In our project, we have a situation where the administrator needs to 'force log off' a particular user under certain conditions. In other words, the admin user needs to have the ability to kill any other user's session.
Is this possible? By using the session properties, we can kill the current session (the current user's session) but is it possible (for the admin user) to kill some other user's session?
if there is an application,I can change the default session timeout property via IIS Administration? If so, how does one do it.
View Replies View RelatedIn ASP, is it absolutely necessary to set an object to Nothing after being used?
set myObj = server.createObject("myDLL.myClass")
call myObj.useClass
set myObj = Nothing <--- can I omit this?
I'm dealing with a large number of files with nested includes. There are many places where I use the object, I want to avoid initializing the object any more than necessary, and I want to change as few pages as possible. The simplest way for me to do this is to not set the object to nothing. Will ASP implicitly remove the object from memory,
or will I have a memory leak?
When is Session_OnEnd event working , ive tried Abandon , Timeout still its
not working. will a session end , while closing the browser window ??
I am trying to create a user login page that once a user has been logged in there name will appear on all pages in the top right hand corner. This is what i have so far the user logins in through my user page and then this page loads up Code:
View Replies View RelatedI want to have different user sessions timeout at different time intervals. How can we make this possible in ASP with and without using database tables.
View Replies View Relatedi have created a script that queries a database for a username and password, and if they are valid sets a session variable to TRUE and redirects to another page. the table which contains the user information is called "Users" with the fields "UID", "PWD", "FIRSTNAME", "LASTNAME", and "EMAIL". my question is, how can i set a session variable to use the FIRSTNAME record for the particular user that logs on? my code is below. I've already got a session variable to display the UID record in the BookingSysV1UserName session variable.
View Replies View RelatedWhat's the best way to inform a user if their session has expired? It seems like upon logging into the system, when the first variables are created I could create a session variable that just stores a number, and then at the top of every page check to see if that variable is empty or not, but I'm not sure. What's the best way to do this? And if that is the best way, do I just compare it to a string of ""? or null?
View Replies View RelatedI am looking for a good sample or if anyone can provide me a code that would allow a user to upload documents, and be able to get only the ones he/she has uploaded only (by their loging session).
However, I would also need the code to have an administrator look at all the users uploads. I think I can manage to create the file for the administrator. But I have no idea how to start the uploading one.
I've got an application which uses the Dreamweaver login script - which basically stores a username into a session variable if you login successfully. Then the other pages check the session variable to see if you're logged in. The problem is: I'm finding that a lot of users cannot log in because they can't access the session variable, or something like that. I suspect that it's due to them disabling cookies on their browser.
Does anyone know of a way to get round this? I know that online banking uses cookies, and they seem to have no trouble with that. Is it because they use SSL, and therefore the browser lets them through? Moving to a SSL space is something I would consider. We can't be sure what other software is on the user's machine either, and I think I may have had trouble with ZoneAlarm in the past too. What's the best way of getting round all this?
Is this a good idea, or do people use different approaches ? Believe there's a 20 minute time period for em which doesn't sound like what l need.
View Replies View RelatedHow can I give a user-defined object session scope? From
http://www.microsoft.com/windows200...asp/iiwaobu.htm
I gather that it can be done, but there are no examples. Simply setting
Set Session("tag") = new MyClass
doesn't work.
I am developing an ASP application where the user may spend large amounts of time manipulating data on a worksheet. An amount of time that will certainly exceed the security mandated session timeout intervel of 15 minutes.
So the user pushes save after the session has timed out and is thrown to the user login window -- all according to standards. How can I either detect the timeout before the submit or preserve the user entered data despite the redirect?
I'm new to using session cookies and need just a bit of help. On the introduction page to my project, I'm setting:
<%@ Language=VBScript %>
<%
response.cookies("user")="authenticated"
%>
Then, on subsequent pages, I'm checking for the cookie, and redirecting if it's not there:
<%@ Language=VBScript %>
<%
If NOT request.cookies("user") = "authenticated" Then
response.redirect "http://somepage"
End If
%>
What I need to do is incorporate an ignore element (by user-agent or IP) into where it checks for the cookie. For instance, if a user has an IP of 127.0.0.1, it ignores whether they have the cookie or not and lets them view the page.
The reason I'm doing this is I have a search engine that's crawling the site and it doesn't always go through the front page - therefore, it's getting redirected on most of the pages it sees. So what I'd like to do is have the script see that user-agent or IP, then ignore the cookie requirement.
Is that possible?
I have my system set-up, where by when a user accesses the cms, a time stamp is added to the database. So we can keep check of when people accessed the system.
The added benefit of my addition, is that a session timeout is usable based on the inputted timestamp the user logged in. I added this functionaility because the system could be idle for some time and if so set the session to equal nothing or similar.
However what would be a nice feature of the cms is the display of the current user.
Below is code I have inputted to give some idea of what I am doing
Session("ADID") = objRS("adminID")
objConn.Execute("UPDATE tblAdmin SET adminLastLogged=now() WHERE adminID=" & Session("ADID"))
Session.Timeout = 30 ' 30 = Minutes
SO does anyone know how I can retireve the adminUsername based on the session used when loggin into the system.
I'm not sure if ASP would be the right code to do this but I'm gonna ask anyway.
