Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 2 of 2
  1. #1
    New to the CF scene
    Join Date
    Sep 2005
    Posts
    1
    Thanks
    0
    Thanked 0 Times in 0 Posts

    ASP Query String Problem

    Hello,

    Can someone help me with this problem? To summarise this script works in so much as is it scrambles the query string (preventing people from guessing it) however the SQL statement in the project.asp page seems to be using the jumbled value instead of decoding it first then using the original value of project_id.

    (The original tutorial can be found here: http://www.tutorialized.com/tutorial...ng-Values/2190)

    Here is the code:


    Detail.asp

    <%@LANGUAGE="VBSCRIPT" CODEPAGE="1252"%>
    <!--#include file="Connections/01.asp" -->

    <%
    Randomize timer
    ' Randomizing the timer function
    rndNum = abs(int((rnd() * 3001)))
    ' To generate a prime based, non-negative random number..
    rndNum = rndNum + 53
    Session("rndNum") = rndNum
    'We place the random number value in a session variable so that we can use it again in the next page
    %>

    <%
    Dim rs_project__MMColParam
    rs_project__MMColParam = "1"
    If (Session("mm_username") <> "") Then
    rs_project__MMColParam = Session("mm_username")
    End If
    %>
    <%
    Dim rs_project
    Dim rs_project_numRows

    Set rs_project = Server.CreateObject("ADODB.Recordset")
    rs_project.ActiveConnection = MM_01_STRING
    rs_project.Source = "SELECT DISTINCT tblproject .* FROM tblcompany,tbluser, tblproject, tblfiles WHERE tblcompany.user_id =tbluser.user_id and tbluser.user_name = '" + Replace(rs_project__MMColParam, "'", "''") + "' and tblcompany.customer_id = tblproject.customer_id and tblproject.project_id = tblfiles.project_id"
    rs_project.CursorType = 0
    rs_project.CursorLocation = 2
    rs_project.LockType = 1
    rs_project.Open()

    rs_project_numRows = 0
    %>
    <%
    Dim Repeat1__numRows
    Dim Repeat1__index

    Repeat1__numRows = -1
    Repeat1__index = 0
    rs_project_numRows = rs_project_numRows + Repeat1__numRows
    %>
    <%
    Dim MM_paramName
    %>
    <%
    ' *** Go To Record and Move To Record: create strings for maintaining URL and Form parameters

    Dim MM_keepNone
    Dim MM_keepURL
    Dim MM_keepForm
    Dim MM_keepBoth

    Dim MM_removeList
    Dim MM_item
    Dim MM_nextItem

    ' create the list of parameters which should not be maintained
    MM_removeList = "&index="
    If (MM_paramName <> "") Then
    MM_removeList = MM_removeList & "&" & MM_paramName & "="
    End If

    MM_keepURL=""
    MM_keepForm=""
    MM_keepBoth=""
    MM_keepNone=""

    ' add the URL parameters to the MM_keepURL string
    For Each MM_item In Request.QueryString
    MM_nextItem = "&" & MM_item & "="
    If (InStr(1,MM_removeList,MM_nextItem,1) = 0) Then

    MM_keepURL = MM_keepURL & MM_nextItem & Server.URLencode(Request.QueryString(MM_item))
    End If
    Next

    ' add the Form variables to the MM_keepForm string
    For Each MM_item In Request.Form
    MM_nextItem = "&" & MM_item & "="
    If (InStr(1,MM_removeList,MM_nextItem,1) = 0) Then
    MM_keepForm = MM_keepForm & MM_nextItem & Server.URLencode(Request.Form(MM_item))
    End If
    Next

    ' create the Form + URL string and remove the intial '&' from each of the strings
    MM_keepBoth = MM_keepURL & MM_keepForm
    If (MM_keepBoth <> "") Then
    MM_keepBoth = Right(MM_keepBoth, Len(MM_keepBoth) - 1)
    End If
    If (MM_keepURL <> "") Then
    MM_keepURL = Right(MM_keepURL, Len(MM_keepURL) - 1)
    End If
    If (MM_keepForm <> "") Then
    MM_keepForm = Right(MM_keepForm, Len(MM_keepForm) - 1)
    End If

