I was wondering if anyone has ever successfully used SA-FileUp's download feature. I am being forced to change from "ASPSmartUpload" as the server I am moving everything to is using SAFileUp version 3.2.
I ran through their documentation and found a section called "secure download", unfortunately, their examples do not work at all!
On Netscape 7, the file "pretends" to download (after changing the file extension), but only an empty file is created.
On IE 6, I simply get an Internal Server Error (when calling the
TransferFile method of my object). Code:
I have used the "Microsoft.XMLHTTP" object to successfully download web pages from other sites.
However, I need to download a page from a secure page. Can anyone point me to sample code for that? I need to "post" data to a form on that page, so any sample code for that would also be helpful.
I have used the "Microsoft.XMLHTTP" object to successfully download web pages from other sites. However, I need to download a page from a secure page. point me to sample code for that? I need to "post" data to a form on that page.
I have a directory on my site where the users do not have direct access so I need to stream the files throuh an asp file for them to download these files. Like this:
download.asp?File=myfile.mdb or download.asp?File=myfile.xsl
or whatever.
The problem is that I dont know the type of file (.mdb, .xsl, .wks, .doc, ...) so I dont know what to put in the header for this to go smoothly. This is some code (that does not work :-))....
Just ignore my code completely if you feel like it... I only need asp code to download any type of file.. Code:
why this is giving me a 'type mismatch' error on the last line with the (CDate) when i use it with SA-Fileup and everything works fine when I am not using SA-Fileup. Checked out the SA-Fileup docs and couldn't find anything.
here it is.Code:
Set oFileUp = Server.CreateObject("SoftArtisans.FileUp")
Can anyone tell me why this is giving me a 'type mismatch' error on the last line with the (CDate) when i use it with SA-Fileup and everything works fine when I am not using SA-Fileup. Checked out the SA-Fileup docs and couldn't find anything.
We got an upload page that was working fine, but now isn't. There was no change to IIS 5.0, Windows 2000 server, the asp page or the 3.13 version of SA's fileup component.
The issue is files that are 7,904 bytes or smaller upload just fine. files that are 7,905 bytes or larger do not upload. Looking at the fileup components' .TotalBytes properties...the 7,904 byte file or smaller fileup can determine the size correctly. if the .totalbyte properties is response.write out for a file larger than 7,904.
Any idea what would cause the smaller files to work just fine and the larger files to fail in the upload process? Why would fileup not be able to determin the filesize of a file larger than 7,904 bytes?
I am trying to use SoftArtisans FileUp Professional to upload a directory. I have found some sample code to help but you have to type in the directory name when you run the page.
I want to use a form in the same way as for a file upload to browse and select my directory for upload. Anyone know how to code this?
Also are there any good places other than the official SA site to go for help with sample code?
i have an ecommerce site that is split across two domains, a secure space that retains cc details and the main site where contact information and order details are held. I need to be able to produce a report that displays both sets of info in a printable document. aside from using iframes is there a better way of doing this?
If I create a simple login page and then store the UserId is a session and check its validity in the subsequent pages, How secure will the site be. I know the same question has been asked in the PHP forum
Code: http://www.sitepoint.com/forums/showthread.php?t=233118 But how can I make my site secure enough in asp
I may be in over my head on this one... VERY new to ASP. I have a potential client which is a marine loan broker. He wants an online credit application for the boat dealers he works with (20 different ones). He wants the credit app to be co-branded. Dealer/LoanCompany logos at the top would be sufficent. The dealer would have a link on there own site to the loan company's site but wants it to look like they are "Partners" and not just being shullde from one site to the next.
Is there a way to display different dealer logos based on the referrer URL? I would rather have one creditapp.asp that displays the proper logos depending on the referrer over building 20 creditapp.asp's. He doesn't need the form data written to a database. He just wants the form data emailed to him. (this I can do) How secure is that emailed data?
Right now, I'm trying to use WSH to run PSCP (command-line version of PuTTY). I've tested the command I'm using by opening a DOS box manually on the server, and the test file is successfully transferred. I've run Filemon and Regmon while running my sample ASP page, and see no permissions problems. I've tried running cmd.exe and passing PSCP as the parameter.
I've tried running PSCP.exe directly. I've even tried using ASPexec to run it instead of WSH. None of these have worked. I always get the same thing -- error code 0 (success) returned from WSH or ASPexec, but when I look at the second server the file never got there, and when I look at terminal services on the Web server PSCP is still running.
I'd like to create a secure login from an ASP page to a specific SQL Server 2000 Db. Is there an accepted methodology for doing this? Are there any resourses that show how this can be done?
I need to secure my web page, when it is reading a file from the physical folder. Say for eg.. I have a page Page1.aspx, which displays a list of links that corresponds to the available text files in one of the files. All the other pages are secured except this page. So when I click the link, it redirects it to for eg.. http://localhost/folder1/one.txt. But this should not happen. As the user can type this without even logging into the website. So I need to know how to stream this file and display it in another page, rather than just showing it.
