Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

how is this achieved

Comments

  • Closed Accounts Posts: 1,637 ✭✭✭joePC


    Your link doesnt work.


  • Registered Users, Registered Users 2 Posts: 2,472 ✭✭✭Sposs


    I think he was just using that link as an example????


  • Closed Accounts Posts: 1,200 ✭✭✭louie


    Sorry.
    Yes the link is just an example.


  • Closed Accounts Posts: 1,362 ✭✭✭the Guru


    asp and php will give you endings like that when you are using databases


  • Closed Accounts Posts: 1,200 ✭✭✭louie


    yes, but there's not termination as what language is using on those pages like index.asp?...querystring


    could that work if is just a folder set with index.asp or .php, and you just pass the querystring over?


  • Advertisement
  • Closed Accounts Posts: 1,200 ✭✭✭louie


    i tried on one of those websites to name the page as index.asp or .php or .aspx and I get the following error:


    ERROR: 404 Not Found

    HResult: 0x80070003
    Source: Microsoft SQL isapi extension
    Description: File not found


  • Registered Users, Registered Users 2 Posts: 1,452 ✭✭✭tomED


    Any web scripting language can be used to create urls like this. It's a server configuration. Not sure what exactly though, but your hosting provider should be able to tell you....

    The simple idea is that the default file (index.php, index.asp etc), will execute and include what ever is passed through the url.

    Example
    www.eee.ie/tomsfolder/index.php?id=111
    www.eee.ie/tomsfolder/?id=111

    Working example:
    http://www.2bscene.net/?id=4
    http://www.2bscene.net/index.php?id=4


  • Closed Accounts Posts: 1,200 ✭✭✭louie


    Thanks.


    The example I was looking at is actually using ISAPI extension for MS SQL database. very smart. How safe is regarding hacking those type of pages?

    I am after reading this article which has an example as well.
    Check it out what is says at the bottom of the page.

    http://www.programmersheaven.com/articles/adrian/isapi/article.html

    i am looking to design some sort of website that will be harder to hack.
    Any recommedations. I am working on it at the moment is asp and sql2000 database.


  • Registered Users, Registered Users 2 Posts: 1,746 ✭✭✭pork99


    Also overlong querystrings are not search engine friendly

    PHP has an add-on feature called, I think, mod_rewrite that turns

    www.url.ie/foldername/foldername?id=665932&something=1234

    into something like

    www.url.ie/foldername/foldername/665932/something/1234

    which is more desirable

    does ASP or JSP has a similiar feature anyone?


  • Registered Users, Registered Users 2 Posts: 1,452 ✭✭✭tomED


    louie wrote:
    i am looking to design some sort of website that will be harder to hack.
    Any recommedations. I am working on it at the moment is asp and sql2000 database.

    I don't know of any recent vunerabilities in the ISAPI extension.

    All I would worry about are the usual bad coding practices....
    Try keep all your queries in StoredProcedures
    make sure all include files (especially ones with connection details etc) are .asp and not .inc (a lot of people still like to do this! Make sure your code itself has no vunerabilities...

    And finally, but prob most importantly... make sure you have a reliable ISP that keeps their servers uptodate!!! ;)


  • Advertisement
  • Registered Users, Registered Users 2 Posts: 1,452 ✭✭✭tomED


    pork99 wrote:
    Also overlong querystrings are not search engine friendly

    PHP has an add-on feature called, I think, mod_rewrite that turns

    www.url.ie/foldername/foldername?id=665932&something=1234

    into something like

    www.url.ie/foldername/foldername/665932/something/1234

    which is more desirable

    does ASP or JSP has a similiar feature anyone?

    mod_rewrite is an apache add-on.

    IIS doesn;t have an equivelant (afaik) but there are ways to do it on IIS... but i think u need components.... ill find out ;)

    Isapi Rewrite
    http://www.isapirewrite.com/


  • Registered Users, Registered Users 2 Posts: 1,746 ✭✭✭pork99


    tomED wrote:
    mod_rewrite is an apache add-on.

    d'oh - that explains why I couldn't get it to work :eek:


  • Closed Accounts Posts: 1,200 ✭✭✭louie


    tomED wrote:
    I don't know of any recent vunerabilities in the ISAPI extension.

    All I would worry about are the usual bad coding practices....
    Try keep all your queries in StoredProcedures
    make sure all include files (especially ones with connection details etc) are .asp and not .inc (a lot of people still like to do this! Make sure your code itself has no vunerabilities...

    And finally, but prob most importantly... make sure you have a reliable ISP that keeps their servers uptodate!!! ;)
    I won't go down that road regarding ISAPI, not yet. Too much to learn nd not time for it, that's why I never got into php or aspx yet.

    I do have all queries in store procedures not matter how small theire are, and trust me all my pages are .asp except global.asa. I'll be suprised to see those connections string still saved as .inc files, whoever does it needs his brain rebooted or something.

    As regarding the hosting company, I am in a safe place with Blacknight Solutions.

    Thanks everybody for their support.


  • Registered Users, Registered Users 2 Posts: 1,452 ✭✭✭tomED


    louie wrote:
    I do have all queries in store procedures not matter how small theire are, and trust me all my pages are .asp except global.asa. I'll be suprised to see those connections string still saved as .inc files, whoever does it needs his brain rebooted or something.

    You'd be surprised!
    I just took over a site from a very well known web development company..... The website is also for a well known company, which has a decent amount of traffic - Yet this web dev company had all the connection strings in inc files. I was very disappointed as the rest of the code was very good!
    louie wrote:
    As regarding the hosting company, I am in a safe place with Blacknight Solutions.

    You sure are!!!


  • Closed Accounts Posts: 2,161 ✭✭✭steve-hosting36


    Define safe pace .... ;)


  • Registered Users, Registered Users 2 Posts: 10,339 ✭✭✭✭LoLth


    thread has been reported as a potential flame war.

    please try not to let this happen :)

    have fun.


  • Closed Accounts Posts: 1,651 ✭✭✭Enygma


    Here's a good filter for doing this type of thing in JSP
    http://tuckey.org/urlrewrite


Advertisement