I've created a database for a group of about 5 people that I password protected. They all use the same user name and pass to access the website. I've used a session variable that is set to "valid" if the user and pass are correct. When the click the sign out link on any page, I use the Code:
View RepliesI am using ms access database and asp 3.0 as my front end. In my database there is a table called account and a field called password. How do I protect the password stored in the database.
View Replies View RelatedI am developing a small e-commerce site that allows users to create an account, pay, and then download audio files.I have only been doing ASP for about 6 months and this is a new problem for me: I need to not only password protect the pages (using Sessions and checking usernames and passwords against an Access database), but I also need to password protect the audio files themselves, so that users can't just type in the absolute URL to the audio files and get them for free.
I'm guessing password protecting the entire folder that contains the pages and audio files would be the best way to go, but I have no idea how to do this, and haven't been able to find any info on it.the site is part of a larger already existing site which is on a Shared Windows hosting account, so I have no root-level access to install any new software or technologies.
How can I password protect files so that no one can anonymously download it? I have windows 2003 server with IIS 6.0. Please explain the steps in detail.
View Replies View Relatedhow do i password protect folders in my site. using asp. i run win2000 server.
View Replies View RelatedI need to password protect all the pages of my website using ASP. Microsoft KB 301464
http://support.microsoft.com/default.aspx?scid=KB;EN-US;q301464&ID=KB;EN-US;q301464&SD=MSDN
provides a simple way of implementing it. But I am getting the following error in the Logon.asp script and dont know how to get past it. The Script block lacks the close of script tag (%>). /PDACPO1/Logon.asp, line 45.
Ive seen a few examples of how to password protect my pages by either textfiles / access. But how can I make the pages so that no one can just enter the url and bypass the login page.
Im trying to create a shop site and im trying to create a maintenance page that only I have access to so that I can look at my database status without having to open the database directly. I need these pages to be completley locked from anyone but me.
I am working on a CMS website which uses a access database.
When a user adds a page a record is added to a table in the database. The user choses the page style from a selection of 7 or 8 layouts.
I have been asked to find out if I can password protect one of those pages??
I have tried a few sites but not found much. The it has been done before is to add a password protected layout and build a login area into the site.
The effect i want is for the user to click the page and a username and password box will apear?
I have a client who wants to password protect a learning course that is set up in modules. Each module needs to have it's own password protection so users can only access them as they progress through the course.
Each user should have their own password (for each module) and, said client would like the password to expire for the user at some (predetermined?) point. Is this possible? It seems like a lot (in terms of setup), but I don't know much about password stuff.
If it is possible, can someone give me an overview of how it works (theoretically) or where to find more specific info on setting something like this up (in ASP.net)
If it isn't possible, can someone suggest what is more reasonable in terms of protecting the modules?
I created sessions to authenticate username and password. How can I utilize this same script to alert the user to change password at 3rd login? In other words when a user logs into a site after the 3 or 4th time which ever, they are prompted to change their password. Code:
View Replies View Relatedhow to protect pdf files from being accessed after the session has ended.(by typing the url).
View Replies View RelatedI did write some asp code, that I sell to companies, to control several
dbases. Because I sell the code, it's not that they own the code and can
sell it further or change the code, or add some extra code to it. It's like
I'm selling a program like Excel and that they can use the program, not
change it. I'm still the rightful and intellectual owner.
Also, if you give the raw asp-code, then there is a possibility that they
change to code a bit for there internal usage only. But if I sell an update,
then they have to search and copy/past there old code in the new page, not
knowing, that everything will work eventually.
It would be a lot nicer and easer if I can deliver some protected code that
they can't change! This will make my live a lot easer regarding updates. And
I will sleep better because they can't see the raw asp code,
copy/past/change and sell it or worse, going to competitors. Code:
Is their anyway I can protect my asp code from being copied. I have created a number of include files that are quite useful and save a lot of time.
I am hoping that if another developer is enlisted to work on a project i have worked on previously, I can protect all my hard work from being plagerised.
is there anyway of protecting your ASP code?
I have writen a few scripts that I'm allowing some poeple I know to use but I don't what them to be able to view the code, is there anyway of stoping them like compiling the code into a DLL or something?
I've built an upload system but i now need to protect the files from being downloaded
without being logged into the site.What's the best scenario to implement.I'm using an access database for the site.
Here's what i have done so far.Once a file link (just the id not the file name) is clicked it will check that there's a session variable present then it will present the user with the actual file but i'm now guessing is this the best way to go.
what is the best way to protect a folder of files on an asp site so that only people who have logged into the site are allowed to view the files?
would it be best to put them inside a cgi-bin and then have a page with links to the files, or is there a better option?
I am building a site that will have a number of images on it, at the moment I have the images in a Dir on the site and the paths stored in database.I want the make it as hard as I can for people to download the Images that are stored on the as some will probably be copyrighted, etc. I know watermarking the images is probably the only real way of protecting them, but I was hoping not to have to do this.
I plan to put a transparent gif in front of the images so right clicking don't work, is there anything I can do to protect the paths that will appear in the source downloaded to the browser?
Imagine you could encrypt your asp pages and then using a dll run the pages as normal do you think there would be a market for it. Obviously the dll would need to be registered on the server, but once registered you never need to register it again, if the asp page changes then just re-encrypt it.
