I know I'm doing something simple wrong here and it's doing my head in. Don't know if anyone can help without me posting yards of code? I am using normal login page in dreamweaver which uses record id as the username and users password as password.
This all works fine logs in and forwards to /ammend.asp?id=7295 which is also restricted, then the user can update their record, no problems so far. The problem is that if I change the ?id= to another number 7687 for instance in the browser then the user has access to that record 7687 when I though it should go back to the login page.
I am running a virtual hosting server. The configuration of server is as follows:
Windows 2000 IIS 5.0
All the virtual hosting sites are running as seperate user ie for the site www.xxx.com is running under xxxIIS and www.yyy.com is running as yyyIIS. I have also taken some precautionary file system security measures like the group everyone is not present in c: and directories corresponding to sites. But at the same time I can not remove everyone access from the full system, I will need to keep them in few directories.
This can lead to an asp code that is present on the server to do stuff like browsing through the file system, reading the contents of file etc. For ex if I have everyone acccess to c:winntsystem32 then any person on the server can write code to view the contents inside folder.
I want to know if there is any way to restrict the script belonging to one virtual hosting site to access only the contents of that site. example the site www.xxx.com present inside
c:inetpubwwwrootwww.xxx.com directory and can access only the contents inside this and the child directories. Is this possible? I searched the on google but could not find any link that gives me any information on this. It will really be a valuable information to me.
My problem, I've combined "log in" and "access levels" to restrict access to certain pages, using the built in "log in" and "user authentication, restrict access to page" features. But I find the after login I constantly get redirected from the restricted pages. Code:
I would like to restrict access to certain PDF files on my webserver. How can they be protected if they are in a "public" directory? For example, lets assume you have your html and asp pages for http://www.xyz.com saved on the server's hdd @ c:xyz.comhtdocs. If you place thefile.pdf in that directory, then all the "unauthorized" person would need to know is the pdf file url, i.e., http://www.xyz.com/thefile.pdf.
Assume I place the pdf file in the following directory on the server c:xyz.compdfs. Is there a way in ASP that I can allow certain visitors to view that file Remember, the asp file would be located on at c:xyz.comhtdocs.
how can i retrict user to only access the web page iif and only if they have the username and password, they neeed to login before can access the certain pages. How is the coding for that web pages?
I'm trying to restrict access to a page based on a session variable called MemberUserID, so the way I thought of doing it was to say if MemberUserID is not equal to this value, then you would get an error page, but the operator I'm trying to use is giving me an error:
<% If Session("MemberUserID") != Name Then Response.Redirect "error.asp" End If %>
How can one restrict what kind of web browser users use to view your web site. I only want users to be able to browse my web site using firefox. I know this is possible because I've seen others do it. I'm just tired of it working fine on firefox and not right on other browsers.
I have big problem because i need to link site and one service. I have customer with his site and about 1000 html pages which he want to be restricted. So we prolly need to do changes in that html pages...
Other thing is that part of site would be avaliable via payment thorugh SMS service. SO basicaly u go to one site, send SMS with instructions, and that service send u SMS with random generated password.
Then user need to go back to site and login using that random generated password. Can this be done and in what way. We have this system working in php but i dont have much ideas how to use this in ASP specialy with random passwords. I have some asp scripts that restrict pages but ofc users and pwd must be defined in access/SQL which is problem here regarding i dont have user/pwd i only have random generated code:
I have a problem with restricting multiple users to get access to my site with the same username and password.
I allready set up a table getting the UserID of the user and putting it in the table, therefore restricting access for future logins as long as the users Session is still valid.
Now to my problem. When the user logs out everything is great, but when he just closes IE the session is still valid and the field in the DB will not be deleted. I have put a SQL in the Sessoin_OnEnd in the global.asa file, but since this site is a micro site in another folder than the root, the global.asa can effect the main site aswell. And it will take at least 15 minutes before he can login again (and I do not want to set session.timeout any lower).
I have a website setup which also provide ability to download latest version of our Software by logging into the webpage. All latest softwares (ONLY ONE FILE .EXE for each Software) are located in the "/Download" folder of my website. Customer will login to website and the ASP page decide the software that this user has purchased and privide ONLY that Hyperlink to download the latest Version file.
My problem is if somoe body know the path and file name then they directly put the URL in address bar and will get latest file. How do I restrict that? Please suggest all possible solutions.
How can I prevent a user from entering more characters than are allowed in a database field.For instance,if a field only allows 6 characters,how do I prevent the user from trying to submit the form in a user friendly way?
I have a select box that displays the phone numbers of an sms directory, Which has a limit of 100 . how do i restrict the size of the select box to 10 ? Code:
I'm trying to find out how I can make a page to be restricted to open between Saturdays 12:05 pm until Sundays10: pm... and that.. EVERY WEEK... is there any way at all to do this or is it just simply impossible.???
