Wrox Programmer Forums
|
Classic ASP Basics For beginner programmers starting with "classic" ASP 3, pre-".NET." NOT for ASP.NET 1.0, 1.1, or 2.0
Welcome to the p2p.wrox.com Forums.

You are currently viewing the Classic ASP Basics section of the Wrox Programmer to Programmer discussions. This is a community of software programmers and website developers including Wrox book authors and readers. New member registration was closed in 2019. New posts were shut off and the site was archived into this static format as of October 1, 2020. If you require technical support for a Wrox book please contact http://hub.wiley.com
 
Old December 5th, 2007, 04:34 PM
Authorized User
 
Join Date: Sep 2004
Posts: 68
Thanks: 1
Thanked 0 Times in 0 Posts
Default viewing asp code in web browser

Is it possible for a visitor to a website to view asp code (the way you do a view source and see html and javascript code).

i assume not since asp resides and executes on the server, but just want to be sure.

also, is storing sql server usernames and passwords in an asp include module a bad practice? can these usernames and passwords be viewable to a potential hacker?

thank you.
 
Old December 5th, 2007, 04:44 PM
Wrox Author
 
Join Date: Oct 2005
Posts: 4,104
Thanks: 1
Thanked 64 Times in 64 Posts
Send a message via AIM to dparsons
Default

No, users can not see your asp source code and your assumption as to why is correct.

Regarding your usernames and passwords, simply put, you need to put this data some where. Include modules aren't a bad place to put them and you can take additional steps to protect yourself. For example, encrypting your username and password and then decrypting when you go to use the data.

hth.

================================================== =========
Read this if you want to know how to get a correct reply for your question:
http://www.catb.org/~esr/faqs/smart-questions.html
================================================== =========
.: Wrox Technical Editor :.
Wrox Books 24 x 7
================================================== =========
 
Old December 5th, 2007, 07:17 PM
Friend of Wrox
 
Join Date: Jan 2004
Posts: 1,870
Thanks: 12
Thanked 20 Times in 20 Posts
Send a message via AIM to mat41
Default

May I add - dont use the .inc file type for your includes, this way the contents of your include file can be viewed in a browser. I use .asp for include files.

Wind is your friend
Matt
 
Old December 6th, 2007, 09:28 AM
Authorized User
 
Join Date: Sep 2004
Posts: 68
Thanks: 1
Thanked 0 Times in 0 Posts
Default

thank you for your responses. i do store the usernames and passwords in .asp files, i just call them includes since i "include" them in many programs.

btw, how would i go about encrypting and decrypting my usernames and passwords?

thank you.

sal

 
Old December 6th, 2007, 09:41 AM
Wrox Author
 
Join Date: Oct 2005
Posts: 4,104
Thanks: 1
Thanked 64 Times in 64 Posts
Send a message via AIM to dparsons
Default

This SERP should yeild help you along: http://www.google.com/search?source=...p+-+encryption

================================================== =========
Read this if you want to know how to get a correct reply for your question:
http://www.catb.org/~esr/faqs/smart-questions.html
================================================== =========
.: Wrox Technical Editor :.
Wrox Books 24 x 7
================================================== =========
 
Old December 6th, 2007, 10:50 AM
Authorized User
 
Join Date: Sep 2004
Posts: 68
Thanks: 1
Thanked 0 Times in 0 Posts
Default

thank you!





Similar Threads
Thread Thread Starter Forum Replies Last Post
Viewing code rather than content in browser aspnewbie Classic ASP Basics 2 March 27th, 2006 10:47 AM
How do i keep users from viewing my code? dstein4d Access VBA 5 March 22nd, 2006 12:49 PM
Web code security with asp.net LLAndy VS.NET 2002/2003 1 July 7th, 2004 04:52 AM





Powered by vBulletin®
Copyright ©2000 - 2020, Jelsoft Enterprises Ltd.
Copyright (c) 2020 John Wiley & Sons, Inc.