How To Restrict Access Level To Specific Web Page Using ASP
how can i retrict user to only access the web page iif and only if they have the username and password, they neeed to login before can access the certain pages. How is the coding for that web pages?
I have to create a web base application program, I think to use ASP but I would like to see If it supports comparison Graph. Does it support different levels of access because I have different kind of users or i have to do it manual?
I know I'm doing something simple wrong here and it's doing my head in. Don't know if anyone can help without me posting yards of code? I am using normal login page in dreamweaver which uses record id as the username and users password as password.
This all works fine logs in and forwards to /ammend.asp?id=7295 which is also restricted, then the user can update their record, no problems so far. The problem is that if I change the ?id= to another number 7687 for instance in the browser then the user has access to that record 7687 when I though it should go back to the login page.
This is a standard ASP application that has several pages at the root withthe global.asa. I set a session variable session("accountid") = "123456" within an asp page and then response.redirect to the next page and immediately response.write session("accountid") and I get back nothing.
But if I set a session variable session("accountid") = "123456" within an asp page and response.redirect to a page in a sub directory and immediately response.write session("accountid") I get back 123456 on the screen.
I am running a virtual hosting server. The configuration of server is as follows:
Windows 2000 IIS 5.0
All the virtual hosting sites are running as seperate user ie for the site www.xxx.com is running under xxxIIS and www.yyy.com is running as yyyIIS. I have also taken some precautionary file system security measures like the group everyone is not present in c: and directories corresponding to sites. But at the same time I can not remove everyone access from the full system, I will need to keep them in few directories.
This can lead to an asp code that is present on the server to do stuff like browsing through the file system, reading the contents of file etc. For ex if I have everyone acccess to c:winntsystem32 then any person on the server can write code to view the contents inside folder.
I want to know if there is any way to restrict the script belonging to one virtual hosting site to access only the contents of that site. example the site www.xxx.com present inside
c:inetpubwwwrootwww.xxx.com directory and can access only the contents inside this and the child directories. Is this possible? I searched the on google but could not find any link that gives me any information on this. It will really be a valuable information to me.
My problem, I've combined "log in" and "access levels" to restrict access to certain pages, using the built in "log in" and "user authentication, restrict access to page" features. But I find the after login I constantly get redirected from the restricted pages. Code:
I would like to restrict access to certain PDF files on my webserver. How can they be protected if they are in a "public" directory? For example, lets assume you have your html and asp pages for http://www.xyz.com saved on the server's hdd @ c:xyz.comhtdocs. If you place thefile.pdf in that directory, then all the "unauthorized" person would need to know is the pdf file url, i.e., http://www.xyz.com/thefile.pdf.
Assume I place the pdf file in the following directory on the server c:xyz.compdfs. Is there a way in ASP that I can allow certain visitors to view that file Remember, the asp file would be located on at c:xyz.comhtdocs.
I'm trying to find out how I can make a page to be restricted to open between Saturdays 12:05 pm until Sundays10: pm... and that.. EVERY WEEK... is there any way at all to do this or is it just simply impossible.???
Is there any way by using ASP with MS access to retrieve a specific data from a table and when i retrieve i want to show me the data without repeating the same data or duplicating data and i want instead of this to count for each item how many row is there in a the table ....... loooool i know that most of you will tell me to re-explain what i want to say again ... ? For example i had three rows in the table ... and those rows are the same with 4 attributes ... what i need is to retrieve those rows in the website .. but instead of showing three rows it will show me one and next to this row i want to put 3 which is the number of the rows in the table that are the same and if i have any other rows it will do the same ...
I want to create directory and set access permission to specific user.
i tried with wscript but it's not working, i used "cacls" command it's working only NTFS partition but i used to fat32 . how to set directory permission with asp script on fat32 so anyone help me?
I can use the RIGHT function, but I'd like for it to work on any page, regardless of the length of the page name. I'm looking for a good example of using a combination of MID, LEFT, RIGHT, etc to get certain parts of strings.
