Pungwick
asked on
ASP Function
Hi there
I was wondering if anyone could help. I am using a encryption component. If you press a button on a form the password of the user is decrypted. Now if you see the code:
sqlstr = "SELECT TUTOR_USERNAME, TUTOR_PASSWORD "
sqlStr = sqlStr & "FROM login "
sqlStr = sqlStr & "WHERE TUTOR_USERNAME = 'pung'"
oRS.Open sqlStr, objConn
%>
<script language="vbscript">
Sub Decrypt()
Set Context = XEncrypt.OpenContext("myco ntainer", False)
Set Key = Context.GenerateKeyFromPas sword("my password")
Set Blob = XEncrypt.CreateBlob
Blob.Base64 =
document.frmPreviewPasswor d.txtPassw ord.Value ******
document.frmPreviewPasswor d.txtDecry pt.Value
= Key.DecryptText(Blob) *****
End Sub
</script>
<head>
</head>
<form name="frmPreviewPassword"> **********
<input type="text" name="txtPassword" value="<%=oRS("TUTOR_PASSW ORD")%>">
<input type=text name=txtDecrypt><input type=button onclick=decrypt value=Decrypt>
</form>
<object
classid="clsid:f9463571-87 cb-4a90-a1 ac-2284b7f 5af4e"
codebase="aspencrypt.dll"
id="xencrypt">
</object>
</body>
</html>
What I want to do is this, I want to run the function without having to press the button.
So say after the sql query selects the appropiate value, what I want is that value ie the encrypted password to be sent into the function and then the password will be decrypted and can be stored in either a variable or the fuction itself, so say its in a variable I can manipulate it.
If you see on the lines with a star, :
document.frmPreviewPasswor d refers to the the form called frmPreviewPassword
Hope someone can help me automate the running of this function without have to press the button in the form.
Hope someone can help
Thanks
Pungwick
I was wondering if anyone could help. I am using a encryption component. If you press a button on a form the password of the user is decrypted. Now if you see the code:
sqlstr = "SELECT TUTOR_USERNAME, TUTOR_PASSWORD "
sqlStr = sqlStr & "FROM login "
sqlStr = sqlStr & "WHERE TUTOR_USERNAME = 'pung'"
oRS.Open sqlStr, objConn
%>
<script language="vbscript">
Sub Decrypt()
Set Context = XEncrypt.OpenContext("myco
Set Key = Context.GenerateKeyFromPas
Set Blob = XEncrypt.CreateBlob
Blob.Base64 =
document.frmPreviewPasswor
document.frmPreviewPasswor
= Key.DecryptText(Blob) *****
End Sub
</script>
<head>
</head>
<form name="frmPreviewPassword">
<input type="text" name="txtPassword" value="<%=oRS("TUTOR_PASSW
<input type=text name=txtDecrypt><input type=button onclick=decrypt value=Decrypt>
</form>
<object
classid="clsid:f9463571-87
codebase="aspencrypt.dll"
id="xencrypt">
</object>
</body>
</html>
What I want to do is this, I want to run the function without having to press the button.
So say after the sql query selects the appropiate value, what I want is that value ie the encrypted password to be sent into the function and then the password will be decrypted and can be stored in either a variable or the fuction itself, so say its in a variable I can manipulate it.
If you see on the lines with a star, :
document.frmPreviewPasswor
Hope someone can help me automate the running of this function without have to press the button in the form.
Hope someone can help
Thanks
Pungwick
I don't think that gonna quite work - coz the onClick is call the Sub - need a quick re-think.
ASKER
hehe :) basically what I want to do is have a form...the user puts in their email address into the form and presses submit,
On submittion I have two options either to send the query string value(email addrees) to another form and then select the password of the user and run the decryption on the second page, or to do everything on one page.
How do you suggest, becasue what I want to do is use CDONTs to email the user the password
So i need the decrypted password in a varaible so I can manipulate it
Hope you can help thanks
Pungwick
On submittion I have two options either to send the query string value(email addrees) to another form and then select the password of the user and run the decryption on the second page, or to do everything on one page.
How do you suggest, becasue what I want to do is use CDONTs to email the user the password
So i need the decrypted password in a varaible so I can manipulate it
Hope you can help thanks
Pungwick
I'd do everything on a single page - less to manage
ASKER
ok sounds good :)
Any sucess with the code?
thanks
Any sucess with the code?
thanks
Ok, yes i tihnk it will work - have the onLoad - whch call the DoSubmit - which submits the page then Response.Form("button") ~ process for - with the elements from the sub - once encrypted just need to descide what to do.
<%
If Request.Form("button") = "Decrypt" then
Set Context = XEncrypt.OpenContext("myco ntainer", False)
Set Key = Context.GenerateKeyFromPas sword("my password")
Set Blob = XEncrypt.CreateBlob
Blob.Base64 = document.frmPreviewPasswor d.txtPassw ord.Value
EncryptedPassword = Key.DecryptText(Blob)
'Then we need to descide what to do here
End If
%>
<%
If Request.Form("button") = "Decrypt" then
Set Context = XEncrypt.OpenContext("myco
Set Key = Context.GenerateKeyFromPas
Set Blob = XEncrypt.CreateBlob
Blob.Base64 = document.frmPreviewPasswor
EncryptedPassword = Key.DecryptText(Blob)
'Then we need to descide what to do here
End If
%>
ASKER
A little bit confused :)
does this mean the existing code I have is fine? Also what is the reqest.form button refering to, you above code. As we are doing everything on one page, when the types their email addrees in and presses submit , the email address will be used in the sql, and once the password is reteribed using the sql it has 2 be decrypted and then sent to the user :)
I am a bit unsure as you this is happen:)
say I have the following page called reminder.asp
<html>
<head></head>
<body>
<form method="POST" action="reminder.asp" name="form" ;>
<p>Enter your email address:<br>
<input type="text" size="30" name="email">
<p><input type="submit" value="Submit" name="B1"></p>
</body>
</html>
now after the user types in their email address into this how will the code come into play? Where abouts would it go, would you kind enough to add the decrypt and onload in their appropiate places. Also how would the value from the form be used in the sql query??? I mean how can it be reterived when the form is sent?
Hope you can help
Thanks
Pungwick
ps your username brings back good memories about back to the future :) hehe thanks
does this mean the existing code I have is fine? Also what is the reqest.form button refering to, you above code. As we are doing everything on one page, when the types their email addrees in and presses submit , the email address will be used in the sql, and once the password is reteribed using the sql it has 2 be decrypted and then sent to the user :)
I am a bit unsure as you this is happen:)
say I have the following page called reminder.asp
<html>
<head></head>
<body>
<form method="POST" action="reminder.asp" name="form" ;>
<p>Enter your email address:<br>
<input type="text" size="30" name="email">
<p><input type="submit" value="Submit" name="B1"></p>
</body>
</html>
now after the user types in their email address into this how will the code come into play? Where abouts would it go, would you kind enough to add the decrypt and onload in their appropiate places. Also how would the value from the form be used in the sql query??? I mean how can it be reterived when the form is sent?
Hope you can help
Thanks
Pungwick
ps your username brings back good memories about back to the future :) hehe thanks
ASKER
Sorry also withing the page we need to include somewhere the password will decrypt to also. Hope you can help thanks
i'll put together a page from the bits and peices that i've done - am i right in thinking that this first page will have a form to collect the username?
ASKER
yes the username is the email address:)
You you be kind enough to additionally add within your page, the sql query and also the CDONTS function you provided on the other thread.
I really appericate your help
Many thanks
You you be kind enough to additionally add within your page, the sql query and also the CDONTS function you provided on the other thread.
I really appericate your help
Many thanks
ASKER
Mc fly have you had any success with the writing of the code?
thanks
thanks
Now I've found the question again - I'm on it :)
Pls remember this is not tested...
<%@ Language=VBScript %>
<%Option Explicit%>
<%Response.Buffer = True%>
<%
Dim objCon
Dim rsChck
Dim sErrMsg, sForm(0), sQuery
Dim Context, Key, Blob
sErrMsg = ""
If Request.Form("Buuton") = "Login" then
sErrMsg = ""
sForm(0) = Trim(Request.Form("f_0"))
If sForm(0) = "" then
sErrMsg = "Error: Username - required."
Else
'The connection stuff obviously needs to be replaced with your own....
