Developed a basic ASP web site with MS Access 2k3 as a database
back end. I've developed it on two different Win2k3 servers, and app works
flawlessly on both.
However, we just moved it to a client's Win2k3 Server,
and it's not holding any session variables. It IS, however, holding
Application variables, but not session variables.
I checked all the usual
things (MS KB, ASPFAQ, etc), but none of them provided any solution. The
only difference I can find between the three servers is that one has the
Enhanced IE Security whosiwhatsis loaded, whereas mine don't.
Is possible to terminate all session variable created without closing the browser I do not want users to click on BACK button on browser or paste the url link in the http:// and shows the record displayed after logout. This works fine if users close the Browser.
I'm sure we've all heard the warnings about using cookies instead of session variables to store all of that user data so that our servers don't get bogged down. I'm just wondering how serious is this. I mean, is it just a suggestion or do these variables really take up a large amount of memory per visitor?
"Why would it matter? Just use cookies!" might be your response. Well, say I'm creating a user backend to edit a news section for a company. Now, I realize that the company newsletter is not mission critical information, but my novice-programming gut will not let me sit at ease if I store usernames and passwords in cookie data. What's to prevent someone else from looking at that local machine and fake my cookies, or even directly login with the information contained there-in?
For a recent backend along these lines, I stored a custom class in a session variable (all of you hardcore ASP guys can take a deep breath and stop twitching ). The class basically contained a copy of that user's database record (a user id, the username, the password, the e-mail address, and a few different permission variables).
I did this for two reasons:
1) I filtered all of my content through default.asp (meaning that each url looked something like default.asp?p=events where p was the real page request). Doing this allowed me to simply check the user's credentials in the default.asp script and then server.transfer them to the real page contained in the p querystring variable. I used the session-stored class after the first login (so I didn't have to hit the DB with each page request but could still make sure they had access to the site).
2) I knew before-hand that this system was only going to be used by 10-15 people max, and only 1 or 2 would be logged on at a time, let alone most of the idle time when no one was logged in (basically, it was a very low-load system so I didn't mind being unconventional). Code:
I'm involved in quite a large project which has a slightly unusual form of login (at least I think it's unusual!). I'm creating a site in ASP (actually Chilisoft ASP) where access to all pages has to be secured via login. The odd bit is that while the login page will be on this site, the login process itself will be carried out on a completely separate domain - this is the client's requirement so I have no choice.
On login, the user will be assigned a 24 hour cookie by this 2nd domain and then be passed back to the site I'm involved with. My site then needs to assign a similar cookie (I'm assming that I won't be able to read the other domain's cookie) and allow access to the site for 24 hours.
I'm wondering if it's most efficient to assign a session variable to indicate the user is logged in once my cookie has been generated (rather than have every page check for a cookie again) and on subsequent sessions during the 24 hour period to 1st check for session var, then the cookie and then, if cookie exists, to assign the session variable again.
Im trying to find why my hosted server won't maintain session state. Its not a web farm (not load balanced), its all the same server
An application requires a session to be set and then recalled (like you do :)
However, since the server software was upgraded from IIS 5 to 6, the working code no longer works. (ie - login with session variables but get logged out immediately the page changes)
Using simple code like <%=session.sessionid%> on the IIS6 server, and refreshing the page shows a new ID most times - it should be the same id?? Testing on the old server (IIS5) would keep the same session id.
Where do I start looking and what pertinent questions do I need to ask my host?
I'm having problems getting session timeouts to change programmaticlaly under IIS6.0. This is unchanged code that ran as expected under IIS5.0. Anyone else run into this problem?
I have an asp application running on both iis5 and iis6. (not .net) The server ruhnning IIS5 has no problem running my application. IIS6 randomly times out WEB users. The session timeout is set for 60 minutes. I will get timed out in iis6 in less than 5 minutes. Are there any other settings that can be changed to stop this from happening.
