Informatik_Active_Server_Pages (ASP)        

@planet_bossi
                 
 
 

Active Server Pages ASP von Microsoft (Internet dyn. Seiten) installieren

Wir installierten auf unserem bestehenden IIS 3.0 die ASP Erweiterung (ähnlich CGI etc, jedoch besser und aktueller). Installation verlief normal, jedoch mit kleiner Komplikation mit dem Zugriff auf *.asp Files. Ziel der *.asp Erweiterung war es, Zugriff auf eine Access 97 Datenbank zu erhalten etc.

//Falls das ganze auf einem standalone PC installiert werden //sollte, einfach Personal Web Server oder Peer Web Server //installieren, dies wird mit Frontpage 98 installiert.

Installationsvorgehen:

ASP von CD Frontpage 98 installieren (Explizit installieren, d.h ist nicht in Frontpage Installation enthalten – asp.exe starten)

ODBC-Datenquelle-Administrator ein neuer System DSN erfassen (MS Access Driver)

Unterverzeichnisse erstellen:

Wwwroot

Asp //Inhalt alle *.asp Files

Mfonline //Inhalt aller *.html Files

Mfo_db //Inhalt der Access DB

Mfo_gfx //Bilder
4. Asp Verzeichnis muss freigegeben werden "Ausführen von Skripts und Programmen"(Falls dies nicht geschieht, kommt automatisch beim Anlinken "Speichern unter..."

Da Win NT Server, musste auch zusätzlich dieses Verzeichnis für User freigegeben werden, da sonst die Fehlermeldung "HTTP 501....." beim Oeffnen einer *.asp Seite erschien.

Fertig, Netscape Navigator 4.x und IE 4.x unterstützen dies problemlos. Auch VBScript (jedoch nur Serverseitig in *.asp)

Bemerkung: Probleme könnte es nur noch geben bei Internet Explorer, falls eine *.asp Seite aus JavaScript Funktion aufgerufen wird – Error 501. Solution - *.asp aus Form direkt aufrufen, siehe Beispiel oben (auch hier kann zuerst eine Abfrage Kontrolle erledigt werden, bevor *.asp geöffnet wird).

Vorhanden sein muss auch ODBCJT32.dll

 

Visual Basic Script VBS für Serverseitige dyn. Seiten IIS

Visual Basic, wie starte ich ein Programm
 
' You can also use the return value of the Shell function.
ReturnValue = Shell("c:\EXCEL\EXCEL.EXE",1) ' Run Microsoft Excel.
AppActivate ReturnValue ' Activate Microsoft
' Excel.

VB Script für Uebergabe Abfrage

<%
response.write request.form ("feldbezeichnung")
//"feldbezeichung" ist der Name des UebergabeFeldes
%>

String trennen etc.

<% ' demonstrate all string functions
test="Hello. How are you today Student."
response.write ("test=" & test)
response.write ("mid(test,1,5)=" & mid(test,1,5))
`Hier wird einfach die ersten 5 Buchstaben geschrieben
%>

 

Datum

<%'My ASP program that formats dates
//kurzform ist
response.write now()
 
response.write "<hr>"
for counter=0 to 4
currentdate=now()
response.write "today is..." & "<br>"
response.write currentdate & "<P>"
select case counter
case 0
whichformat="vbgeneraldate"
case 1
whichformat="vblongdate"
case 2
whichformat="vbshortdate"
case 3
whichformat="vblongtime"
case 4
whichformat="vbshorttime"
end select
response.write "FormatDate(now()," & whichformat & ")="
response.write Formatdatetime(currentdate,counter) & "<P><HR>"
next%>

 

Function und Subqueries etc.

<% call query2("hello")
%>
<%
sub query2(dummystring)
................
end sub
%>

 

Neue Seite/Page öffnen

//Muss oberhalb von allem HTML Codes stehen!!!!
<%
response.redirect "http://www.medidata.ch"
%>

 

Files schreiben

<HTML>
<HEAD>
<TITLE>Working with Text Files</TITLE>
</HEAD>
<BODY BGCOLOR=#FFFFFF>
<H3>Working with Text Files</H3>
<%
Set FileObject = Server.CreateObject("Scripting.FileSystemObject")
TestFile = Server.MapPath ("/ASPSamp") & "\samples\textwork.txt"
Set OutStream= FileObject.CreateTextFile (TestFile, True, False)
OutputString = "This is a test..." & Now()
OutStream.WriteLine OutputString
Response.Write "Wrote the string '" & OutputString & "' to the file: '" & TestFile & "'<P>"
Set OutStream = Nothing
 
