I have pass protected files within a directory adequately and included a function that ensures the http_referer is the secured folders index file so that I can be sure the file they are calling is opened up as an include within the index file.
My problem is what if it is a pdf or word doc or pp file. It is a bit of a training directory and they may use various forms of presentations. Now in cold fusion I can control the whole directory by implementing the application.cfm file but I know of no way in asp to do this.
I have a wast databse of records, where there are so many Images assiociated with each record. I store the Image paths, record's primary key in the database and retrive them as and when required to display the records and the necessary images corresponding to the records. the image path as of now contains a relative path from the root directoy.
Problem:
The main problem is ..what happenes when the hard disk is full and if i add another harddisk.. and add images into that new hard disk. how will i be able to address the images?? as they are in a separate hard disk hence cannot be addressed relative to the web site's root directory..
How to secure images,Docs from anonymous preying Eyes?
Here at work, we have 2 copies of our policies and procedures. We have a Word format, and a PDF format. The problem is that when a policy is changed (there is a commitee meeting every month), the Word doc file is updated, and then a different user has to convert it to PDF (We only have 2 licenses for Acrobat).
I would like to try to develop a solution, where the user updates the doc file, and then goes to a page on our intranet, where they check the boxes beside of the policy and click Convert, then it would convert the doc file to PDF. The policies are in a "public" folder, so the directory structure would be the same everytime. Are there are any tutorials or examples for converting docs to PDF?
I have a page that links users to a Word document based on a value drawn from a database table. In other words, John Doe is linked to "./docs/<% = lastname%>.doc" ...
This works fine, but I'm wondering if there's a way to control whether the doc opens read-only? I know Office 2003 docs are supposed to open read-only automatically, but I find that I can edit these docs no problem.
help with some VBScripting that would enable me to search thru Word documents (Word 2000 format) and return the filenames to use in a archive search on a legal website.?
I need some advise and direction on the above issue. I am doing a site where a user are able to upload/download files (image/document). Currently i am storing the physical file on a directory and store the path and filename in mssql.
To retrive the file, i will just simply extract the path and filename to point to the file on the directory. Simple as that. Now i am having a problem when another user might upload a image/document with a same filename as a existing file. I can't replace the file or ask user to give a different filename when uploading to the directorty. So, i am thinking is it advisable to store the image/document in to MSSQL? If so, how do i do that?
I'm trying to figure out how to run a script on my server which will go over a few folders of Word documents, and create html pages out of them which I can then serve to my users. Preferably I want to do this without installing anything else on the server, hopefully it's achievable with a scripting language like VBscript/ASP?
I am used to web programming in PHP,Perl, Java, but for this I need to use ASP, on IIS. I've Googled & Yahooed and not come up with much.
I am creating a series of downloadable articles, career tools, spreadsheets, etc. However, some of the content is for "registered" guest. The registrants are stored in a database and logon.
I want to ensure that someone registered cannot simply pass someone the path to the files for download. However, I am not creating an actual system user name for the folders where the various documents exist.
I don't want someone to logon, retrieve the path to a file, and be able to send that path or return to that path without having to logon.
How do I accomplish this?
Consider the following: serverroot/registeredcontentfolders would be protected by a single logon name - not accessible via anonymous access. User's logon to site and I auth them with their user name but on the server side, auth with the single account I am establishing for access to the protected folders.
I have a site that is using .asp mainly for SSI. There is a login section where the user types in their login and password, and this allows access to the member area of the site. So far so good. However, once in the member area, the user could bookmark that page and get back to it anytime without having to login again. Therefore, they could just email the link to friends and anybody could access it. (and yes, if they wanted they could email the login and password - but I can't stop that). I have another site that uses a single login/password to access restricted areas, but it's done with .php Any ideas about a quick code insert that could use their login/password to gain access (per session) to a certain file folder.I hope it's not an obvious answer
How do I call a page in a password protected directory? In other words, I had my admin make a directory protected with authentix and now I want to use a page outside that directory to call a page inside that directory. How can I do this
how to password protect a directory (downloads) on a Windows NT Server? UNIX is a breeze. It seems like you need an Act of God to get Windows to do the same?
Im running a site on IIS6 and its got a link to a protected directory.. Authentication required, so user enters their username and password and it gives them access to the directory.
now however we want to use the same link but different users.. so whoever clicks the button it prompts for login information but then redirects them to their own directory per their username/password. any ideas for me to investigate ? maybe an index.asp that waits for username and then redirects ? is there a simpler way ?
I have created a password protected area on my website using session variable. I used a pre-programmed package on the internet using ASPLogin not the very expensive company software- another more basic type from another company! A user can log in OK for the first time, however, when he/she next visits within a couple of days or more the login screen says that they are already logged in., and because of this, they cannot log in and have to wait for the session variable to expire.