Set objCon = Server.CreateObject("ADODB .Connectio n")
objCon.Open "PROVIDER=Microsoft.Jet.OL EDB.4.0;Da ta Source=" & Request.ServerVariables("A PPL_PHYSIC AL_PATH") & "\_EE\Login\DataDB.mdb"
Set rsChck = Server.CreateObject("ADODB .RecordSet ")
sQuery = "SELECT TUTOR_USERNAME, TUTOR_PASSWORD " &_
"FROM login " &_
"WHERE TUTOR_USERNAME = '" & sForm(0) & "'"
rsChck.Open sQuery, objCon
If rsChck.EOF then
sErrMsg = "Error: Username - invalid."
Else
'This bit talen from you code...
Set Context = XEncrypt.OpenContext("myco ntainer", False)
Set Key = Context.GenerateKeyFromPas sword("my password")
Set Blob = XEncrypt.CreateBlob
'Slight change to your code...
Blob.Base64 = rsChck("TUTOR_PASSWORD")
Session("EncryptedPassword ") = Key.DecryptText(Blob)
'The you need to decide what you want to do...
'========================= ========== ========== =====
'Go to a different page
Response.Redirect "AnotherPage.asp"
'Decrypt the password....
'You didn't provide any code for this and not knowing the software you use for
'this I'm not going to guess - you must have that somewhere - the encrypted password
'is now held in Session("EncryptedPassword ")
'The emails stuff
sBody = ""
sBody = sBody & "<!DOCTYPE HTML PUBLIC '-//IETF//DTD HTML//EN'>"
sBody = sBody & "<html>"
sBody = sBody & "<head>"
sBody = sBody & "<title>Message...</title> "
sBody = sBody & "<meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1'>"
sBody = sBody & "</head>"
sBody = sBody & "<body>"
sBody = sBody & "<font face='Verdana' size='2' color='#000000'>"
sBody = sBody & "You have received a message:<br><br>"
sBody = sBody & "The Message:<br>"
sBody = sBody & "========================= ========== ========== ===<br>"
sBody = sBody & "<b>Hello</b>"
sBody = sBody & "</font>"
sBody = sBody & "</body>"
sBody = sBody & "</html>"
'If using CDONTS to send emails then uncomment
'========================= ========== ========== ========== =========
Set objMail = Server.CreateObject("CDONT S.NewMail" )
objMail.BodyFormat = 0
objMail.MailFormat = 0
objMail.Body = sBody
'If using CDOSYS to send emails then uncomment
'========================= ========== ========== ========== =========
'Set objMail = Server.CreateObject("CDO.M essage")
'objMail.HTMLBody = sBody
'Common for both CDONTS & CDOSYS...
'========================= ========== ========== ========== =========
objMail.To = sForm(0)
objMail.From = "peter@internection.co.uk"
objMail.Subject = "Email From Somehwere..."
objMail.Send
End If
End If
End If
%>
<html>
<head>
<title>Example</title>
<script language="Javascript">
<!--
//-->
</script>
</head>
<body>
<form name="Login" method="post" action="">
<%If sErrMsg <> "" then
Response.Write sErrMsg & "<br><br>"
End If%>
Username: <input type="text" name="f_0" value=""><br>
<br>
<input type="submit" name="Buuton" value="Login">
</form>
<object classid="clsid:f9463571-87 cb-4a90-a1 ac-2284b7f 5af4e" codebase="aspencrypt.dll" id="xencrypt"></object>
</body>
</html>
<%@ Language=VBScript %>
<%Option Explicit%>
<%Response.Buffer = True%>
<%
Dim objCon
Dim rsChck
Dim sErrMsg, sForm(0), sQuery
Dim Context, Key, Blob
sErrMsg = ""
If Request.Form("Buuton") = "Login" then
sErrMsg = ""
sForm(0) = Trim(Request.Form("f_0"))
If sForm(0) = "" then
sErrMsg = "Error: Username - required."
Else
'The connection stuff obviously needs to be replaced with your own....
Set objCon = Server.CreateObject("ADODB
objCon.Open "PROVIDER=Microsoft.Jet.OL
Set rsChck = Server.CreateObject("ADODB
sQuery = "SELECT TUTOR_USERNAME, TUTOR_PASSWORD " &_
"FROM login " &_
"WHERE TUTOR_USERNAME = '" & sForm(0) & "'"
rsChck.Open sQuery, objCon
If rsChck.EOF then
sErrMsg = "Error: Username - invalid."
Else
'This bit talen from you code...
Set Context = XEncrypt.OpenContext("myco
Set Key = Context.GenerateKeyFromPas
Set Blob = XEncrypt.CreateBlob
'Slight change to your code...
Blob.Base64 = rsChck("TUTOR_PASSWORD")
Session("EncryptedPassword
'The you need to decide what you want to do...
'=========================
'Go to a different page
Response.Redirect "AnotherPage.asp"
'Decrypt the password....
'You didn't provide any code for this and not knowing the software you use for
'this I'm not going to guess - you must have that somewhere - the encrypted password
'is now held in Session("EncryptedPassword
'The emails stuff
sBody = ""
sBody = sBody & "<!DOCTYPE HTML PUBLIC '-//IETF//DTD HTML//EN'>"
sBody = sBody & "<html>"
sBody = sBody & "<head>"
sBody = sBody & "<title>Message...</title>
sBody = sBody & "<meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1'>"
sBody = sBody & "</head>"
sBody = sBody & "<body>"
sBody = sBody & "<font face='Verdana' size='2' color='#000000'>"
sBody = sBody & "You have received a message:<br><br>"
sBody = sBody & "The Message:<br>"
sBody = sBody & "=========================
sBody = sBody & "<b>Hello</b>"
sBody = sBody & "</font>"
sBody = sBody & "</body>"
sBody = sBody & "</html>"
'If using CDONTS to send emails then uncomment
'=========================
Set objMail = Server.CreateObject("CDONT
objMail.BodyFormat = 0
objMail.MailFormat = 0
objMail.Body = sBody
'If using CDOSYS to send emails then uncomment
'=========================
'Set objMail = Server.CreateObject("CDO.M
'objMail.HTMLBody = sBody
'Common for both CDONTS & CDOSYS...
'=========================
objMail.To = sForm(0)
objMail.From = "peter@internection.co.uk"
objMail.Subject = "Email From Somehwere..."
objMail.Send
End If
End If
End If
%>
<html>
<head>
<title>Example</title>
<script language="Javascript">
<!--
//-->
</script>
</head>
<body>
<form name="Login" method="post" action="">
<%If sErrMsg <> "" then
Response.Write sErrMsg & "<br><br>"
End If%>
Username: <input type="text" name="f_0" value=""><br>
<br>
<input type="submit" name="Buuton" value="Login">
</form>
<object classid="clsid:f9463571-87
</body>
</html>
ASKER
Hi,
In terms of the ASP encryption, its an asp componenet that I have installed on my pc, so the code provided calls the component.
Sub Decrypt()
Set Context = XEncrypt.OpenContext("myco ntainer", False)
Set Key = Context.GenerateKeyFromPas sword("my password")
Set Blob = XEncrypt.CreateBlob
Blob.Base64 =
document.frmPreviewPasswor d.txtPassw ord.Value ******
document.frmPreviewPasswor d.txtDecry pt.Value
= Key.DecryptText(Blob) *****
End Sub
the password isnt held in a session, the encrypted version is held in the database. What the componenet does is decrypt the password when the button on a form is pressed.
I was just wondering as you have created an encrpytion session what will this have to be replaced by to fit my senerio?
Because what I want it decryption of the password once the form has been submitted this is if the email entered is correct :)
Hope this makes bit more sense.
Hope you can help
Thanks
In terms of the ASP encryption, its an asp componenet that I have installed on my pc, so the code provided calls the component.
Sub Decrypt()
Set Context = XEncrypt.OpenContext("myco
Set Key = Context.GenerateKeyFromPas
Set Blob = XEncrypt.CreateBlob
Blob.Base64 =
document.frmPreviewPasswor
document.frmPreviewPasswor
= Key.DecryptText(Blob) *****
End Sub
the password isnt held in a session, the encrypted version is held in the database. What the componenet does is decrypt the password when the button on a form is pressed.
I was just wondering as you have created an encrpytion session what will this have to be replaced by to fit my senerio?
