|
Hi, I need to include a resource and I have tried all options:
<EMBED src="/pics/AppliedAlgorithms_logo.bmp" width=250 height=75><br>
<EMBED src="./pics/AppliedAlgorithms_logo.bmp" width=250 height=75><br>
<EMBED src="../pics/AppliedAlgorithms_logo.bmp" width=250 height=75><br>
The directory structure of my website is:
/webroot/myaspnet_application (That's where I made the EMBED call)
/webroot/pics (That's where the picture is.)
I have the same problem with Server.Transfer.
Please advise.
norm
|
|
|
|
|
Why not to use IMG tag instead of EMBED ?
And what is the root of your site? If the root is the "webroot" directory then the first and the last paths should work well
Philip Patrick
Web-site: www.stpworks.com
"Two beer or not two beer?" Shakesbeer
|
|
|
|
|
yea, "webroot" is the root directory of the website.
"/webroot/myaspnet_app" is the asp.net location where I made the <embed /> call.
"/webroot/pics/" is where the pictures are.
norm
|
|
|
|
|
For the past two days I have been trying to get a script to work, but I am failing. I am positive it has to do with the paths because when I write a test script to save some text in a file in the local directory (cgi-bin) no problem. If I try to write somewhere else I get the damn internal server error. Maybe I am stupid but someone please help me out a little. And yes I have an existing text file with chmod 666 set. Here is my information:
domain name: www.movietrack.net
(also accessed as http://server925.gisol.com/~georgiek/)
instructions from the server:
Path to Perl - "/usr/bin/perl"'
Path to sendmail - "/usr/sbin/sendmail"
Path to date - "/bin/date"
Path to your home directory - "/home/username"
Path to your web directory - "/home/username/htdocs" (accounts created before February 2002)
Path to your web directory - "/home/username/public_html" (accounts created after February 2002)
and when running a test script that gets all the ENV variables for the path of the cgi script I get:
SCRIPT_FILENAME = /home/georgiek/public_html/cgi-bin/first.cgi
Now this works for me:
open(OUTF,">outdata.txt");
It writes to the file in the directory cgi-bin.
I have the same file in the directory: /public_html/outdata.txt
With the info given above can some rewrite the open statement for me so I can understand how to access files in other directories. Here is what I have tried and failed with:
open(OUTF,">/home/georgiek/public_html/outdata.txt");
open(OUTF,">/movietrack.net/georgiek/public_html/outdata.txt");
open(OUTF,">movietrack.net/home/georgiek/public_html/outdata.txt");
open(OUTF,">/home/georgiek/public_html/outdata.txt");
open(OUTF,">http://server925.gisol.com/~georgiek/public_html/outdata.txt");
open(OUTF,">http://server925.gisol.com/~georgiek/outdata.txt");
Someone please point it out to me!!!!! Thanks.
|
|
|
|
|
you could try "../public_html/outdata.txt"
[edit]
Also make sure your public_html folder is writable if you expect the script to be able to write there (and that the outdata.txt file is also writable)
[/edit]
Debugging cgi scripts on a remote server can be an utter pain in the arse. Here's a handy script that I use, which gives you a shell style prompt on the server:
http://www.rohitab.com/cgiscripts/cgitelnet.html[^]
Run that, CD into your cgi-bin folder (it'll probably default there, as that's where the script itself will be) and run your cgi from the prompt
i.e.
./myscript.cgi <enter>
This should actually give you sensible error messages from the perl interpreter, rather than a generic "script failed" message
--
Help me! I'm turning into a grapefruit!
|
|
|
|
|
Thanks so much for the link, that's probably one of the most useful programs someone has ever pointed me to. I got my cgi-script running at 5 AM Yes! I have a question: I wrote a test script which is supposed to open a file write to it and then close. When I use the cgi I get an error (500) yet the file is written to no problem. I checked with telnet and syntax was OK. The code:
<br />
$datapath = "/home/georgiek/public_html/Database/database.txt";<br />
<br />
open(OUTF, ">>$datapath");<br />
<br />
print OUTF "This is only a third test\n";<br />
<br />
close(OUTF);<br />
and I accessed it by: www..../cgi/...cgi
I assume I am getting the error because after it writes to the file then it has nowhere and nothing to show because when I enter some HTML to be written all is well. Am I correct in assuming this?
|
|
|
|
|
Hi
Any idea how to make appear my own icon on the
address toolbar of Internet Explorer ???
Thanks
|
|
|
|
|
You need to add a link element in your document's head:
<LINK REL="SHORTCUT ICON" HREF="http://www.mydomain.com/myicon.ico">
|
|
|
|
|
I have searched and searched and can't find specific answers to these questions on LDAP. If you respond to this thread, please be detailed, and thanks very much for your help!