My boss wants me to create a form that will contain about 50 condo listings. He wants me to place a restriction on the form as to the number of Condo listings a user can select/request. Is that possible? If so, what will I need to do or use to make this stunt possible?
There will be several pages that will make up the form. There will be data being passed between the forms. To do that I would use ASP (I guess).
The items on each page would be different. Lets say on page1 there are 20 available condos located in area A. On page2 there are 20 available condos located in area B. On page3 there are 10 available condos located in area C.
The user goes to page2 sees a condo that he/she would like information about. They select that condo.
The user has now selected -one- condo from page2.
If the user goes to page 1 or 3 and selects a condo from those pages when the user hits the Submit button, the program should not allow the page(s) to submit since they have selected more than one condo. How can I make this possible?
Can someone point me in the right direction on this? There are 3 fields in the DB: model, rma, bagqty. If the values on a certain row are I530, 1108, 50 and a user goes to input the same data I dont want the insert to be allowed and force a new insert.
I dont need someone to do this for nor do I want that, just need a push in the right direction.
I'm creating a forum based site with basic BBCode features, but am concerned that misuse of the [ img ] tag will mess up my layout. I do not want to go down to road of users uploading images, but want to allow them to embed images from flickr, photobucket etc.
So, is it possible to restrict all linked images that are say, over 400 pixels wide? I've been racking my brains and have had trouble coming up with any solutions. Is it possible?
I have developed an ASP web application. If I sell this out to my client, how can I make sure that he doesn't run multiple copies of it. That is when I sell the web application my client should be restricted from running more than one copy.
Am trying to restrict user from entering non ASCII character in the text area. Say if the user entered non ASCII character then on the form post back it should show them the message like:
I have a Development server that is running Win2k, IIS 5.0, and ASP enabled. I am trying to gain access to an Access 2000 DB located on a file server within my domain. I'm pretty sure I have all the correct permissions set, but I am having problems when trying to access the DB.
The error is similar to:
The Microsoft Jet Database engine cannot open the file '******'. It is already opened exclusively by another user, or you need permission to view its data.
I'm looking for ways to fix this... Microsoft suggests turning off the ability for IIS to sync passwords. Unfortunately, this is not a viable solution for me.
Is it possible to create a new virtual server that is a share to my file server? Put my ASP and MDB file in there and have it work? Anyone have any other ideas?
I'm working on a site that inserts records into an Access database and Access assigns an auto-incrementing id for the record. How can I quickly figure out what id that was just created? I seem to remember there being a function for this....
I want to move my only window shosted client to linux. The site they have access a Microsoft Access database with the below code but i can't get it to work under Linux.
I'm trying to access a table in a MS Access database using ASP but the name of the table is causing me some trouble. The problem is the table name has a space in it eg, "My Table".
If i try and access it using a query "SELECT * FROM My News", it says i cant find table "My". If i remove the space from the name (to MyTable) it works fine. But the trouble is its a customers database and i cant easily rename it because its linked to other tables and db's.
How can i access a table with a space in its name? I've tried "SELECT * FROM My_News" but that doesnt work either.
I have an ASP page needs to access a remote MS Access2000 database, I got error "The Microsoft Jet database engine cannot open the file 'F:Collect.mdb'. It is already opened exclusively by another user, or you need permission to view its data. ".
The 'F:' is a mapped drive from remote machine where the access database loactes. If I copy the database back to local box, no problem.
I'm looking to make an online multiplayer game which will utilize Access Database... basically I require thousands of people writing and reading from the same database... I was wondering if this is possible for that... or is mdb file restricted to 1 person at a time...
If it is limited what would you suggest as the best way to control an interactive online environment? .txt files possibly?
What is this all about? Generally I run against SQL Server but now I have to use access. The query I want to run is a simple double join
SELECT tblArtists.*,tblGenres.name AS genreName,tblPages.pageId FROM (tblArtists INNER JOIN tblGenres ON tblArtists.genreId = tblGenres.genreId) LEFT JOIN tblPages ON tblArtists.artistId = tblPages.artistId ORDER BY surName ASC, firstName ASC
Now If I run this question in access against the database it accurateley returns two posts. BUT When I paste the same query into an asp document and runs it with a fileDSN against the same database it returns nothing!? Is this some kind of joke from Microsoft?
I have an Access DB which contains couple of link tables. All these tables are from different databases. So each one has it's own database password. Since there is no way to save the password during the DSN creation. Then you need to manually type in the password each first time when open the table.
This causes the problem in ASP code during run a query. Since the table cannot be accessed due to the password protection. Is there any statement than can open a table and meanwhile pass the password in? Does anyone experienced with the similar situation?
I generate my codes using a generator. My problem is that I can not write into my Access database. I had gone to tools to allow access permission . still nothing.