asp-classic

问题 I wanted to post this here as it is very much coding related and was something I had to clean up this week on one of my company's old ASP (classic) sites. We got hit with the SQL injection attack that was run just a few days ago, but I'm scratching my head WHAT exactly the 'damage' was to the SQL server (via these SQL queries). To be honest, I thought it was very ingenious the way this was carried out, and its my companies fault for having an old 10 year old site with little to no sanitized

问题 How I can pass a query string with special characters? For example I need to pass "&" inside my query string as below: ../solrresults.asp?mode=search&data=M & S 回答1: Use Server.UrlEncode: URLEncode converts characters as follows: Spaces ( ) are converted to plus signs (+). Non-alphanumeric characters are escaped to their hexadecimal representation. Use it this way; <a href="page2.asp?name=<%= Server.URLEncode(sName) %>">here</a> 回答2: As stated, the UrlEncode method would be the way to go.

问题 We're migrating an existing website from IIS6 to IIS7, but are experiencing some difficulty in setting up the 404 error page. Our 404-errorpage works like this: A custom ASP-page checks the URL against a short list of 'special' URLs (e.g. http://example.com/limited-offers). If the URL is known, it redirects to the actual URL of that page. Otherwise the visitor is redirected to a static errorpage with a 404-statuscode. With IIS6 this worked as advertised, but with IIS7 some things have changed

问题 I have been trying to access a .NET Assembly that I have created in classic ASP using dim foo set foo = Server.CreateObject("TestAssembly.MyClass") The problem is I'm getting an error: Server object error 'ASP 0177 : 800401f3' Server.CreateObject Failed /test.asp, line 4 Invalid class string I have registered the assembly (TestAssembly.dll) using gacutil and regasm as instructed in the article: Replacing Old Classic ASP COM Components with .NET Assemblies which I referenced from another

问题 I'm trying to fix an ASP Classic app and when I try to create an array from a Recordset Object. However I Can't get it to work correctly. This code gives me a single record (the last one), but as far as I can see it is correct: Dim Products Dim Products_cmd Dim Products_numRows Set Products_cmd = Server.CreateObject ("ADODB.Command") Products_cmd.ActiveConnection = Conn Products_cmd.CommandText = "SELECT prod_id, prod_description FROM dbo.products ORDER BY prod_description ASC" Products_cmd

问题 I am supporting a Classic ASP application that connects to a payment gateway via HTTPS. Up until recently there have been no issues. A few days ago the latest updates were installed on the server (Windows Server 2003) and caused the site to break. A code snippet is below. Dim oHttp Dim strResult Set oHttp = CreateObject("MSXML2.ServerXMLHTTP") oHttp.setOption(2) = 13056 oHttp.open "POST", SOAP_ENDPOINT, false oHttp.setRequestHeader "Content-Type", "application/soap+xml; charset=utf-8" oHttp

问题 I am running a program on classic ASP and inserting into a database with the following: CreateJob.CommandText = "INSERT INTO dbo.Jobs (JobID, CompanyName, DateReceived, DateOfDocument, ClientReference, Subject, TypeOfService,DueDate,AssignedAgent, ClientName, Plaintiff, Defendant1, Defendant2, Defendant3, CourtJurisdiction, Court, Subtype, CourtNumber, Amount, ServiceMethod, JobNotes, JobStatus, CreatedBy, CreatedDate) VALUES (" & Request.Form("jobid") & ", '""" & Request.Form("compname") & "

问题 I am running a program on classic ASP and inserting into a database with the following: CreateJob.CommandText = "INSERT INTO dbo.Jobs (JobID, CompanyName, DateReceived, DateOfDocument, ClientReference, Subject, TypeOfService,DueDate,AssignedAgent, ClientName, Plaintiff, Defendant1, Defendant2, Defendant3, CourtJurisdiction, Court, Subtype, CourtNumber, Amount, ServiceMethod, JobNotes, JobStatus, CreatedBy, CreatedDate) VALUES (" & Request.Form("jobid") & ", '""" & Request.Form("compname") & "

问题 I'm trying to execute classic ASP pages on a windows 2008 64 bit R2 box. Initially the problem was with registering dlls : That's now fixed. Register DLL file on Windows Server 2008 R2 Now when I try to access the page I get this error Active Server Pages error 'ASP 0241' CreateObject Exception index.asp The CreateObject of '(null)' caused exception C0000005. Server object error 'ASP 0177 : c0000005' When I change the code from Server.CreateObject to CreateObject .. I end up with this error

问题 I'm trying to understand how ASP classic handles strings internally. I've googled and debugged, but I still don't know how a string is encoded within the ASP script. See the illustration below. Is input data transformed so that all string variables have the same encoding no matter what source? Most ASP-pages are saved on disk as utf-8. They do however #include asp-files that are saved with another encoding. A the top of front-end-pages I set the Response encoding to unicode. response.codepage