One advantage I could see for it is db connections or when writing scripts for other companies but want to protect some of the routines you might have written. But what do you think.
I am after a solution to people both linking to my images and putting the paths into their browsers manually (when they know the format, after viewing the site normally). The reason is that the site has banners, and the only way I can keep it up (afford the hosting) is by successfully serving a banner along with the image requested.
I know xoom and those sort of hosting places have this technology. so it exists, and I'm sure many of you know what I'm talking about. My site will be wholly written in ASP, so hopefully there is an ASP solution. It will also use a mysql db (if that info is of any use).
This is extremely important. If I can't find a workable solution, the new site will never be launched.
I've finally written an asp app that is worthy of resale and would like to hear from you who have done the same. What is the best way to protect my application? I would like to stay away from anything that has to be registered on the server as most of my target audience will not have physical access to their web servers. They will just upload the code to their server and set directory permissions for the database.
I 've purchased asp scripts myself in the past and had to provide a domain name where it would be running. It would not run on any other domain but the one I provided. Is this a practical approach or is there a better way? How is it done? I've also seen posts about putting some of the vb code into an activeX dll. Is this a solid solution? Again, How is this done?
I have a site with restrict access where people can download documents in pdf format. All documents reside in a folder. My problem is that if the person puts the full path to the document in the browser (ex. www.mysite.com/documents/documentx), he can download the document even not being logged in. What is the best way to create a protected folder that I can access via ASP (with a password) to get the document to the user ?
Is there any way to do it without saving files to a database or having to use windows basic authentication ?
Lets say I have a folder 'members/3/'. in this folder are images. I have a login page that connects to a database to retrieve user info. After login the user is directed to a page that lists the files in the above directory.
Now lets say some other user goes to the directory and types in members/3/image1.jpg he/she will now see the image. How can I stop this without using ntfs permissions.
Is there any way to setup a multiple password page where if user1 logs in it will take him to dir1 and if user2 logs in it will take him to dir2 and so on. Basically, we need a page that checks to see if the user name and password exists and then redirects accordingly.
View Replies View RelatedI've got a site going that has pages protected by a login script. I have a logout button that simply redirects to a session.abandon page. Obviously people can still access the protected pages by hitting the back button on the browser (although they cannot go to any of the other pages by using the buttons on those pages).
Is there a way to protect the pages so that the user can't return to a page by using the back button? Or somehow force one of those "page expired" conditions so that a passerby couldn't snoop confidential information?
I want to install asp and access on a server, is there way to password protect asp pages from being accessed directly?. I don't mean via web.But being accessed from the server directly?
Is there way to ensure that the asp pages works on the computer/server it has been installed on and not for any other comp?
So if some new admin tried to copy those asp pages to another computer,they would not work.
where do you enter in the password for the connection to use?
set objConn = server.createObject("ADODB.CONNECTION")
objConn.Provider="Microsoft.Jet.OLEDB.4.0";"Password"
?
I am logged into nt and running an asp page.
I know that I can get my username from the server variable LOGON_USER or
AUTH_USER but the AUTH_PASSWORD seems to be empty.
Is there a way to retreive the current logged passsword
I just setup a passwrod button in Outlook Web Access by using the IISADMPWD directory in IIS.I have a few problems.can u solve it.
1. I would like the account section to be automatically filled by IIS.
2. I would like the back button to actually be a button not a link.
I have created one of those change your password forms whereby the the old password and new password are provided.
What I am having trouble with is ensuring that the old password entered actually exists already. Below is what I have tried, but I am getting a syntax error:
Code:
'Check Password
if request.form("CusPassword")<>rsCheckUser.fields("CustomerPassword") then
response.write "Invalid password"
end if
Else
if request.form("CusPassword")= rsCheckUser.fields("CustomerPassword") then
'write new password to databasestrSQL ="UPDATE Customer Set CustomerPassword ='"& NewPassword& "',CustomerPasswordverified ='"& NewPassword& "' where CustomerEmail = '"&CusEmail&"' "
I want to create a password validation system..... There are two text boxes.... I want to make sure that the passwords are the same and that they are more than 8 characters.
View Replies View RelatedIm planning to encrypt the password that was stored on msaccess database and
also the text inputed from a password textbox. Also, if I want to get the
password from the database, I need to decrypt it so it can be comparable to
the one that is inputed on the textbox. Is there a way on how to handle
this?
Public Shared Function Encriptar(ByVal cleanString As String) As String
Dim clearBytes As [Byte]()
clearBytes = New UnicodeEncoding().GetBytes(cleanString)
Dim hashedBytes As [Byte]() = CType(CryptoConfig.CreateFromName("MD5"),
HashAlgorithm).ComputeHash(clearBytes)
Dim hashedText As String = BitConverter.ToString(hashedBytes)
Return hashedText
End Function
this function encrypt user password, I need to un-encrypt that password
thanks to sitepoint forum,i am requesting a problem about forgot password .
if user forgot his/her password how can i retun his/her same password in email address?
i did like this:
......................
<%
Set myMail=CreateObject("CDO.Message")
myMail.Subject="your password"
myMail.From="codes"
myMail.To=ml 'ml var return current email address
myMail.TextBody=yrpass 'yrpass variable return password
myMail.Send
set myMail=nothing
%>
...................