It has been said that When attempting to load an XML file saved as UTF-7 (a transfer encoding format for Unicode), the XML parser in Internet Explorer generates the following error message: Invalid at the top level of the document. The same error also occurs when using the MSXML parser from server-side or client-side script. I am getting this error when I use MSXML 3.0 as reference in a VB DLL function called by a ASP file.
I have a website that is running perfectly on windows 2000 server and IIS 5. However we are now moving it to server 2003 and IIS6. No problem there however after setting everything up a problem has occurred. My directory structure is websites then webroot within that which contains the site files. Within webroot is also a directory called connections, which contains the database connection asp file.
It is a mysql database. Ok the problem is that I am calling the connection in my asp pages as follows (<!--#include file="../Connections/connLUKTrading.asp" -->). but the server will not navigate up a directory level as the ../ indicates. The site works fine if I place the directory connections in at the same level the site works but then I will have to do this at each of wwwroot's sub directories I should not have to. I believe it is a permissions problem to do with IIS6 but not sure. I have spent hours trying to find it.
In our application, we have noticed on two rare occasion where the data stored in application level arrays has disappeared. We have 3 application level arrays, and many other data types stored at application scope as well. The other data types appear to have been unharmed.
All session level data remained unharmed as well. The data in the arrays seemed to have disappeared all of the sudden. No IIS restarts, for example, were performed. Is there any known issues with arrays being stored at application level.
On our IIS 5 windows 2000 web server we have many .asp's.most of which (When right clicked / security tab / edit authentication) are using Integrated Windows Authentication. Is there an easy way to check ALL of them? Some of the pages require a higher level of security (Our password reset page for example) and I am just auditing everything and want to make sure that only the few pages that require it are using the elevated security level. (By the way this is accomplished by using anonymous access with a domain account that is 'elevated'... I hate right clicking on 1000 different .asps to see the file / directory level authentication methods... is there an easy way to do this? Maybe through resource kit command line tools or some meta edit type tool
We can simply open a file from our server's folder. Even if someone knows the full path, he can simply open file. Even someone expert can delete pdf file also.
I am using Request.ServerVariables("SCRIPT_NAME") to get the extention from the url and need to know if I am in the root or down a directory. i have two folders, one called 'local' and one called 'group'
how I can make a dhtml menu into a dynamic menu that pulls its links from an access database instead of the hardcoded html.
I would like to know because I'm working on a site that needs such a menu and most of my administrators using my site don't understand html and won't be able to update the menu unless I can give them a simple form that allows them to add links.
I want to open the MS Access file with user-level Security. I know that if I do NOT setup user-level Security in the MS Access file, and create the table for login in the MS Access file (Put the MS Access file in the server), then it works.
I did that. But, I want to know whether or not we can use ASP code to open the MS Access (MS Access user-level Security setting). This way I can put the MS Access file in the public place.
Can we do it in ASP?
The following code cannot do that: <% set conn=Server.CreateObject("ADODB.Connection") conn.Provider="Microsoft.Jet.OLEDB.4.0" conn.Open "c:/try.mdb" %>
I'm trying to restrict access to a page based on a session variable called MemberUserID, so the way I thought of doing it was to say if MemberUserID is not equal to this value, then you would get an error page, but the operator I'm trying to use is giving me an error:
<% If Session("MemberUserID") != Name Then Response.Redirect "error.asp" End If %>
How can one restrict what kind of web browser users use to view your web site. I only want users to be able to browse my web site using firefox. I know this is possible because I've seen others do it. I'm just tired of it working fine on firefox and not right on other browsers.
I want to display a different message deppending on the amount of stock left. For example if there is no stock i would like to display "out of stock", if the item is in stock display "in stock". Code:
I have big problem because i need to link site and one service. I have customer with his site and about 1000 html pages which he want to be restricted. So we prolly need to do changes in that html pages...
Other thing is that part of site would be avaliable via payment thorugh SMS service. SO basicaly u go to one site, send SMS with instructions, and that service send u SMS with random generated password.
Then user need to go back to site and login using that random generated password. Can this be done and in what way. We have this system working in php but i dont have much ideas how to use this in ASP specialy with random passwords. I have some asp scripts that restrict pages but ofc users and pwd must be defined in access/SQL which is problem here regarding i dont have user/pwd i only have random generated code: