortunately.
Anyway - i need to check the size of the file being uploaded, so i can notify the user and prevent them getting the default Microsoft error message page. The problem is that I can't implement a server side size check which works, using either Request.TotalBytes or load.getFileSize (with "load" being an object of my loader class). It seems that I can't carry out any of these operations when the file size is too large.
I'm trying to run the server.execute command inside a executed file. It doesn't work. Can anybody tell me why? I've searched all around and haven't found a reason. Could it be because it's not supose to work, or is the syntax diferent then in the first file? It's something like this:
I am using the File System Object to create server side cookies and part of the Function that I am writing deletes a file but I am getting a permissions denied error on that line of code.
I am using Integrated security only on this site but how do I get the IUSER_Machinename account to work with Integrated Security?
I have an asp page written entirely in jscript with a vbscript used as an include file which one variable on the page must access.
When the page runs, I run into jscript complilation errors when it tries to access the include file (since it is written in vbscript), and I can't figure out how to get the two to work together. How do you get both scripting languages to work on the same page?
I would like to add a facility to my web page which allows users to upload basic files (word, excel, text, gif, jpg etc) to the server.
I know there's a facility to do this using HMTL forms, but I don't know how to handle the file on the server side.
What I think I need is an ASP file running some code to manipulate the filesystemobject, allowing me to receive the file and store it in the filesystem on the server. It would be nice to access some of the file properties too (name, type etc).
I've seen a few custom components online which allow you to do this, but I can't depend on installing them. I need to be able to script it myself.
