Thursday, December 8, 2011

"HTTP Error 404 - File or Directory not found" error with windows server 2003 message when you request dynamic content with IIS 5.0 and IIS 6.0

"HTTP Error 404 - File or Directory not found" error message when you request dynamic content with IIS 6.0

Changes required in webExtension for to allow Activeserverpage and other page based on our application for example for asp.net its ActiveServerPage. Just allow to access these pages through server.
And magically its done :).
Use Below link for more information:
http://support.microsoft.com/kb/315122


By default only static content HTML is enabled in windows server 2003 family when IIS is installed on any version of the its family.

So enable web server extensions.

Happy Living....
Happy Coding.....
Happy Concepts .....

Posted by at No comments:

Wednesday, November 30, 2011

Right place to put Response.Redirect

One of my Friend was encountered with this a issue in security auditing where redirect wasn't working as expected.


Actual issue:


He was new with asp.net so instead of using form authentication/authorization he used simple session to maintain logged in user. so on each page he was checking if session contain valid information like user name and role to access internal page. If it doesn't exists the user redirected to log in page.
               For a normal user it was fine it was working as it should but for hacker it contain where while looking pages response into some tool she will be able to see response code 302 change(redirect response code) and body of undisplayed page. Just by changing status code to 302 change to 200 OK she was able to see the page in browser. and by sending it again server it can lead to other exception or other uses are also possible.

page_Load()
{
..........
..........
// some code to check authenticate/authorize user
if (failed)
{
Response.Redirect("Login.aspx?target=http://...../currentpage.aspx",false);
}
else
// continue with page
}

Suggested Solution:


Page_Load is state where our page is already loaded so there isn't any benefit of using false (which indicates not to load page control).


So better place to put validation code is OnInit() method:

OnInit()
{
..........
..........
// some code to check authenticate/authorize user
if (failed)
{
Response.Redirect("Login.aspx?target=http://...../currentpage.aspx",false);
}
else
// continue with page
}

So i suggested him to put it on OnInit and i dont know if its working. I am waiting for his response :).


Happy Living, Happy Coding.


Thanks
Yashpal Sharma


Posted by at No comments:
Labels:

Thursday, November 24, 2011

Split a Value in SqlSever



If we want values in the from of individual text so we can use following way:
1. If we have a text value combination so here is the way to separate these 2 values :


Declare @CompositeValue as Varchar(500)
set @CompositeValue='Text_Value'

Select Substring(@CompositeValue,0,CharIndex('_,@CompositeValue,1')) as Text

Select Substring(@CompositeValue,CharIndex('_,@CompositeValue,1')+1,Len(@CompositeValue)) as Value

2. There is another way to get split-ed value in a form of table :


/****** Object:  UserDefinedFunction [dbo].[Split]    Script Date: 05/10/2012 20:30:30 ******/
SET ANSI_NULLS ON
GO

SET QUOTED_IDENTIFIER ON
GO

CREATE FUNCTION [dbo].[Split]
(
    @String nvarchar(max),
    @Delimiter char(1)
)
returns @Results TABLE (ID int identity, Item nvarchar(4000))
as
   begin
   declare @index int
   declare @slice nvarchar(max)

   select @index = 1
   if @String is null return

   while @index != 0
       begin
        select @index = charindex(@Delimiter,@String)
          if @index !=0
           select @slice = left(@String,@index - 1)
          else
             select @slice = @String

          insert into @Results(Item) values(ltrim(rtrim(@slice)))

          select @String = right(@String,len(@String) - @index)
          if len(@String) = 0 break
       end  
  
    return
end
GO


Happy Living , Happy Coding 
Yashpal Sharma
Posted by at No comments:
Labels: , ,

Remove Caching of a Html Page

Remove Caching from a Html Page is an easy work but if it has been done in a right way.
So remove caching form Html page we need to add a few basic tags on Head Part of Html document

<Html>
<Head>
<Meta http-equiv="Expires" content="0">
<Meta http-equiv="Pragma" content="No-Cache">
<Meta http-equiv="Cache-Control" content="No-Cache">
</Head>
<Body>
</Body>
</Html>



This the thing we mostly do to remove caching , by inserting following meta tags into header part or Html page:

<Meta http-equiv="Expires" content="0">
<Meta http-equiv="Pragma" content="No-Cache">
<Meta http-equiv="Cache-Control" content="No-Cache">

Actual Happening:


But what actual happen in this case , A page that Internet Explorer is browsing is not cached until half of the 64 KB buffer is filled. In most cases we enter metadata in header tag so when page is parsed it start form top to bottom. While it read meta tag for no caching it checks in temporyfolder to remove if page exists. but not at the end of page.


