I've played with ASP classic and VB Script a few years since that's what we have at our company, but this is really bothering me. We bought the CJWSoft ASP Protect, and did some customizing, if anyone is familiar with it. Every page I log into ends with a question mark at the end of the URL and displays an internal server 500 error (using a testing server: Windows Web Server 2008 R2). One would think it would always go to the default.asp page upon login, but that doesn't happen unless I open a new window, which it's set to not store cookies. I can access any page I log into after I clear the question mark at the end of the URL. I have IT guys here, but we're not sure what's causing it.
(IP Address/Default.asp? [or] IP Address/password_admin/default.asp?) produces an
Internal Server Error 500.
Remove the ? and I'm into any of the pages on the server. Why?
I think the following script may have something to do with it, or whatever relates to it...
If Session("PasswordAccess") = "No" Then
Thispage = Request.ServerVariables("script_name")
Else
'Thispage = Request.ServerVariables("script_name") & "?" & Request.Querystring & Request.Form
'Setting Below is more secure than the setting above which allows form post data to be re-returned to the page
Thispage = Request.ServerVariables("script_name") & "?" & Request.Querystring
End If
Please help me resolve the question mark, anything else is a grand bonus!
What about only appending that ? if the query string isn't empty?
Like
<%
Thispage = Request.ServerVariables("script_name")
Dim qst : qst = Request.ServerVariables("QUERY_STRING")
if qst<>"" then Thispage = Thispage & "?" & qst
%>
Related
We have an old Microsoft Access font end that serves as the GUI to our user database. I was never much of a VBA person so as I go through fixing bugs I'm learning as I go.
Our Access DB has a number of commands to sync info to Active Directory. One such command is to add a user to a group. However, whenever the group contains a / the group is never added.
The debug produces this as:
Run-time error -2147463168 (80005000)': Automation Error".
Printing out the targetgroup shows the DN as I expect it. Trying to escape the / before the GetObject doesn't help and causes its own auth error.
Here's the top part of the function -
Function AddGroup(TargetGroup, strUserID, Optional strOptReqBy)
Dim objDL
Set objUser = GetObject("LDAP://" & GetDName(CStr(strUserID)))
Set objDL = GetObject("LDAP://" & TargetGroup)
On Error Resume Next
objDL.Add (objUser.ADsPath)
objDL.SetInfo
On Error GoTo 0
This works fine if the group does not contain a /.
Debug points to Set objDL = GetObject("LDAP://" & TargetGroup)
Looking for some input on why this is happening. Thanks!
In an LDAP path, the / is a separator. Not only is the // used near the beginning, but you can also specify the server you want to connect to, followed by a /, then the DN of the object, like this:
LDAP://example.com/DC=example,DC=com
That's necessary if the computer you're running this from isn't not joined to the same (or trusted) domain than the domain you're connecting to.
So that means that if the DN of the object you want to bind to has a /, it will think that everything before the / is a server to connect to and it explodes.
So you just need to escape it, which, as you've already learned, is done with a \:
LDAP://OU=This\/That,DC=example,DC=com
So yeah, a simple replace will do:
Set objUser = GetObject("LDAP://" & Replace(GetDName(CStr(strUserID)), "/", "\/")
Don't feel bad. Even Microsoft has this bug in their code.
I have a VBScript that is hosted in a network share. I have a link set up on a page to access that script via the web browser (i.e. \\server\script.vbs). Is it possible to pass in a variable/argument into that script via a hyperlink? I already tried \\server\script.vbs Argument and \\server\script.vbs%20Argument neither work. The script works fine with no argument. I scoured the web trying to find a way and fear that it is not possible so I thought I would ask here before I just make separate scripts with the arguments built in instead. The script sample is below:
Dim Var1
If Wscript.Arguments.Count = 0 then
WScript.Echo "Missing parameters"
Else
Var1 = wscript.arguments(0)
MsgBox "Passed in Variable: " + Var1
End If
You can use ASP, but you need to add the feature to the IIS role on the web server, configure the authentication (strongly recommend Windows authentication, NOT anonymous), and create an ASP page to capture the inline parameter (querystring) value and display it. If the page is "test.asp", the sample below would be called at http://myserver/test.asp?arg1=123. It would display "You entered: 123"
<%
x = Trim(Request.QueryString("arg1"))
Response.Write "You entered: " & x
%>
I'm not sure you can, however you could link instead to an ASP page and have it run the VBS file - this code for that page should be close:
<SCRIPT LANGUAGE=vbscript>
dim oWs
Set oWs= CreateObject("WScript.shell")
oWs.Run "\\yourserver\yourscript.vbs?ParameterNameHere=" & Request.QueryString("ParameterNameHere"), 1, True
Set oWs = Nothing
</SCRIPT>
I have a basic MS Access application that has a button on a form that should open a webpage with the ID of the Access record as the parameter, but everything I have tried results either in an error by Access or only the base URL opening in the web page.
I have tried adding VBA to the button's click event as so:
Application.FollowHyperlink _
"http://example.com/index.php?r=controller/action&id=" & Me.ID
but all I get is the base URL opening on the web browser (ie http://example.com). If I remove the '?' and the '&' from the full URL the button will open the browser with the full URL minus the '?' and the '&', which of course errors the page.
I have tried setting a hyperlink control's property as:
="http://example.com/index.php?r=controller/action&id=" & Me.ID
but it does the same thing as noted above.
I have tried creating a Macro with the same results. I have tried using the Hyperlink Builder and using [formName]![id] as the parameter but same thing happens or Access errors.
I have read this article: https://msdn.microsoft.com/en-us/library/office/ff822080.aspx and tried adding the part in the URl after 'index.php/ to the ExtraInfo place in the code, but same thing.
