M0194 Web-based Programming Lanjut Session 3
M0194
Web-based Programming Lanjut
Session 3
2004 Tau Yenny, SI - Binus
Server Processes and the ASP Server
Object
Include Files and ASP
Server-side Include (SSI) Directive
The ASP Server Object
Error Handling with the Server Object
2
2004 Tau Yenny, SI - Binus
ASP #include Directive
#include instruction takes the entire content of file and insert it into the page, replacing the <!--#include..--> line.
separating script from content reduced maintenance costs
an easy way to insert information that is specific to a server connect.inc
1.
<%
2.
3.
strConnect = “SERVER=myserver;DATABASE=mydb;DRIVER={SQL SERVER}; “ _
& “UID=username;PWD=secretpassword”
4.
%>
2.
3.
4.
5.
6.
we can use connect.inc in any of our page with:
1.
<!-#include file=“ path_to_file \ connect.inc” -->
<%
….
strTheConnectionString = strConnect
….
%>
‘From include file
2004 Tau Yenny, SI - Binus
3
Include File and ASP
The #include instruction in an ASP page isn’t actually processed like a true SSI directive.
ASP recognizes as it parses the file.
ssinc.dll is used directly to carry out the SSI #include directive.
The complete page, with #include instruction replaced by the contents of the file, is then interpreted by ASP.
ASP has no control over what happens in the #include statement. To set the value of the #include instruction file reference with ASP code doesn’t work.
4
2004 Tau Yenny, SI - Binus
Include File and ASP
1.
<%
2.
‘This will *not* work
3.
strIncludeURL = Request.Form(“FileName”)
4.
%>
…
<!-#include file=“ <% = strIncludeURL %> “ -- >
This won’t work because ssinc.dll
will look for a file named
<%= strIncludeURL %> , and won’t be able to find it
5
2004 Tau Yenny, SI - Binus
Security of Include Files
ASP page on a Web server cannot be downloaded through the
Web services section of IIS without the script they content being executed.
Include files are often given the .inc or .txt file extension.
If someone discovers the path and filename of include file, they can download it without being executed as part of an ASP page by typing the URL into the Address bar.
To prevent, you may wish to give them the .asp file extension. In this case, if a user attempts to download one, it is passed to ASP first. ASP will execute any script code in the file, and only send the results.
2004 Tau Yenny, SI - Binus
6
Security of Include Files
1.
<%
2.
strConnect = “SERVER=myserver;DATABASE=mydb;DRIVER={SQL SERVER}; “ _
3.
4.
& “UID=username;PWD=secretpassword”
Response.Write vbCrlf ‘Output a carriage return character
5.
%>
The client will only receive a single carriage return and not the script code, because it’s been executed on the server by ASP.
If we don’t include the carriage return, the browser hangs waiting for a response.
7
2004 Tau Yenny, SI - Binus
Server Side Include Directives
Directive
#include
Description
Insert the contents of a specified file into the response stream being sent to the client, replacing the directive. For example:
<!-#include FILE=“usefulbits.inc” -->
This inserts the contents of the file named usefulbits.inc
into the response.
The file can be described by a relative or full path and filename combination, such as FILE=“..\scripts\myscr.inc” . It can alternatively be described using a virtual relative or absolute path using the VIRTUAL attribute, for example:
<!-#include VIRTUAL=“/mysite/usefulbits.inc” -->
<!--
#include VIRTUAL=“../../thisbits/usefulbits.inc” -->
8
2004 Tau Yenny, SI - Binus
Server Side Include Directives
Directive
#config
Description
Specifies the format that will be used for dates, times, and file sizes in following directives, and the text of the generic SSI error message that is returned to the client. For example:
9
<!-#config ERRMSG=“SSI Processing Error” -->
Sets the SSI error message text to ‘
SSI Processing Error
’.
<!--
#config TIMEFMT=“%A, %B %d %Y %H:%M:%S” -->
Sets the format for dates and times that are returned by following SSI directives .This example sets a format style of Saturday, August 14 2004
10:34:50 .
<!-#config SIZEFMT=“BYTES”-->
Sets the unit by which file size returned by following SSI directives will be calculated. This example sets the unit to bytes. The alternative value for
SIZEFMT is “ ABBREV ”, which specifies that the size calculation will return the file size in kilobytes (KB).
2004 Tau Yenny, SI - Binus
Server Side Include Directives
Directive
#echo
Description
Inserts the value of an HTTP environment variable into the response stream being sent to the client, replacing the directive. For example:
#fsize
<!--
#echo VAR=“SERVER_NAME”-->
Writes the name of the server that is executing the directive into the page.
