I have done a search on this and it seems to be a topic of some interest (700) views, but has not been fully explained.
I have a page which validates a username and password and then, if both are correct, the applicantid is retrieved and passed by querystring using a response.redirect. Apparently it would be wise to encrypt the applicantid when passing it.
<% else
strApplicantID = rsPandU("ApplicantID")
'Response.Write strApplicantID - this works
Response.Redirect "memberarea.asp?id=" & strApplicantID
I use cookies on my website to store details such as the colour scheme, email and username though I do not want people editing this data so I need to encrypt the cookie due to data such as post counts being stored in this way.
Our web site is hosted on our providers site where ASP is installed. On our website, we generate an email containing personal data including credit card info whenever someone orders a product on-line from us (we only do a transaction per day avg.) Becuase the email contains credit card info, we want to encrypt it. I have downloaded/installed and generated a private and public key using GPG and have distributed the public key I generated to the provider that is hosting our website. They have imported it onto their system.
How can you generate an encrypted email using the public key on the providers system , using ASP?
Currently we are simply generating a plain text email containing this data - and this has to stop.
I want to know how can I encrypt my ASP code using VBScript & also when I use JScript so that people who see the source of my file cannot read my ASP code.
After reading several articles on securing web applications, hackers can not only perform SQL injection attacks easily but can get hold of the information in the global.asa.
This really worries me because the connection string is stored in this file and it contains critical information such as uid and pwd. Most people suggested that we should encrypt this information but the solutions that are provided are all in ASP .NET. Does anyone know how to do this or is there any better and easier way?
I have a website for our online store. Until now we have received payment through email, which we then run in our local store's Credit Card machine.
We want to move up from there. I have signed up for Paypal and that is easy.
We want to also be able to accept the CC info in our own website securely. We are not looking to actually run the Credit Card, we just want to get the information from the user and pass it on to ourselves in a secure manner, so that we can run the information locally on our Credit Card machine.
So, I guess, my questionj is not really about credit card's at all. Rather I am asking, how can I get a form's data sent to my computer 100% (or close to that) securely.
is it possible to check if a variable is present in the querystring, or is that unneccesary? will it assume the variable is empty if it is not present in the querystring?
I want to write a page which will load a default page for me with some links and all. lets say someone clicks on the link, which not only points to the same page but also passes a querystring. Looking at the querystring I will then display data from a database. So my question in short is... Is it possible to have a single asp page which can return either a default page where no querystring is passed or a result from the database when a querystring is passed? If the answer is yes, then is it a good idea to do this or have 2 seperate pages?
I've got a request form for samples of our product that we send out. The form is being linked from our ebay auction pages. In the link from the auction page I'd like to include the model number of the sample that they're requesting. (ie. /sampleRequest.asp?AS240)
Then, on my sampleRequest.asp page which contains the input form I'd like to include a hidden field which holds the value of that querystring. Finally, upon submitting this form I'd like that value to be placed into the sampleModel field in my Requests table in my database.
The problem I'm having is how to populate the hidden form field with the querystring form the ebay auction page. Code:
I would like to insert each set of checkbox1, checkbox2, checkbox3 into a table like field1(checkbox1), field2(checkbox2), field3(checkbox3). Remember each set of 3 checkboxes are 1 unit inserting into a table. Is this possible?
I am trying to maintain some ASP code that I did not generate and the programmer who did has a very different style than I do so I am having some problems. Hopefully someone out there can help me by answering my question.
I have the following line of code:
If (isEmpty(Request("dir"))) Then.....
Now my question: Could the Request("dir") used above be the same thing as using Request.QueryString("dir")???
i am working on ASP.net in c# and i want to pass " +" in querystring but "+" is converted to space.Is thereany encoding method to show "+" in querystring.
I have a banner that is clicked and the people are takin to a general information page. From the banner they are given the URL and a querystring of ?AdID=X. On that page they click and are taken to our signup page where i have a form for them to fill out.
The mentioned querystring is the referering company. How can I get the querstring information into a hidden value on my form before submitting to the database. I have tried <%=request("HTTP_REFERER")%> and it writes the whole URL into the database. I need just the querystring. Have also tried. <%=request.querystring("AdID")%> and that does not work either.
I am using querystrings to pass URLs to be able to tell what page to go back to when an action is done on my inventory site. For example, if an order status is updated, the page that does the update knows to go back to a page to display the page that the person was looking at before the update was done.
One of the pages that displays orders filtered by search criteria uses querystrings. If I try to send that URL as a querystring, it all gets combined together. For example, I have one page that redirects to something like "emailUpdate.php?Send=True&OrderID=342&LastPage=results.asp?Item=Computer&Method=Brand&Criteria=Dell" where "results.asp?Item=Computer&Method=Brand&Criteria=Dell" is the page I want to return to.
The "Item=Computer" gets set just fine, but the rest of the URL is concidered part of the first URL. Is there some special characters that I can use to show that I want the one URL to be its own querystring?
how do I add a querystring, with ASP? You're probably thinking, "just add it to the url"...but that's not what I want to do. Here's an example of what I do want to do, [vbs] Dim someString
'// Here a querystring gets added, through headers or something
'// Here my code uses the newly added querystring someString = Request.QueryString("MyAddedQueryString") [/vbs]
this is just a simplified example. Does anyone know how to do that?
I wish to build the following statement from a table that has been dynamically built using an query against an Access database. The number of rows in the resulting table can be 0 to any number. How would I dynamically build the string of params to pass to another web page?
During the creation of the table? or after the table is built? The number of params will be equivalent to the number of rows and the values are variables containing the data stored during the table creation during thr recordset loop.
html page <A href="IndustriesDetails.asp?IndustryName=Houseware & Kitchenware" target=_main> Houseware & Kitchenware</a>
ASP page strIndustry = Request.QueryString("IndustryName")
The problem is it is only getting "Houseware" if i remove '&' then it works fine ..can any one please tell me how can i solve this problem ... i want to get "Houseware & Kitchenware" in asp page
I just started working for this company. They have an online form that takes the user information and then it sends it to an asp page so it can be appended to a microsoft access database. They want to have a the functionality of tracking down their web advertising campaigns through the use of their promotion field in the database.
Basically they want to track down the seach engine the user came from when he filled out the form. I don't have that much of experience in this kind of scenario although i read an article on request.querystring(key) which i believe is what i need to do although i'm not sure how to plug it in so it can start working.
The promotion code has already been inserted in the database and now the functionality is through an radio button called 'search engine' everytime it gets selected it will send a value of "internet" to the database promotion field. Does anyone have some suggestion of how to go about this?
I have this code that builds the querystring and cookies. What I want to do is remove the query string and cookies in like an onfocus of a drop down list box or even by pressing a button Code:
I need to send a URL from a form to another .asp page through the querystring. I can't use request.form because I am uploading images at the same time and it isn't working. It seems to only work when I do Request.Querystring.
So is there a way to do that, I keep getting errors whenever I try I think because the URL has characters in it that messes it up.
like: http://www.domain.com/today?today=321%321
But something like this works fine: http://www.domain.com/today/