Response.Write "Reading from file '" & TestFile & "':<BR>"
Set InStream= FileObject.OpenTextFile (TestFile, 1, False, False)
While not InStream.AtEndOfStream
Response.Write Instream.Readline & "<BR>"
InStream.SkipLine()
Wend
Set Instream=Nothing
 
Randomize
TipNumber = Int(10 * Rnd)
 
Response.Write "<P>The Tip Number is: " & TipNumber & "<P>"
 
strtipsfile = (Server.MapPath("/advworks") + "\tips.txt")
Set InStream = FileObject.OpenTextFile (strtipsfile, 1, False, False)
While TipNumber > 0
InStream.SkipLine()
TipNumber = TipNumber-1
Wend
TipOfTheDay = Instream.ReadLine
Response.Write "The Tip of the Day is: <BR><B>" & TipOfTheDay & "</B>"
Set InStream = Nothing
%>
<BR>
<BR>
<!--#include virtual="/ASPSamp/Samples/srcform.inc"-->
</BODY>
</HTML>

 

Replace von Strings

‚leerzeichen wird durch Underscore ausgetauscht
tempOrg = Replace(tempOrg, " ", "_")

 

 

Include Files für Function etc.

‚ohne ../../ etc. sondern einfach Verzeichnis
<!--#include virtual="virtualVerzeichnis/myfile.asp"-->
 
<!--#include file="myfile.asp"-->
 
Many people use .inc as extension for files they are including. Any extension or name is fine.
 
IMPORTANT: Include files are always processed and inserted before ASP scripts on the page are calculated. Thus a page with many IFs and SELECT CASEs that
selectively include files in fact always include the file before the script begins executing.
 

Neue Seite oder Programm öffnen

<%
window.navigate ("/apps/default.html")
%>
 
Cache löschen bzw. Request löschen (d.h. keine Ansicht möglich)
 
<%Response.Expires=0%>
<html>
 
<head>
<title>Web Server Enrollment Page</title>
<meta HTTP-EQUIV="Cache-Control" CONTENT="no cache">
<meta HTTP-EQUIV="Pragma" CONTENT="no cache">
<meta HTTP-EQUIV="Expires" CONTENT="0">

 

ListBox automatisch abfüllen, beim Oeffnen einer Seite

<select NAME="Kanton_Input"
SIZE="1">
<% Set conn = Server.CreateObject("ADODB.Connection") %><% conn.Open "DSN=mfodb" ' connect to the database %><% Set rs = conn.Execute("SELECT Code, Bezeichnung FROM Kantonsbezeichnung") %><% Do While Not rs.EOF ' define the ListBox OPTIONs %> <option VALUE="<%= rs("Code") %>"> <%= rs("Bezeichnung") %> <% rs.MoveNext %> <% Loop %> <% rs.Close %> <% conn.Close %> </option>
</select>

 

Checkbox abfragen

<input type="checkbox" name="C2" value="ON">
<%
if request.form(C2) <> checked then
'wenn Kästchen aktiviert
else
'wenn Kästchen deaktiviert
end if
%>

 

Radio abfragen

<input type="radio" name="C2" checked value="freigabe">
<input type="radio" name="C2" value="sperren">
<%
if request.form(C2) = "freigabe" then
'wenn Kästchen aktiviert
else
'wenn Kästchen deaktiviert
end if
%>
 
<%
if request.form(C2) <> checked then
'wenn Kästchen aktiviert
else
'wenn Kästchen deaktiviert
end if
%>

 

Test virtual Directory

//Funktionierte Problemlos
 
<%
'Create Virtual Directory
sComputer ="localhost"
sPhyDir = "c:\testvirtual"
sVirDir = "ADSITest"
 
'Get Default Web Site Object
set websvc = GetObject("IIS://" & sComputer & "/W3svc/1")
 
'Verify by printing out ServerComment
Response.Write "Comment = " & websvc.ServerComment & "&ltbr>"
 
'Get root of Default Web Site
set vRoot = websvc.GetObject("IIsWebVirtualDir", "Root")
 
'Get Class Definition of virtual directory
Set ClassDefinition = GetObject(vRoot.Schema)
 
'Get list of mandatory properties
asMustHaves = ClassDefinition.MandatoryProperties
 
'Get list of optional properties
asMayHaves = ClassDefinition.OptionalProperties
 
i=1
%>
&lttable border=1>
&lttr>&ltth&gtClass Must Have Property</th>
&ltth&gtRoot Virtual Directory Current Value</th></tr>
<%
on error resume next
 