I have an application that uses SQL extensively. However some of what it uses SQL for (the results) are fairly static and change in the database very rarely. Would it be more efficient to store this information in application variables rather than doing SQL queries each time? Its a pretty heavily utilized application. Would application variables be able to handle the traffic?
I'm trying to get a page included into another page, and so far I've been using Server.execute("home.asp") without any problems ['home.asp' is just an example], but now I' m trying to get this to work:
I've got a software package that generates nice roll-over menus. The code generated is javascript. I want to edit the javascript to prevent specific menu buttons from appearing based on security/permissions settings. These permissions are contained in ASP session vairables. So, in the js I want to check for an ASP session("perms")... If I place <% if ... %> in the js file--it errors.
I have a prob passing some vars from an .swf to an .mdb using a n .asp file. When I use the getURL command instead of loadVariablesnum, I am getting this error:
"Error Type: Microsoft OLE DB Provider for ODBC Drivers (0x80040E14) [Microsoft][ODBC Microsoft Access Driver] Number of query values and destination fields are not the same. /processForm.asp, line 112"
I have counted the query values and destination fields a hundred times, but they are both exactly 100.
I guess this is a continuation of my erlier problem which I thought I had solved. I have several inputs being passed from one page where they are inputed in, to a preview page so the user can chek there info, then it will be passed to a page to submit the info to a data base.
I have a input that is the item description var name of �prodesc�. It pass from the input page to the preview page just fine. Then I use the same method to pass it to the next page to save it to a data base, but when it gets to the submit page the var �prodesc� only has the first word of the description that was shown on the previous page? Any one know why its acting like its been trimmed? Code:
I am working on an ecommerce app and want to be able to take my entire POST results as one item (or iterate through them) and check for any malicious SQL INJECTION items. After checking/escaping them i want to save them back into the post results. The reason for this is because I have coded the entire app and just learned about the dangers of SQL Injection and rather than going through every post var and fix it I would rather run a function at the beginning of each page.
for debugging purposes, I am wondering if it is possible to have an ASP script that:
-creates a tabel with two columns -writes a var name in the first column -writes its value in the second column
is this possible? Right now, I have manually created this tabel for myself, but everytime a new var is defined, I have to update my 'debug' table. Can this be automated?
a customer already has a website with ASP pages to request a call from a salesman... and it emails HQ with about 20 form values and also emails the customer.
what we'd like to do in a simple way is store those 20 fields somewhere they can be downloaded as well, instead of messing with the emails. but i don't want to mess with any rdbms (cause we don't have access to the server--- long story) so i'm wondering if some simple commands can just write the data to a physical file somewhere in webroot so it can be downloaded at a later time.
I'm currently testing a version of Win2003 to evaluate a migration of our NT4 server, but I got some troubles with Office Web Component 9 (office 2000), it seems it doesn't work anymore, and I can't find the issue.
When I make a Set objSpreadsheet = Server.CreateObject("OWC.Spreadsheet"), I got an error : Server object error 'ASP 0177 : 800401f3' Server.CreateObject Failed /test/include/./include_asp/excel-class.asp, line 10 800401f3
So I thought it was a "Web service extension" problem, prohibited por default by IIS6, I authorized MSOWC.dll but nothing changed...
Then I decided to setup OWC11 and it seems to works fine.... even if I don't authorized it... (is it a normal behaviour ?, shouldn't I be supposed to autorized it ? )
I can't understand my problem with OWC9 is there some incompatibility with IIS6 ? Code:
Ive got a ASP site on a server with a old iis and it works perfect on but ive got a new server with IIS 6 with exactly the same site and the session variables wont stick they just dissaper any idea.
I have a custom File management ASP application that handles Large File uploads and download from a database (30 - 40 MB files) The application works fine on IIS5 but when I relocate it to IIS6 i get an error when I file not found error when i attempt to download out of the Database. IS there a reg setting or metabase setting that i need to change to handle large blob outputs.? Sorry I can't be more specific about the error msg but that is all it give's me a File not found error. it does however work fine with small files less then 2mb in size
I used to be able to run ASP scripts on IIS and then I installed MS SQL server 2000, and EVERY page I go to that has an .asp extension (even if the code inside is BLANK) will return a error labeled "The requested resource is in use. ". I've tried many things like re-installing IIS 6, allot of things. PLEASE help me, this is on a production box and HAS to be UP AND WORKING before 1:00 AM CST (5 Hours from the time I posted this)
I migrated an application from NT4 (IIS4) to 2003 (IIS6).