Because what I want it decryption of the password once the form has been submitted this is if the email entered is correct :)
Hope this makes bit more sense.
Hope you can help
Thanks
You need to include the code for the decryption - my example stores the encrypted password in the Session("EncryptedPassword ") - as yet you have not shown any code for the decryption - only the encryption - I can't guess the code for decrypting it :)
Once you show this code then I can suggest how to incorporate it.
And the code you've just included still refers to your original code - however I have provided alternative code - are you going to or are you using this?
If you don't update you code how is it going to advance as you require!
Once you show this code then I can suggest how to incorporate it.
And the code you've just included still refers to your original code - however I have provided alternative code - are you going to or are you using this?
If you don't update you code how is it going to advance as you require!
ASKER
Hi there :)
the code that I provided is the code that decrypted the password:) It does it trust me there is no other code. This is all I have on the page, ......
<!--#include file ="database.asp"-->
<%
dim varUsername
dim sqlStr
'varUsername=Request.Query String("St udentId")
sqlstr = "SELECT TUTOR_USERNAME, TUTOR_PASSWORD "
sqlStr = sqlStr & "FROM login "
sqlStr = sqlStr & "WHERE TUTOR_USERNAME = 'pung'"
oRS.Open sqlStr, objConn
%>
<script language="vbscript">
Sub Decrypt()
Set Context = XEncrypt.OpenContext("myco ntainer", False)
Set Key = Context.GenerateKeyFromPas sword("my password")
Set Blob = XEncrypt.CreateBlob
Blob.Base64 = document.frmPreviewStudent Password.t xtPassword .Value
document.frmPreviewStudent Password.t xtDecrypt. Value = Key.DecryptText(Blob)
End Sub
</script>
<head>
<title></title>
</head>
<form name="frmPreviewStudentPas sword">
<input type="text" name="txtPassword" value="<%=oRS("TUTOR_PASSW ORD")%>">
<input type=text name=txtDecrypt><input type=button onclick=decrypt value=Decrypt>
</form>
<object
classid="clsid:f9463571-87 cb-4a90-a1 ac-2284b7f 5af4e"
codebase="aspencrypt.dll"
id="xencrypt">
</object>
</body>
</html>
This is the url of my webserver
http://warge-da2.zapto.org/login/trytest.asp
You can test it out yourself :)
Its an asp component, we dont need to worry at all about the ecryption code, as you can see from the sql all I am using is a query string value and then when I press the button the password is shown.
The encrypted password is on the left hand box as shown in the webpage. Take a look :)
Hope this makes things clearer and you understand exactly what I mean and how i want to use this decyption function. What I want to do is as soon as a user enters their email address into the form and submits it, if the email address is valid then an email is sent to the user. I am pretty confident with the CDONT now, all I want to do is somehow decrpyt the password and then store it in a variable so then I can call that back in the email message body when using CDONTS.
I really hope you can help
Thanks
Pungwick
the code that I provided is the code that decrypted the password:) It does it trust me there is no other code. This is all I have on the page, ......
<!--#include file ="database.asp"-->
<%
dim varUsername
dim sqlStr
'varUsername=Request.Query
sqlstr = "SELECT TUTOR_USERNAME, TUTOR_PASSWORD "
sqlStr = sqlStr & "FROM login "
sqlStr = sqlStr & "WHERE TUTOR_USERNAME = 'pung'"
oRS.Open sqlStr, objConn
%>
<script language="vbscript">
Sub Decrypt()
Set Context = XEncrypt.OpenContext("myco
Set Key = Context.GenerateKeyFromPas
Set Blob = XEncrypt.CreateBlob
Blob.Base64 = document.frmPreviewStudent
document.frmPreviewStudent
End Sub
</script>
<head>
<title></title>
</head>
<form name="frmPreviewStudentPas
<input type="text" name="txtPassword" value="<%=oRS("TUTOR_PASSW
<input type=text name=txtDecrypt><input type=button onclick=decrypt value=Decrypt>
</form>
<object
classid="clsid:f9463571-87
codebase="aspencrypt.dll"
id="xencrypt">
</object>
</body>
</html>
This is the url of my webserver
http://warge-da2.zapto.org/login/trytest.asp
You can test it out yourself :)
Its an asp component, we dont need to worry at all about the ecryption code, as you can see from the sql all I am using is a query string value and then when I press the button the password is shown.
The encrypted password is on the left hand box as shown in the webpage. Take a look :)
Hope this makes things clearer and you understand exactly what I mean and how i want to use this decyption function. What I want to do is as soon as a user enters their email address into the form and submits it, if the email address is valid then an email is sent to the user. I am pretty confident with the CDONT now, all I want to do is somehow decrpyt the password and then store it in a variable so then I can call that back in the email message body when using CDONTS.
I really hope you can help
Thanks
Pungwick
Ok if you get your page to a stage where you have a page with a form so that an email address (username) can be put in and it checks it against the db then maybe we can taclke the decrypt problem.
I have supplied code and as of yet you appear to of made NO changes to your page - work with me here and maybe we'll get a resolve.
The value that initially appears in txtPassword - is the value actually held in the db because the code you've supplied doesn't do any encrypting before it it is placed in the form value - am I right?
Where did you source the DDL from, do you have any instructions on using it - do you have a link where I can read about the DLL?
I have supplied code and as of yet you appear to of made NO changes to your page - work with me here and maybe we'll get a resolve.
The value that initially appears in txtPassword - is the value actually held in the db because the code you've supplied doesn't do any encrypting before it it is placed in the form value - am I right?
Where did you source the DDL from, do you have any instructions on using it - do you have a link where I can read about the DLL?
ASKER
Hi
I really dont understand your code does it decrpt the password once the email address it is sent ????
http://www.aspencrypt.com/index.html thats the information as regards the component. Maybe yo are looking to much into what he component does, all I want is to run the fuction on the fly without having to run it pressing the button.
Did you take a look at the websever url i sent u???
Thanks
Pungwick
I really dont understand your code does it decrpt the password once the email address it is sent ????
http://www.aspencrypt.com/index.html thats the information as regards the component. Maybe yo are looking to much into what he component does, all I want is to run the fuction on the fly without having to run it pressing the button.
Did you take a look at the websever url i sent u???
Thanks
Pungwick
I did - it didn't do anything :)
Can you paste in your page as you currently have it - this should contain the form for entering the username and has the validation against you db of this username.
This is before I look at the URL you have just supplied.
I am guessing that the code for your DLL that you have is supposed to do the decrptying and it currently isn't - this is where I'm maybe misunderstanding - the code you have so far - the encrypted password that is in the form - how does that get encrypted - its not done within the code that you supplied.
Can you paste in your page as you currently have it - this should contain the form for entering the username and has the validation against you db of this username.
This is before I look at the URL you have just supplied.
I am guessing that the code for your DLL that you have is supposed to do the decrptying and it currently isn't - this is where I'm maybe misunderstanding - the code you have so far - the encrypted password that is in the form - how does that get encrypted - its not done within the code that you supplied.
ASKER
HI there,
the code that encrypts the password is as follows, this is on another page, so say when a user trys to sign in, what they enter on page submit is encrypted and sent over:
the whole page
<%@ Language=VBScript %>
<% Option Explicit %>
<?xml version="1.0" encoding="iso-8859-1"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<script language="vbscript">
sub encryptsign
'************************* ********** ********** ********** ********** ******
' encrypt
'************************* ********** ********** ********** ********** ******
set context = xencrypt.opencontext("myco ntainer", false)
set key = context.generatekeyfrompas sword("my password")
set blob = key.encrypttext( document.frmTutorLogin.txt TutorPassw ord.value )
document.frmTutorLogin.txt encrypt.va lue = blob.base64
'************************* ********** ********** ********** ********** ******
' sign
'************************* ********** ********** ********** ********** ******
' Open "MY" certificate store which contains client certs
Set Store = XEncrypt.OpenStore("MY", False )
' Does the store contain certificates?
Count = Store.Certificates.Count
If Count = 0 Then
MsgBox "You have no certificates."
