|
just as a way of doing it, you can create a database table with one identity coloumn, and another column to hold the sessionid. When a cart is created, add a record to the table, and retrieve the newly created ID. Everytime the the database is updated, you will get a new id.
You may want to also create a service that will remove the dead items where a session is terminated.
|
|
|
|
|
Thank you very much I will keep in mind you clever ideas.
I am too late but i will never give up
|
|
|
|
|
Hi
I currently have a web application that presents a user with a username and password box (text boxes) - once the user registers their password is encrypted and stored in a database.
My question is this - the password is sent from their machine to the server in plain text. Is there a simple way of encrypting the form without using javascript to make it more difficult for their password to be seen across the internet/network
Also are there basic security issues i should look into or does any one have any resources/links that will help me make a secure site.
Thanks and sorry for the general nature of the problem
Dan.
|
|
|
|
|
|
There are methods to encrypt strings in .Net. Use the following article as base,
http://support.microsoft.com/kb/301070
Ram
|
|
|
|
|
Try using MD5 as the encryption on the client side. You can change the password using the javascript code at http://pajhome.org.uk/crypt/md5/">http://pajhome.org.uk/crypt/md5.
The tricky part is to use a unique "salt" value that is created when the page is created and used as part of the submit process. The stored password is encrypted with the same salt value on the server side and the value is compared with the calculated value from the client. I have used a date stamp like yymmddHHmmssfff or something like that to calc the salt value.
Hope this helps.
|
|
|
|
|
I developped an ASP.net application using MODI (Microsoft Office Document Imaging) componenet. In this application I use OCR function from MODI to OCR a tif file. It worked fine in the development environment.
I installed Office 2003 in the web server, I added ASPNet account to the Common files folder and Microsoft Office folder. It still gives me the following error whn the application tried to OCR the tif file
"System.Runtime.InteropServices.COMException: File is empty or corrupted"
Any body with similar experience?
Please help!
|
|
|
|
|
Are you sure the exception is access? It may be another type of exception where the directory doesn't have write permissions, etc.
|
|
|
|
|
On Button Postback an Aspx Page runs the following onclick C# event handler:
{
..
// dr[“Content”] - DataRow Item type byte[] where is a song in mp3 format
ar = dr[“Content”];
Response.ContentType=“audio/mpeg”;
Response.Clear();
Response.BufferOutput = true;
Response.BinaryWrite(ar);
Response.Flush();
}
I received error in Response.Flush() – The remote host closed the connection.(HttpException).
If I use Response.End() in place of Response.Flush() receive WMPlayer(on the Client) error about there is not codecs for playing sending stream. It possible that sending stream from ASP.Net Page is wrong because on client PC mp3 codecs are installed.
I try to use Response.WriteFile(filename) instead of Response.BinaryWrite(ar) and received the same errors.
Note : I see after Response.BinaryWrite(ar) line , in debugger, Response.OutputStream.Length property is showing a SystemNotSupportedException.
My question:
Can Asp.Net Page send audio to client as other binary content “application/pdf”,”image/gif”, i.e ?
Please help me,
Thanks
|
|
|
|
|
The global.asax file in Web App is:
<%@ Application Language="C#" %>
public void Session_Start(object sender, EventArgs e)
{
// Code that runs when a new session is started
}
public void Session_End(object sender, EventArgs e)
{
// Code that runs when a session ends.
}
and mode attribute is set to InProc for SessionState element in Web.config file, and State Management configuration for Asp.Net Site in IIS 6.0 is mode = IProc and Cookieless mode = UsesCookies. The Client is Internet Explorer 6.0.
The Session_Star fires but Session_End does not. Why?
Help me please,
Thanks
|
|
|
|
|
Session_End will not fire until Session.Abandon is called in your code.
When the user signs out from the website then make a call to Session.Abandon.
|
|
|
|
|
If you don't call Session.Abandon(), then the Session_End event will fire when the session expires. The default session timeout in IIS is 20 minutes. If you didn't set any other expiration in code, than your event will fire after that time.
regards,
Mircea
Many people spend their life going to sleep when they're not sleepy and waking up while they still are.
|
|
|
|
|
Please don't cross post.
---
b { font-weight: normal; }
|
|
|
|
|
|
hi all
I don't know do it works or not See i want to access the URL's of one website but before going to that url(page) i need to set cookies so that
i can get the valid page i am using HtmlDocumentClass and InternetExplorer class to load the url as i am devloping windows application
|
|
|
|
|
Hi,
Here i am working with this code on Windows XP Professional 2002, with SP2 environment.
Same code is working in one system, and from the other system with the same environment its throwing "The security ID structure is invalid " error message.
Can any one help to resolve this problem.
Here is code...