For Each Thing in asMustHaves
Response.Write "&lttr>&lttd>("& Cstr(i) & ") " &_
Thing & "</td>&lttd>" & vRoot.Get(Thing) &_
"</td></tr>"
i = i + 1
Next
%>
</table>
&ltbr>
&lttable border=1>
&lttr>&ltth&gtClass May Have Property</th>
&ltth&gtDefault Web Site Current Value</th></tr>
<%
i=1
For Each Thing in asMayHaves
Response.Write "&lttr>&lttd>("& CStr(i) & ") " &_
Thing & "</td>&lttd>" & vRoot.Get(Thing) &_
"</td></tr>"
i = i + 1
Next
on error goto 0
 
'Create Virtual Directory
'Param 1 is class name
'Param 2 is the new object name
Set vDir = vRoot.Create("IIsWebVirtualDir",sVirDir)
 
'Only setting two properties
vDir.AccessRead = true
vDir.Path = sPhyDir
 
'Write information back to Metabase
vDir.SetInfo
%>

 

Test Add User zu Domain

//funktionierte
<%
'Create User
 
'object.AddUser(domain, user, password, fullname, comment, expiration, group)
strDomain="MEDIDATA"
strUser="TESTStefan"
 
Set oDomain = GetObject("WinNT://" & strDomain)
Set oUser = oDomain.Create ("user", strUser)
oUser.SetInfo
 
Set oDomain=Nothing
Set oUser=Nothing
 
 
%>
Nach Certificate Mapping Suchen
//funktionierte
<%
Dim CertObj, vCert, NtAcct, NtPwd, strName, IEnabled
 
Set CertObj = GetObject("IIS://localhost/W3SVC/1/IIsCertMapper")
' Search by Windows NT account
CertObj.GetMapping 3, "MEDIDATA\SRVWISWEB_Test", vCert, NtAcct, NtPwd, strName, IEnabled
%>
 
Name = "<%= strName %>"<br>

 

Provisorisch Mapping

<%
'***********************************************
'Zusatz MediData 1998, Bosshard Stefan
'Beim Generieren des Certificates gleichzeitig automatischen Mappen des Certifikates auf NT Account!
 
Dim CertObj, vCert
'vCert = Request.ClientCertificate("Certificate")
'Standard schlägt oben aufgeführter Befehl Request.ClientCertificate ... verlangt
'Bsp. Zertifikat welcher Client automatisch immer mitschickt
'oder besser gesagt Format: -------------BEGINN CERTIFACTE------------- ...........---------------END CERTIFICATE------------
'Nachfolgend gebe ich der Variable vCert automatisch dieses Format mit, welches oben ja so oder so in ein File geschrieben wird
 
 
 
 
 
vCert = Request.Client(Certificate)
 
Set CertObj = GetObject("IIS://localhost/W3SVC/1/IIsCertMapper")
 
CertObj.CreateMapping vCert, "MEDIDATA\SRVWISWEB_Test", "admin", beschriftung, TRUE
%>

 

Mapping Automatisch

DOWNLOAD ADSI (für Mapping Client Zertifikate etc. oder für User etc.)
//Installiert auf Server am 19.08.98 !!!!!!!!!!!!!
 
Active Directory Services Interfaces 2.0
 
 
Active Directory Service Interfaces
 
Welcome to the 2.0 release of Microsoft® Active Directory Service Interfaces (ADSI) (previously, OLE Directory
Services) for Microsoft Windows NT® Server and Windows NT Workstation version 4.0 Service Pack 3 Release
(Build 1381: Service Pack 3) and Microsoft Windows® 95 operating system. ADSI makes it easy to create
directory management applications using high-level tools such as Microsoft Visual Basic®, Java, or C/C++
without having to worry about the underlying differences between the different namespaces. Download it
today!
 
Follow these easy steps to download:
 
1.Download the current ADSI 2.0 help files compatible for all versions.
2.Choose the correct version and hit the corresponding download button on the right.

Nach langem missglückten Versuchen folgendes Codes:

 

Certsrv/certenroll/md_mapping.asp
 
<%
strMachineName = "localhost" 'domain name
strObjectPath = "W3SVC/1" 'object name
 
'construct object location in IIS
strPath = "IIS://" & strMachineName & "/" & strObjectPath
Set IISObject = GetObject (strPath) 'connect to IIS metabase
%>
 
Name = "<%= IISObject.Name %>"<br>
Parent= "<%= IISObject.Parent %>"<br>
SchemaLocation = "<%= IISObject.Schema %>"<br>
Class = "<%= IISObject.Class %>"<br>
Guid = "<%= IISObject.Guid %>"<br>
ADSPath = "<%= IISObject.AdsPath %>"<br>
 
 
Immer wieder folgender Error beim Ausführen des Codes auf Server IE selber:
MK_E_SYNTAX (0x800401e4)
 
-OR-
 
Invalid Syntax
Abhilfe schuf, indem ich auf File Ebene, dem md_mapping.asp, md_admin_verarbeitung.asp den "allow anonymous" deaktiviert haben!
 
