Login Script Based On Email, IP And Sql Server Backend
My questions concerns building a login system based on checking for the
existence of the user's email address only....
1. Is it ok for me to use IP address to allow user to bypass all login and
registration systems if IP is present in database? I wish to save the user
time....if the IP is not present I will present the LOGIN email screen....
2. I am consideirng using Session variable on each page I wanted I
protected...I think I know how to do this but I am not sure on whether I
should be using the global.asa to handle loggin in or logging out or whether
I should so all the code on the secure page itself.
3. I wish to use a sql server backend to house my tables: tblProspect,
tblProspectPageSelections......is it okay to use the following branching
code to switch between my test and production server with regards the
physical database path as I have multiple sites on our remote server which
need to feed off the same database....I am thinking about something like
this:
If InStr(Request.ServerVariables("SERVER_NAME"), "publicserver.com") > 0
Then
' Set Public Server Paths
Else
' Set Private Server Paths
End If
I have researched several login scripts and I have a few questions that I haven't been able to find the answers for.
First if of all, my goal is to create a cookie-based, non-SSL, login system. I have many, many users that are going to be logged in for extremely long periods of time, so I absolutely do not wish to use session variables under any circumstances.
I've come across several great algorithms and one-way hash's that seem to work great for encoding the password. However, they all seem to have one thing in common. Once the user successfully "logs in", the site simply sets a cookie using the User ID of the login account. On all password protected pages, the only check that is made is the User ID stored in the cookie- compared to the value in the database.
I'm curious if it is possible for a hacker to create a false cookie on their system, storing simply the UID. Is it possible to do this, or is there some kind of internal OS security that prevents such an action? In other words, if I go to a co-workers computer, review their temp files, find the cookie for the site they're logged into and take the UID... Could I recreate that cookie on my own computer at a later time and gain entry?
This may not be so much of a security issue on a site that only stores a temporary cookie, but what if when they login, I set the cookie to expire after a year? (so they don't have to login every time they visit the site).
I'm not saying this method isn't secure, I guess I'm looking for an explanation. Also, any ideas on where I can obtain more information about creating a login application that's not based on session variables?
I currently have a web-based email for my site for users. Is there any way that I can make this so that it can be accesable from Outlook Express? It would have to call the database for the emails.I would need it written in ASP.It also needs to be free!
My ISP provides a web based email client, but it is not brandable and the features are not that extensive. I'd like to build my own. Has anyone done this, or is anyone aware of any tools out there to do this?
I have been looking for some time now, for a web based email system like hotmail, where we can set it up on our LAN. Have found some but all are a bit expensive ,would like to find as free ASP script if possible.
I know there is AddEmbeddedImage but does this only work only for images on your hard drive - can it be used for images that are web based? If not is there a way to embed an image in an email on the fly before sending - all web based?
I'm using ASP as frontend with MySQL as backend, and Dundas Mailer as the email object. I'm making a contact form where the submitted datat would be inserted in the database first and then using Dundas for mail ...
But I have tried to include strange characters like " ' in the message field. But return error ...
I have a simple select query in an Access database that has three parameters. Two are text, one is a date. If I run my query in Access, it prompts for the date, and two text parameters, I enter them, and they work fine. However, if I try to run the same thing in ASP, I get an error: Microsoft OLE DB Provider for ODBC Drivers error '80040e07'
[Microsoft][ODBC Microsoft Access Driver] Data type mismatch in criteria expression. Code:
My app lists jobs for a recruiter. He wants to track members who have replied directly to job postings. So instead of simply making the client's email address an <a href="mailto:...> link, I need to do 2 things:
- add a record of their posting to a database table - open the email client to the job
Howe do I do this? The first part is easy, but I don't know how to open the email client in an ASP command (I don't really want to auto-sed email, just open the client and let the user attach their resume and add their cover latter). Do I have to get my Web Hosting company to install CDO, or is that standard with all IIS? I get an error when I try to run 'Set MailObj = CreateObject("CDONTS.NewMail")'
I am making a web-based proxy server, and I need to make it so that it can download a webpage, and modify all of the links inside it (so that it can proxyfy all of the links, rather than the browser downloading the files from the original website).
So far the first bit is fine, but I still need to make my script modify all of the links inside the given HTML file. I know I can do it, but it wouldn’t be the most effective way of doing it. Does anyone have any suggestions on how they would search through an HTML script, and locate links?
So far what I am doing is searching for anything that one of these at the beginning of it: href= src= background=
And I am changing the text that comes afterwards (thus modifying the link). But for many reasons, this is a really bad way of doing it.
I would like when the user enters the email and password it checks the users database for the email and if the password matches it displays his account info the trouble i have is that the login page i created is just putting the email and password in the database Code:
tell me in a ZIP or upload the code to a simple system that:
uses an access database and: Allows someone to signup. Get a confirmation email Login And for them to be able to change their password from a page.If it is possible could you please make it so that it says "you are logged in as" and gets something form the access database like their email address or username.
This is just so that I can see how to link all of the code and learn some of the language so I can help people in the future. This code that hopefully will be provided wont be sold given away or used commercially.
I have created a form that sends email thru my local server. What I want to do is send the email thru our corporate Exchange server. Does anyone know how I can accomplish this task? Please advise. Thanks.
We have an intranet which is personalized using a cookie which we set. I have an outside vendor who is developing an application which will live on a seperate server. Is there a way they can read the cookie which we set to log user into their application so that we can make it a seamless transition?
