It's supposed to go online publicly, but the part that will allow file submissions is for admin only, so i'm thinking of writting a script for the client side too that creates a form for file submissions, this way (because i'm running on the client side) I can browse the drives.
My web site (ASP) fails to execute any "SQL update queries"
when I install it on NTFS volume.
The error message is "Operation must be an updatable query".
I tried setting both Read/Write permissions on my virtual directory but there is no success. My database is not read only.
There is no such problem when I install my web site on a FAT drive.
Is there any security settings or User configurations that I have to set for NTFS volume?
You have to change the file permission for the file, not for the virtual directory. The write permission on the virtual directory decides what IIS allows external users to do, not what the file system allows IIS to do, so that setting should definitely not be enabled.
The FAT file system doesn't support permissions at all, that's why permissions is not a problem on a FAT drive.
I want to share this problem. I have a datagrid that will help me Insert data into sql database. So I made a button On my form so that when I press the button a new row on datagrid should be created and I could be able to insert data. But with this code below I've failed could someone help me and tell me where I'm going wrong:
I don't know where to start with the following, I would like to create a webpage with a list of physical products. Once a user selects, a new dialog pops up with the product view in 3D. By dragging within the window, the user can rotate the view of the product (and zoom as well using another control). Anyone have an idea how this could be done?
Most of us as web developers know how to hash user passwords within our database in order to prevent hackers from abusing stolen passwords in case they are stored in a plain text format. But I personally haven't seen any thing as a best practice (something standard recommended to all developers) to protect our sensitive data from being stolen.
As an example of a situation where we might want to encrypt some of our database fields, consider a shopping site which sells all its products through custom credit cards designed and delivered by your company whose information (including amount of each card's credit) have been stored on a database. Now, as the owner of such database, I'm mostly obsessed with these concerns when it comes to data encryption in database:
1- Which of the symmetric encryption algorithms is faster or recommended for encrypting "credit" field?
2- Where do you store your encryption key? in source code? What if your source is stolen too? Is it sensible to rely on this fact that nobody can access our compiled .net assemblies on the server and hence storing the key there?
3- How do you detect a new record that hasn't been inserted to database by your application but by a hacker?
* These are my main approaches concerning above issues:
1- In order to prevent passwords from being seen: I'll hash them with a salt
2- I order to prevent a hacker from modifying the amount of a card: I will hash and store the credit amount using a salt (e.g. Hash("34$"+salt)), and I'll also store the encrypted value of the credit amount (e.g. Encrypt("34$"+password)). Now, whenever I see that the hashed credit value of a record doesn't match the previously hashed value, I'll restore the credit amount from where I've already encrypted it.
3- In order to prevent a hacker from inserting his own credit card into database: I'll assign a unique ID field to each card, which has been generated based on a rule (like a serial number). So, the hacker won't know how to generate new valid card IDs unless he accesses my code and knows the rule.
The last concern: Checking all the constraints mentioned above, doesn't it hit the performance considerably? If so, what should we do then?!!!
Any helping ideas are most welcome and greatly appreciated!
I know what asymmetric encryption is and know that it's much slower than symmetric. What kind of info should I search on asymmetric encryption? And why do you think that performance won't be an issue?!
thanks in advance