The application only works when the components are registered with regsvr32.
One of the webpages doesn't work-- when I fill the form out and hit submit I get "compx error '800af10a' Insufficient memory to perform operation. /submit.asp, line 283"
I've tried going through and changing permissions but haven't had any luck. I also tried setting the Web Site to use an Application Pool that I created to run as System Mode but that didn't make any difference.
Everything works when I select "IIS5 Isolation Mode".
Knowing that it works under IIS5 Isolation mode how can I determine what is causing the message so I can run it under IIS6?
I migrated a VID6 application from Windows NT 4 to Windows 2003 Server (IIS4 to IIS6) which was developed using ASP and VBScript and I now I am getting an error message as follows: Microsoft OLE DB Provider for Visual FoxPro error '80004005' There is not enough memory to complete this operation. /hinojosa-web/iPD2.asp, line 377 The line mentioned above refers to the execution of a query to generate a recordset which will be displayed to the user who is requesting data. This issue does not always happens, it does only after accesing the web site several times.
I just have installed Windows 2003 Server Enterprise Ed.Where the IIS ver.6 came with it. I installed the IIS6 with all its subcomponents. The problem is that ASP pages are not processed by the IIS whereis HTML pages are. I have allowed asp extensions.
Is there an explanation somewhere as to how IIS6 determins how many ASP threads its actually going to use?I have configured IIS6 to have 20 threads (ASPProcessorThreadMAX) but it uses them all.
I am using the MACT test tool to stress test and with 50 concurrent users I quite often see only a single ASP thread being used the other 49 are on the Requests Queued. The Request Wait Time in Perfmon can be averaging around 5 or 6 seconds and there is plenty of spare CPU.
The application quite often has long running queries(15 to 20 seconds per request)and rather than use another thread IIS will quite often just keep ticking along with the threads its using with the result that the Request Wait Time can jump significantly.
Set oVar = Server.CreateObject( "MSWC.PermissionChecker" )
The PermissionChecker component works flawlessly in IIS5.0, but we're migrating to IIS6.0 and it no longer works because IIS6 no longer supports it. Has anybody gotten around this issue?
Is there a way to block an IP from entering a website on IIS? I do not have MOD-Rewrite and I have been told not to do this wih a PHP script. IS there a way in IIS?
I've used DynuFTP and am happy with it but now the host server needs upgraded to IIS6 and Win2003. After they did this I get the error that I'm pretty sure is from DynuFTP:
Active Server Pages error 'ASP 0115'
Unexpected error
/cms/Upload.asp
A trappable error (E06D7363) occurred in an external object. The script cannot continue running.
Has anyone run into this? Seems like an IIS6 compatibility issue.
Part of the content of one of our web pages uses wingdings and Chr(239) through Chr(242) (which are little arrow outlines, though that's not really important.)
It worked just fine in Windows 2000 Server, but now under Server 2003 it seems that characters above 127 get converted somehow, and our code no longer produces the desired effect.
Does anyone know how to make it send our content without modification, or how to encode it in a way that it makes it out to the browser with the intended character value (as opposed to some thoroughly useless conversion to a 7 bit value)?
I am trying to set a webserver to use French regional settings for testing ASP pages. According to http://support.microsoft.com/kb/q306044, for IIS5, this is a matter of changing the regional settings for the authenticated user, and if this user does not have a user profile then the default regional settings. Unfortunately, this does not seem to be working in IIS6, in that I have change the default user's settings and I am still getting English dates. Can anyone tell me if this is because the way IIS chooses its settings has changed for IIS6 or just because I have done something wrong?
