|
Hmmmm.... got a few good message from this forum after a long while. Bye the way, havent yet found a clue for the problem(s) that I am facing. Shall send you the file to you in mail......
|
|
|
|
|
SPS wrote:
Shall send you the file to you in mail......
that would be great
Paul Watson Bluegrass Cape Town, South Africa Ray Cassick wrote: Well I am not female, not gay and I am not Paul Watson
|
|
|
|
|
I've been fiddling with ASP and ADO for maintaining a simple event calendar page, and my head is getting sore from beating it against so many weird walls. The latest is, I'm sure, very simple, but I'm certainly not seeing it.
The database connection works great, and when I enter:
Response.Write objSubj where the database entry for objSubj is "Board of Directors Meeting", displays perfectly as a standalone command. But when I attempt to embed it in HTML, in this case as the value parameter of a form INPUT text box, it returns only the first word of the string, "Board." I also tried using the shortcut notation, =objSubj, in the same location and got the same result. All fields that contain any spaces return only the first word when used in this manner. The text boxes in the form all have lengths greater than the data they're supposed to contain, so truncation doesn't appear to be the problem. What simple idiot thing am I missing here?
"When in danger, fear, or doubt, run in circles, scream and shout!" - Lorelei and Lapis Lazuli Long
|
|
|
|
|
Take a look at your rendered HTML source code and see if it reads something like:
<INPUT VALUE=Board of Directors Meeting>
You need to quote your value parameters. For example,
<INPUT VALUE = "Board of Directors Meeting">
-- Ingram
|
|
|
|
|
Dang! I knew it had to be obvious... the hard parts I rarely have trouble with. Thanks!!!
"When in danger, fear, or doubt, run in circles, scream and shout!" - Lorelei and Lapis Lazuli Long
|
|
|
|
|
Hey!
That's nothing to worry. Just get the value in a quoted string and your problem would be solved. Even in this case, if you have done a view source, you could have seen the entire value would have been fetched except that IE considers only the first to be a valid value for the HTML tag attribute and rest to be 'unknown' attributes and ignores.
Solution: Have Entire thing in quoted string
Deepak Kumar Vasudevan
http://deepak.portland.co.uk/
|
|
|
|
|
It worked like a charm... good info, thanks!
"When in danger, fear, or doubt, run in circles, scream and shout!" - Lorelei and Lapis Lazuli Long
|
|
|
|
|
Hi,
We have our IIS in our development center behind a firewall and that also runs a Apache Web Server with Proxy enabled. Our IIS can be reached through the ProxyPass directive over the Apache running on the firewall server.
Of late we have noticed that links in the pages that we give using the Virtual Directory Notation in our ASP.NET/ASP applications fail and these links point to Apache's directory structure instead of IIS.
Example:
On IIS:
For URL: http://deepak/deepakapp/test.asp, I give link
/deepakapp/test.asp and it works fine.
When someone from outside visits my IIS through the firewall using the URL:
http://guardianserver/deepak/deepakapp/
the link in the default page shows up as:
/test.asp (and the word /deepak (the ProxyPass directive for my IIS behind the firewall) is ignored.
Any workaround for this?
Deepak Kumar Vasudevan
http://deepak.portland.co.uk/
|
|
|
|
|
I am looking for MS oriented non-DOTNET Tutorials on Web design
Any links?
Thanks
Paul
|
|
|
|
|
|
Hi all,
Below is a HTML file. It contains VBScript to display a messagebox. Can
anyone see any obvious reason why it doesn't display the messagebox? I've
converted it to Javascript (ie. alert("Hello");) and it works fine. I've
also tried looking though the security settings to see if there was any
VBScript specific settings there and couldn't find any.
Any thoughts/solutions appreciated,
Rob
<title>Untitled
Start
msgbox "Hello"
End
|
|
|
|
|
This problem only occurs on 1 PC out of about 20.
All have VBScript V.5.5.0.5207 installed.
The VBScript code is being ignored in the same way it would if I had inserted the line instead of <Script Language="VBScript">
|
|
|
|
|
In my experience msgboxes like that don't work. What you can do is pass the ASP variable to a javascript variable and then display an alert.