Exit Sub
End If
' If store contains more than one, enable user to pick one
If Count > 1 Then
Set Cert = XEncrypt.PickCertificate(S tore, 4+8+16, "Select Certificate Please", "Select the one you want to be used for signing")
If Cert Is Nothing Then Exit Sub
Else
' otherwise just pick that only one cert
Set Cert = Store.Certificates(1)
End If
' Make sure the cert has a private key associated with it
If Cert.PrivateKeyExists = False Then
MsgBox "This certificate has no private key associated with it."
Exit Sub
End If
' obtain private key context for this cert
Set Context = Cert.PrivateKeyContext
' create empty hash object associated with this context
Set Hash = Context.CreateHash
Hash.AddText document.frmTutorLogin.txt encrypt.va lue
Set Blob = Hash.Sign(Context.KeySpec)
document.frmTutorLogin.txt Signature. value = Blob.Base64
call frmTutorLogin.submit()
end sub
</script>
<html>
<head>
</head>
<body>
<form name="frmTutorLogin" action="verify.asp" method="post"onSubmit="ret urn checkFields()">
<input type="hidden" name="FormAction" value="verifyTutor">
<input type="text" name="txtsignature">
<input type="text" name="txtencrypt">
<table border="0" width="100%">
<tr>
<td align="right"><img src="logo.gif">
</td>
</tr>
</table>
<table border="0">
<tr bgcolor="#b90404">
<td width="130" align="center"> </td>
<td width="900" align="right"><a href="main.htm">Home</a></ td>
</tr>
</table>
<table border="0" width="30%" align="center">
<tr bgcolor="#CCCCCC">
<td colspan="2" align="left"><b>Tutor Login</b></td>
</tr>
<tr bgcolor="eeeeee">
<td align="right">Username:</t d>
<td><input type="text" name="txtTutorUsername"></ td>
</tr>
<tr bgcolor="eeeeee">
<td align="right">Password:</t d>
<td><input type="password" name="txtTutorPassword"></ td>
</tr>
<tr bgcolor="#CCCCCC">
<td colspan="2" align="left"><a href="TutorSignUp.asp">Sig n Up</a>
<input type="button" onclick="encryptsign" value="Sign In"></td>
</tr>
</table>
</form>
<object
classid="clsid:f9463571-87 cb-4a90-a1 ac-2284b7f 5af4e"
codebase="aspencrypt.dll"
id="xencrypt">
</object>
</body>
</html>
the code that encrypts the password is as follows, this is on another page, so say when a user trys to sign in, what they enter on page submit is encrypted and sent over:
the whole page
<%@ Language=VBScript %>
<% Option Explicit %>
<?xml version="1.0" encoding="iso-8859-1"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<script language="vbscript">
sub encryptsign
'*************************
' encrypt
'*************************
set context = xencrypt.opencontext("myco
set key = context.generatekeyfrompas
set blob = key.encrypttext( document.frmTutorLogin.txt
document.frmTutorLogin.txt
'*************************
' sign
'*************************
' Open "MY" certificate store which contains client certs
Set Store = XEncrypt.OpenStore("MY", False )
' Does the store contain certificates?
Count = Store.Certificates.Count
If Count = 0 Then
MsgBox "You have no certificates."
Exit Sub
End If
' If store contains more than one, enable user to pick one
If Count > 1 Then
Set Cert = XEncrypt.PickCertificate(S
If Cert Is Nothing Then Exit Sub
Else
' otherwise just pick that only one cert
Set Cert = Store.Certificates(1)
End If
' Make sure the cert has a private key associated with it
If Cert.PrivateKeyExists = False Then
MsgBox "This certificate has no private key associated with it."
Exit Sub
End If
' obtain private key context for this cert
Set Context = Cert.PrivateKeyContext
' create empty hash object associated with this context
Set Hash = Context.CreateHash
Hash.AddText document.frmTutorLogin.txt
Set Blob = Hash.Sign(Context.KeySpec)
document.frmTutorLogin.txt
call frmTutorLogin.submit()
end sub
</script>
<html>
<head>
</head>
<body>
<form name="frmTutorLogin" action="verify.asp" method="post"onSubmit="ret
<input type="hidden" name="FormAction" value="verifyTutor">
<input type="text" name="txtsignature">
<input type="text" name="txtencrypt">
<table border="0" width="100%">
<tr>
<td align="right"><img src="logo.gif">
</td>
</tr>
</table>
<table border="0">
<tr bgcolor="#b90404">
<td width="130" align="center"> </td>
<td width="900" align="right"><a href="main.htm">Home</a></
</tr>
</table>
<table border="0" width="30%" align="center">
<tr bgcolor="#CCCCCC">
<td colspan="2" align="left"><b>Tutor Login</b></td>
</tr>
<tr bgcolor="eeeeee">
<td align="right">Username:</t
<td><input type="text" name="txtTutorUsername"></
</tr>
<tr bgcolor="eeeeee">
<td align="right">Password:</t
<td><input type="password" name="txtTutorPassword"></
</tr>
<tr bgcolor="#CCCCCC">
<td colspan="2" align="left"><a href="TutorSignUp.asp">Sig
<input type="button" onclick="encryptsign" value="Sign In"></td>
</tr>
</table>
</form>
<object
classid="clsid:f9463571-87
codebase="aspencrypt.dll"
id="xencrypt">
</object>
</body>
</html>
ASKER
Sorry but at the moment the page does not exist thats why I am using a test page so the code is simple and easy to understand... if we can get this working ie decryption of a password without clicking of the button then the same technique can be encroporated using another page..ie one with html design.
thanks
So please could you work with the page I sent a few posts up, the validation atthe moment is also not relevant to what we are tryng to achieve. All I want to do is get the password decryped into a variable, if then I can respone.write the variable and confirm the password decryption has taken place I will be satified as I am confident of doing the rest of the code myself
Hope you can help
Thanks
Pungwick
thanks
So please could you work with the page I sent a few posts up, the validation atthe moment is also not relevant to what we are tryng to achieve. All I want to do is get the password decryped into a variable, if then I can respone.write the variable and confirm the password decryption has taken place I will be satified as I am confident of doing the rest of the code myself
Hope you can help
Thanks
Pungwick
Ok, looked at the page - the code seems fine - apart from where I've called my Session("EncryptedPassword ") - call it Session("DecryptedPassword ") - the results of the code is a decrypted password :)
I notice in your code that your <script> code is outside of your <head></head> tags - I don't know is this makes any difference - but its worth a try - or put the <script> somewhere between the <body></body> tages.
I notice in your code that your <script> code is outside of your <head></head> tags - I don't know is this makes any difference - but its worth a try - or put the <script> somewhere between the <body></body> tages.
ASKER
HI there using you code................
<%@ Language=VBScript %>
<%Option Explicit%>
<%Response.Buffer = True%>
<!--#include file ="database1.asp"-->
<%
Dim objCon
Dim rsChck
Dim sErrMsg, sForm(0), sQuery, one,rsone, XEncrypt
Dim Context, Key, Blob
sErrMsg = ""
If Request.Form("Buuton") = "Login" then
sErrMsg = ""
sForm(0) = Trim(Request.Form("f_0"))
If sForm(0) = "" then
sErrMsg = "Error: Username - required."
Else
one = "SELECT TUTOR_USERNAME, TUTOR_PASSWORD " &_
"FROM login " &_
"WHERE TUTOR_USERNAME = '" & sForm(0) & "'"
' response.write one
set rsone=conn.execute(one)
If rsone.EOF then
sErrMsg = "Error: Username - invalid."
Else
'This bit talen from you code...
Set Context = XEncrypt.OpenContext("myco ntainer", False)
Set Key = Context.GenerateKeyFromPas sword("my password")
Set Blob = XEncrypt.CreateBlob
'Slight change to your code...
Blob.Base64 = rsone("TUTOR_PASSWORD")
response.write Blob.Base64
End If
End If
End If
%>
<html>
<head>
<title>Example</title>
<script language="Javascript">
<!--
//-->
</script>
</head>
<body>
<form name="Login" method="post" action="">
<%If sErrMsg <> "" then
Response.Write sErrMsg & "<br><br>"
End If%>
Username: <input type="text" name="f_0" value=""><br>
<br>
<input type="submit" name="Buuton" value="Login">
</form>
<object classid="clsid:f9463571-87 cb-4a90-a1 ac-2284b7f 5af4e" codebase="aspencrypt.dll" id="xencrypt"></object>
</body>
</html>
I get an error at line 35
Microsoft VBScript runtime (0x800A01A8)
Object required: ''
/login/mcfly.asp, line 35
hope you can help
<%@ Language=VBScript %>
<%Option Explicit%>
<%Response.Buffer = True%>
<!--#include file ="database1.asp"-->
<%
Dim objCon
Dim rsChck
Dim sErrMsg, sForm(0), sQuery, one,rsone, XEncrypt
Dim Context, Key, Blob
sErrMsg = ""
If Request.Form("Buuton") = "Login" then
sErrMsg = ""
sForm(0) = Trim(Request.Form("f_0"))
If sForm(0) = "" then
sErrMsg = "Error: Username - required."