//////////////////////////Code////////////////
try
{
string path;
//path = String.Empty;
//path = "C:\\SerTest";
path = String.Format("File://{0}", txtFolderPath.Text.ToString());
ADSSECURITYLib.ADsSecurity secUtil = new ADSSECURITYLib.ADsSecurity();
ActiveDs.SecurityDescriptor secDesc = (ActiveDs.SecurityDescriptor)secUtil.GetSecurityDescriptor((object)path);
ActiveDs.AccessControlList acl =(ActiveDs.AccessControlList)secDesc.DiscretionaryAcl;
///new
ActiveDs.AccessControlEntry ace1 = new ActiveDs.AccessControlEntry();
ace1.Trustee = txtUser.Text;
ace1.AccessMask = (int)ActiveDs.ADS_RIGHTS_ENUM.ADS_RIGHT_WRITE_OWNER;
ace1.AceType = (int)ActiveDs.ADS_ACETYPE_ENUM.ADS_ACETYPE_ACCESS_ALLOWED;
ace1.AceFlags = (int)ActiveDs.ADS_ACEFLAG_ENUM.ADS_ACEFLAG_INHERIT_ACE | (int)ActiveDs.ADS_ACEFLAG_ENUM.ADS_ACEFLAG_INHERIT_ONLY_ACE | 1;
acl.AddAce(ace1);
AccessControlEntry objAce2;
objAce2 = new AccessControlEntryClass();
objAce2.Trustee = txtUser.Text;
objAce2.AccessMask = (int)ActiveDs.ADS_RIGHTS_ENUM.ADS_RIGHT_GENERIC_ALL;
objAce2.AceType = (int)ActiveDs.ADS_ACETYPE_ENUM.ADS_ACETYPE_ACCESS_ALLOWED;
objAce2.AceFlags = (int)ActiveDs.ADS_ACEFLAG_ENUM.ADS_ACEFLAG_INHERIT_ACE | 1;
acl.AddAce(objAce2);
///new
secDesc.DiscretionaryAcl = acl;
secUtil.SetSecurityDescriptor(secDesc, path);
}
catch(Exception ex)
{
Response.Write("Error:-" + ex.Message);
}
//////////////////////////code end////////////
Regards
Raghu
Raghu Babu Alluir @ Satyma Computer, Hyderabad
|
|
|
|
|
Hi,
I have a page that displays data in GridView. The data is obtained from an SQL Server database. One column is an IP addresses, which are stored as VarChar(15) in the database.
The page executes a select statemnet and bind the GridView with the DataTable obtained by executing this SQL statement.
The problem is that I want to allow the user to sort the Grid according to the IPs column.
Taking into consideration, that IP
10.5.0.0 should come before 10.30.0.0 in ascending sorting. So, I can't rely on the built in sorting of the GridView.
Kind regards,
Ahmed
|
|
|
|
|
You can always create a computed column that brings the numerical value of the ipaddress then override the SortCommand and specify the computed column as the sort expression
|
|
|
|
|
I was looking forward for something like the Sort function of the System.Array class, to which I can pass a class implementing IComparer. It seems there is no other way than that indianet had posted.
Thanks indianet for your help.
|
|
|
|
|
i have made an http handler, in web.config i have gievn the path of the page for which this particular httphandler will be invoked, now the problem is that the controls present on that particular pages are not visible, before implementing this HTTP Handler for this particlur page the controls were visible ,can any one let me know the solution of this problem ASAP.
|
|
|
|
|
i have made an http handler, in web.config i have gievn the path of the page for which this particular httphandler will be invoked, now the problem is that the controls present on that particular pages are not visible, before implementing this HTTP Handler for this particlur page the controls were visible ,can any one let me know the solution of this problem ASAP.
|
|
|
|
|
Post the code for your http handler
|
|
|
|
|
using System;
using System.Web;
using System.IO;
namespace testhandlers
{
///
/// Summary description for Class1.
///
public class MyHttpHandler : IHttpHandler
{
// Override the ProcessRequest method.
public void ProcessRequest(HttpContext context)
{
HttpFileCollection file = context.Request.Files;
int MaxFileSize = 2* 1024 * 1024;
for(int i =0;i<file.count;i++)
{
="" file="" tempfile="new" file();
=""
="" int="" filesize="file[i].ContentLength;
" if(filesize="" *="" 1024="" *1024=""> MaxFileSize)
{
context.Response.Redirec"ErrorForm.aspx");
}
}
}
// Override the IsReusable property.
public bool IsReusable
{
get { return true; }
}
}//class
}/NameSpace
|
|
|
|
|
Hello,
how do I validate and debit a credit card? Are there any (web)services for that? I just need a starting point here. Just in case it is important: A German company providing the service would be an advantage!
Thanks in advance!
/matthias
I love deadlines. I like the whooshing sound they make as they fly by.
[Douglas Adams]
|
|
|
|
|
You need to go through a payment gateway and pass the credit card information to the gateway, and you will get back the authentication confirmation or rejection.
But first you will need to obtained a merchant account from a bank (which deals with CC) or a credit card processing centre. It is subjected to be approved or disapproved by the bank or centre (base on your company, risk of your business etc).
|
|
|
|
General 
News 
Suggestion 
Question 
Bug 
Answer 
Joke 
Praise 
Rant 
Admin 
Submit an article or tip