Help! It can't be that hard to simply have Access open a URL with a parameter on the end of the URL.
Application.FollowHyperlink is fickle.
Use either ShellExecute:
Open an html page in default browser with VBA?
or
CreateObject("Shell.Application").Open "http://example.com/index.php?r=controller/action&id=" & Me.ID
see https://stackoverflow.com/a/18922262/3820271
If the URL is in a string variable, you may need to cast it to Variant, because that's what Shell.Application.Open expects:
strUrl = "http://example.com/index.php?r=controller/action&id=" & Me.ID
CreateObject("Shell.Application").Open CVar(strUrl)
see https://stackoverflow.com/a/56173911/3820271, thanks Toby and Anthony for pointing this out!
Note that if you are having issues with CreateObject("Shell.Application").Open not working with a variable, it might be a casting issue - try tossing a CVar() around the parameter. See https://stackoverflow.com/a/56173911/8512931 for more details.
So... here's the thing...
I'm connected through sky, which have dynamic IPs and my IP changes once in a while. I'm running a small website from home, the website has, among other things, three video streams from my ip cameras. Now, I don't want to update my code every time the ip changes, so there is this bit at the top of my file:
Response.Buffer = True
Dim objXMLHTTP, xml
Set xml = Server.CreateObject("Microsoft.XMLHTTP")
xml.Open "GET", "http://myip.dnsomatic.com/", False
xml.Send
externalIP = xml.responseText
Set xml = Nothing
My ip changed a while ago, but above code was returning my old IP! When I visited http://myip.dnsomatic.com/, it shown the correct, new IP. The situation persisted as long as I didn't restart my machine. I would like to know why the code behaves like that? Why it doesn't return correct IP right away?
There is one more thing I do not understand... My website has a comments feature, where users can leave a comment. My addComment.asp file checks if the session expired first:
if Session("userID") = "" or Session("username") = "" then
Response.Write("<SCRIPT LANGUAGE=JavaScript>")
Response.Write("alert('Your session has expired...');")
Response.Write("window.location.href='index.html';")
Response.Write("</SCRIPT>")
end if
If the session hasn't expired, the comment is added to the database and the page is updated, but if the session expired, it doesn't go back to index.html, instead, the INSERT INTO statement, which I use to insert the comment into corresponding table, throws an error! That statement is way below above code, theoretically it should never be executed. Any ideas?
I should also add that if the above code is modified following way:
if Session("userID") = "" or Session("username") = "" then
Response.Redirect("index.html")
end if
everything works fine in both cases (session expired and not expired), but I would like a message telling the user about the expiration to pop up. Here's the INSERT INTO statement, which I don't think contains any errors:
conn.Open connStr
commText = "INSERT INTO Messages (ID,
userID,
messageDate,
messageText)
VALUES (" & (recordsQty + 1) & ",
" & currentUserID & ",
#" & Now & "#,
'" & commentText & "')"
conn.Open connStr
conn.Execute commText
conn.Close()
This is just a theory, but I'm guessing that you're getting stale results because it's being cached somewhere. Untested code, but I believe this will solve your problem if it's caching:
Set xml = Server.CreateObject("Microsoft.XMLHTTP")
xml.Open "GET", "http://myip.dnsomatic.com/", False
xml.setRequestHeader "If-None-Match", "some-random-string"
xml.setRequestHeader "Cache-Control", "no-cache,max-age=0"
xml.setRequestHeader "Pragma", "no-cache"
xml.Send
As for continuing to get an error after redirecting, the mistake you're making is not separating server-side from client-side execution of code. Unless aborted, the server-side code will continue to execute to the end. Response.Redirect(String) aborts the execution, although not in a particularly clean way: http://msdn.microsoft.com/en-us/library/t9dwyts4%28v=vs.110%29.aspx
It's much better to modify your code so that it can continue all the way to the end. For example, this may not be pretty depending on how much code you have, but putting the non-redirect path inside of an else block of the if Session("userID") ... block would work.
Edit: I don't have the rep to post comments, but I don't believe this is a DNS caching issue at all, as the myip.dnsomatic.com is simply returning the IP of the client it's serving, which you're then, I assume, directly connecting to. If that's the case, DNS (other than resolving the myip.dnsomatic.com name) isn't involved at all.
I'm doing some work on ASP 3.0 and haven't been able to get this down. ASP will correctly break (and return a 500 error) if there's a syntax error, but if i (on purpose) write a bad sql query and then execute the query, it will just print the returned SQL error right on the HTML, instead of breaking. This would be the code (just re-wrote the sql). Also note that this is not part of a function. It's right there on the page code.
set cn = server.createobject("ADODB.Connection")
cn.open sConn
sql= "select thiscolumndoesnotexist from table1 "
set rs01 = server.createobject("ADODB.Recordset")
rs01.Open sql, cn, 0
%>
Now, I'm sure that "On Error Resume Next" is not active, because if i break the page on ASP syntax, it will break right away. So i tried doing something like
On Error GoTo ErrorControl
code here..
ErrorControl:
Response.Status "500 You broke it"
Resume NExt
but then, the page breaks because of the On Error GoTo ErrorControl, right where "ErrorControl" started. As if it didn't support a named error handler.
I also tried setting On Error Resume Next and then var error = Server.GetLastError(), however, it appeared as if there was no error. I think i recall reading that Server.GetLastError would only work if no output had been sent to the client (which is my case, since it's a HTML being output, and by the time the error happens, half the document has already been sent).
Any ideas? Any help is greatly appreciated. Thanks.
As if it didn't support a named error handler.
Well yeah because it doesn't.
What you need to do is turn buffering on. Either turn it on at the application level in IIS manager or use Response.Buffer = True before any content in the ASP file (static or dynamic) has been sent to the client.