Else
one = "SELECT TUTOR_USERNAME, TUTOR_PASSWORD " &_
"FROM login " &_
"WHERE TUTOR_USERNAME = '" & sForm(0) & "'"
' response.write one
set rsone=conn.execute(one)
If rsone.EOF then
sErrMsg = "Error: Username - invalid."
Else
'This bit talen from you code...
Set Context = XEncrypt.OpenContext("myco
Set Key = Context.GenerateKeyFromPas
Set Blob = XEncrypt.CreateBlob
'Slight change to your code...
Blob.Base64 = rsone("TUTOR_PASSWORD")
response.write Blob.Base64
End If
End If
End If
%>
<html>
<head>
<title>Example</title>
<script language="Javascript">
<!--
//-->
</script>
</head>
<body>
<form name="Login" method="post" action="">
<%If sErrMsg <> "" then
Response.Write sErrMsg & "<br><br>"
End If%>
Username: <input type="text" name="f_0" value=""><br>
<br>
<input type="submit" name="Buuton" value="Login">
</form>
<object classid="clsid:f9463571-87
</body>
</html>
I get an error at line 35
Microsoft VBScript runtime (0x800A01A8)
Object required: ''
/login/mcfly.asp, line 35
hope you can help
Ok - I've read a little more about the DLL can you try the following...funny enough its a slight change to you orignal code :)
<html>
<head>
<title></title>
<object classid="clsid:f9463571-87 cb-4a90-a1 ac-2284b7f 5af4e" codebase="aspencrypt.dll" id="xencrypt"></object>
<script language="vbscript">
Sub Decrypt()
Set Context = XEncrypt.OpenContext("myco ntainer", False)
Set Key = Context.GenerateKeyFromPas sword("my password")
Set Blob = XEncrypt.CreateBlob
Blob.Base64 = document.frmPreviewStudent Password.t xtPassword .Value
document.frmPreviewStudent Password.t xtDecrypt. Value = Key.DecryptText(Blob)
End Sub
</script>
</head>
<form name="frmPreviewStudentPas sword">
<input type="text" name="txtPassword" value="gOSBfHBL1Mw="><br>
<input type=text name=txtDecrypt><br>
<input type=button onclick=decrypt value=Decrypt>
</form>
</body>
</html>
It is slightly different - trust me.
<html>
<head>
<title></title>
<object classid="clsid:f9463571-87
<script language="vbscript">
Sub Decrypt()
Set Context = XEncrypt.OpenContext("myco
Set Key = Context.GenerateKeyFromPas
Set Blob = XEncrypt.CreateBlob
Blob.Base64 = document.frmPreviewStudent
document.frmPreviewStudent
End Sub
</script>
</head>
<form name="frmPreviewStudentPas
<input type="text" name="txtPassword" value="gOSBfHBL1Mw="><br>
<input type=text name=txtDecrypt><br>
<input type=button onclick=decrypt value=Decrypt>
</form>
</body>
</html>
It is slightly different - trust me.
ASKER
????????
the code you provided me doesnt incrypt the password you still have to press the button
http://warge-da2.zapto.org/login/punwick.asp
hope you can help thanks
the code you provided me doesnt incrypt the password you still have to press the button
http://warge-da2.zapto.org/login/punwick.asp
hope you can help thanks
The little bit of code was from the aspencrypt.com site - if it doesn't work then maybe you need to consult them - I was expecting it to work :)
I've downloaded their 30 trial so I can have a go - maybe we're missing something :)
I've downloaded their 30 trial so I can have a go - maybe we're missing something :)
ASKER
hmm OK:)
but the code is still on the pressing of a button which is what I initially had :) I also got the same code from there site :)
hehe
Is there no way as you were trying to before run the proccedure without clicking the button???
or maybe...when the button is clicked if the email addrees is correct run the code???
thanks
but the code is still on the pressing of a button which is what I initially had :) I also got the same code from there site :)
hehe
Is there no way as you were trying to before run the proccedure without clicking the button???
or maybe...when the button is clicked if the email addrees is correct run the code???
thanks
Ok, humour me on this one - the following code works - I've put an example online - www.internection.co.uk/DLL
This means that the code that you have is correct but not necessarily - maybe its case sentive :)
The code I'm using...
<HTML>
<HEAD>
<TITLE>AspEncrypt - Simple Demo of Client-side ActiveX Control</TITLE>
<OBJECT
classid="CLSID:F9463571-87 CB-4A90-A1 AC-2284B7F 5AF4E"
codebase="aspencrypt.dll"
id="XEncrypt">
</OBJECT>
<SCRIPT LANGUAGE="VBSCRIPT">
Sub Encrypt
Set Context = XEncrypt.OpenContext("myco ntainer", False)
Set Key = Context.GenerateKeyFromPas sword("my password")
Set Blob = Key.EncryptText( document.frmPreviewStudent Password.t xtPassword .Value )
document.frmPreviewStudent Password.t xtDecrypt. Value = Blob.Base64
End Sub
Sub Decrypt
Set Context = XEncrypt.OpenContext("myco ntainer", False)
Set Key = Context.GenerateKeyFromPas sword("my password")
Set Blob = XEncrypt.CreateBlob
Blob.Base64 = document.frmPreviewStudent Password.t xtDecrypt. Value
MsgBox Key.DecryptText(Blob)
End Sub
</SCRIPT>
</HEAD>
<BODY>
<FORM NAME="frmPreviewStudentPas sword">
<INPUT TYPE="TEXT" NAME="txtPassword" SIZE="60" VALUE="Text to encrypt">
<INPUT TYPE="BUTTON" OnClick="Encrypt" VALUE="Encrypt">
<P>
<INPUT TYPE="TEXT" NAME="txtDecrypt" SIZE="60">
<INPUT TYPE="BUTTON" OnClick="Decrypt" VALUE="Decrypt">
</FORM>
</BODY>
</HTML>
This means that the code that you have is correct but not necessarily - maybe its case sentive :)
The code I'm using...
<HTML>
<HEAD>
<TITLE>AspEncrypt - Simple Demo of Client-side ActiveX Control</TITLE>
<OBJECT
classid="CLSID:F9463571-87
codebase="aspencrypt.dll"
id="XEncrypt">
</OBJECT>
<SCRIPT LANGUAGE="VBSCRIPT">
Sub Encrypt
Set Context = XEncrypt.OpenContext("myco
Set Key = Context.GenerateKeyFromPas
Set Blob = Key.EncryptText( document.frmPreviewStudent
document.frmPreviewStudent
End Sub
Sub Decrypt
Set Context = XEncrypt.OpenContext("myco
Set Key = Context.GenerateKeyFromPas
Set Blob = XEncrypt.CreateBlob
Blob.Base64 = document.frmPreviewStudent
MsgBox Key.DecryptText(Blob)
End Sub
</SCRIPT>
</HEAD>
<BODY>
<FORM NAME="frmPreviewStudentPas
<INPUT TYPE="TEXT" NAME="txtPassword" SIZE="60" VALUE="Text to encrypt">
<INPUT TYPE="BUTTON" OnClick="Encrypt" VALUE="Encrypt">
<P>
<INPUT TYPE="TEXT" NAME="txtDecrypt" SIZE="60">
<INPUT TYPE="BUTTON" OnClick="Decrypt" VALUE="Decrypt">
</FORM>
</BODY>
</HTML>
ASKER
HI there
what you have done is the same as I had initially :) I dont wan 2 press the button at all 2 get the encrypted password, i want it 2 be done automatically
thanks
what you have done is the same as I had initially :) I dont wan 2 press the button at all 2 get the encrypted password, i want it 2 be done automatically
thanks
Yes but my example worked and yours didn't.
Get yours working :)
I'm just trying to figure out how to do this now I have a working copy myself.
