I have a site that is using .asp mainly for SSI. There is a login section where the user types in their login and password, and this allows access to the member area of the site. So far so good. However, once in the member area, the user could bookmark that page and get back to it anytime without having to login again. Therefore, they could just email the link to friends and anybody could access it. (and yes, if they wanted they could email the login and password - but I can't stop that). I have another site that uses a single login/password to access restricted areas, but it's done with .php Any ideas about a quick code insert that could use their login/password to gain access (per session) to a certain file folder.I hope it's not an obvious answer
I have a client who has repeatedly asked about getting a site-wide search engine for their website. There's arguments for and against, but I'm more worried about the practical aspects of the request.
The site is largely composed of password-protected pages. Member data is stored in an Access database. The pages are all secured by a basic include file that checks against session variables to see if the user is logged in. If "yes," they can see the page. If "no," they are redirected to a login page. Standard stuff.
One of my biggest arguments against the search engines is that since they can't get into the protected pages to index them, those pages will not be included in search results. Since the protected pages make up about 90% of the site, this pretty much renders the search engine useless.
Have any of you encountered a similar situation? Any thoughts on a way for the search engine to index those protected pages?
As far as the search engine goes, I was planning on cheating and using a form that sends requests to a simple google site search (it works surprisingly well on the non-password protected pages), although I'm open to other suggestions if you have any.
how to password protect a directory (downloads) on a Windows NT Server? UNIX is a breeze. It seems like you need an Act of God to get Windows to do the same?
I have created a password protected area on my website using session variable. I used a pre-programmed package on the internet using ASPLogin not the very expensive company software- another more basic type from another company! A user can log in OK for the first time, however, when he/she next visits within a couple of days or more the login screen says that they are already logged in., and because of this, they cannot log in and have to wait for the session variable to expire.
I am using both Mozilla Firefox and Internet Explorer and both are having the same problem. I am not too sure of what is going wrong here, as ideally, each time they have logged out I would like them to log back in OK again.
I am trying to create a website where user is required to login first to view members page.
I want user to come to my website. They can move around in free sections where I give examples of the lessons that are to be taught. But if they need to few the whole lesson then I want them to signup first. Signup is free.
I want to use ASP to do that.
if you know any tutorial or have an example which tells how to do that, please let me know.
I have a form mail script that sends an email and then writes to a text file using Server.CreateObject("Scripting.FileSystemObject").
The problem I am having is that the information needs to be saved in a Password Protected Directory. When I try to save the info it gives me a permission denied error.
I had my hosting company change the permission on the directory and the script was working ok but now it isn't.
Is there a way to pass the username and password in the script so I don't have to worry about the hosting company messing this up?
I have a client who has a password protected page (via session) that lists a bunch of pdf's. They are a little worried that you are able to browse and see the pdf's via the url without being logged in.
I'm not sure if it's possible or not but is there a way after their username and passord is verified to automatically grant them permisson to view the contents of the pdf directory?
An ASP page on my IIS server converts an uploaded word document to HTML, but I'm having a problem with it failing (hanging and popup requesting password on server!) on password protected word documents. (web upload, backend processing and web delivery)
I spent the whole day on google to find a solution. What I am looking for is an asp script or a property that can look at a word document and just return a yes or no as to whether it is protected, so I can then refuse to upload it, until the user has removed the protection.
a good tutorial of a ASP password script that can log-in a user to his own protected page depending on his user name. More or less a multiple destination password script.
Or if anyone could help me out with some code that can do this. Right now I am playing around with: http://www.elated.com/tutorials/programming/asp/password_protection/. Maybe some one can help me with the additional code needed.
I have a client who wants to password protect a learning course that is set up in modules. Each module needs to have it's own password protection so users can only access them as they progress through the course.
Each user should have their own password (for each module) and, said client would like the password to expire for the user at some (predetermined?) point. Is this possible? It seems like a lot (in terms of setup), but I don't know much about password stuff.
If it is possible, can someone give me an overview of how it works (theoretically) or where to find more specific info on setting something like this up (in ASP.net)
If it isn't possible, can someone suggest what is more reasonable in terms of protecting the modules?
I created sessions to authenticate username and password. How can I utilize this same script to alert the user to change password at 3rd login? In other words when a user logs into a site after the 3 or 4th time which ever, they are prompted to change their password. Code:
I am creating a series of downloadable articles, career tools, spreadsheets, etc. However, some of the content is for "registered" guest. The registrants are stored in a database and logon.