**Jetzt funktionierte es!
 
 
 
ADSI (Active Directory Services Interface) is a set of programming interfaces for accessing any data store format.
Microsoft products that currently support the ADSI programming interface are Windows NT 4.0 Server, Exchange,
IIS, and Site Server. In NT 5.0 ADSI will be the interface to the operating system and in a sense it is the replacement
for the registry. The key to ADSI is not the underlying information store but the interface layer itself. With one interface,
and one learning curve, you can access all the configuration information of the operating system. Unlike the registry
APIs, you can access ADSI from all languages or environments that supports COM.
 
 
Note: If you are executing this code from an ASP page, make sure that the logged on user has administrative rights to
IIS. Or if you are running anonymously the IUSR_MACHINENAME user must have administrative privileges.
 
Note: The web server named "1" is the default web site.
(1="Default Web Site", 2="Adminstration Web Site", and so on.)
 
//ADSI Beispiele!!!!!!!!!!!!!!!!!!!
http://www.15seconds.com/Issue/980304.htm
 
 
Example 1
For Windows NT
 
Set Object = GetObject("WinNT://15seconds" )
 
For LDAP
 
Set Object = GetObject("IIS://localhost/w3svc/1")

ADSI Features

http://www.microsoft.com/windows/downloads/contents/AdminTools/NTSADSIJava/default.asp?custarea=bus&site=nts&openmenu=&highlighteditem= //Java
 
The IIS Admin Objects are namespace providers in support of the ADSI standard for remote administration of directory service
namespaces. This provides a standard syntax for addressing IIS configuration data. The IIS namespace is composed of the IIS
Admin Objects and the metabase. The remote Internet Service Manager (HTML) for IIS uses the IIS Admin Objects.
 
You can reference one of the IIS Admin Objects by its path, which is the same as the path to the associated key in the metabase.
For example, the IIS Admin Object for the first virtual Web server on the computer named MyComputer would be addressed by
the ADSI path (ADsPath) IIS://MyComputer/W3SVC/1. The following VBScript code uses the path to the first virtual Web
server to open the IIS Admin Object associated with the metabase key for that server on the computer named MyComputer.
You can use LocalHost instead of MyComputer to access the computer on which IIS is running.
 
<%
Dim VSvrObj
Set VSvrObj = GetObject("IIS://MyComputer/W3SVC/1")
%>
 
 
 
IIsCertMapper
The IIsCertMapper object manages mapping of client certificates and Windows NT® user accounts. The client certificate is mapped to the Windows NT Account, Windows NT Password, Friendly Name, and an Enabled flag. This object is not involved in setting inheritable properties in the metabase.
 
IIsCertMapper is an ADSI object, but not an ADSI Container object. See ADSI Features for more information.
 
ADsPath
IIS://MachineName/W3SVC/n/IIsCertMapper
 
Where MachineName can be any name or "LocalHost".
 
Syntax
varReturn = IIsCertMapper.{Method}
 
Parts
varReturn
A variable that receives the return value from the method.
 
Method
The object method chosen.
Methods
ADSI Object Methods Standard methods for ADSI objects
Common Object Methods Methods, other than ADSI methods, common to all IIS Admin Objects
CreateMapping Creates a mapping between a certificate and a Windows NT® account
DeleteMapping Deletes an existing certificate mapping
GetMapping Retrieves an existing certificate mapping
SetAcct Sets a new value for the Windows NT® account string in an existing certificate mapping
SetEnabled Enables or disables an existing certificate mapping
SetName Sets a new value for the name string in an existing certificate mapping
SetPwd Sets a new value for the Windows NT® password string in an existing certificate mapping

 

CreateMapping

The CreateMapping method of the IIsCertMapper object creates a mapping between a certificate and a Windows NT® account.
 
Syntax
IIsCertMapper.CreateMapping vCert, NtAcct, NtPwd, strName, IEnabled
 
Parameters
vCert
Contains the certificate. The certificate is either a string or an array of bytes, usually obtained from the ClientCertificate collection of the built-in ASP Request object.
 
NtAcct
Contains the Windows NT account string.
 