Get yours working :)
I'm just trying to figure out how to do this now I have a working copy myself.
ASKER
My example did work !!!!!!!!!!!!!!!!
the link I sent you worked :)
hehe
please continue with the investigation
we need to get the decryption working onthe fly :)
thanks
the link I sent you worked :)
hehe
please continue with the investigation
we need to get the decryption working onthe fly :)
thanks
Ok, finally done it :) better lat than never...
<%@ Language=VBScript %>
<%Option Explicit%>
<%Response.Buffer = True%>
<%
Dim conn
Dim rsone
Dim sErrMsg, sForm(0), one, bIsGood
sErrMsg = ""
bIsGood = False
If Request.Form("Buuton") = "Login" then
sErrMsg = ""
sForm(0) = Trim(Request.Form("f_0"))
If sForm(0) = "" then
sErrMsg = "Error: Username - required."
Else
Set conn = Server.CreateObject("ADODB .Connectio n")
conn.Open "PROVIDER=Microsoft.Jet.OL EDB.4.0;Da ta Source=" & Request.ServerVariables("A PPL_PHYSIC AL_PATH") & "\DLL\DataDB.mdb"
one = "SELECT TUTOR_USERNAME, TUTOR_PASSWORD " &_
"FROM login " &_
"WHERE TUTOR_USERNAME = '" & sForm(0) & "'"
'response.write one
set rsone=conn.execute(one)
If rsone.EOF then
sErrMsg = "Error: Username - invalid."
Else
bIsGood = True
End If
End If
End If
If Request.Form("Action") = "Done" then
Response.Write Request.Form("Username") & "<br>"
Response.Write Request.Form("D_Password") & "<br>"
Response.End
End If
%>
<html>
<head>
<title>Example</title>
<OBJECT
classid="CLSID:F9463571-87 CB-4A90-A1 AC-2284B7F 5AF4E"
codebase="aspencrypt.dll"
id="XEncrypt">
</OBJECT>
<SCRIPT LANGUAGE="VBSCRIPT">
Sub Decrypt
Set Context = XEncrypt.OpenContext("myco ntainer", False)
Set Key = Context.GenerateKeyFromPas sword("my password")
Set Blob = XEncrypt.CreateBlob
Blob.Base64 = document.GoDetails.E_Passw ord.value
document.GoDetails.D_Passw ord.value = Key.DecryptText(Blob)
document.GoDetails.submit( )
End Sub
</SCRIPT>
</head>
<body <%If bIsGood = True then%>onLoad="Decrypt"<%En d If%>>
<%If bIsGood = False then%>
<form name="Login" method="post" action="">
<%If sErrMsg <> "" then
Response.Write sErrMsg & "<br><br>"
End If%>
Username: <input type="text" name="f_0" value=""><br>
<br>
<input type="submit" name="Buuton" value="Login">
</form>
<%Else%>
<form name="GoDetails" method="post" action="">
<input type="hidden" name="Username" value="<%=rsone("TUTOR_USE RNAME")%>" >
<input type="hidden" name="E_Password" value="<%=rsone("TUTOR_PAS SWORD")%>" >
<input type="hidden" name="D_Password" value="">
<input type="hidden" name="Action" value="Done">
</form>
<%End If%>
</body>
</html>
<%@ Language=VBScript %>
<%Option Explicit%>
<%Response.Buffer = True%>
<%
Dim conn
Dim rsone
Dim sErrMsg, sForm(0), one, bIsGood
sErrMsg = ""
bIsGood = False
If Request.Form("Buuton") = "Login" then
sErrMsg = ""
sForm(0) = Trim(Request.Form("f_0"))
If sForm(0) = "" then
sErrMsg = "Error: Username - required."
Else
Set conn = Server.CreateObject("ADODB
conn.Open "PROVIDER=Microsoft.Jet.OL
one = "SELECT TUTOR_USERNAME, TUTOR_PASSWORD " &_
"FROM login " &_
"WHERE TUTOR_USERNAME = '" & sForm(0) & "'"
'response.write one
set rsone=conn.execute(one)
If rsone.EOF then
sErrMsg = "Error: Username - invalid."
Else
bIsGood = True
End If
End If
End If
If Request.Form("Action") = "Done" then
Response.Write Request.Form("Username") & "<br>"
Response.Write Request.Form("D_Password")
Response.End
End If
%>
<html>
<head>
<title>Example</title>
<OBJECT
classid="CLSID:F9463571-87
codebase="aspencrypt.dll"
id="XEncrypt">
</OBJECT>
<SCRIPT LANGUAGE="VBSCRIPT">
Sub Decrypt
Set Context = XEncrypt.OpenContext("myco
Set Key = Context.GenerateKeyFromPas
Set Blob = XEncrypt.CreateBlob
Blob.Base64 = document.GoDetails.E_Passw
document.GoDetails.D_Passw
document.GoDetails.submit(
End Sub
</SCRIPT>
</head>
<body <%If bIsGood = True then%>onLoad="Decrypt"<%En
<%If bIsGood = False then%>
<form name="Login" method="post" action="">
<%If sErrMsg <> "" then
Response.Write sErrMsg & "<br><br>"
End If%>
Username: <input type="text" name="f_0" value=""><br>
<br>
<input type="submit" name="Buuton" value="Login">
</form>
<%Else%>
<form name="GoDetails" method="post" action="">
<input type="hidden" name="Username" value="<%=rsone("TUTOR_USE
<input type="hidden" name="E_Password" value="<%=rsone("TUTOR_PAS
<input type="hidden" name="D_Password" value="">
<input type="hidden" name="Action" value="Done">
</form>
<%End If%>
</body>
</html>
ASKER
Brilliant it worked but I cant seem to open the inital page ie the form in the same browser once the users details are displayed.
thanks
thanks
This bit was just to demonstrate that it worked...
If Request.Form("Action") = "Done" then
Response.Write Request.Form("Username") & "<br>"
Response.Write Request.Form("D_Password") & "<br>"
Response.End
End If
Change this line...
<form name="GoDetails" method="post" action="">
Put the page (action="") you want it to go to then you can then use the...
Request.Form("Username")
Request.Form("D_Password")
...to get the details in the new page.
If Request.Form("Action") = "Done" then
Response.Write Request.Form("Username") & "<br>"
Response.Write Request.Form("D_Password")
Response.End
End If
Change this line...
<form name="GoDetails" method="post" action="">
Put the page (action="") you want it to go to then you can then use the...
Request.Form("Username")
Request.Form("D_Password")
...to get the details in the new page.
ASKER
Hi there
I was wondering how I could cutomise the code to make it more tidy when client side. At the moment a user fails to enter a password or an error occurs the error message is shown on top of the text box. Initially I was thinking of inital form on the to of the page however the if statement around it put me of. Would be grateful if you could help. Also in terms of error messages, is it not possible to instead of the inital error message if the text field is left empty have a windoes type error message box.
