I've built an upload system but i now need to protect the files from being downloaded
without being logged into the site.What's the best scenario to implement.I'm using an access database for the site.
Here's what i have done so far.Once a file link (just the id not the file name) is clicked it will check that there's a session variable present then it will present the user with the actual file but i'm now guessing is this the best way to go.
How can I password protect files so that no one can anonymously download it? I have windows 2003 server with IIS 6.0. Please explain the steps in detail.
I did write some asp code, that I sell to companies, to control several dbases. Because I sell the code, it's not that they own the code and can sell it further or change the code, or add some extra code to it. It's like I'm selling a program like Excel and that they can use the program, not change it. I'm still the rightful and intellectual owner.
Also, if you give the raw asp-code, then there is a possibility that they change to code a bit for there internal usage only. But if I sell an update, then they have to search and copy/past there old code in the new page, not knowing, that everything will work eventually.
It would be a lot nicer and easer if I can deliver some protected code that they can't change! This will make my live a lot easer regarding updates. And I will sleep better because they can't see the raw asp code, copy/past/change and sell it or worse, going to competitors. Code:
Is their anyway I can protect my asp code from being copied. I have created a number of include files that are quite useful and save a lot of time.
I am hoping that if another developer is enlisted to work on a project i have worked on previously, I can protect all my hard work from being plagerised.
I have writen a few scripts that I'm allowing some poeple I know to use but I don't what them to be able to view the code, is there anyway of stoping them like compiling the code into a DLL or something?
I am building a site that will have a number of images on it, at the moment I have the images in a Dir on the site and the paths stored in database.I want the make it as hard as I can for people to download the Images that are stored on the as some will probably be copyrighted, etc. I know watermarking the images is probably the only real way of protecting them, but I was hoping not to have to do this.
I plan to put a transparent gif in front of the images so right clicking don't work, is there anything I can do to protect the paths that will appear in the source downloaded to the browser?
I am using ms access database and asp 3.0 as my front end. In my database there is a table called account and a field called password. How do I protect the password stored in the database.
I've created a database for a group of about 5 people that I password protected. They all use the same user name and pass to access the website. I've used a session variable that is set to "valid" if the user and pass are correct. When the click the sign out link on any page, I use the Code:
Imagine you could encrypt your asp pages and then using a dll run the pages as normal do you think there would be a market for it. Obviously the dll would need to be registered on the server, but once registered you never need to register it again, if the asp page changes then just re-encrypt it.
One advantage I could see for it is db connections or when writing scripts for other companies but want to protect some of the routines you might have written. But what do you think.
I am after a solution to people both linking to my images and putting the paths into their browsers manually (when they know the format, after viewing the site normally). The reason is that the site has banners, and the only way I can keep it up (afford the hosting) is by successfully serving a banner along with the image requested.
I know xoom and those sort of hosting places have this technology. so it exists, and I'm sure many of you know what I'm talking about. My site will be wholly written in ASP, so hopefully there is an ASP solution. It will also use a mysql db (if that info is of any use).
This is extremely important. If I can't find a workable solution, the new site will never be launched.
I've finally written an asp app that is worthy of resale and would like to hear from you who have done the same. What is the best way to protect my application? I would like to stay away from anything that has to be registered on the server as most of my target audience will not have physical access to their web servers. They will just upload the code to their server and set directory permissions for the database.
I 've purchased asp scripts myself in the past and had to provide a domain name where it would be running. It would not run on any other domain but the one I provided. Is this a practical approach or is there a better way? How is it done? I've also seen posts about putting some of the vb code into an activeX dll. Is this a solid solution? Again, How is this done?
I have a site with restrict access where people can download documents in pdf format. All documents reside in a folder. My problem is that if the person puts the full path to the document in the browser (ex. www.mysite.com/documents/documentx), he can download the document even not being logged in. What is the best way to create a protected folder that I can access via ASP (with a password) to get the document to the user ?
Is there any way to do it without saving files to a database or having to use windows basic authentication ?
I am developing a small e-commerce site that allows users to create an account, pay, and then download audio files.I have only been doing ASP for about 6 months and this is a new problem for me: I need to not only password protect the pages (using Sessions and checking usernames and passwords against an Access database), but I also need to password protect the audio files themselves, so that users can't just type in the absolute URL to the audio files and get them for free.
I'm guessing password protecting the entire folder that contains the pages and audio files would be the best way to go, but I have no idea how to do this, and haven't been able to find any info on it.the site is part of a larger already existing site which is on a Shared Windows hosting account, so I have no root-level access to install any new software or technologies.