I'm trying to make an admin section...the thing is I make this site but I don't get online that often to update the news. One person offers to do this. He doesn't have a clue on how to use FTP. So I'm looking for something that I can let him log in(on a browser) to update this specific file(only news.html), don't want him to see anything else there.
I can connect to my schools webserver via VPN, and edit the webcontent. However, I cannot connect to the SQL server. Does anyone know of an ASP script I can use to admin the database remotely?
View Replies View RelatedThis is a small Web Application, this contains basic XML functions using ASP including a XML driven user authentication, adding new records, viewing records, editing and deleting records. Code:
View Replies View RelatedI want to call the redirect to the selected page depending on the username. It is comeing from a text file I would like for the login to automatically be written in to the = ("<%login%>") but this is worn.What i have below wokrs for only admin and anyone else who is not admin. Or I would like to be able to add a third and fourth. I don't mind hard coding the login if i have to.
if Request("login") = ("admin") then
Response.Redirect "main.asp?action=login"
else
Response.Redirect "client.asp?action=login"
end if
I have an access database on my website.Its tied in to an asp calendar page where people can click on a date and send me an email wanting to book that date. Could i sent a text message from my mobile to add a new date into my access database to book that date instead of having to go onto my admin section and add it in?what i trying to explain. Is this possible or impossible.
View Replies View Relatedi have currently built a website with some administration. The user goes to a login page and put in there username/password. This then lets them access the admin stuff. Thats all ok. I then thought well instead of going to the login
www.blahblah.com/login.asp i would just type www.blahblah.com/adminarea.asp and low and behold i was in the admin are with no login required.
anyone know where can i get good iis admin control panel for monitoring multiple sites?
View Replies View RelatedCan I use the Website Administration tool to manage users and roles for
multiple ASP.NET applications using a single, common ASPNETDB?
If so, what changes do I have to make to the web.config files for these
various applications to allow authentication from that single ASPNETDB.
I'd also like to be able to maintain the users/roles and application access
from the web server rather than from my development computer. Right now it
seems like I have to make changes to user/roles in each web app and then
transfer the database and code over to the server, just to add a new user.
And each app seems to have it's own ASPNETDB which defeats the goal of a
single point of administration for the server.
I managed to find the problem with my script thanks to jmurray's help. However I am now left with a confusing puzzle and I cannot any information about a workaround.
The error I now get is:
Cannot modify or delete an object that was added using the COM+ Admin SDK
I know now the reason for this is because I changed the 'from' email address in my script. If I put it as 'service@safetouch.com' it works fine. If I change the address to ANYTHING else, I get the above error. Is this something that can be corrected through scripting? If not, any ideas where I should be looking?
I would like to create the facility for admins on my site to be able to edit certain html pages on there site. Is this possible and if so does anyone know of any good urls discussing this matter ?
View Replies View RelatedI'm a Win2000 professional user - sP 4. I can't delete some folders in
e:inetpubwwwroot....
I've created them by FrontPage2000 SR1. I enter Windows as Administrator, then I should be able to create /delete all objects. On the contrary, each time I attempt to erase the assigned folder Windows warns me so:
"Access is denied. The source file may be in use."
I have to come up with an admin cntrol panel so the staff can change ,update there website as needed. I would like to use asp to create the admin panelor if you guys can tell me of a better way like using php or somthing.
How would I go about letting them update/change the text. Do I have the site load it
from a database like access or sql or ? Remeber it should be user freidly no html coding just type and upload.
I have an ASP page that uses a COM componenemt on a Win2000 server. The same server contains my SQL Server 2000, which the COM object is querying on. I use a constant login/password to login into the SQL Server, so it shouldn't matter which domain user is using the page.
It works fine for every user -=that is defined in the Win2000 computer Admins list=- , it doesn't work at all for users that are not (Connection ailure)....
I am not sure why, since how I see it, it shouldn't matter to the SQL Server which user is trying to login (since I use the same constant user/password for all of them...).
It might be either an IIS or SQL Server problem (or maybe even Win2000 related), Anyone ever encountered such an issue
I have iis, .net and MSDE installed on my machine, I have also installed "web data admin" but i cant log into it. The green blinking arrow for the server is in the bottom of my window so it appears that MSDE is ok.I am entering the following info at the w.d.a login screen
usrnm: sa
pwd: mypassword
server: production
etsdk
however i get this message returned:
Invalid username and/or password, or server does not exist.
Also, please ensure that SQL Server Authentication is enabled on the server.I dont know What have i done wrong/ missed.
for the admin table and page layout, is it compulsory for the key field to have a primary key? or it's not necessary becoz of it is only plan to link up to the combo box in the pages for the end users?
View Replies View RelatedI've just installed web data Administrator and did everything instructed from the book, but when I opened the browser and typed http://localhost/SqlWebAdmin I get a web page but no input fields or place to type in the password. I'm running xp pro, IIS is running, MSDE is also running and I have SqlWebAdmin folder in the C:Inetpubwwwroot folder.
View Replies View RelatedHow to change my Admin password and login for my website I just have the FTP acess and I would like to change my Admin user id and password can you guide me ?
View Replies View RelatedI've created an admin side for my ASP site and I use session vars to provide
page security.
Just as a bit of advice, I want to know if I should expire each admin page
so that others can't bring them up. I know the session var check will
bounce them back to the login page, but I'd rather they didn't even see this
page if they aren't authorised.