Hopw you can help, would be gratful if you could alter the code appriotely. The code I have is as follows:
<%@ Language=VBScript %>
<%Option Explicit%>
<%Response.Buffer = True%>
<!--#include file ="database.asp"-->
<%
six= "select * from patient"
set rssix= conn.execute(six)
Dim rsone
Dim six, rssix, Message , bodytext
Dim sErrMsg, sForm(0), one, bIsGood
sErrMsg = ""
bIsGood = False
If Request.Form("Buuton") = "Login" then
sErrMsg = ""
sForm(0) = Trim(Request.Form("f_0"))
If sForm(0) = "" then
Response.write "please enter your email address"
Else
one = "SELECT EMAIL_ADDRESS, PASSWORD " &_
"FROM PATIENT " &_
"WHERE EMAIL_ADDRESS= '" & sForm(0) & "'"
'response.write one
set rsone=conn.execute(one)
If rsone.EOF then
Response.write "Invalid Email Address"
Else
bIsGood = True
End If
End If
End If
If Request.Form("Action") = "Done" then
Message = "Your Username and Password are as follows:"&"<br>" & "<br>"& "Username: " & rssix("email_address")& "<BR>" & "Password: " & Request.Form("D_Password") & "<br>" & "<br>" & "Kindest Regards" & "<br>"& "St Arthurs Hospital"
bodytext = rssix("First_Name") & " " & rssix("surname") &","& "<br>" & "<br>" & Message
'Dimension variables
Dim objCDOMail 'Holds the CDONTS NewMail Object
'Create the e-mail server object
Set objCDOMail = Server.CreateObject("CDONT S.NewMail" )
'Who the e-mail is from
objCDOMail.From = "admin@stathurshospital.co m"
'Who the e-mail is sent to
objCDOMail.To = rssix("email_address")
'Set the subject of the e-mail
objCDOMail.Subject = "Password Reminder"
'Set the e-mail body format (0=HTML 1=Text)
objCDOMail.BodyFormat = 0
'Set the mail format (0=MIME 1=Text)
objCDOMail.MailFormat = 0
'Set the main body of the e-mail
objCDOMail.Body = bodytext
'Importance of the e-mail (0=Low, 1=Normal, 2=High)
objCDOMail.Importance = 1
'Send the e-mail
objCDOMail.Send
'Close the server object
Set objCDOMail = Nothing
response.write "Your Password has been emailed to you"
End If
%>
<html>
<head>
<title>Example</title>
<OBJECT
classid="CLSID:F9463571-87 CB-4A90-A1 AC-2284B7F 5AF4E"
codebase="aspencrypt.dll"
id="XEncrypt">
</OBJECT>
<SCRIPT LANGUAGE="VBSCRIPT">
Sub Decrypt
Set Context = XEncrypt.OpenContext("myco ntainer", False)
Set Key = Context.GenerateKeyFromPas sword("my password")
Set Blob = XEncrypt.CreateBlob
Blob.Base64 = document.GoDetails.E_Passw ord.value
document.GoDetails.D_Passw ord.value = Key.DecryptText(Blob)
document.GoDetails.submit( )
End Sub
</SCRIPT>
</head>
<body <%If bIsGood = True then%>onLoad="Decrypt"<%En d If%>>
<%If bIsGood = False then%>
<form name="Login" method="post" action="">
Username: <input type="text" name="f_0" value=""><br>
<br>
<input type="submit" name="Buuton" value="Login">
</form>
<%Else%>
<form name="GoDetails" method="post" action="">
<input type="hidden" name="Username" value="<%=rsone("EMAIL_ADD RESS")%>">
<input type="hidden" name="E_Password" value="<%=rsone("PASSWORD" )%>">
<input type="hidden" name="D_Password" value="">
<input type="hidden" name="Action" value="Done">
</form>
<%End If%>
</body>
</html>
thanks
I was wondering how I could cutomise the code to make it more tidy when client side. At the moment a user fails to enter a password or an error occurs the error message is shown on top of the text box. Initially I was thinking of inital form on the to of the page however the if statement around it put me of. Would be grateful if you could help. Also in terms of error messages, is it not possible to instead of the inital error message if the text field is left empty have a windoes type error message box.
Hopw you can help, would be gratful if you could alter the code appriotely. The code I have is as follows:
<%@ Language=VBScript %>
<%Option Explicit%>
<%Response.Buffer = True%>
<!--#include file ="database.asp"-->
<%
six= "select * from patient"
set rssix= conn.execute(six)
Dim rsone
Dim six, rssix, Message , bodytext
Dim sErrMsg, sForm(0), one, bIsGood
sErrMsg = ""
bIsGood = False
If Request.Form("Buuton") = "Login" then
sErrMsg = ""
sForm(0) = Trim(Request.Form("f_0"))
If sForm(0) = "" then
Response.write "please enter your email address"
Else
one = "SELECT EMAIL_ADDRESS, PASSWORD " &_
"FROM PATIENT " &_
"WHERE EMAIL_ADDRESS= '" & sForm(0) & "'"
'response.write one
set rsone=conn.execute(one)
If rsone.EOF then
Response.write "Invalid Email Address"
Else
bIsGood = True
End If
End If
End If
If Request.Form("Action") = "Done" then
Message = "Your Username and Password are as follows:"&"<br>" & "<br>"& "Username: " & rssix("email_address")& "<BR>" & "Password: " & Request.Form("D_Password")
bodytext = rssix("First_Name") & " " & rssix("surname") &","& "<br>" & "<br>" & Message
'Dimension variables
Dim objCDOMail 'Holds the CDONTS NewMail Object
'Create the e-mail server object
Set objCDOMail = Server.CreateObject("CDONT
'Who the e-mail is from
objCDOMail.From = "admin@stathurshospital.co
'Who the e-mail is sent to
objCDOMail.To = rssix("email_address")
'Set the subject of the e-mail
objCDOMail.Subject = "Password Reminder"
'Set the e-mail body format (0=HTML 1=Text)
objCDOMail.BodyFormat = 0
'Set the mail format (0=MIME 1=Text)
objCDOMail.MailFormat = 0
'Set the main body of the e-mail
objCDOMail.Body = bodytext
'Importance of the e-mail (0=Low, 1=Normal, 2=High)
objCDOMail.Importance = 1
'Send the e-mail
objCDOMail.Send
'Close the server object
Set objCDOMail = Nothing
response.write "Your Password has been emailed to you"
End If
%>
<html>
<head>
<title>Example</title>
<OBJECT
classid="CLSID:F9463571-87
codebase="aspencrypt.dll"
id="XEncrypt">
</OBJECT>
<SCRIPT LANGUAGE="VBSCRIPT">
Sub Decrypt
Set Context = XEncrypt.OpenContext("myco
Set Key = Context.GenerateKeyFromPas
Set Blob = XEncrypt.CreateBlob
Blob.Base64 = document.GoDetails.E_Passw
document.GoDetails.D_Passw
document.GoDetails.submit(
End Sub
</SCRIPT>
</head>
<body <%If bIsGood = True then%>onLoad="Decrypt"<%En
<%If bIsGood = False then%>
<form name="Login" method="post" action="">
Username: <input type="text" name="f_0" value=""><br>
<br>
<input type="submit" name="Buuton" value="Login">
</form>
<%Else%>
<form name="GoDetails" method="post" action="">
<input type="hidden" name="Username" value="<%=rsone("EMAIL_ADD
<input type="hidden" name="E_Password" value="<%=rsone("PASSWORD"
<input type="hidden" name="D_Password" value="">
<input type="hidden" name="Action" value="Done">
</form>
<%End If%>
</body>
</html>
thanks
You have...
If sForm(0) = "" then
Response.write "please enter your email address"
Else
I had......
If sForm(0) = "" then
sErrMsg = "Error: Username - required."
Else
Set conn
The reason I put the error in a variable (sErrMsg) is so that you have the freedom to place it anywhere you like.
You could even do the following....
<body <%If sErrMsg <> "" then%>onLoad="alert('<%=sE rrMsg%>')" <%End If%>> and it it 'popup' the error.
Please not that under EE rules you are not supposed to asked additional question outside of the scope of your orginal post.
If sForm(0) = "" then
Response.write "please enter your email address"
Else
I had......
If sForm(0) = "" then
sErrMsg = "Error: Username - required."
Else
Set conn
The reason I put the error in a variable (sErrMsg) is so that you have the freedom to place it anywhere you like.
You could even do the following....
<body <%If sErrMsg <> "" then%>onLoad="alert('<%=sE
Please not that under EE rules you are not supposed to asked additional question outside of the scope of your orginal post.
I think what you want is basically the manipulation of a variable that should store
the decrypted password of corresponding user.
Below is my code.
<%
dim deCryptPwd
sqlstr ="SELECT TUTOR_USERNAME, TUTOR_PASSWORD FROM login WHERE TUTOR_USERNAME = 'pung'"
oRS.Open sqlStr, objConn
deCryptPwd=Decrypt(oRS("TU TOR_PASSWO RD")
'deCryptPw can be utilized in your code which is used to send email.
%>
<script runat="server" language="vbscript">
function Decrypt(pwd)
'instantiate your encryption component
set XEncrypt=server.createobje ct("server .component ")
'I don't know the ProgId of your component,or you can create
'XEncrypt just by using its ClassId in global.asa
Set Context=XEncrypt.OpenConte xt("mycont ainer", False)
Set Key=Context.GenerateKeyFro mPassword( "my password")
Set Blob=XEncrypt.CreateBlob
Blob.Base64=pwd
set XEncrypt=nothing
Decrypt=Key.DecryptText(Bl ob)
End function
</script>
the decrypted password of corresponding user.
