Sometimes a link with a parameter will bring up the parameter and sometimes it won't. If I have IE open and doing things in other tabs and try to click the link with the parameter in it, it will come up to the main screen. If I click the link without IE open, it goes to the site with the parameter. Please help!
Sample Link: http://ServerName/time_and_attendance/?timesheet_id=7489
Code below:
<!--#INCLUDE virtual="/time_and_attendance/i_time_attendance_header.asp" -->
<%
'---------------------------------------------------------------------------------------------------------------------
'JFV 6-10-2010: Will need these lines uncommented and inserted above the '<!--#INCLUDE' line
' to be used in the alternate e-mail configuration
'<!--METADATA TYPE="typelib" UUID="CD000000-8B95-11D1-82DB-00C04FB1625D" NAME="CDO for Windows 2000 Type Library" -->
'<!--METADATA TYPE="typelib" UUID="00000205-0000-0010-8000-00AA006D2EA4" NAME="ADODB Type Library" -->
'---------------------------------------------------------------------------------------------------------------------
%>
<%
'If there is not a timesheet id send user back to their employee page
If Request("timesheet_id")<>"" Then
my_employees_timesheet_id=Request("timesheet_id")
RedirectUrl="my_employees_timesheet.asp?timesheet_id="&Request("timesheet_id")
'Response.Write my_employees_timesheet_id
Else
Response.Redirect("default.asp")
End If
%>
You should be using Request.Querystring instead of simply Request, and Trim the value before using it.
Also, dim a variable and retrieve the parameter into the variable first.
dim ts_id
ts_id = trim(request.querystring("timesheet_id"))
If ts_id <>"" Then
my_employees_timesheet_id=ts_id
RedirectUrl="my_employees_timesheet.asp?timesheet_id="&ts_id
'Response.Write my_employees_timesheet_id
Else
Response.Redirect("default.asp")
End If
Related
Okay... I know having nested tags is not officially supported. But stay with me on this one..
I have an ASP.NET web page with the standard <form runat=server> tag at the top. I am pulling in a Form (and associated fields) from a 3rd party source via HttpWebRequest on the server side (code behind). I can verify the data I get contains a <form> tag -- via a Trace statement. Then I assign the data to my literal like this:
Dim objRequest As System.Net.HttpWebRequest = System.Net.WebRequest.Create(url)
Dim objResponse As System.Net.WebResponse
objRequest.Method = "POST"
Dim byteArray As Byte() = Encoding.UTF8.GetBytes(postData.ToString)
objRequest.ContentType = "application/x-www-form-urlencoded"
objRequest.ContentLength = byteArray.Length
Dim dataStream As Stream = objRequest.GetRequestStream()
dataStream.Write(byteArray, 0, byteArray.Length)
dataStream.Close()
objResponse = objRequest.GetResponse()
Dim streamRead As New StreamReader(objResponse.GetResponseStream())
Dim strResponse As String = streamRead.ReadToEnd()
me.litCMSForm.Text = strResponse
When the page is rendered, somehow .NET removed the <form> tag that was within the literal.
I also tried assigning the variable "strResponse" to a public variable to be displayed and it too had the tag stripped out. And I tried assigning the variable to an asp:Label as well with no luck. And I tried assigning the value to the literal on the "PreRender" function with no success.
Any thoughts on this and why .NET is stripping out the <form> tag?
Thanks!
You're correct - nested form tags are not supported. What you can do is generate JavaScript that would pass the string to an HTML container outside of ASP.NET form or, better yet, output it to an independent iframe.
I had the same problem. I was able to work around the situation by adding another form before the one I really wanted to insert. It seems like ASP was only frisky enough to strip out the first firm it found.
Perhaps this would work for you:
me.litCMSForm.Text = "<form name='fakeOut'></form>" + strResponse
I actually had my form code be a little fancier (I gave it an action and an hidden input). I didn't continue to test to see what could be taken away because it worked.
I have 2 ASPX files:
In A.aspx:
<%
string user = "in A.aspx.cs";
Response.Write(user);
%>
In B.aspx.cs
string id = Request.QueryString["id"].ToString();
​Response.Write(id);
When I run A.aspx and click on the link, the value of id from B.aspx is "<%=dz_now%>".
Why?
The problem is that <%=variable %> does not work within server side code. You need to add the strings together like this:
string user = "in A.aspx.cs";
I have a website that was written in VBSCRIPT that I am moving over to VB.NET. Until I have time to get to rewriting some pages/applications, I would like to update some of the code so they work a bit better. I am trying to grab a server variable on the VBSCRIPT page that contains our username from the enterprise login.
I have 2 test pages here, one with language="VB" at the top and the other language="VBSCRIPT".
