You are 1 of 22 Active ASP Visitors
 
 
  ASP Home  |  Resources  |  Write a Review  |  My Favor-Its  |  Login
Add to Del.icio.us  Add to StumbleUpon
 


 
Resource Menu
5
Reviews
2
Favor-It
These scripts will now make variables live well beyond the page scope and make the debugging process of passing variables between pages just a memory. All scripts are really flexible and work on form elements, querystrings and cookies. Code: ASP 3.0 & VBScript




User Reviews   
   Authentic (0)  Anonymous (5) 




      
Overall Rating:
Codango PHP, ASP .NET, JSP Scripts, Resources, Reviews
Click to Read Reviews
User
Rated
    
Dangerous Injection Vulnerability    
Written by Anonymous User (#1511-157) from Sydney, Australia   (Thursday, May 21, 2009)
Strengths:   no comment  
Weaknesses:   no comment  
Details:   If you use the SetVars function in your page, then it is possible for a visitor to your website to add an input to a form (easy to do) with a name crafted such that the name contains some VBScript so that when the form is submitted the SetVars function will actually execute the VBScript that the user has injected into the page. This script is running on the server and could be used to cause damage to your application.
Review Based On:   using demo only  

I am the Author    
Written by Anonymous User (#1573-307) from UK   (Sunday, April 08, 2001)
Strengths:   no comment  
Weaknesses:   no comment  
Details:   Hi, Seems I have a few fans then... I think that giving the USA guy a hard time will not help his powers of understanding. The next version is nearly ready for release and this will put his mind at rest. If anyone would like to beta-test the new version for me, then please email ASPwiz@hotmail.com .............................HAPPY CODING!!!.........Rob

I agree    
Written by Anonymous User (#1573-307) from UK   (Sunday, April 08, 2001)
Strengths:   no comment  
Weaknesses:   no comment  
Details:   I agree with you Adam, The 'reviewer' in the USA obviously took no time to read the code. Now he's gone and proved his level of understanding of VBScript. I recommend he finds out exactly what the Execute command does. I have it on the authors authority that the next version is nearly ready for release which includes extra parameters ie. a 'debug' option and an 'ignorelist' of fields to ignore, this will address the one problem you are expereriencing Adam, as well as others. I think the code is a real breakthrough and with the next version, it should be pretty flawless.

Image submit buttons cause problems    
Written by Anonymous User (#1573-307) from Canada   (Sunday, April 08, 2001)
Strengths:   no comment  
Weaknesses:   no comment  
Details:   These functions are really really good. I did however come across a problem when the form was submitted with an image tag that had a name attribute. I think once this is addressed, I'd give it a 5 star rating. The reviewer below from the USA obviously has no grasp on what these functions are doing, otherwise the final sentence would have been omitted (Are you an ASP developer??) Can't wait for the next release. Adam.

Most don't work    
Written by Anonymous User (#1401-90) from USA   (Saturday, April 07, 2001)
Strengths:   no comment  
Weaknesses:   no comment  
Details:   These functions do not work properly, yes I tested with vbscript 5. I recommend contacting the author and telling him to stop posting code snippets which do not work properly. Trying to retieve the form values one will get the form field name = form field name, instead of form field name = form field value.



 
Sponsor
 

 

 

 
  
  Link to Us  |  About Us Advertise  |  Contact Us  |  Website Help  
Write a User Review Today!
Its Fun, Fast, and Easy!

2014 ezd.com, All rights reserved
 

Google Analytics Alternative