I have a client who wants a customized special announcements page similar to WordPress They however, want it some custom and want it to reside entirely on their servers, with a folder that is only accessible with a user login and password. They want the ability to be able to edit the page directly on the server so that the changes are instant.
I have no experience with server-side scripting, or servers period expect for uploading or downloading files onto the server with an FTP. I would like to hire someone to help me complete this project however, I'm not even sure what to ask for.
Dim Mail Set Mail = Server.CreateObject("CDONTS.Newmail") mail.From = "abc@hotmail.com" mail.to = "xyz@hotmail.com" mail.subject = "Test Email Subject" mail.body = "This is Email body message" mail.send
Now the question is that this code will use the Default Virtual SMTP Server in IIS, but I want to use my ISP's SMTP server. please tell me how to do this. I have used my ISP's email server in Outlook express and it is working fine. Please do not suggest to use "CDO" or "CDOSYS" to use for sending emails because I must have to use "CDONTS".
I've built a survey and tested everything is working fine - except fo one problem, that i have been told MUST be fixed
I am using CDO.Message to send email message to the respondants of the survey - a lovely thank you message.
It is sending the emails fine to all email address i have tested, except for email address here where I work, and I have been unable to find a reason for this
the web scripts are running on a secure server (SSL certificate) and all is working great except the email issue.
the actual code that is sending the emails works perfectly on non-secure server, and seems to be fina on the secure server except for the most important(apparently) email addresses.
Does anyone have any ideas why the scripts would not send to one set of email addresses, but seems to work for all other when on SSL, but works for ALL email address when not on SSL.
I'm sending email from a networked computer that uses an exchange server on yet a different computer. With the two different types of code posted below, the email will only send successfully on my computer. When I step into a colleague's office (using the same exchange server), no email is ever sent....
I am building a website to pull data from a remote https site using xmlhttp. The data from the https site is behind a login screen. I can successfully get through the login screen with:
That works great - but then, when I try to go to the next page (where the data is that I want to pull) - I use the same process and I get kicked back out to the login screen? Could there be some cookies, referer, strings being passed normally that I am not including in my second request - How do i find out for sure?
I have used the software IETrace and it looks like some cookies being passed, but how do I know for sure if (and what exactly) it is using?
I've set up a website contact page which uses CDOSYS to send form details to an email address.
However, the domain is set up such as the client is using their own mail server, and using my server only to host the website.
Ordinarily I would set up hosting with email and change the nameservers of the domain to point to my server, but in this case the client is keeping the nameserver details the same, but just updating the A record to point to my server to display the website.
Trouble is, the CDOSYS email doesn't seem to work with this set-up. Do I need to hard code their mail server IP somewhere to get it to work?
I am running a rather large email list and want it to be processed directly on the server. I have been using ASPEmail from Persits, which has a SendToQueue function, but it still requires a lot of processing time in the browser, and often times out. Can anyone tell me the best way to do this?
I need to send a email to my clients from my website using the email object. I developed my site in ASP, and the server is linux, thats why i cann't use CDONTS object to send emails bcz server is not IIS....
Is it possible to set up server-side mail services such that when someone e-mails to a certain address, the contents attached to that mail are processed and the processed content is returned to the user, again, as an attachment?I installed a server-side component for managing graphics. "Wouldn't it be nice," thought I, "if untutored staff could email graphics to a certain e-mail address to have them resized and returned to them.") I understand how to handle the graphics processing and the sending. I don't understand how to set things up so that e-mailing to a certain address will trigger the start of an application. Ideally you could do this all within ASP. Is this possible?
I have the setup working close to what I am after. The upload script I am using has been supplied by 'Lewis Moten'.
Basically what I am after is.
A job application contact form. that includes a input="file" element allowing the user to send a CV, to the address related to that job.
So far locally I have the file uploading, the file sent, and then the file deleted all working fine. Althoug this may well work locally I feel I will have problems when I come to trying this live. Mainly due to timings.
Surely the script would need to know when the file has been uploaded completely, also when the file has been sent completely before delete....
Is it possible to create an ASP page that can notify the user that they have an email on our Exchange server? And that will list the number of unread emails they have waiting in their inbox.
I want to send email with attachment. I have no problem if the file is located on the same server but i got error when attach file from different server. This is the code,
set mail=server.CreateObject("persits.mailsender") mail.host="smtp.mydomain.com" ..... 'mail.addattachment "c:attach est.txt" ' no problem with this mail.addattachment "websvrattach est.txt" ....... mail.send
I got this error, "Persits.MailSender.4 error '800a0007' Logon failure: unknown user name or bad password."
when i changed the servername to static ip address also got the same error. any idea? fyi, this user has an administrator rights to the server.
I am using ASP formmail from www.brainjar.com. I keep getting this error message: Form could not be processed due to the following errors:
Email send failed: The server rejected one or more recipient addresses. The server response was: 550 endlessenergysystems.com.
The email address in the form is correct and does work. I have changed the settings to different email address and SMTP servers to try to figure out the issue. However I still get the same error. Here are the basic settings:
Can anyone tell me why this code doesn't work? The original came from an example in this group, but was modified slightly when the original failed to return message details.
I am able to connect to the server and see the number of messages on the server, but message details (sender, subject, body, etc.) are not returned....
