How to get the request.body value in asp classic? - asp-classic

In an .asp classic page I´m getting a POST send to me(a JSON string) and it is send in the request.body, says the guy how send it.
But if I just have theresponse=request.form I am not getting anything?
So how do I get the value from a request.body?

Some payment gateway API's I've used in the past have sent responses in this fashion. The data (JSON) is sent as a binary body post.
To read it you need to use Request.BinaryRead with Request.TotalBytes, then use Adodb.Stream to convert the binary to UTF8 text:
Response.ContentType = "application/json"
Function BytesToStr(bytes)
Dim Stream
Set Stream = Server.CreateObject("Adodb.Stream")
Stream.Type = 1 'adTypeBinary
Stream.Open
Stream.Write bytes
Stream.Position = 0
Stream.Type = 2 'adTypeText
Stream.Charset = "utf-8"
BytesToStr = Stream.ReadText
Stream.Close
Set Stream = Nothing
End Function
' You shouldn't really be receiving any posts more than a few KB,
' but it might be wise to include a limit (200KB in this example),
' Anything larger than that is a bit suspicious. If you're dealing
' with a payment gateway the usual protocol is to post the JSON
' back to them for verification before processing.
if Request.TotalBytes > 0 AND Request.TotalBytes <= 200000 then
Dim postBody
postBody = BytesToStr(Request.BinaryRead(Request.TotalBytes))
Response.Write(postBody) ' the JSON... hopefully
end if

Related

SagePay RedirectURL failure

Using server integration and .net, I post the original request to SagePay and get the NextURL fine, and so go to the payment pages... step through them OK, but then I get the error:
Server error 5006: Unable to redirect to Vendor's web site. The Vendor failed to provide a RedirectionURL.
HTTP error 500: The request was unsuccessful due to an unexpected condition encountered by the server.
But I am sending a RedirectionURL (though the docs call is RedirectURL, which is somewhat confusing - anyway, I've tried using both. This si what I'm sending back from my NotificatioURL - what's wrong?
Dim sb As New StringBuilder
sb.Append("Status=OK")
sb.Append("&StatusDetail=Fine")
sb.Append("&RedirectURL=https://mydomain.co.uk/sagepay.aspx")
Dim urlTEST As String = "https://test.sagepay.com/gateway/service/vspserver-register.vsp"
Dim urlLIVE As String = "https://live.sagepay.com/gateway/service/vspserver-register.vsp"
Try
Dim data As Byte() = Encoding.UTF8.GetBytes(sb.ToString)
Dim request As WebRequest = WebRequest.Create(urlTEST)
request.Method = "POST"
request.ContentType = "application/x-www-form-urlencoded"
request.ContentLength = data.Length
ServicePointManager.ServerCertificateValidationCallback = AddressOf ValidateRemoteSSLCertificate
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12
Dim stream = request.GetRequestStream()
stream.Write(data, 0, data.Length)
stream.Close()
Dim response As WebResponse = request.GetResponse()
response.Close()
Catch ex As Exception
'log error
End Try
Update: I gather this POST (unlike the initial one with the basket info) requires that the data be sent plain text key-value pairs separated by CrLf's, so I amended this to
Dim sb As New StringBuilder
sb.AppendLine("Status=OK")
sb.AppendLine("StatusDetail=Fine")
sb.Append("RedirectURL=https://mydomain.co.uk/sagepay.aspx")
but it still fails with the same errors. I also tried using, instead of the WebRequst class, the simpler:
Dim client As WebClient = New WebClient()
Dim reply As String = client.UploadString(urlTEST, sb.ToString)
But still no joy. Also tried changing the request.ContentType to "text/plain", but nope.
Come on, someone, please - this si basic to the their operations, someone must have done it....
Blimey - it never pays to be clever. This script doesn't require WebRequest or anything, just write to the simple Response object. Sigh.. as Linus said ....