    ' a utility function used for adding additional parameters to these strings
    Function MM_joinChar(firstItem)
    If (firstItem <> "") Then
    MM_joinChar = "&"
    Else
    MM_joinChar = ""
    End If
    End Function
    %>
    <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
    <html>
    <head>
    <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
    <title>Untitled Document</title>
    </head>

    <body>
    <p>&nbsp;</p>
    <p>Click on the link to open Project directory</p>





    <%
    While ((Repeat1__numRows <> 0) AND (NOT rs_project.EOF))
    %>
    <p><%=(rs_project.Fields.Item("project_name").Value)%> - <%=(rs_project.Fields.Item("project_description").Value)%> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</p>
    <br>
    <A HREF="project.asp?<%= Server.HTMLEncode(MM_keepURL) & MM_joinChar(MM_keepURL) & "project_id=" & rs_project.Fields.Item("project_id").Value*rndNum %>">Detail</A>
    <br>

    <%
    Repeat1__index=Repeat1__index+1
    Repeat1__numRows=Repeat1__numRows-1
    rs_project.MoveNext()
    Wend
    %>
    <p>&nbsp;</p>
    <p>&nbsp;</p>
    </body>
    </html>
    <%
    rs_project.Close()
    Set rs_project = Nothing
    %>



    Project.asp


    <%@LANGUAGE="VBSCRIPT" CODEPAGE="1252"%>
    <!--#include file="Connections/01.asp" -->

    <%
    Dim project_id
    project_id = (request.querystring("project_id") / Session("rndNum"))
    ' We are dividing the record ID query string value with the same formula to un-scramble and pass the actual record ID to the SQL statement
    'Session.abandon
    ' Releasing Session value for the next record
    %>
    <%= Session("rndNum") %>
    <%
    Dim rs__MMColParam
    rs__MMColParam = 0
    If (Request("project_id") <> "") Then
    rs__MMColParam = project_id
    End If
    %>
    <%
    Dim rs_files
    Dim rs_files_numRows

    Set rs_files = Server.CreateObject("ADODB.Recordset")
    rs_files.ActiveConnection = MM_01_STRING
    rs_files.Source = "SELECT * FROM tblfiles WHERE project_id = '" + Replace(rs_files__MMColParam, "'", "''") + "'"
    rs_files.CursorType = 0
    rs_files.CursorLocation = 2
    rs_files.LockType = 1
    rs_files.Open()

    rs_files_numRows = 0
    %>
    <%
    Dim Repeat1__numRows
    Dim Repeat1__index

    Repeat1__numRows = -1
    Repeat1__index = 0
    rs_files_numRows = rs_files_numRows + Repeat1__numRows
    %>
    <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
    <html>
    <head>
    <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
    <title>Untitled Document</title>
    </head>

    <body>
    <p>&nbsp;</p>
    <h3>A List of Downloadable Files: </h3>








    <p><br>
    <%
    While ((Repeat1__numRows <> 0) AND (NOT rs_files.EOF))
    %>
    <%=(rs_files.Fields.Item("file_name").Value)%><br>
    <br>
    <%
    Repeat1__index=Repeat1__index+1
    Repeat1__numRows=Repeat1__numRows-1
    rs_files.MoveNext()
    Wend
    %>
    <br>
    <% Response.Write ( request.querystring("project_id") / Session("rndNum") ) %>
    <br>
    <% Response.Write (Session("rndNum") ) %>
    <br>
    <% Response.Write ( request.querystring("project_id")) %>
    </p>
    </body>
    </html>
    <%
    rs_files.Close()
    Set rs_files = Nothing
    %>
    Last edited by andyww14; 09-16-2005 at 11:24 AM.

  • #2
    Regular Coder
    Join Date
    Apr 2005
    Location
    Lisbon, CT
    Posts
    339
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Code:
    rs_files.Source = "SELECT * FROM tblfiles WHERE project_id = '" + Replace(rs_files__MMColParam, "'", "''") + "'"
    where did this come from or did you intend for it to be rs_MMColParam?

    BaldEagle


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •