Solved

Including .JS file in ASP.NET for runat=server

Posted on 2007-11-26
10
976 Views
Last Modified: 2010-08-05
Hi,
I'm doing my first ASP.NET integration with SecPay, (an online payment provider in the UK).  I've done plenty of integrations in classic ASP but am now struggling to get the md5 check to work in ASP.NET.

I'm falling at the first hurdle of including the JS file.  In classic ASP, the SCRIPT tag was as follows:

<SCRIPT LANGUAGE="JScript" RUNAT="Server" SRC="includes\md5.js">
</SCRIPT>

But if I try and place this in my .aspx file in Visual Studio 2005, the </script> tag for my codebehind gets underlined in blue and the useful error message of "Syntax Error" gets displayed.

If I place my JS SCRIPT tag above my codebehind <script> tag, the Page Directive "<%@ Page Language="VB" ... " gets underlined with the error message 'Syntax Error'.

how do I include ths JS file so that I can call it's functions from my page load sub?

Help appreciated...
0
Comment
Question by:jammy-d0dger
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
10 Comments
 
LVL 3

Expert Comment

by:bcaff86
ID: 20353851
You should not add the script tag in your code behind.  You should add it just like you would in ASP in the head section of your markup.
0
 
LVL 16

Expert Comment

by:McExp
ID: 20353853
The JS include would not need the runat=server property.
<script language="jscript" type="text/jscript" src="includes\md5.js" />

Open in new window

0
 
LVL 22

Expert Comment

by:RedKelvin
ID: 20353872
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:jammy-d0dger
ID: 20357905
Guys thanks for replying.  However, I think you're missing the point, (or maybe I am).  The Javascript include file is to be accessed from server-side code so removig the runat="server" means that it becomes client-side script, does it not?

Like I said, the my PageLoad event needs to be able to call the function 'hex_md5' which is inside the .JS file.  If I try and include the JS in the <HEAD> tag as suggested, I get, unsurprisingly, and error that states: "hex_md5 is not declared"

How do I get the Javascript file to be accessible to server-side ASP.NET code?
0
 
LVL 3

Expert Comment

by:bcaff86
ID: 20358267
ohhhh....ok, what you need to do is add the link to the js file in the header like you normally would - no runat=server - it is client side script.

Then in your code behind you need to add a call to the client function like below.  If you need to pass params to the function you can just build the full string hex_md5('some param') and put that in where I just call hex_md5().

Effectively this calls your client function onload.
If Page.ClientScript.IsStartupScriptRegistered("md5") = False Then
Page.ClientScript.RegisterStartupScript(Me.GetType(), "md5","hex_md5()", True)
End If

Open in new window

0
 

Author Comment

by:jammy-d0dger
ID: 20358432
OK, sorry I think you're going to have to help me out here.  It's looking promising... but how do I read the value of what's returned from hex_md5(md5string).

In classic ASP it would have been:

Dim sResult as String
sResult = hex_md5(md5string)

I'm sure I should be able to work this out but I can't :(

Many thanks for your help.
0
 
LVL 3

Expert Comment

by:bcaff86
ID: 20358633
The easiest way, off the top of my head, is to create a hidden field in your form with runat=server.  For your client script set it equal to MyHiddenField.Value = hex_md5(md5string).

Then server side you can access MyHiddenField to get the returned value.
0
 

Author Comment

by:jammy-d0dger
ID: 20358704
that's no good because the md5string contains a key which I can't have visible in a 'view source' as a value of a hidden field.

Bl**dy nightmare.  I'm now thinking that the best way to do this is using the built in MD5CryptoServiceProvider in ASP.NET?

I started to build a test script but stumbled when I realised that I needed to compare a String with an array of Bytes.  See, SecPay send a hash string with their payment response and I have to read that from the response object, then my own constructed string, (based on transactionID, amount and a private key), to the hash function that would then return a hash string which I could compare with the SecPay hash.

I can't work out how to get this hashed value back out of the .NET class as a String rather than a Byte array, (or how to compare the two).

Ahhhhhhh....
0
 
LVL 3

Accepted Solution

by:
bcaff86 earned 500 total points
ID: 20358726
Ok - makes sense...comparing strings and byte arrays isn't too difficult.  And if you're dealing with crpyto stuff you probably do want to keep it all server side.

Check out this for the basics on string to byte array comparisons.

http://www.chilkatsoft.com/faq/DotNetStrToBytes.html
0
 

Author Comment

by:jammy-d0dger
ID: 20360165
What a hell-ride this has been.  Many thanks to Microsoft for once again dumbfounding me with what seems like making a simple task, incredibly complicated.  For those of you who may stumble upon this thread... here's what I had to do (where md5string is the unencrypted string that I have to check against and spHash is the md5 hash string sent from SecPay) :

           'The string we wish to encrypt
            Dim strPlainText As String = md5string

            'The array of bytes that will contain the encrypted value of strPlainText
            Dim hashedDataBytes As Byte()

            'The encoder class used to convert strPlainText to an array of bytes
            Dim encoder As New UTF8Encoding()
   
            'Create an instance of the MD5CryptoServiceProvider class
            Dim md5Hasher As New MD5CryptoServiceProvider()

            'Call ComputeHash, passing in the plain-text string as an array of bytes
            'The return value is the encrypted value, as an array of bytes
            hashedDataBytes = md5Hasher.ComputeHash(encoder.GetBytes(strPlainText))
           
            'now convert the crappy MS raw hash data to a string in readable format. Idiots!!
            Dim strMD5 As String = ""
            For Each bytByte As Byte In hashedDataBytes
                strMD5 &= bytByte.ToString("x2")
            Next

            'check to see MD5 hash matches            
            If strMD5 <> spHash Then
                Response.Write("Security Hash failed. IP stored.")
                'do a server.transfer to hash_failed screen or whatever
            End If

So, there you have it.  I tried using the example on your link bcaff86 and whilst they worked as converters and returned a hex-based byte array, the byte array returned from MD5CryptoServiceProvider is in a raw format that is of no use to anybody!!!! Thanks for that Microsoft!  I stumbled across that neat little Byte to Hex String converter here:

http://www.thescripts.com/forum/thread373773.html

Many thanks for sticking with me bcaff86. Although you didn't have the final answer, you did get me a good deal of the way there so the points are yours.

0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Switching Visual Studio 2015 to normal debug display 3 42
Please explain purpose of GZIP 4 56
Code works but breaks when I add one section 4 27
Data organization issue 7 36
Just a quick little trick I learned recently.  Now that I'm using jQuery with abandon in my asp.net applications, I have grown tired of the following syntax:      (CODE) I suppose it just offends my sense of decency to put inline VBScript on a…
In this Article, I will provide a few tips in problem and solution manner. Opening an ASPX page in Visual studio 2003 is very slow. To make it fast, please do follow below steps:   Open the Solution/Project. Right click the ASPX file to b…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

735 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question