Inserts the size of a specified file into the response stream being sent to the client, replacing the directive. For example:
<!-#fsize FILE=“Default.asp”-->
Like the #include directive, the file can alternatively be defined using a
VIRTUAL path such as:
VIRTUAL=“/mysite/usefulbits.inc” or
VIRTUAL=“../thisbits/usefulbits.inc”
2004 Tau Yenny, SI - Binus
10
Server Side Include Directives
Directive
#exec
Description
Executes a program or a shell command on the server. For example:
<!-#exec CGI=“/scripts/myapp.exe?value1=this&value2=that”-->
Executes the CGI application named myapp.exe
in the context of the Web server. It will also pass the value of the query string value1=this&value2=that to the application. The application runs in a separate memory space from the Web server.
<!-#exec CMD=“cmd.exe /C iisreset /stop”-->
Starts an instance of the specified operating system command interpreter (in this case cmd.exe), and executes the command iisreset /stop . The /C parameter instructs the command interpreter to exit automatically once the command has been executed. You must add the following entry to the Windows Registry when using the CMD version of #exec:
HKEY_LOCAL_MACHINE
\SYSTEM
\CurrentControlSet
\Services
\W3SVC
\Parameters
\SSIEnableCmdDirective
Set the value to 1 and restart the WWW service to allow the CMD token to be used in the
#exec directive. Set it to 0 to disable it and prevent unauthorized use.
11
2004 Tau Yenny, SI - Binus
Server Side Include Directives
Directive
# flastmod
Description
Insert the date and time that a specified file was last modified into the response stream being sent to the client, replacing the directive. For example:
<!-#flastmod FILE=“Default.asp” -->
Like the #include directive, the file can alternatively be defined using a
VIRTUAL path such as:
VIRTUAL=“/mysite/usefulbits.inc” or
VIRTUAL=“../thisbit/usefulbits.inc”
12
2004 Tau Yenny, SI - Binus
SSI/CGI In Action
1.
<HTML>
2.
<HEAD><TITLE>SSI Directives and The ASP Server Object</TITLE></HEAD>
3.
<BODY>
4.
<H1>SSI Directives and The ASP Server Object<HR></H1>
5.
<UL><LI><A HREF="ssi_cgi.stm">Server Side Include and CGI Statements</A></LI>
6.
7.
<LI><A HREF="ssi_exec.asp">Using the #exec Server Side Include Directive</A></LI>
<LI><A HREF="show_server.asp">Using the ASP Server Object</A></LI></UL>
8.
</BODY>
9.
</HTML>
13
2004 Tau Yenny, SI - Binus
Using the SSI/CGI Processing Directives
intro.inc
1.
2.
3.
4.
<P><DIV CLASS="subhead">Including Files with SSI</DIV>
This text has been inserted into the page using the Server-Side Include(SSI) instruction:<BR>
<!-- #include file="intro.inc" --><P>
2.
3.
4.
7.
8.
9.
ssi_cgi.stm
1.
5.
6.
10.
11.
12.
13.
<HTML>
<HEAD>
<TITLE>SSI and CGI Instructions</TITLE>
<STYLE TYPE="text/css">
.subhead {font-size=1.25em }
</STYLE>
</HEAD>
<BODY>
<!-- #include FILE="intro.inc" -->
<P><DIV CLASS="subhead">SSI Statement</DIV>
<!-- #config ERRMSG="SSI Processing Error" -->
(sets error message in case of SSI error)<BR>
<!-- #config ERRMSG="SSI Processing Error" --><P>
14
2004 Tau Yenny, SI - Binus
Using the SSI/CGI Processing Directives
14.
15.
16.
17.
ssi_cgi.stm
Details of file 'Default.asp':<BR>
<!-- #config SIZEFMT="BYTES" -->
(sets fsize to return size in bytes)<BR>
<!-- #config SIZEFMT="BYTES" -->
18.
19.
<!-- #fsize FILE="Default.asp" --> returns: <B> <!-- #fsize FILE="Default.asp" --> bytes</B><BR>
20.
21.
22.
<!-- #config TIMEFMT="%A, %B %d %Y %H:%M:%S" -->
(sets format for date/time results)<BR>
<!-- #config TIMEFMT="%A, %B %d %Y %H:%M:%S" -->
23.
24.