Below is my code.
<%
dim deCryptPwd
sqlstr ="SELECT TUTOR_USERNAME, TUTOR_PASSWORD FROM login WHERE TUTOR_USERNAME = 'pung'"
oRS.Open sqlStr, objConn
deCryptPwd=Decrypt(oRS("TU
'deCryptPw can be utilized in your code which is used to send email.
%>
<script runat="server" language="vbscript">
function Decrypt(pwd)
'instantiate your encryption component
set XEncrypt=server.createobje
'I don't know the ProgId of your component,or you can create
'XEncrypt just by using its ClassId in global.asa
Set Context=XEncrypt.OpenConte
Set Key=Context.GenerateKeyFro
Set Blob=XEncrypt.CreateBlob
Blob.Base64=pwd
set XEncrypt=nothing
Decrypt=Key.DecryptText(Bl
End function
</script>
ASKER
Hi there
I get an error on line 15 saying :
Server object, ASP 0177 (0x800401F3)
Invalid class string
/login/further.asp, line 15
<!--#include file ="database.asp"-->
<%
dim deCryptPwd
sqlstr ="SELECT TUTOR_USERNAME, TUTOR_PASSWORD FROM login WHERE TUTOR_USERNAME = 'pung'"
oRS.Open sqlStr, objConn
deCryptPwd=Decrypt(oRS("TU TOR_PASSWO RD"))
'deCryptPw can be utilized in your code which is used to send email.
response.write deCryptPwd
%>
<script runat="server" language="vbscript">
function Decrypt(pwd)
'instantiate your encryption component
set XEncrypt=server.createobje ct("server .component ")
'I don't know the ProgId of your component,or you can create
'XEncrypt just by using its ClassId in global.asa
Set Context=XEncrypt.OpenConte xt("mycont ainer", False)
Set Key=Context.GenerateKeyFro mPassword( "my password")
Set Blob=XEncrypt.CreateBlob
Blob.Base64=pwd
set XEncrypt=nothing
Decrypt=Key.DecryptText(Bl ob)
End function
</script>
<object
classid="clsid:f9463571-87 cb-4a90-a1 ac-2284b7f 5af4e"
codebase="aspencrypt.dll"
id="xencrypt">
</object>
I tried commenting out that line then got the error saying:
Microsoft VBScript runtime (0x800A01A8)
Object required: 'XEncrypt'
/login/further.asp, line 18
hope you can help
thanks
Pungwick
I get an error on line 15 saying :
Server object, ASP 0177 (0x800401F3)
Invalid class string
/login/further.asp, line 15
<!--#include file ="database.asp"-->
<%
dim deCryptPwd
sqlstr ="SELECT TUTOR_USERNAME, TUTOR_PASSWORD FROM login WHERE TUTOR_USERNAME = 'pung'"
oRS.Open sqlStr, objConn
deCryptPwd=Decrypt(oRS("TU
'deCryptPw can be utilized in your code which is used to send email.
response.write deCryptPwd
%>
<script runat="server" language="vbscript">
function Decrypt(pwd)
'instantiate your encryption component
set XEncrypt=server.createobje
'I don't know the ProgId of your component,or you can create
'XEncrypt just by using its ClassId in global.asa
Set Context=XEncrypt.OpenConte
Set Key=Context.GenerateKeyFro
Set Blob=XEncrypt.CreateBlob
Blob.Base64=pwd
set XEncrypt=nothing
Decrypt=Key.DecryptText(Bl
End function
</script>
<object
classid="clsid:f9463571-87
codebase="aspencrypt.dll"
id="xencrypt">
</object>
I tried commenting out that line then got the error saying:
Microsoft VBScript runtime (0x800A01A8)
Object required: 'XEncrypt'
/login/further.asp, line 18
hope you can help
thanks
Pungwick
Pay attention to the statement:
set XEncrypt=server.createobje ct("server .component ")
'server.component' is just a 'formula',you should replace it with the ProgId of XEncrypt(your encryption component).
Or,alternatively,you can comment out this statement,and place the following statement in your
page :
<object runat="server"
classid="clsid:f9463571-87 cb-4a90-a1 ac-2284b7f 5af4e"
codebase="aspencrypt.dll"
id="XEncrypt">
</object>
And,I think some attention should also be paid to methods and properties exposed by
your component.
Hope this can help you solve the problem.
set XEncrypt=server.createobje
'server.component' is just a 'formula',you should replace it with the ProgId of XEncrypt(your encryption component).
Or,alternatively,you can comment out this statement,and place the following statement in your
page :
<object runat="server"
classid="clsid:f9463571-87
codebase="aspencrypt.dll"
id="XEncrypt">
</object>
And,I think some attention should also be paid to methods and properties exposed by
your component.
Hope this can help you solve the problem.
The solution that you have been offered by hengzhe with the funtion will not work because the DLL is CLIENT-SIDE, you CANNOT instantiate the DLL in the manner described.
Pungwick,have you installed and registered the component(aspencrypt.dll) on your server?
If both installation and registration have been done,then the component can be instantiated using the tag <object>
(runat='server' must be provided).
Otherwise it can not be used in server-side.
If both installation and registration have been done,then the component can be instantiated using the tag <object>
(runat='server' must be provided).
Otherwise it can not be used in server-side.
hengzhe - please note that the DLL being useed is a client-side DLL and is downloaded to the client as an ActiveX object.
For information about the DLL and its usage visit the following URL - http://www.aspencrypt.com/index.html (supplied by Pungwick)
Pungwick :) Shame on you
For information about the DLL and its usage visit the following URL - http://www.aspencrypt.com/index.html (supplied by Pungwick)
Pungwick :) Shame on you
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Thanks Lord_McFly,I am ignorant,I didn't know what XEncrypt is.
After reading some documents,I made the following change:
function Decrypt(pwd)
Set CM=Server.CreateObject("Pe rsits.Cryp toManager" )
Set Context = CM.OpenContext("mycontaine r",True)
'attention: the second para.(MachineKey) should be set to True,because in my 'solution I want to use aspEncrypt in server-side.
'I don't know whether the parameter mycontainer is approriate,I just went through
'documents(http://www.aspencrypt.com/)
Set Key = Context.GenerateKeyFromPas sword("ori ginalkey")
Set Blob =CM.CreateBlob
Blob.Base64=pwd
set CM=Nothing
Decrypt=Key.DecryptText(Bl ob)
End function
Emphasis: My solution is to decrypt the password retrieved from db in server-side
(so I use CryptoManager which can be instantiated on server in asp environment).And
the decrypted password is returned by Decrypt(pwd) which is a server side
function(runat='server') and can then be stored in a variable so that you
can manipulate it(ig.to use it to send email.)
Because I just went through documents provided by http://www.aspencrypt.com,
I am not quite sure whether parameters I provided in my code were valid or
approriate.
After reading some documents,I made the following change:
function Decrypt(pwd)
Set CM=Server.CreateObject("Pe
Set Context = CM.OpenContext("mycontaine
'attention: the second para.(MachineKey) should be set to True,because in my 'solution I want to use aspEncrypt in server-side.
'I don't know whether the parameter mycontainer is approriate,I just went through
'documents(http://www.aspencrypt.com/)
Set Key = Context.GenerateKeyFromPas
Set Blob =CM.CreateBlob
Blob.Base64=pwd
set CM=Nothing
Decrypt=Key.DecryptText(Bl
End function
Emphasis: My solution is to decrypt the password retrieved from db in server-side
(so I use CryptoManager which can be instantiated on server in asp environment).And
the decrypted password is returned by Decrypt(pwd) which is a server side
function(runat='server') and can then be stored in a variable so that you
can manipulate it(ig.to use it to send email.)
Because I just went through documents provided by http://www.aspencrypt.com,
I am not quite sure whether parameters I provided in my code were valid or
approriate.
Hi Pungwick
Need any further assistance with this problem?
Cheers
McFly
Need any further assistance with this problem?
Cheers
McFly
ASKER
Sorry all extrmely busy at presnt I will reply properly in the next few days
thanks
thanks
between the <head></head>
==========================
<script language="JavaScript">
<!--
function DoSubmit()
{
document.frmPreviewPasswor
}
//-->
</script>
The include in the <body> tag....
==========================
<body onLoad="DoSubmit()">
This way when the page loads the form is automatically submitted.