Iīve made a loginpage in asp, and a page that receives the data from the form and logs you in. But how do i make the loginpage secure? Do i have to use https, and if so, how do i change from http to https when the loginpage is included in another asp-file?I donīt know if i have explained myself correctly
Here's what I/m doing to sanitize/validate/secure my input.
1. The front end checks what kind of data is entered. 2. I am using parameterized query instead of concatenated strings (Against XSS) 3. I am replacing symbols like <,>,# etc with their appropriate entity number eg. & #32; without the space. (Agains SQL Injection)
Can someone please explain to me the basics of creating a secure connection (we're looking at using Authorize.net) and possibly point me in the direction of other resources for getting some info?
I have a site designed with ASP 3.0 code (HTML and vbscript) that I want to protect from being visible. I want this code to be non-visible and hack-proof. Is there a way to either encrypt or protect another way to ensure that my code is not stolen?
I have a client with their own W2k server and their IT guy refuses to turn on the SMTP service for fear of it becoming hijacked by spammers.
However, they also want their web site to perform some emailing functions I would normally use CDOSYS for.
I'm having them look into alternate SMTP servers to use with CDOSYS, but I was wondering if anyone here can recommend a 3rd-party ASP-based SMTP app that might be more secure than IIS' built-in service?
I have written a simple script that is called every 75 seconds or so to test whether the SQL Server database is running. The script is contained in a page that is not linked to in the site.
The thing is I have hard coded the database information on the page, I was thinking of putting the connectionstring into my global.asa file as an application variable.
How secure are the two options?
Will there be any performance issues? Bearing in mind that this page is called every 75 seconds.
I have set up an asp script which writes the output of a form to a database.I have achieved my database connection like this:Code:
DIM objConn Set objConn = Server.CreateObject("ADODB.Connection") objConn.ConnectionString = "Provider=Microsoft.Jet.OLEDB.4.0;Data Source=" & _ Server.MapPath ("contact-2000.mdb") & ";User ID=admin" objConn.Open
How do i go about making the database secure? at the moment anyone could view the source of the asp script and download the database.Which folder should the database be stored in? iv heard of using the root folder? at present the database is located in the same folder as my asp file.is there a way of setting up a password on the databas ein access and passing the password from my asp script to the database. the password would have to be encrypted though.
We have a need to allow our users to enter Credit Card #'s on a web page, so we need a secure page (have the little lock at the bottom of the browser) in order to do this.
1) What is this called? (I've heard the term SSL (Secure Socket Layer)tossed around, I don't know if this is the same or something different).
2) If I need a certificate of some sort for our server, how do I get it?
I have written a web app in asp3 which is used by lots of users.The data is all held server side.However,I want it so that the users can export the data in a csv file,much like you can download a statement from online banking.
However,I don't want to save the file to the server,as then anyone else might guess the filename and download it.Is there any way to directly generate a file from an asp script.i.e.instead of asp returning html,it returns csv data which the user can save away.
there is a way to post form variables in the best secure way... i don't sure how or what is the technical way to do this and that is the aim of this subject... but somehow the form write all the inputes into cookie and than the asp file read the form outputs from the cookie and not from the form itself... why? how it works?
I have an ASP application that I would like to give out to customers. how do I control the licencing. They will get the source code.. (I know I can put it into a DLL - its a possibility) but even then they can simple copy it elsewhere.
So what I thought was some code looks at the servers name, IP and current date and generates a code based on that. Then, I create a code at my end that will only work for that server name, IP and up to a date I specify. The code would be encrypted somehow. Does that sound like it would work?
how do i restrict anyone by changing an asp file. can it be done using visual source safe? Is there any way that i can stop any one from making changes in my asp file.
Is it safe to store credit card information in the ASP session state to be ultimately transmitted to VeriSign? I have a set of forms that are in the format of a wizard and I need to maintain the information through the pages. I know cookies are potentially unsafe, and I don't want to be responsible for credit card information being stored in my databases. I would use this type of method...
Code: <% Session("CCNumber") = Request.Form("CCNumber") %> If it helps, I have a VeriSign SSL certificate.
Are there any down sides to making the whole site jump to a secure layer from the word go? I have a site which does this from the point of login, but for people who don't login it stays in the normal zone. Just wondering about any possible side effects from making the default.asp jump straight into https unless it's there already.
I have a client who needs to be able to upload confidential documents (.doc and PDF) to a "hidden" area within their website so other members of their organization can later view them at their convenience. This area would be restricted by logins and passwords, but it also needs to be secure enough that no outsiders could gain access to these documents if they tried.
I've read on here about placing files in a directory outside of the root directory and then reading them back with a script but I'm wondering if there are other options that would be even more secure than this. Maybe with using some sort of file encryption or something else used in conjunction with files outside the root. I would be open to any 3rd party commercial software if someone has had good experience with it. Does anyone have suggestions to offer?
what is the best way to create secure passwords in a database. I have a login system that can create users but it saves the users passwords in clear text. how would i go about doing this so if people look in the database they will not know the password.