Problems With Paypal Express Checkout Integration (WEBREQUEST)

So I was struggling with making head or tail out of the PayPal documentation and always felt that something was not right with my Webrequest.
So I stripped all the code back to basic and simply submitted the request via HTTP and the PLUS side is that I now get a response back from the PayPal sandbox server where ACK=Success and TOKEN=Valid-token-value-here there are some other variables returned too, such as CORRELATIONID and TIMESTAMP.
And hence so I tried some of the webrequest samples and I simply get a blank screen instead of being redirected to Paypal for the (sandbox) customer to complete payment.
So if anyone can post their WebRequest method that would be great.
Here is the code I used for my webrequest, I'm sure its wrong but cannot pinpoint where it is going wrong.
Also, when I run the code on my localhost during debugging, everything works fine and the call is completed with SUCCESS and a TOKEN is received.
When I run it live, I recieve Error Number 5 in the Error exception and also the text `Remote host failed to connect' in the STATUS DESCRIPTION.
THIS IS THE UPDATED CODE
Function MakeWebRequest(ByVal pUseSandbox As Boolean, ByVal pRequestMethod As String, ByVal pReturnUrl As String, ByVal pCancelUrl As String, ByRef pRtnStatus As String, ByRef pRtnStatusId As HttpStatusCode, ByRef pRtnResponseString As String) As Boolean
'
Dim _sxHost As String = Nothing
Dim _sxEndpoint As String = Nothing
Dim _sxNameValCol As System.Collections.Specialized.NameValueCollection = Nothing
Dim _sxResponseCol As System.Collections.Specialized.NameValueCollection = Nothing
Dim _sxCounta As Integer = Nothing
Dim _sxParamsString As String = Nothing
'
'-> Init
_sxParamsString = ""
MakeWebRequest = False
_sxNameValCol = New System.Collections.Specialized.NameValueCollection()
_sxResponseCol = New System.Collections.Specialized.NameValueCollection()
If pUseSandbox Then
_sxHost = "http://www.sandbox.paypal.com"
_sxEndpoint = "https://api-3t.sandbox.paypal.com/nvp"
Else
_sxHost = "http://www.paypal.com"
_sxEndpoint = "https://api-3t.paypal.com/nvp"
End If
'-> Create Request
Try
'-> Key/Value Collection Params
_sxNameValCol.Add("METHOD", "SetExpressCheckout")
_sxNameValCol.Add("USER", _UserName)
_sxNameValCol.Add("PWD", _Password)
_sxNameValCol.Add("SIGNATURE", _Signature)
_sxNameValCol.Add("PAYMENTREQUEST_0_AMT", Format(_Basket.BasketTotalIncDelivery / 100, "0.00"))
_sxNameValCol.Add("PAYMENTREQUEST_0_PAYMENTACTION", "Sale")
_sxNameValCol.Add("PAYMENTREQUEST_0_CURRENCYCODE", "GBP")
_sxNameValCol.Add("RETURNURL", pReturnUrl)
_sxNameValCol.Add("CANCELURL", pCancelUrl)
_sxNameValCol.Add("REQCONFIRMSHIPPING", "0")
_sxNameValCol.Add("NOSHIPPING", "2")
_sxNameValCol.Add("LOCALECODE", "EN")
_sxNameValCol.Add("BUTTONSOURCE", "PP-ECWizard")
_sxNameValCol.Add("VERSION", "93.0")
'-> UrlEncode
For _sxCounta = 0 To _sxNameValCol.Count - 1
If _sxCounta = 0 Then
_sxParamsString = _sxParamsString & _sxNameValCol.Keys(_sxCounta) & "=" & HttpUtility.UrlEncode(_sxNameValCol(_sxCounta))
Else
_sxParamsString = _sxParamsString & "&" & _sxNameValCol.Keys(_sxCounta) & "=" & HttpUtility.UrlEncode(_sxNameValCol(_sxCounta))
End If
Next