So what we should do to ensure we are not supporting caching of our html page, we must  add meta tags at
the bottom of the page here is the example.

<Html>
<Head>
<Meta http-equiv="Expires" content="0">
<Meta http-equiv="Pragma" content="No-Cache">
<Meta http-equiv="Cache-Control" content="No-Cache">
</Head>
<Body>
Here is the content can not be cached.
</Body>
<Head>
<Meta http-equiv="Expires" content="0">
<Meta http-equiv="Pragma" content="No-Cache">
<Meta http-equiv="Cache-Control" content="No-Cache">
</Head>
</Html>

Happy Living , Happy Coding


Yashpal Sharma

Posted by at No comments:
Labels:

Thursday, October 6, 2011

Important field : document.body.clientHeight

Cover the entire page (scrolled) heigth of window use following line


document.body.clientHeight


If we use window.Height it wont cover the entire page.


Posted by at No comments:
Labels:

Condition Based Count in Sqlserver- CountIf()

I have been wondering if there is a way to count records based on conditions ,


something like countif() we can use




EnumTransactionType


EnumId EnumTypeCode


1 code1


2 code2


3 code3




Transactions


TransactionId TransactionTypeId EnumId AmountPaid


1 1 1 200


2 1 2 400


3 1 1 300




if in output we want something like this get the count of code1 , code2 and code3 per transactionTypeId .


TransactionTypeId Code1 Code2 Code3


1 2 1 0




if we need the output mentioned above we must need a condition based Count so for this purpose one of the way i got on net is below:






Declare @code1 int


Declare @code2 int


Declare @code3 int




set @code1 =1


set @code2 =2


set @code3=3




select TransactionId, sum ( case when isnull (Enumid,0)=@code1 then 1 else 0 End ) as Code1,


sum(case when isnull(Enumid,0)=@code2 then 1 else 0 End) as Code2


, sum(case when isnull(Enumid,0)=@code3 then 1 else 0 End) as Code3


From Transactions


Group by TransactionId




Thanks


Yashpal Sharma


Wants to be happy, Dont expect anything to anyone.
Posted by at No comments:
Labels: , ,

Friday, September 2, 2011

Call parent window methods form dialog popup window

Main form code:

fuction openPopup()
{
var argObj= window;
window.showModelDialog("child.html",argObj,"dialogHeight:500px;dialogWidth:500px");
}
function CallMe()
{
alert("This is Parent Window");
}
//Child.html

function callParentMethod()
{
alert("Child.hml");
var objArg= window.dialogArguments;
objArg.CallMe(); // objArg.CallMe is equilent to window.CallMe()
}

this was one way but we have one limitation with it because modal dialog box can have only 4096 characters; longer strings are truncated. So if argObj is larger it can affect our height and width property.

Other way is to use Result send by child.html(popup Modal)
For Ex:

fuction openPopup()
{
var argObj= window;
var dialogResult=window.showModelDialog("child.html",argObj,"dialogHeight:500px;dialogWidth:500px");
// once child window has been closed
alert( dialogResult.firstVar);
alert( dialogResult.secondVar);
if(dialogResult.callMe)
{
CallMe() ;
}

}
function CallMe()
{
alert("This is Parent Window");
}
//Child.html

// On Close
function callParentMethod()
{
 alert("Child.hml");
 var resultVariable;
 resultVariable.firstVar='';//set some values if required
 resultVariable.secondVar='';//set some values if required
result.callMe=" call it ";// if you wants to call method of parent window otherwise you can remove this statement

 window.result= resultVariable;
this.close();
}


Happy Living ....
Happy Coding...
Happy Concepts........
Posted by at No comments:
Labels:
Subscribe to: Posts (Atom)