But you say this is for all VBScript only every now and then on certain pc's? Can you response.write that message?
Deploying a web application without understanding security is roughly equivalent to driving a car without seatbelts - down a slippery road, over a monstrous chasm, with no brakes, and the throttle jammed on full. Hacking Exposed - Web Applications. Joel Scambray & Mike Shema
|
|
|
|
|
Sorry, I probably didn't make my additional information very clear. The problem occurs on 1 PC all the time. It also ignores ALL VBScript so response.writes don't work either.
|
|
|
|
|
It could be a virus checker or firewall app filtering or disabling the vbscript
--
Help me! I'm turning into a grapefruit!
|
|
|
|
|
It's not going through a firewall but I'll check my virus-checker settings.
|
|
|
|
|
What are the security settings on the browser?
Is the browser configured to "show all script errors"?
Cheers,
Simon
"VB.NET ... the STD of choice", me, internal company memo
|
|
|
|
|
Intranet Security Settings are:-
ActiveX controls and plug-ins : All Enabled
Cookies : All Enabled
Downloads : All Enabled
Java Permissions : Medium Security
Miscellaneous
Access data sources across domains : Prompt
Dont promp for client certificate... : Enable
Drag and drop or copy and paste files : Enable
Installations of desktop items : Prompt
Launching programs and files in an IFRAME : Prompt
Navigate sub-frames across different domains : Enable
Software channel permissions : Medium safety
Submit nonencrypted from data : Enable
Userdata persistence : Enable
Scripting : All Enabled
User Authentication
Logon : Automatic logon only in Intranet zone
|
|
|
|
|
Hi BountyBob,
Try updating the Windows Scripting Engine or Internet Explorer Update. You may try to visit http://windowsupdate.microsoft.com and the website would show if your Scripting Engine or some of the components need updating.
Once Scripting Engine is updated, this problem should be solved.
Deepak Kumar Vasudevan
http://deepak.portland.co.uk/
|
|
|
|
|
I use cuteFTP to submit the site. When I tried to upload the same site with frontpage 2000, it says error. It displays that the server doesnt support folders with spaces in it. But that goes fine with cute FTP. Whats the solution for this??
|
|
|
|
|
Easiest one would be to not use folders with spaces in the names.
Either use underscores instead not bother with spaces at all
--
Help me! I'm turning into a grapefruit!
|
|
|
|
|
Thanks.... but it will take a long time to change all the pages. So... I did the submission using frontpage itself.....
|
|
|
|
|
Hi SPS,
It would be better that Web URLs do not have spaces intermixed with them. Of late, only uplevel browsers like MSIE automatically URLEncode them whenever the user clicks the link with embedded spaces. Clicking a link with spaces in Netscape etc. also generates a HTTP 400 Error (Bad Request)
Perhaps instead of spacing, you may adopt
(*)Underscores to separate (Site_Support_Utilities)
(*)Pascal Case Notation (SiteSupportUtilities)
Deepak Kumar Vasudevan
http://deepak.portland.co.uk/
|
|
|
|
|
Thanks.... but it will take a long time to change all the pages. So... I did the submission using frontpage itself.....
|
|
|
|
|
I am aware one should do this on the server side of things for security reasons...I assume it has to do with the fact that it's pretty easy easy to create a bunk form and send malicious data, that if not parsed at the sever end...could run system commands and SQL statements like 'DROP TABLE'
So what i'd like to know is it possible for a PHP/ASP script to determine if the data is coming from a form on a web page on my site...???
I'm thinking refferal IP or whatever (i'd have to peak at my docs but you know what I mean) i could check that and if it didn't match then I wouldn't accept the data...
Would this be acceptable or would i cause serious security loop holes???
p.s-The reason I ask is i've designed a messsage forum system like here at CP, but I wanna strip the naughty words out at the client end as a user sends the message, instead of on the server...
Thanx
"An expert is someone who has made all the mistakes in his or her field" - Niels Bohr
|
|
|
|