'-> Credentials (not used)
'_sxRequest.Credentials = CredentialCache.DefaultCredentials
Try
Dim _sxRequest As WebRequest = DirectCast(System.Net.WebRequest.Create(_sxEndpoint), System.Net.HttpWebRequest)
'-> Convert request to byte-array
Dim _sxByteArray As Byte() = Encoding.UTF8.GetBytes(_sxParamsString)
_sxRequest.Method = "POST" 'Our method is post, otherwise the buffer (_sxParamsString) would be useless
_sxRequest.ContentType = "application/x-www-form-urlencoded" 'We use form contentType, for the postvars
_sxRequest.ContentLength = _sxByteArray.Length 'The length of the buffer (postvars) is used as contentlength
Dim _sxPostDataStream As System.IO.Stream = _sxRequest.GetRequestStream() 'We open a stream for writing the postvars
_sxPostDataStream.Write(_sxByteArray, 0, _sxByteArray.Length) 'Now we write, and afterwards, we close
_sxPostDataStream.Close() 'Closing is always important!
'-> Create Response
Dim _sxResponse As HttpWebResponse = DirectCast(_sxRequest.GetResponse(), HttpWebResponse)
'-> Get Response Status
pRtnStatus = _sxResponse.StatusDescription
pRtnStatusId = _sxResponse.StatusCode
'-> Reponse Stream
Dim _sxResponseStream As Stream = _sxResponse.GetResponseStream() 'Open a stream to the response
'-> Response Stream Reader
Dim _sxStreamReader As New StreamReader(_sxResponseStream) 'Open as reader for the stream
pRtnResponseString = _sxStreamReader.ReadToEnd() 'Read the response string
MakeWebRequest = True
'-> Tidy up
_sxStreamReader.Close()
_sxResponseStream.Close()
_sxResponse.Close()
_sxByteArray = Nothing
_sxPostDataStream = Nothing
_sxRequest = Nothing
_sxResponse = Nothing
_sxResponseStream = Nothing
_sxStreamReader = Nothing
Catch ex As Exception
pRtnStatusId = Err.Number
pRtnStatus = "response(" & ex.Message & ")"
Decode(pRtnResponseString, _sxResponseCol)
pRtnResponseString = Stringify(_sxResponseCol)
End Try
Catch ex As Exception
pRtnStatusId = Err.Number
pRtnStatus = "request(" & ex.Message & ")"
Decode(pRtnResponseString, _sxResponseCol)
pRtnResponseString = Stringify(_sxResponseCol)
End Try
'-> Tidy Up
_sxHost = Nothing
_sxEndpoint = Nothing
_sxNameValCol = Nothing
_sxResponseCol = Nothing
_sxCounta = Nothing
_sxParamsString = Nothing
'
End Function
OK, so it's now clear that you're not getting any response from the server because your server isn't able to connect to PayPal's servers at all. Hence, you got no server-response and the message Unable to connect to the remote server. When I tested, I got a HTTP 200 response with the following body:
TIMESTAMP=2015-07-07T09:07:39Z&CORRELATIONID=7f4d2313c9696&ACK=Failure&VERSION=93.0&BUILD=17276661&L_ERRORCODE0=10002&L_SHORTMESSAGE0=Authentication/Authorization Failed&L_LONGMESSAGE0=You do not have permissions to make this API call&L_SEVERITYCODE0=Error
Obviously that's because I tested with a blank username and password.
So, something is wrong with your server setup that's preventing you from making outside connections, either at the IIS level or due to your firewall configuration.
Without physically being present at your machine, there's not a lot we can do to track down what's blocking it, but you can try opening HTTP requests to other public websites like Google.com and see if those succeed.