<html xmlns="http://www.w3.org/1999/xhtml">
<head runat="server">
<title>Server Variables</title>
</head>
<body>
<form id="form1" runat="server">
<div>
<%
For Each var In Request.ServerVariables
Response.Write("<b>" + var + "</b>= " + Request.ServerVariables(var) + "<br />")
Next
%>
</div>
</form>
</body>
</html>
The VBSCRIPT page will list variables with no data when they have data on the VB page and in ALL_HTTP. Is there any way I can get VBSCRIPT to gather the correct info for all the server variables?
Thank You
EDIT: These are the variables that vary between VB and VBS
AUTH_USER, REMOTE_USER - logged in user on VBS, iis_anon on VB
REMOTE_PORT - not listed in VBS
The following are listed in VBS, but have no data
HTTP_SERVER_PROTOCOL
HTTP_SM_TRANSACTIONID
HTTP_SM_CLIENT_IP
HTTP_REQUEST_METHOD
HTTP_SM_SDOMAIN
HTTP_SM_REALM
HTTP_SM_REALMOID
HTTP_SM_AUTHTYPE
HTTP_SM_AUTHREASON
HTTP_SM_UNIVERSALID
HTTP_SM_AUTHDIROID
HTTP_SM_AUTHDIRNAME
HTTP_SM_AUTHDIRSERVER
HTTP_SM_AUTHDIRNAMESPACE
HTTP_SM_USER
HTTP_SM_USERDN
HTTP_SM_SERVERSESSIONID
HTTP_SM_SERVERSESSIONSPEC
HTTP_SM_TIMETOEXPIRE
HTTP_SM_SERVERIDENTITYSPEC
HTTP_REMOTE_USER
Also there is a custom on I wish to get that is used for our enterprise authentication.
I've had this issue before with custom HTTP headers that have underscores in the raw header name (which can be seen in the ALL_RAW server variable). The HTTP_ converts underscores to dashes (e.g., HTTP_USER_AGENT corresponds to an actual header called User-Agent). In order to retrieve the values of any headers that have underscores in their names, you have to use the HEADER_ prefix, which will search for the exact header name (e.g., HEADER_USER_AGENT will search for a header called User_Agent).
By the way, this blog post offers some more background information on why there are two prefixes.
here a classic ASP page i have running on various IIS versions.
For the user, i have this in most of my projects which makes userinfo available on the server and client side. If you are on a domain replace DMAIN with yours, otherwise you can drop the replace.
NTLM security has to be enabled (windows authentication) on your IIS site, no anonymous access.
The list of servarvariables returned by this code is different depending on OS and IIS versions, enabled features, settings etc. Some keys will have empty values, so eg REMOTE_PORT is not avaiable on mine (i use the standard 80 port) but SERVER_PORT is.
<%
Dim user
user = Replace(uCase(Request.ServerVariables("AUTH_USER")), "DOMAIN\", "")
%>
<script type="text/javascript">var user = <%=user%></script>
Here the contents of servervariables.asp
<html>
<%#language=VBScript%>
<%
With Response
.Expires=-1
.Clear
End With
dim teller
response.write "<h1>Servervariables</h1>"
response.write "<table>"
teller = 1
for each subkey in Request.Servervariables
response.write "<tr><td>"
response.write teller
response.write "</td><td>"
response.write (Request.Servervariables.Key(teller))
response.write "</td><td>"
response.write (Request.Servervariables.Item(teller))
response.write "</td></tr>"
teller = teller + 1
next
response.write "</table>"
response.write request.servervariables("path_translated") & "<br>"
response.write "USER cookie:" & Request.Cookies("USER") & "<br>"
response.write "USER Sessionvariable:" & Session("USER") & "<br>"
%>
</html>
I'm having a problem with ASP.net redirection.
The Copy() method below is called from a javascript button in a grid with ajax and it works fine. It redirects to the Create action of the controller.
<AcceptVerbs(HttpVerbs.Post)> _
Sub Copy(ByVal noDemande As Integer)
Response.Redirect("/DemandeDeMontage/Create/" & noDemande)
End Sub
The Create action is a page that lets me edit the fields before saving them to the database. When an Id is passed, the fields will be pre-filled with another record's info (copied info).
<AcceptVerbs(HttpVerbs.Get)> _
Function Create(Optional ByVal id As Integer? = Nothing) As ActionResult
If (id Is Nothing) Then
Dim dmd As New DEMND_MONTG
Return View("Edit", dmd)
Else
Dim dmd As ODCT0124_DEMND_MONTG = _dmdMontRep.getDmdById(id)
dmd.CO_STAT = ModuleCommon.Status.AwaitingSave
Return View("Edit", dmd)
End If
End Function
There are no errors in the code above.
When debugging, everything seems to work. The Copy action is called, then Create, and then I can step through the HTML code of the Edit page without any errors.
However, the page will not change! It's like I'm not redirected at all. The edit page is not shown and I'm stuck on the page displaying the grid with all records I can copy.
Can someone explain why the edit page is not shown? Is there something really obvious I am not seeing?
