Implementing Secure Paswords/usernames
What's the best way to implement a secure passwords. The passwords already exist but i want the users to then change them.
View Replies
ADVERTISEMENT
Generating Usernames
Basically I have a site where the administrator adds new students to a college system. This code just adds a new student to the database. When they are added a username is generated by taking the first letter of the forename and the first from the surname and joining them to the date.
(ie, James Brown would generate JB2005) Obviously some people will have the same initials so i'm trying to get all the records from the student table in my database that has the first two letters as the student I'm trying to add and adding the value of the count of that recordset before the date of the new students initials. (ie, if Jane Bennett was added the username would be JB12005 because there is already a user with the initials JB in the database)
At the moment if i add a new member to the database, the fields are populated but the count of the recordset is not added so I end up with duplicate usernames. I'm not sure if the recordset is even being filled or whether the recordcount is not working. Code:
Usernames And Passwords
I have an access dbase that holds and an expiry date. I need to compare the expiry date with the current date and if it is later than the current date it will allow access (if the username password is correct of course)otherwise it will display an error message saying that membership has expired.
View Replies View RelatedCreating Unique Usernames For Users Of A Database
I am tryin to create a database of users for my system,each user is given a username based on their own name(surname and first name), however if 2 users with the same or similar name enter their details they will be given the same username,for example john drew would return drewj as thier username, so would jack drew, when a new user is entering their details how do i check that the username generated for them does not already exist,i.e i need to compare the username generated for the new user with all usernames already held in the database,if the username does already exist i want to add a digit to the end of the username how is this done using asp?
View Replies View RelatedPreventing Windows From Suggesting Usernames In Login Boxes??
How can I prevent this from happening? For example when the asp
application works in a public terminal where we don't want successive
users to know the login password and user name of the previous ones?
Implementing Verisign Payflow Pro
I'm testing the verisign service. Has anyone here used this service if so can you share some pointers.
I'm a bit stuck with the variables that the server returns. I want to use them but i'm getting no where.
Implementing Shadow Uploader
I found this Shadow Uploader on here, and i see that you can have an email sent, but im having troubles understanding how the email bit works
All i want is for an email to be sent to me saying 'Someone has uploaded an image' and the text from the 'name' field..
Normally i would try and do this for myself, but the site needs to be running by Tuesday and ive got no more time to much around with it.
Implementing RSA RSACryptoServiceProvider *and* JavaScript
I'm currently trying to strengthen up the security on a large ASP.NET
application. I use MD5 hashes for the user/password, and a token to 'salt'
the resultant hash. This is secure.
The next step -- and I'm *really* surprised that *everyone* doesn't do
this -- is to prevent 'Evil Eve' from listening in over the network when the
passwords and/or other sensitive information is updated. The best method
here is to use asymetrical encryption using the framework's
RSACryptoServiceProvider. Of course, this won't work on the client because
you have to use JavaScript on the client (forget Java and Activex as these
are out of the question). Therefore I want to implement RSA on the client in
JavaScript. Code:
Implementing Audit Trails
I have got around 7 pages where users can edit existing data. The thing is it is required to have an audit trail of the changes made to any table storing in user information. A google search mainly shows all 600$ softwares which can't be afforded by me. how to implement them.
View Replies View RelatedShadowUploader - Help Implementing The Code
i have no probs with the script, it works fine, but i want to be able to upload an image aswell as data (text) from the same page, i've had probs trying to do this as i get an error, cn't remember the error.
View Replies View RelatedImplementing File Attachement
I have created a cfm for my website and what my problem is that when it comes to uploding an image in the site i have to manually do it through a ftp program and than write the link in the admin section of the site in the form where i submit than it displays the new image or images.
but i would like to do it so the administrator can click on browse than attach the image and than when submited the image gets uploaded in the choosen folder and the file path is writen in the database (access). is this possable? i have an insert form that has the form to submit and i have created the insert prossersor page that contains the SQL statement that prosessos the form.
Implementing A Global Log File For A Web Site
I am trying to implement a single global text file for my web site that will log the actions that my ASP scripts peform. The site I have set up involves about five web pages with scripting in VBscript. Several of these pages also use COM automation to peform certain tasks in Excel macros which also write to the text file.
Currently, I must declare an FSO object on each page. I also have to close the object before I call the COM components (because I write to the log file from the Excel macros, too) and then open it again when control returns to my ASP scripts.
The macros I have written inside Excel are quite intensive, so they chew up some time when they execute. In the end, each user will go through the five web pages to generate an Excel spreadsheet which they can download, and, during this process, will have logged about 15 messages to the text file. Code:
Implementing Current Date Into Form Variable
<input type="hidden" name="date" value= (Date)>
When I use:
<% Response.Write (Date)%> if returns the date I want.
I need to enter it to this date value in my form. What is wrong with my code above? It should be obvious, but I can't figure it out....
ASP: Implementing Server Side Include Using Query Strings
I have a provider to implement domain name search and another to receive variables from my site and save them on thier site.
PROBLEM
we are using MS ASP scripts on my site.
We want to be able to implement an include file to show the results of the form process from their website.
Currenlty i tried the ASP script below but it fails, complaining of the end if statement, when i remove it, it doesnt show anything. Code:
Secure And Non Secure Data
i have an ecommerce site that is split across two domains, a secure space that retains cc details and the main site where contact information and order details are held. I need to be able to produce a report that displays both sets of info in a printable document. aside from using iframes is there a better way of doing this?
View Replies View RelatedImplementing A "Find Location By Address/zip Code"
I need to implement a find location by zip code or address and I need a little help in terms of where to begin. I have no problem with SQL queries or ASP in general, but I am just having a hard time conceptually with this.
For example, how would I know that X zip code is 10 miles from Y zip code which is store location A's zip code?