Classic ASP IIS 6 Response buffer limit exceeded

I have a Classic ASP application which allows users to download excel documents provided by a 3rd party vendor. Below is sample code. If the document size is greater than 4mb, I get an error "Response buffer limit exceeded".
I did some research and tried different things. Only increasing the buffer limit in IIS resolved my issue. But my systems team is reluctant to make this change on production.
Is there an alternate solution? Is there a solution available in ASP.Net?
set objDoc = Server.createobject("Some.Object")
objDoc.DocId doc_id
bin_obj = objDoc.Binary
set objDoc = Nothing
Response.buffer = TRUE
Response.ContentType = "application/msexcel"
Response.AddHeader "Cache-Control", "public"
Response.AddHeader "Pragma", "public"
Response.AddHeader "Content-Disposition", "attachment;filename=test.xls"
Response.BinaryWrite bin_obj
Response.Flush
Response.End
You need push content part by part, ex. by 1Mb per block. If your COM object ("Some.Object") dosn't allow read by block, you can make it using ADODB.Stream object with method stream.Read(count).
UPDATE:
Option Explicit
Dim streamS, streamB
Set streamS = Server.CreateObject("ADODB.Stream")
streamS.Type = 1 'Binary stream
streamS.Open
streamS.LoadFromFile Server.MapPath("/Nissan_Qashqai_IDTR.rar")
Set streamB = Server.CreateObject("ADODB.Stream")
streamB.Type = 1
streamB.Open
Dim blockSize
blockSize = 1024 ' block size is 1 KB
Response.AddHeader "Content-Disposition", "attachment;filename=MyTestBinryFile.bin"
Response.AddHeader "Content-Length", streamS.Size
Response.ContentType = "application/octet-stream"
Dim i
For i = 0 To streamS.Size - 1 Step blockSize
streamB.Position = 0
streamS.CopyTo streamB, blockSize
streamB.Position = 0
Response.BinaryWrite(streamB.Read)
Response.Flush
Next
streamS.Close
Set streamS = Nothing
streamB.Close
Set streamB = Nothing
Response.Flush

Saving POST binary data with ADODB.Stream

Another website sends me data with the POST method.
I would like to take this data and insert it into the database.
After some research online, I concluded that ADODB.Stream should do the job for me.
I dont have problem with getting the binary data with Request.TotalBytes.
With the following code, I am not receiving an error but it does not save the data either. So I must be doing something wrong with the ADODB Stream.
tot_bytes = Request.TotalBytes
Set BinaryStream = CreateObject("ADODB.Stream")
BinaryStream.Mode = 3
BinaryStream.Type = 1
BinaryStream.Open
gBinaryData = BinaryStream.Write(tot_bytes)
BinaryStream.Close
Set BinaryStream = Nothing
SQL = "INSERT INTO STATUSES (StatusMessage, StatusDateEntered) VALUES ('"& gBinaryData &"', '"& FormatDateMySQL(NOW) &"')"
Set objAddC = objConn.execute(SQL)
.
Following a successful subscription, Facebook will proceed to call your endpoint every time that there are changes (to the chosen fields or connections). For each update, it will make an HTTP POST request.
The request will have content type of application/json and the body will comprise a JSON-encoded string containing one or more changes.
Note for PHP developers: In PHP, to get the encoded data you would use the following code:
$data = file_get_contents("php://input");
$json = json_decode($data);
First of all, Write method does not return anything, in fact it's just a sub-routine. And Request.TotalBytes is just length of request in bytes. When you need to read request data as array of bytes, you should use Request.BinaryRead(length of bytes). Therefore, in Stream object, you need to read all of bytes using Read method after the writing bytes and setting position to the start.
However, it seems not neccessary in this case if you have to store the data as binary.
I assume that you need the data as text, most likely it's json string. So, you should convert data to string from bytes.
Note that, you need to handle an exception about total bytes. If the Request does not contain anything, Request.TotalBytes equals to zero and since Request.BinaryRead expects a number bigger than zero and less than or equal to total bytes an error occurs.
Dim tot_bytes, postData
tot_bytes = Request.TotalBytes
If tot_bytes > 0 Then
With Server.CreateObject("Adodb.Stream")
.Charset = "utf-8" 'specify the request encoding
.Type = 1 'adTypeBinary, a binary stream
.Open
.Write Request.BinaryRead(tot_bytes) 'Write bytes
.Position = 0 ' set position to the start
.Type = 2 ' adTypeText, stream type is text now
postData = .ReadText 'read all text
.Close
End With
With Server.CreateObject("Adodb.Recordset")
.Open "STATUSES", objConn , , 3
.AddNew
.Fields("StatusMessage").Value = postData
.Fields("StatusDateEntered").Value = Now()
.Update
.Close
End With
Response.Write "data stored successfully"
Else
Response.Write "no post data"
End If
Beside the fact that it is a very bad idea to directly insert your data into a database like this (possible sql injection), how do you post for form data? CLassic ASP can not handle binary data directly either. So this won't work at all.
So whatever you post, first you have to make sure that you post with form enctype="multiform/data".
To get the data into a object try this instead:
byteArray = Request.BinaryRead(Request.TotalBytes)
BUt to handle it, store to database, or save to a file, you need a component, e.g. http://www.motobit.com/help/scptutl/upload.asp or try check this article (special when you upload more thatn just one file): http://www.codeguru.com/csharp/.net/net_asp/article.php/c19297/Pure-ASP-File-Upload.htm.
EDIT:
Antonin Fuller has also made a sample ASP code without using his DLL.
Try this, too:
Private Function RSBinaryToString(xBinary)
'Antonin Foller, http://www.motobit.com
'RSBinaryToString converts binary data (VT_UI1 | VT_ARRAY Or MultiByte string)
'to a string (BSTR) using ADO recordset
Dim Binary
'MultiByte data must be converted To VT_UI1 | VT_ARRAY first.
If vartype(xBinary)=8 Then Binary = MultiByteToBinary(xBinary) Else Binary = xBinary
Dim RS, LBinary
Const adLongVarChar = 201
Set RS = CreateObject("ADODB.Recordset")
LBinary = LenB(Binary)
If LBinary>0 Then
RS.Fields.Append "mBinary", adLongVarChar, LBinary
RS.Open
RS.AddNew
RS("mBinary").AppendChunk Binary
RS.Update
RSBinaryToString = RS("mBinary")
Else
RSBinaryToString = ""
End If
End Function
See more here: http://www.motobit.com/tips/detpg_binarytostring/
Finally you should get the stream, convert it, and work with it.