I am using both Mozilla Firefox and Internet Explorer and both are having the same problem. I am not too sure of what is going wrong here, as ideally, each time they have logged out I would like them to log back in OK again.
I am trying to create a website where user is required to login first to view members page.
I want user to come to my website. They can move around in free sections where I give examples of the lessons that are to be taught. But if they need to few the whole lesson then I want them to signup first. Signup is free.
I want to use ASP to do that.
if you know any tutorial or have an example which tells how to do that, please let me know.
I know how i can list and manage files (with the file object) on a normal directory with ASP. But i couldn't find any information on how do i list/work with files which are locaed on a password protected directory (with basick auth). how to make such a task ?
the hosting control panel gives the ability ot make a login for the directory you want to secure , but i want to make a logout for this login , how could this be done ?
I need to look up what user name was used to login to a protected directory using ASP.
I don't want to create a login page, etc. It shouldn't be necessary. Only employees who already have user accounts need to log in to the webapp and the protected directory login box is all the security I need. I just need to be able to access the username that they used in my application. Code:
I have a folder that is protected, the users login with their unique username and password, these are held in a text file.
Is this information logged in a way that I can use the login name as a variable for use on my page, such as if I login as Jon the page can display "Logged in: Jon"
I have a client who has repeatedly asked about getting a site-wide search engine for their website. There's arguments for and against, but I'm more worried about the practical aspects of the request.
The site is largely composed of password-protected pages. Member data is stored in an Access database. The pages are all secured by a basic include file that checks against session variables to see if the user is logged in. If "yes," they can see the page. If "no," they are redirected to a login page. Standard stuff.
One of my biggest arguments against the search engines is that since they can't get into the protected pages to index them, those pages will not be included in search results. Since the protected pages make up about 90% of the site, this pretty much renders the search engine useless.
Have any of you encountered a similar situation? Any thoughts on a way for the search engine to index those protected pages?
As far as the search engine goes, I was planning on cheating and using a form that sends requests to a simple google site search (it works surprisingly well on the non-password protected pages), although I'm open to other suggestions if you have any.
I need to display a URL that links to a password protected wiki (htaccess) on an apache server. I'd like to include the userID and password in the URL so that the user is not prompted for it on the wiki end. If I was linking to another ASP page I could send the login info in the querystring, but how is this done with apache? Is this even possible?
I have a form mail script that sends an email and then writes to a text file using Server.CreateObject("Scripting.FileSystemObject").
The problem I am having is that the information needs to be saved in a Password Protected Directory. When I try to save the info it gives me a permission denied error.
I had my hosting company change the permission on the directory and the script was working ok but now it isn't.
Is there a way to pass the username and password in the script so I don't have to worry about the hosting company messing this up?
I have a client who has a password protected page (via session) that lists a bunch of pdf's. They are a little worried that you are able to browse and see the pdf's via the url without being logged in.
I'm not sure if it's possible or not but is there a way after their username and passord is verified to automatically grant them permisson to view the contents of the pdf directory?
An ASP page on my IIS server converts an uploaded word document to HTML, but I'm having a problem with it failing (hanging and popup requesting password on server!) on password protected word documents. (web upload, backend processing and web delivery)
I spent the whole day on google to find a solution. What I am looking for is an asp script or a property that can look at a word document and just return a yes or no as to whether it is protected, so I can then refuse to upload it, until the user has removed the protection.
I would like to pass the value %%LAST_NAME%% to another asp document.... I wanted to pass this value by doing a response.redirect, but, it truncates the double percentage signs
I know it works on a SUBMIT example: <form> <input type=text name="lname" value="%%LAST_NAME%%"> </form>
but, I would like to skip the submit and do a response.redirect... even if I create a variable using 'server.urlencode' it still truncates the %% example: response.redirect "newfile.asp?lname=%%LAST_NAME%%"
I'm trying to add a variable to the url that is going to be sent but when it is sent my additions are removed! I've tried numberous variations of action="caldelete.asp?curid=<%=iRecord%>" and every time it removes everything! What am I doing wrong? Code:
The code above passes the value of the "TimberSpecies" to the next page. I would also like to pass the value of the "CategoryTitle" to the next page at the same time.
How can i pass value from drop down list in 1 page to another pagei used onsubmit when i click the value in the drop down list and use request in another page to get the data.but why it still cannot works
I’ve used java script in my asp page for the new windows utility and also for link to .js extension (get calendar). Ok let see what I’ve done…. Within elseif : (see asp comment within coding page).
IM – date – open IM – date – close IM – date – all
What is a problem now, I try to test for calendar function (java script) in “– IM – date – all “.
I can retrieve date from javascript file -> ‘date-picker.js’ and insert date into these two textbox, but when I want to send/pass these two values (click button continue) to next asp page called byDateIMA.asp, browser told me that ‘error on page’. I’ve no idea about this problem. Hope anyone can help to solve this problem.