Secure
How do I stop pages being active in the history.
I have tried this,
<% Response.Expires = -1 %>
But the pages are still active in the history and are being cached somewhere on the machine win2k.
Secure
If I create a simple login page and then store the UserId is a session and check its validity in the subsequent pages, How secure will the site be. I know the same question has been asked in the PHP forum
Code:
http://www.sitepoint.com/forums/showthread.php?t=233118
But how can I make my site secure enough in asp
Secure
I may be in over my head on this one... VERY new to ASP. I have a potential client which is a marine loan broker. He wants an online credit application for the boat dealers he works with (20 different ones). He wants the credit app to be co-branded. Dealer/LoanCompany logos at the top would be sufficent. The dealer would have a link on there own site to the loan company's site but wants it to look like they are "Partners" and not just being shullde from one site to the next.
Is there a way to display different dealer logos based on the referrer URL? I would rather have one creditapp.asp that displays the proper logos depending on the referrer over building 20 creditapp.asp's. He doesn't need the form data written to a database. He just wants the form data emailed to him. (this I can do) How secure is that emailed data?
Secure FTP With ASP?
Right now, I'm trying to use WSH to run PSCP (command-line version of
PuTTY). I've tested the command I'm using by opening a DOS box
manually on the server, and the test file is successfully transferred.
I've run Filemon and Regmon while running my sample ASP page, and see
no permissions problems. I've tried running cmd.exe and passing PSCP
as the parameter.
I've tried running PSCP.exe directly. I've even
tried using ASPexec to run it instead of WSH. None of these have
worked. I always get the same thing -- error code 0 (success) returned
from WSH or ASPexec, but when I look at the second server the file
never got there, and when I look at terminal services on the Web server
PSCP is still running.
Secure Login
I'd like to create a secure login from an ASP page to a specific SQL Server
2000 Db. Is there an accepted methodology for doing this? Are there any
resourses that show how this can be done?
Secure Page
I need to secure my web page, when it is reading a file from the
physical folder.
Say for eg.. I have a page Page1.aspx, which displays a list of links
that corresponds to
the available text files in one of the files. All the other pages are
secured except this
page. So when I click the link, it redirects it to for eg..
http://localhost/folder1/one.txt.
But this should not happen. As the user can type this without even
logging into the website.
So I need to know how to stream this file and display it in another
page, rather than just showing it.
Secure Page
Iīve made a loginpage in asp, and a page that receives
the data from the form and logs you in.
But how do i make the loginpage secure?
Do i have to use https, and if so, how do i change from
http to https when the loginpage is included in another
asp-file?I donīt know if i have explained myself correctly
Application Secure
Here's what I/m doing to sanitize/validate/secure my input.
1. The front end checks what kind of data is entered.
2. I am using parameterized query instead of concatenated strings (Against XSS)
3. I am replacing symbols like <,>,# etc with their appropriate entity number eg. & #32; without the space. (Agains SQL Injection)
Secure Connection
Can someone please explain to me the basics of creating a secure connection (we're looking at using Authorize.net) and possibly point me in the direction of other resources for getting some info?
View Replies View RelatedHow To Secure Code?
I have a site designed with ASP 3.0 code (HTML and vbscript) that I want to protect from being visible. I want this code to be non-visible and hack-proof. Is there a way to either encrypt or protect another way to ensure that my code is not stolen?
View Replies View RelatedPage Secure
do know how can i prevent my page from cross side
like using <marquee></marquee>
Secure SMTP App?
I have a client with their own W2k server and their IT guy refuses to turn on the SMTP service for fear of it becoming hijacked by spammers.
However, they also want their web site to perform some emailing functions I would normally use CDOSYS for.
I'm having them look into alternate SMTP servers to use with CDOSYS, but I was wondering if anyone here can recommend a 3rd-party ASP-based SMTP app that might be more secure than IIS' built-in service?
Secure Information
I've an ASP page in wich the customer write his card number for the payment. How can I make this information secure when it's sent to the server?
View Replies View RelatedHow Secure Is Global.asa?
I have written a simple script that is called every 75 seconds or so to test whether the SQL Server database is running. The script is contained in a page that is not linked to in the site.
The thing is I have hard coded the database information on the page, I was thinking of putting the connectionstring into my global.asa file as an application variable.
How secure are the two options?
Will there be any performance issues? Bearing in mind that this page is called every 75 seconds.
Secure A Database
I have set up an asp script which writes the output of a form to a database.I have achieved my database connection like this:Code:
DIM objConn
Set objConn = Server.CreateObject("ADODB.Connection")
objConn.ConnectionString = "Provider=Microsoft.Jet.OLEDB.4.0;Data Source=" & _
Server.MapPath ("contact-2000.mdb") & ";User ID=admin"
objConn.Open
How do i go about making the database secure? at the moment anyone could view the source of the asp script and download the database.Which folder should the database be stored in? iv heard of using the root folder? at present the database is located in the same folder as my asp file.is there a way of setting up a password on the databas ein access and passing the password from my asp script to the database. the password would have to be encrypted though.
Secure Web Page
We have a need to allow our users to enter Credit Card #'s on a web page, so we need a secure page (have the little lock at the bottom of the browser) in order to do this.
1) What is this called? (I've heard the term SSL (Secure Socket Layer)tossed around, I don't know if this is the same or something different).
2) If I need a certificate of some sort for our server, how do I get it?
Secure Statement
I have written a web app in asp3 which is used by lots of users.The data is all held server side.However,I want it so that the users can export the data in a csv file,much
like you can download a statement from online banking.
However,I don't want to save the file to the server,as then anyone else might guess the filename and download it.Is there any way to directly generate a file from an asp script.i.e.instead of asp returning html,it returns csv data which the user can save
away.