I want to ensure that someone registered cannot simply pass someone the path to the files for download. However, I am not creating an actual system user name for the folders where the various documents exist.
I don't want someone to logon, retrieve the path to a file, and be able to send that path or return to that path without having to logon.
How do I accomplish this?
Consider the following: serverroot/registeredcontentfolders would be protected by a single logon name - not accessible via anonymous access. User's logon to site and I auth them with their user name but on the server side, auth with the single account I am establishing for access to the protected folders.
How do I call a page in a password protected directory? In other words, I had my admin make a directory protected with authentix and now I want to use a page outside that directory to call a page inside that directory. How can I do this
Im running a site on IIS6 and its got a link to a protected directory.. Authentication required, so user enters their username and password and it gives them access to the directory.
now however we want to use the same link but different users.. so whoever clicks the button it prompts for login information but then redirects them to their own directory per their username/password. any ideas for me to investigate ? maybe an index.asp that waits for username and then redirects ? is there a simpler way ?
I have pass protected files within a directory adequately and included a function that ensures the http_referer is the secured folders index file so that I can be sure the file they are calling is opened up as an include within the index file.
My problem is what if it is a pdf or word doc or pp file. It is a bit of a training directory and they may use various forms of presentations. Now in cold fusion I can control the whole directory by implementing the application.cfm file but I know of no way in asp to do this.
I know how i can list and manage files (with the file object) on a normal directory with ASP. But i couldn't find any information on how do i list/work with files which are locaed on a password protected directory (with basick auth). how to make such a task ?
the hosting control panel gives the ability ot make a login for the directory you want to secure , but i want to make a logout for this login , how could this be done ?
I need to look up what user name was used to login to a protected directory using ASP.
I don't want to create a login page, etc. It shouldn't be necessary. Only employees who already have user accounts need to log in to the webapp and the protected directory login box is all the security I need. I just need to be able to access the username that they used in my application. Code:
I have a folder that is protected, the users login with their unique username and password, these are held in a text file.
Is this information logged in a way that I can use the login name as a variable for use on my page, such as if I login as Jon the page can display "Logged in: Jon"
I need to display a URL that links to a password protected wiki (htaccess) on an apache server. I'd like to include the userID and password in the URL so that the user is not prompted for it on the wiki end. If I was linking to another ASP page I could send the login info in the querystring, but how is this done with apache? Is this even possible?
Using IIS 5.0 and sometime some asp pages (absolutely randomly) showing as blank white pages. So far only one way of fixing it - restart whole server. Restarting IIS, or specific web server not helping, only whole server.
I enable server side and client side debugging, but no errors showing up...
In view source pages always look like this: ----------------------- <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <HTML><HEAD> <META http-equiv=Content-Type content="text/html; charset=windows-1251"></HEAD> <BODY></BODY></HTML> -----------------------
is it possible to create pages using other pages. Here is an example... Can I make a page that has a menu on it, but the menu is actually a seperate page that I call with ASP?
I have created one of those change your password forms whereby the the old password and new password are provided.
What I am having trouble with is ensuring that the old password entered actually exists already. Below is what I have tried, but I am getting a syntax error:
Code:
'Check Password
if request.form("CusPassword")<>rsCheckUser.fields("CustomerPassword") then
response.write "Invalid password"
end if
Else
if request.form("CusPassword")= rsCheckUser.fields("CustomerPassword") then
'write new password to databasestrSQL ="UPDATE Customer Set CustomerPassword ='"& NewPassword& "',CustomerPasswordverified ='"& NewPassword& "' where CustomerEmail = '"&CusEmail&"' "
I want to create a password validation system..... There are two text boxes.... I want to make sure that the passwords are the same and that they are more than 8 characters.
Im planning to encrypt the password that was stored on msaccess database and also the text inputed from a password textbox. Also, if I want to get the password from the database, I need to decrypt it so it can be comparable to the one that is inputed on the textbox. Is there a way on how to handle this?
Public Shared Function Encriptar(ByVal cleanString As String) As String Dim clearBytes As [Byte]() clearBytes = New UnicodeEncoding().GetBytes(cleanString) Dim hashedBytes As [Byte]() = CType(CryptoConfig.CreateFromName("MD5"), HashAlgorithm).ComputeHash(clearBytes) Dim hashedText As String = BitConverter.ToString(hashedBytes) Return hashedText End Function
this function encrypt user password, I need to un-encrypt that password