I am running a virtual hosting server. The configuration of server is
as follows:
Windows 2000
IIS 5.0
All the virtual hosting sites are running as seperate user ie for the
site www.xxx.com is running under xxxIIS and www.yyy.com is running as
yyyIIS. I have also taken some precautionary file system security
measures like the group everyone is not present in c: and directories
corresponding to sites. But at the same time I can not remove everyone
access from the full system, I will need to keep them in few
directories.
This can lead to an asp code that is present on the server to do stuff
like browsing through the file system, reading the contents of file
etc. For ex if I have everyone acccess to c:winntsystem32 then any
person on the server can write code to view the contents inside
folder.
I want to know if there is any way to restrict the script belonging to
one virtual hosting site to access only the contents of that site.
example the site www.xxx.com present inside
c:inetpubwwwrootwww.xxx.com directory and can access only the
contents inside this and the child directories. Is this possible? I
searched the on google but could not find any link that gives me any
information on this. It will really be a valuable information to me.
I know I'm doing something simple wrong here and it's doing my head in. Don't know if anyone can help without me posting yards of code? I am using normal login page in dreamweaver which uses record id as the username and users password as password.
This all works fine logs in and forwards to /ammend.asp?id=7295 which is also restricted, then the user can update their record, no problems so far. The problem is that if I change the ?id= to another number 7687 for instance in the browser then the user has access to that record 7687 when I though it should go back to the login page.
My problem, I've combined "log in" and "access levels" to restrict access to certain pages, using the built in "log in" and "user authentication, restrict access to page" features. But I find the after login I constantly get redirected from the restricted pages. Code:
I would like to restrict access to certain PDF files on my webserver. How can they be protected if they are in a "public" directory? For example, lets assume you have your html and asp pages for http://www.xyz.com saved on the server's hdd @ c:xyz.comhtdocs. If you place thefile.pdf in that directory, then all the "unauthorized" person would need to know is the pdf file url, i.e., http://www.xyz.com/thefile.pdf.
Assume I place the pdf file in the following directory on the server c:xyz.compdfs. Is there a way in ASP that I can allow certain visitors to view that file Remember, the asp file would be located on at c:xyz.comhtdocs.
how can i retrict user to only access the web page iif and only if they have the username and password, they neeed to login before can access the certain pages. How is the coding for that web pages?
I would like for server-side VBscript code to save a file to a remote server's network share. I've noticed that the exact code that would run from the command prompt does not get access to files on remote disks via ASP. Is there a workaround? Do you know if ASP.Net has a solution?
Looking for some good resources on coding an existing page to display images that are uploaded from a secured admin section. I.E. The only individual I want adding images to the page is the one I give permission to behind our Staff Section.
The Picture page is open to the public. Currently I have to create thumbnails, upload those then upload the full size image and then link it all on the pictures page. Looking for a way to let the end user do this themselves.
Just hoping to get some leads on how I can go about doing this. Do I need to save the images to a database, or can I just save them to a folder?
point me to some resources about Email Auto Verification. I'm using ASP.What my system is doing is after the user sign up, my system need to send an email automatically back to the user's email. The user only can login after he receives that email from our system. This is to make sure the email he keys in is valid.
I'm using application variables for a web based sales tracking application. I use the variables for stuff like connection string, database name, etc. I store the values in a asp file that is included in a login page. The assignments are in a procedure that I then call on the login page. This is done everytime a user connects to the login page.
what's happening to the variables? Are they being overwritten everytime a user accesses the page? I'm not checking for the existence of the variables. I just call the routine everytime the page is accessed. I know the values are shared for all users but, I was wondering if I should check for the existence of variables? Will it free up resources? Should I be using locks?
I'm trying to restrict access to a page based on a session variable called MemberUserID, so the way I thought of doing it was to say if MemberUserID is not equal to this value, then you would get an error page, but the operator I'm trying to use is giving me an error:
<% If Session("MemberUserID") != Name Then Response.Redirect "error.asp" End If %>
How can one restrict what kind of web browser users use to view your web site. I only want users to be able to browse my web site using firefox. I know this is possible because I've seen others do it. I'm just tired of it working fine on firefox and not right on other browsers.
I have big problem because i need to link site and one service. I have customer with his site and about 1000 html pages which he want to be restricted. So we prolly need to do changes in that html pages...
Other thing is that part of site would be avaliable via payment thorugh SMS service. SO basicaly u go to one site, send SMS with instructions, and that service send u SMS with random generated password.
Then user need to go back to site and login using that random generated password. Can this be done and in what way. We have this system working in php but i dont have much ideas how to use this in ASP specialy with random passwords. I have some asp scripts that restrict pages but ofc users and pwd must be defined in access/SQL which is problem here regarding i dont have user/pwd i only have random generated code:
I have a problem with restricting multiple users to get access to my site with the same username and password.
I allready set up a table getting the UserID of the user and putting it in the table, therefore restricting access for future logins as long as the users Session is still valid.
Now to my problem. When the user logs out everything is great, but when he just closes IE the session is still valid and the field in the DB will not be deleted. I have put a SQL in the Sessoin_OnEnd in the global.asa file, but since this site is a micro site in another folder than the root, the global.asa can effect the main site aswell. And it will take at least 15 minutes before he can login again (and I do not want to set session.timeout any lower).
I have a website setup which also provide ability to download latest version of our Software by logging into the webpage. All latest softwares (ONLY ONE FILE .EXE for each Software) are located in the "/Download" folder of my website. Customer will login to website and the ASP page decide the software that this user has purchased and privide ONLY that Hyperlink to download the latest Version file.
My problem is if somoe body know the path and file name then they directly put the URL in address bar and will get latest file. How do I restrict that? Please suggest all possible solutions.
How can I prevent a user from entering more characters than are allowed in a database field.For instance,if a field only allows 6 characters,how do I prevent the user from trying to submit the form in a user friendly way?
I have a select box that displays the phone numbers of an sms directory, Which has a limit of 100 . how do i restrict the size of the select box to 10 ? Code:
I'm trying to find out how I can make a page to be restricted to open between Saturdays 12:05 pm until Sundays10: pm... and that.. EVERY WEEK... is there any way at all to do this or is it just simply impossible.???
My boss wants me to create a form that will contain about 50 condo listings. He wants me to place a restriction on the form as to the number of Condo listings a user can select/request. Is that possible? If so, what will I need to do or use to make this stunt possible?
There will be several pages that will make up the form. There will be data being passed between the forms. To do that I would use ASP (I guess).
The items on each page would be different. Lets say on page1 there are 20 available condos located in area A. On page2 there are 20 available condos located in area B. On page3 there are 10 available condos located in area C.
The user goes to page2 sees a condo that he/she would like information about. They select that condo.
The user has now selected -one- condo from page2.
If the user goes to page 1 or 3 and selects a condo from those pages when the user hits the Submit button, the program should not allow the page(s) to submit since they have selected more than one condo. How can I make this possible?
Can someone point me in the right direction on this? There are 3 fields in the DB: model, rma, bagqty. If the values on a certain row are I530, 1108, 50 and a user goes to input the same data I dont want the insert to be allowed and force a new insert.
I dont need someone to do this for nor do I want that, just need a push in the right direction.
I'm creating a forum based site with basic BBCode features, but am concerned that misuse of the [ img ] tag will mess up my layout. I do not want to go down to road of users uploading images, but want to allow them to embed images from flickr, photobucket etc.
So, is it possible to restrict all linked images that are say, over 400 pixels wide? I've been racking my brains and have had trouble coming up with any solutions. Is it possible?
I have developed an ASP web application. If I sell this out to my client, how can I make sure that he doesn't run multiple copies of it. That is when I sell the web application my client should be restricted from running more than one copy.
Am trying to restrict user from entering non ASCII character in the text area. Say if the user entered non ASCII character then on the form post back it should show them the message like:
I have a Development server that is running Win2k, IIS 5.0, and ASP enabled. I am trying to gain access to an Access 2000 DB located on a file server within my domain. I'm pretty sure I have all the correct permissions set, but I am having problems when trying to access the DB.
The error is similar to:
The Microsoft Jet Database engine cannot open the file '******'. It is already opened exclusively by another user, or you need permission to view its data.
I'm looking for ways to fix this... Microsoft suggests turning off the ability for IIS to sync passwords. Unfortunately, this is not a viable solution for me.
Is it possible to create a new virtual server that is a share to my file server? Put my ASP and MDB file in there and have it work? Anyone have any other ideas?
I'm working on a site that inserts records into an Access database and Access assigns an auto-incrementing id for the record. How can I quickly figure out what id that was just created? I seem to remember there being a function for this....