NtPwd
Contains the password string for NtAcct.
 
strName
Contains the friendly name for the account.
 
IEnabled
Specifies True to enable the mapping, False to disable the mapping.
Code Example
<%
Dim CertObj, vCert
vCert = Request.ClientCertificate("CERTIFICATE")
Set CertObj = GetObject("IIS://..path../IIsCertMapper")
// ("IIS://srvwisweb/w3svc/n/IisCertMapper")
// n = 1, 2 oder 3 oder was auch immer - 2
CertObj.CreateMapping vCert, "MYACCT", "MYPASS", "My Name", True
%>

 

 

DeleteMapping

The DeleteMapping method of the IIsCertMapper object deletes an existing certificate mapping. Four seek methods are available to search for the mapping.
 
Syntax
IIsCertMapper.DeleteMapping IMethod, vKey
 
Parameters
IMethod
Specifies the seek method to use for searching the mappings. Valid seek methods are 1, 2, 3, or 4. Seek method 1 specifies search by certificate, seek method 2 searches by name, method 3 searches by Windows NT® account, and method 4 searches by a 1-based numeric string index (for example "1", "2", and so on).
 
vKey
Specifies the key to use in the search specified by IMethod. For seek method 1, vKey specifies a certificate. For seek method 2, vKey specifies a name. For seek method 3, vKey specifies a Windows NT account. For seek method 4, vKey specifies a numeric string index (for example, "1", "2", and so on).
Code Example
<%
Dim CertObj
Set CertObj = GetObject("IIS://..path../IIsCertMapper")
' Search by Windows NT account
CertObj.DeleteMapping 3, "MYACCT"
%>

 

Befehl ASP: Request.ClientCertificate

<%= Request.ServerVariables("Remote_User") %> <BR>
<%= Request.ServerVariables("Remote_Host") %> <BR>
<%= Request.ServerVariables("Server_Name") %> <BR>
//Issuer = Aussteller; Subject = Kunde
<%= Request.ClientCertificate("IssuerCN") %>
(O) Organization Preferably International Organization for Standardization (ISO)-registered top-level organization or company name.
(OU) Organizational Unit A department within a company, such as Marketing.
(CN) Common Name The domain name of the server, for example, www.microsoft.com.
(C ) Country Two letter ISO country designation, for example, US, FR, AU, UK, and so on.
(S) State/Province Type in the full name of the state or province, do not abbreviate. For example, Washington, Alberta, California, and so on.
 
(L) Locality Type in the full name of the city where your company is located, such as Redmond or Toronto.
 
The rule editor also supports several, non-standard subfield categories. These include the following:
 
(I) Initials.
(GN) Given Name.
(T) Title.
<%= Request.ClientCertificate("SubjectCN") %>
 
<!--#include file="cervbs.inc" -->
<%
if Request.ClientCertificate("Flags") and ceUnrecognizedIssuer then
Response.Write "Unrecognized issuer"
end if
%>
 
COOKIE (oberhalb HTML Tag)
Setzt ein neues oder überschreibt Cookie planet mit dem Wert Mars.
<% Response.Cookies("planet")="Mars"
 
oder:
Response.Cookies("planet")("sub2")="Mars2"
Response.Cookies("planet")("sub1")="Mars1"
 
Response.Cookies("Planet").Expires = "31.12.1997" //ohne dies nur für diese Session
Response.Cookies("Planet").Domain = "msn.com"
Response.Cookies("Planet").Path = "/www/home/"
Response.Cookies("Planet").Secure = FALSE
%>
 
 
Um den Wert zu erhalten:
<%= Request.Cookies("planet") %>
 
 
 
Automatisches Mapping evtl. doch möglich
 
 
DenyRequest
The DenyRequest method denies a specified request.
 
[VB] void DenyRequest(
BSTR strConfig,
long RequestId
);
 
[JAVA] void DenyRequest(
java.lang.String strConfig,
int RequestId
);
 
 
Parameters
[VB][JAVA][C++] strConfig
Points to a valid configuration string for the certificate server. See ICertConfig::GetConfig.
 
[VB][JAVA][C++] RequestId
Specifies the ID of the request to be denied.
Return Values
This method does not return a value.
 
Beispiel md_auf_disk.asp:
DenyRequest("srvwisweb", 55)
//Param1 = Servername
//Param2 = ID eines Zertifikates

 

ASP Seite aufrufen von Button

<input type="button" value="Click me!"
onClick="location.href='myasp.asp'">
 

  (c) Bosshard Stefan, Desibachstrasse 35, CH-8414 Buch am Irchel