Lets say I have a folder 'members/3/'. in this folder are images. I have a login page that connects to a database to retrieve user info. After login the user is directed to a page that lists the files in the above directory.
Now lets say some other user goes to the directory and types in members/3/image1.jpg he/she will now see the image. How can I stop this without using ntfs permissions.
I need to password protect all the pages of my website using ASP. Microsoft KB 301464 http://support.microsoft.com/default.aspx?scid=KB;EN-US;q301464&ID=KB;EN-US;q301464&SD=MSDN
provides a simple way of implementing it. But I am getting the following error in the Logon.asp script and dont know how to get past it. The Script block lacks the close of script tag (%>). /PDACPO1/Logon.asp, line 45.
Is there any way to setup a multiple password page where if user1 logs in it will take him to dir1 and if user2 logs in it will take him to dir2 and so on. Basically, we need a page that checks to see if the user name and password exists and then redirects accordingly.
I've got a site going that has pages protected by a login script. I have a logout button that simply redirects to a session.abandon page. Obviously people can still access the protected pages by hitting the back button on the browser (although they cannot go to any of the other pages by using the buttons on those pages).
Is there a way to protect the pages so that the user can't return to a page by using the back button? Or somehow force one of those "page expired" conditions so that a passerby couldn't snoop confidential information?
Ive seen a few examples of how to password protect my pages by either textfiles / access. But how can I make the pages so that no one can just enter the url and bypass the login page.
Im trying to create a shop site and im trying to create a maintenance page that only I have access to so that I can look at my database status without having to open the database directly. I need these pages to be completley locked from anyone but me.
I want to install asp and access on a server, is there way to password protect asp pages from being accessed directly?. I don't mean via web.But being accessed from the server directly?
Is there way to ensure that the asp pages works on the computer/server it has been installed on and not for any other comp?
So if some new admin tried to copy those asp pages to another computer,they would not work.
I have a website that we display images we have saved into a SQL Server 2000 database as binary BLOB. This is on a Windows 2003 Server. Just recently (a week ago) this website began to save the images it is displaying on the website as ASP pages in the Temporary Internet Files > IE.Content > Folder.
We have other websites where we use the exact same code and these do not save files on the server when they are displayed.
Here is the code to display the image: Set rs = objConn.Execute( SQL ) Response.ContentType = "application/octet-stream" Response.BinaryWrite rs("Product_Image")
SQL is the SQL String to get the image from database
When I add this code:
Response.ContentType = "image/jpeg"
The images still display on the website, but now are saved in the Temporary Internet Files folder as JPG's.
Can a php file be executed inside an asp file? I need to execute a php file in another asp file but i'm not so sure it's possible. My server can run both asp and php and they run without any problems... I just need to find a way to include the execution results of the php file in the asp one. Is it possible to use SSI and include the executed php file and then the executed asp file in a main ssi file?
I have installed PWS in windows 98 in each of the system at various places and put my Sales program files in the WWWROOT directory in all the branches. I'm afraid that the users may tamper my ASP files. Is there any way of converting .ASP files to .exe files so that the dont see my program.
I was wondering how some sites let you search by using a form, then present the results as static .htm files.
The reason I ask is that I tend to use ASP to process form information, then give the user a list of results presented on an .asp page. The list is simply drawn from a database in real-time and formatted into a template page.
The problem with this is that search engines can't see any of the information in the database, since they can't do the form submission. Is there a way around this?
When DLLs are compiled in VB, in addition to the dll, there are also exp and .lib files created. Can somebody tell me what these are for? Do I need to include them when I deploy my application?
I want to include just the result of a PHP file within an ASP file. <--#include won't work, it just imports the text.Is there an alternate way to do this?
Checking our IIS log files we often get the chinese bots probing our sites. My only concern at the moment is that when an item is called by ID (i.e. select category from table where categoryid = id) and the id is called from either a querystring or a form request, I use CLng (i.e. CLng(request.querystring("id")) to convert the id to a long int to prevent the bots injecting the variable with any non-numeric characters.
IYHO, if I have say 10 different product categories that extract their data from say 10 text files or an Access DB, is it more efficient to have an ASP for each product category to query each section or 1 which parses the lot?? The only reason I am asking is for multiple user access I have this strange belief that if 1 page is getting requested and queried by 10 simultaneous visitors then 'spreading the load' on different pages would help. Is my logic correct or do the ISP fairies have this in hand??