That was a silly error on my part.
The Copy action was called via AJAX, but I forgot to specify what to do with the html returned from the action.
I'm using window.location = "/DemandeDeMontage/Copy/" + id now instead.
I want to automatically redirect to the login page when the users session has expired.
I have been using the following code in an include file that sits at the top of every page in my application:
Session.Timeout = 60
Response.AddHeader "Refresh", CStr(CInt(Session.Timeout + 1) * 60)
Response.AddHeader "cache-control", "private"
Response.AddHeader "Pragma","No-Cache"
Response.Buffer = True
Response.Expires = 0
Response.ExpiresAbsolute = 0
If Session("accountID") = "" Then
Response.Redirect("http://www.mydomain.com/")
End If
This works but there is very slight bug. Every now and then the page will refresh even though the session is still alive and it seems that it refreshes before the 60 minutes is up!
Can anybody see what the problem is or can you suggest a different method?
Seeing as though you have to do this client side I'd favour JavaScript/jQuery and AJAX over that method. Here's an example of how to do it.
Essentially you just set-up an AJAX call to poll a script which returns (in JSON format) whether the user is logged in or not; if they're not then you can transfer them to another page.
The benefits to this method are that you can poll whenever you want; e.g. every 10 seconds to see whether the user is still logged in rather than having to wait a full hour. It also means that you don't need to state the session time-out figure in your code and so you can leave that to be determined in IIS. Also if the user logged off elsewhere in your system, or your application pool recycled and their session was reset this would detect it fairly quickly.
I notice from your profile that you're a Paparazzi photographer. I'd consider this the DSLR method and the response header method the cheap phone camera method :o.
To build your session checker page create a file called session.asp (in the same folder as your other files to make life simpler). In it put:
<%
Response.ContentType = "application/json"
If Session("LoggedOn") Then
Response.Write "{""loggedOn"": true}"
Else
Response.Write "{""loggedOn"": false}"
End If
%>
If the user is logged in it returns {"loggedOn": true}, if they're not {"loggedOn": false}. This is what we'll use on your other page to poll if they're logged in by calling this page periodically and reading the response.
Now onto your pages which originally had your Response.AddHeader code in. Remove all of your code as this replaces it.
First make sure you have a reference to jQuery on your pages:
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js"></script>
And then put under this line the following:
<script type="text/javascript">
$(document).ready(function() {
var checkLoggedOn = function() {
$.getJSON('session.asp', function(data) {
if (!data.loggedOn)
window.location.replace("http://stackoverflow.com");
});
};
// Call checkLoggedOn every x milliseconds
setInterval(checkLoggedOn, 30000);
});
</script>
All being well, it should work. I set the above to poll every 30 seconds (30000) but you could increase/decrease this to whatever you wanted.
Note I borrowed large parts of the code above from https://stackoverflow.com/a/4928564/171703 and https://stackoverflow.com/a/2709160/171703.
Update:
From the comments below, if you want the user's session to expire after the timeout figure (whether they are keeping their session alive or not) then you could do this.
When the user is logged in, set a new session variable for LoginExpiration:
Session("LoginExpiration") = DateAdd("n", Session.TimeOut, Now())
This takes the current time and adds to it the session timeout figure - giving you the time when their session should be destroyed.
If you now modify your session.asp to the following it takes the LoginExpiration figure and returns that the user is not logged in the event of:
The users session has timed out (IIS application pool reset, or they clicked logoff etc)
The current date/time is greater than the set LoginExpiration time
Which is:
<%
Response.ContentType = "application/json"
LoggedOn = "false"
LoginExpiration = Session("LoginExpiration")
DateNow = Now()
If IsDate(LoginExpiration) Then
If DateNow < LoginExpiration Then
LoggedOn = "true"
End If
End If
Response.Write "{"
Response.Write """loggedOn"": " & LoggedOn & ", "
Response.Write """loginExpiration"": """ & LoginExpiration & """"
Response.Write "}"
%>
I've put the loginExpiration figure into the JSON response so you could work with it client side if you wanted too.
'If the session variable is False or does not exist (IsNull)
'then redirect the user to the unauthorised user page
If Session("accountID") = False or IsNull(Session("accountID")) = True then
'Redirect to unathorised user page
Response.Redirect "pagename.asp"
End If
Place this in an include file that you include in all pages you need protected.
<%#LANGUAGE="VBSCRIPT"%>
<!--#include file="checkmem.asp"-->
<!--#include file="includes/dtdsql.asp" -->
<!--#include file="includes/functions.asp" -->
The ASP Global.asa file may be what you're looking for. It allows you to run code at certain events, such as Session start and end. See https://www.w3schools.com/asp/asp_globalasa.asp for more info, but I believe the following will work:
Global.asa
<script language="vbscript" runat="server">
sub Session_OnEnd
Response.Redirect("http://www.example.com/")
end sub
</script>