am working on a new site and i want to do tothings for security1. I want to encrypt the password of the user who register on my site and also decrypt it to enable him in login again.2. I will make an online exams so I want to disable the user functions to hack the exams materials such as (print page, print screen , or even selecting data manual by mouse )I googled a lot about this matter I found java scripts to make this but what about the users who will disable scripts on their browsers. So I want to do this with C# Code.
I've received a website that uses sql server on the live environment. In the code at many places sql is created, say: However, locally on my dev machine, I use sql server express edition. It looks like select * from mytable doesn't work there, but instead I should use: How can I get my local site to work? Is there a setting I can change or am I missing something else?
we are listing out the List of available rooms based on some of parameters.(listrooms.aspx)..when user try to book the rooms,we are redirecting to the login page(where we need to confirure the https for this login page)..once credentials are correct(forms auth--checking i/p against sql server),redirect him to another page(confirmation.aspx)---and so on..
note:iam doing it for dev environment only..i need to do using self ssl creation...
I am doing a simple secured site using the login control. I would like users to be redirected to their dashboard page once they log in, but after that if they choose to browse I do NOT want them redirected based on their login status. I am using the generic template provided in VWD with the basic login setup in the template including the tabbed ASP menu control - nothing fancy, nothing custom. This is intended to be something very simple and quick. Here is the code I am using for the page load...
So if I do this code WITHOUT the "IsPostBack", logged in users are always redirected to their dashboard and cannot see the hompage. However with that IsPostBack test, the redirect after initial login doesn't work.
I know this is extremely basic and simple, but I am restarting with this stuff after a year away, and I need a nudge.
I have an application that uses the ASPNET role provider.My SQL Server crashed so I took a backup of the database and restored it to a new SQL Server and changed the db connection string to that server.The web site runs but no users can login to the site.Is there something that I should have done when the db was on the other server?
I have two application (one of this is mojo portal): [URL] for some users when they login into "app" then the login in "mojo" doesn't work and viceversa. I've set the machinekey into web.config file. When the users remove all cookies and session data the login works again. The two application are into a Web Farm. Should be ARR the problem?
Let's say I have 2 computers and has internet connections. let's say in computer 1 I visit the my page and i log-in as User1 and I go now to computer 2 and i do the same thing in computer 1. All i want to do is to kill the session in computer 1 because i log-in in computer 2.
I have a site written for ASP.NET using a library written for ASP. The library resides in a dll and the site calls it to get the number of leave days an employee has left from a database. The dll was outsourced so I don't have access to the source.
I've set up the database and visual studio project locally. When I run the site and login to the system, an error message is displayed where the leave days should be displayed but the site runs normally. If I register the dll using regsvr32, the leave days are displayed when I login, but when I try to browse the rest of the site, the session is dropped and I'm automagically logged out. If I deregister the dll, then I can browse the site once I've logged in again but, once again, the error is displayed.
we cannot login to one of our asp.net production website. Once login ID and password are entered on the login page, the site just stays on the login page without giving any errors whatsoever and without opening the default page.
For my website, there will be an admin site. I want to create users in my website database, i have a logins table with a hashed password column. The problem i have is making sure that every request if not already logged in send the user to the login page.
I have a page Login.aspx which i have created, but if i enter [URL] it bypasses the login screen and shows the page!!
i have created Login.aspx myself and verified that the username and password enetered are correct.
I've been using an asp 3.0 widget for this purpose , but it been broken for a while and rather than get it back up, I'd love o get a native asp.net solution, can any one point me in the right direction pleaseI once wrote some asp.net code to do this, but the permissions on the server, which I found to be common every where prevented asp.net native picture upload, perhaps i got it wrong, well now I wanna fix itI need the code to work in a shared hosting IIS 7 environment. I use vb.net, but can usually convert c# to vb.net
login control portion of Murach's web dev w/ c# book. According to the books instructions, you create a Login.aspx page, add the login control to the page, and create the users and roles for the directories within the asp.net web site configuration tool. I still do not get prompted for user name and passord to access the pages I want to be secured. Why is this? Isn't the asp.net configuration tool supposed to edit the web.config file? I'm trying to follow the book to the letter and ensure that I am following correctly before posting for answers online. According to the book you do not have to edit anything or write code withing login.aspx page.
I have a site almost finished that uses ASP.Net membership, forms authentication and roles. There are one or two requirements remaining and I'm not even sure how to properly approach one of them.
The site I've created is going to provide service ONLY through SSL, if that matters. Yes, I'll redirect a request that lands on port 80 but the intent is to encrypt everything.
Is there a "best practice" for creating a session with my site, from another site? In other words the company is building a marketing page that has spaces for a login and password. I can find lots of posts about passing a username and password to another site to start a session, but very few if any about receiving the username and password.
If anyone can point me to an article or posting with a code sample where the login control of a forms-authenticated site is used as the target of a form hosted as part of a different web page/application on a different host, it'd be awesome.
To be clear, the scenario is essentially "brochureware website on a 3rd-party host" providing the visitor the ability to log in to a secure site on a more "internal" server.
using asp.net 2.0, hand rolled authentication and <sessionState mode="SQLServer"...>
My work request is "If a user successfully logs into the site and then from another browser/machine/whatever attempts to login with the same credentials, end the first sesssion."
First: I've already discussed the cons of this. We've all written our fair share of "bad code",
Second: I've seen it done before, so I know it is possible.
How do I do the call Session.Abandon or Session.Clear on another session? I suspect that this is made simplier by the fact that we are using session stored in sql and that the tables are not temp tables (dbo.ASPStateTempSessions grows in size as I log in)
I have an option in my website to logout from session and redirect to login page. So I get redirected and if I try to login again it seems like it tries to redirect me to login page over and over, until I click some page in menu and login and it does works. so, doesn't the login control always redirect to same DestinationPageUrl? here the logout code: