First of all wishing you a happy and prosperous New Year!!
Hoping that your image creation is working well, just assign the value shown in the Captcha into a session variable. This session variable should be reset or assigned new value each time the script is executed.
That's all my suggession.
If you want a script to generate the Captcha then, is as if doing the full job.
I have an application where I need to get Request.ServerVariables("LOGON_USER") and it is not returning a value. I have googled and found several articles that say I need to go to Directory Security -> Authentication and access control and uncheck "Enable anonymous access" and check "Integrated windows authentication". I have done this and even tried restarting IIS. I have also gone to Internet Options->Advanced in IE7 and made sure "Enable Integrated Windows Authentication" is checked.
These are the things I have found from searching but I have done them so what else have I forgotten? Thank you for any help.
First of all: best wishes for the coming year!.
Unfortunately I am still working on this last day of 2008, and hope someone else is too....I am building a website for a company that does inspections on seagoing vessels. They produce reports of these inspections and want to make those reports available to the customers through their website. It is obviously no problem to provide a login to a restricted page for a particular customer, on which he can see a list of the reports (pdf files) he can download. I am using php for this. However, should anyone know the location and the names of the relevant files, this would enable them to download the file by just entering its url, bypassing my beautifull login script (I can protect the php page against showing without login, but the pdf files themselves obviously do not have any coding that allows to protect them)
Does anyone have any idea how to make sure that the downloadable files can only be reached through my php page and not directly through their url's?
But there are another ways to protect your files to some extent. I am not a php developer, so i cannot help in code part, but i can suggest you the ways that we use in .net for security.
1. Do not give the direct link for download to user. Hide the link and push the download from the server. e.g. as the software download is pushed by downloads.com.
In .net we use 'Response' method for the same.
2. Protect your PDF files with password. This is also one security concern.
3. Don not give the download from site. Just send the attachment in mail to the user who requested it.
1) If the file is exposed it will be available to anyone with enough time and interest in retrieving it
2) Possible, but how you give out password?
3) Impractical. I want to read the pdf now, not later in an email which can be delayed or blocked by spam filters. If the user is traveling and and doesn't have access to email how would they read the file? Wait until later?
Amandeep Singh Bhullar wrote:
the ways that we use in .net for security.
You may use these methods, but I certainly wouldn't, with the exception of #2.
1. When a download is pushed from the server the file complete path is never exposed. It is from the page that is being opened, but a threat level is always there.
2. He has not defined that the PDF will be generated by System or manually. If manual, then it can be password protected, before being uploaded to server.
3. How much time it takes to send a mail. Hardly a minute or two or five. For security it does not matter. Regarding spam, the address can be added in Contact List. Last, if the User is traveling, and can access the website, but not mail, how is this possible(IF there are firewalls, or proxy's).
There is also a fourth option in .net,i.e., if you have used the rapidshare.com, it does not start the download even if you typed the complete path of file in address bar. I can implement that in .net, but have no idea of php.
Securing a file little is always better than leaving it in open. Atleast the person who is interested, will have to do the extra workout.
I am using a drop down list in asp.net 2.0
What i want to do is, user will not select the states but user can select the cities in that, means, according to that country, cities will be listed in same drop down list.
I believe , you are using database for that. so in a Dropdown list just read all the States name , when user select state name from dropdown, just create simple query which will retrieve the city name based on states and bind them in a dropdown list.
following Exception occurs on using grid.rendercontrol(hw)
Control of type 'DataGridLinkButton' must be placed inside a form tag with runat=server.
i am working on a web application built in asp.net and vb.net framework 1.1
i need to export a grid to excel using a button click.code for button click is given below
the code snippet works fine for one web page but causes exception on the other.
Private Sub Button1_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button1.Click
Response.ContentType = "application/vnd.ms-excel"
Response.Charset = ""
Dim tw As New System.IO.StringWriter
Dim hw As New System.Web.UI.HtmlTextWriter(tw)
Grid.RenderControl(hw)-- exception caused here
Not able to find where is the problem....Please help