I have a ActiveX LDAP component that I am using from within an ASP page to authenticate users (by doing a bind a search). I have a two part question:
a) is it necessary to have a component to perform this? Is there no VBScript or other way of authenticating and passing the results to an ASP page?
b) what is necessary to perform this securely. Other than pointing to port 636, I know that I have to have SSL cert installed on my IIS, but is that it? I have SSL and I point to 636 (assuming 636 is listening).
Any help is greatly appreciated, I just can't seem to find much on this PARTICULAR situation. I have no experience with PHP, but if there is a way to do it and pass the LDAP response to ASP, that's fine with me too!
|
|
|
|
|
I think the follow snippet is fairly self explanatory:
<SCRIPT language="VBScript">
Sub SetNum(num)
document.some_form.AddHiddenVariable("var5", "value="&num) QUESTION 1: I want to do something like this. If you dont suggest this, perhaps you can show me how to add hidden form variable and "submit" on server side script?
document.some_form.submit
End Sub
</SCRIPT>
<html>
...
<body>
<form name=some_form action=page2.asp method=post>
<input type=hidden name="var1" value="1">
</form>
<table>
Dim num
num=3
<tr OnMouseDown="SetNum(num)"> QUESTION 2: Is it okay if SetNum() client side and num is server side? But to "submit", SetNum() needs to be client side... dilema.
<td>....</td>
</tr>
</table>
</body>
</html>
Thanks a bunch!
norm
|
|
|
|
|
I have four variables. A,B,C,D.
I want to check as below (ie) I NEED TO SELECT RECORDS ONLY IF THE BELOW CONDITION SATISFIES.
A < 0 AND B < 0 OR A > 0 AND B > 0.
I have written a code like.
IFF A<0 AND B<0 OR C>0 AND D>0. (ie.) even if A is greater than 0 and B is less than zero, it should not select records. So I coded like this.
I would just like to know whether the above is right or the below one which my colleage is insisting about (ie).
IFF (A>0 AND B>0) OR (C<0 AND D<0).
Basically what is he insisting is that there should be a bracket, whereas I am telling it is not required since those are logical operators and logical operators rule whatever it is OR FUNCTION WILL PRECEDE THE AND FUNCTION, so
need not put brackets.
Which is correct? If both are correct, which one is recommended from a good coding standards perspective?
Deepak Kumar Vasudevan
http://deepak.portland.co.uk/
|
|
|
|
|
Deepak Kumar Vasudevan wrote:
A < 0 AND B < 0 OR A > 0 AND B > 0.
I have written a code like.
IFF A<0 AND B<0 OR C>0 AND D>0. (ie.) even if A is greater than 0 and B is less than zero, it should not select records. So I coded like this.
I would just like to know whether the above is right or the below one which my colleage is insisting about (ie).
IFF (A>0 AND B>0) OR (C<0 AND D<0).
I admit I'm slightly confused because your condition seems to keep changing, but if you're just asking whether to use brackets or not then YES, use them, always and everywhere. It doesn't matter if they're unnnecessary, it makes them easy to read.
If you say
Condition1 AND Condition2 OR Condition3 AND Condition4
then it's impossible for me to know whether you intend to say
(Condition1 AND Condition2) OR (Condition3 AND Condition4) [AND precedence]
or
Condition1 AND (Condition2 OR Condition3) AND Condition4 [OR precendence]
or
((Condition1 AND Condition2) OR Condition3) AND Condition4 [NO precedence]
If I remember correctly, different languages will react different ways, but I put unnecessary brackets everywhere so I don't need to know if a given language requires the brackets or not.
Remember, the compiler will not act in a negative way when encountering unnecessary brackets, so what harm can there be in clarifying your intention?
Paul
And you run and you run to catch up with the sun, but it's sinking Racing around to come up behind you again The sun is the same in a relative way, but you're older Shorter of breath, one day closer to death - Pink Floyd, Time
|
|
|
|
|
Hi, I have this simple ASP app that maintain login status information "bLogin" by "posting" bLogin as hidden form variable. The site is not a ecommerce site, but it'd be nice to know there's some way to make this more secured. To attack the site, simply view the source code to find out what state variables are there, then post values (trial and error) to the ASP page and make your way in.
But this is rather simple - and this means that the ASP application is wide open to attacks. Any suggestion?
btw, I try to avoid Session variables as much as I can.
Thanks.
norm
|
|
|
|
|
norm wrote:
btw, I try to avoid Session variables as much as I can.
The way I'd prevent a brute force attack like that would be to verify the logon information (name, password, etc) and if not valid create a session variable holding the time the logon failed and the number of attempts, and then increment the latter on each failed attempt. When you've hit three failed logon attempts within, say, one minute, you'd block that session from logging in either till it expires or for a set period of time. (Make sure you feed the block information back to the user in case they have a legitimate reason for getting the information wrong). When the user logs in correctly, check if those two variables exist, and if so delete them. Then store the result of the log in in a session variable rather than put/getting it from the client every trip.