Classic ASP response.write or response.Binarywrite having problems with chr(0)

I am having an issue with writing a file to the response object. The file is Base64 encoded and is being sent to the ASP code via a web service.
dim contentType, fileName
filename = request("FileName")
contentType = request("ContentType")
If Not Response.isClientConnected Then
Response.end
End If
Response.buffer = true
Response.Clear
Response.Addheader "Content-Disposition", "attachment; filename=" & filename
Response.contenttype = contentType
dim oSoapClient
Set oSoapClient = Server.CreateObject("MSSOAP.SoapClient")
oSoapClient.ClientProperty("ServerHTTPRequest") = True
oSoapClient.mssoapinit "http://myWS/test.asmx?WSDL"
dim sRequest, sResponse
sRequest = "<Root><Attachment id=""" & Request("ID") & """/></Root>"
sResponse = oSoapClient.GetAttachment(sRequest)
Dim oXML: Set oXML = LoadXMLString(sResponse)
Dim oAttachment
set oAttachment = oXML.SelectSingleNode("/Root/Attachment")
if not oAttachment is nothing then
Response.Binarywrite(Base64Decode(oAttachment.attributes.getNamedItem("BinaryData").value))
End if
Response.End
The BinaryWrite is adding extra null characters every other byte. Change it to response.write and it does not put the nulls but terminates the string if a null character is found.
I'm looking for a method to use the binarywrite without it adding the extra nulls. Is it a charset issue?
Thanks
BinaryWrite is doing the correct thing here. What is the return type for your Base64Decode function? Extra null characters between every byte are a symptom of improper handling of UTF-16/UCS-16 unicode data.
Ideally, you should send a VARIANT to BinaryWrite that represents an object exposing IStream, or a SAFEARRAY. If you send in a VARIANT that is a string, it will be received by BinaryWrite as a BSTR, which is 16 bits wide and will exhibit nulls/zeroes every other byte for english/latin charset data.

Resources