If you really don't want to touch the session object I suppose you could encrypt some of the logon information at the server and store it in the document as a key, (but keep one field, i.e. the name, plaintext so you have something to recalculate the key with), then in future trips fetch the information on the user however you currently are, encrypt the key and compare it with the one the client is sending you.
|
|
|
|
|
My problem is, this mechanism protects the site AT "login.asp". All scripts behind this gateway is protected only by bLoginStatus "posted" from one page after another.
hacker can trick the "subseqent" pages by "posting" "bLoginStatus=1" - making subsequent pages thinks that the person has cleared "login.asp" when in fact it isnt.
norm
|
|
|
|
|
I think that you are approaching your problem from the wrong angle. I can see what you are trying to do, but if you are relying on a single variable sent with the document like that which you are not able to encrypt somehow and that is used solely to determine of the client is authorised then there will always be that risk. That's probably why no one does it like it.
Why are you so unwilling to use session variables?
What about the second example I gave, with the encrypted key?
In either case you can protect scripts other than login.asp by simply checking the user's status at the top of each page and returning them to the logon sript if they are not logged in or have timed out, etc. As a rule of thumb you should never rely on the client to provide state information like that because there are always ways it can be faked.
|
|
|
|
|
How can you tell if a checkbox is checked? I dont have an ASP book, and all tutorial on the internets tells you:
but NONE tells me how to retrieve the state of the checkbox. So, I tried this:
If document.unreg_form.bAreUSure.value="1" Then
MsgBox("Please confirm your intention to un-register.")
End If
But unfortunately, this condition is always met.
Thanks.
|
|
|
|
|
As a checkbox only has two states (checked and unchecked) it has it's own property to represent them:
<script>
If document.unreg_form.bAreUSure.checked Then
MsgBox("Please confirm your intention to un-register.")
End If
</script>
It will be True or False depending on whether it is checked or not.
|
|
|
|
|
Thanks. One more question:
What about "posting" checkboxes variables states?
If Request.Form("bAreUSure").checked=true Then
MsgBox "Fire at will"
End If
??
norm
|
|
|
|
|
On the server side, Request.Form("bAreUSure") will return the value if the box is checked, or an empty string otherwise.
Also, you can't use the MsgBox function in server-side code!
If Request.Form("bAreUSure") = "1" Then
Response.Write "Fire at will"
End If
"These people looked deep within my soul and assigned me a number based on the order in which I joined." - Homer
|
|
|
|
|
1) I am looking for some good books on Perl and CGI scripting that cover beginner to advanced topics, any suggestions?
2) Is it possible to have a download counter on a website that can keep track of how many downloads the file is getting if it is being hyperlinked from another website? If so can someone point me in the right direction?
Thanks.
|
|
|
|
|
1. ) Perl Cookbook - O'Reily is good. Perl is probably one of the most available languages for source code, examples, and tutorials on the web. There is a script for everything. Due to Perls age there is a lot of code, just look.
2.)http://www.utilmind.com/scripts/downloadcounter.html
source code
See how easy that was, it only took me 5 seconds to find #2.
R.Bischoff | C++
.NET, Kommst du mit?
|
|
|
|
|
Thanks for the info...there is definitely endless amounts of info for Perl and scripts on the internet but I seem to learn best when reading from a book. I will give the one you suggested a shot.
|
|
|
|
|
I recently put a PHP poll on my web site with automatically updating results on the homepage from an SQL database. The problem is that the page does not reload when the user clicks the "go back" link:
go back
How do I reload the page without creating an infinite loop? By the way, I run a Unix server with everything but ASP (only for NT servers and I don't have the money for that laying around), so I need a solution for PHP.
-- Steve
|
|
|
|
|
what do u mean when u say you need to "go back" and "infinite loop"? sounds like you're not very exact with the logic/execution sequence. If PAGE_1 updates PAGE_2 and PAGE_2 "go back" to PAGE_1 every update cycle, of course you have an infinite loop.
But if your problem is with loading page variables properly...? Then:
page2.asp:
">
...
...
And if you are simply updating results on a homepage drawing data from a backend data source, the "fininte loop" problem is rather irrelevant. Every time the user load your "homepage", the IIS gets a fresh copy of data from the data source (text file or a SQL server or anything).
Usually, data on the server (perhaps an Access database or SQL server or anything) gets updated thru continously in the event that u have an online system (OLTP) or that updates are done in batches (every nite a DTS package is run). But you have to figure out what exactly you wish to do. If your homepage is just to display information drawn from a backend, you DO NOT have an infinite loop, and you shouldnt.
If your homepage "poll" the backend data source periodically - in which case you dont reload the form - just use a timing loop and periodically draw from the database, but that's a lot of network traffic isnt it? Is there any particular reason you need to "poll" your data source?
norm
|
|
|
|