<!-- #flastmod FILE="Default.asp" --> returns: <B> <!-- #flastmod FILE="Default.asp" --></B><P>
25.
26.
27.
28.
29.
30.
31.
<DIV CLASS="subhead">HTTP Variables</DIV>
<!-- #echo VAR="AUTH_TYPE" --> returns: <B> <!-- #echo VAR="AUTH_TYPE" --></B><BR>
<!-- #echo VAR="AUTH_PASSWORD" --> returns: <B> <!-- #echo VAR="AUTH_PASSWORD" --></B><BR>
</BODY>
</HTML>
15
2004 Tau Yenny, SI - Binus
Using the SSI/CGI Processing Directives
This page uses all the directives we’ve looked at earlier except #exec directive
16
2004 Tau Yenny, SI - Binus
Using the #exec Directive ssi_exec.asp
1.
<HTML><HEAD>
2.
<TITLE>The SSI #exec Directive</TITLE>
3.
<STYLE TYPE="text/css">
4.
.subhead {font-size=1.25em }
5.
</STYLE></HEAD>
6.
<BODY>
7.
<H1>The SSI #exec Directive<HR></H1>
8.
<DIV CLASS="subhead">Stopping and Starting a Service</DIV>
9.
<FORM ACTION="<%=Request.ServerVariables("SCRIPT_NAME") %>" METHOD="POST">
10.
<INPUT TYPE="SUBMIT" NAME="cmdStop" VALUE=" ">
11.
12.
Stop the Microsoft Indexing Service<BR><BR>
<INPUT TYPE="SUBMIT" NAME="cmdStart" VALUE=" ">
13.
Start the Microsoft Indexing Service<BR>
14.
</FORM>
15.
<%
16.
17.
18.
19.
20.
21.
22.
%>
23.
</BODY>
24.
</HTML>
If Len(Request.Form("cmdStart")) Then
Response.Redirect("startcis.stm")
End If
If Len(Request.Form("cmdStop")) Then
Response.Redirect("stopcis.stm")
End If
2004 Tau Yenny, SI - Binus
17
Using the #exec Directive
18
2004 Tau Yenny, SI - Binus
Running #exec Directive
First, create the SSIEnableCmdDirective entry (with type DWORD) in the Registry on your Web server machine under the existing key named:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W3SVC\Parameters
And then set the value to 1, as shown below:
19
2004 Tau Yenny, SI - Binus
Running #exec Directive
Fire up the Internet Services
Manager utility and Select the directory containing the .stm files that use #exec. Then open the
Properties dialog for that directory. In the Direcory Security page click the Edit button in the
Anonymous access and authentication control section to open the Authentication Methods dialog.
Turn off the Anonymous access checkbox. If you’re not using IE, turn on the Basic authentication option to allow non-IE browsers to submit a username/password to access the pages.
2004 Tau Yenny, SI - Binus
20
Running #exec Directive
Restart the WWW service.
21
2004 Tau Yenny, SI - Binus
Running #exec Directive
To be able to see the results of starting and stopping the service, open the Service MMC snap-in and stop the Indexing Service.
22
2004 Tau Yenny, SI - Binus
Starting and Stopping the Indexing Service
23
2004 Tau Yenny, SI - Binus
Starting and Stopping the Indexing Service
startcis.stm
1.
<HTML><HEAD><TITLE>The SSI #exec Directive</TITLE></HEAD>
2.
<BODY>
3.
<H1>The SSI #exec Directive<HR></H1>
4.
<P>Processing the SSI directive:</P>
5.
<P><B><!-- #exec CMD="cmd.exe /c net start ciscv" --></B></P>
6.
<!-- #exec CMD="cmd.exe /c net start ciscv" -->
7.
<FORM ACTION="ssi_exec.asp">
8.
<INPUT TYPE="SUBMIT" NAME="cmdOK" VALUE=" ">
9.
Return to the previous page<P>
10.
</FORM>
11.
</BODY></HTML> stopcis.stm
1.
<HTML><HEAD><TITLE>The SSI #exec Directive</TITLE></HEAD>
2.
<BODY>
3.
<H1>The SSI #exec Directive<HR></H1>
4.
<P>Processing the SSI directive:</P>
5.
<P><B><!-- #exec CMD="cmd.exe /c net stop ciscv" --></B></P>
6.
<!-- #exec CMD="cmd.exe /c net stop ciscv" -->
7.
<FORM ACTION="ssi_exec.asp">
8.
<INPUT TYPE="SUBMIT" NAME="cmdOK" VALUE=" ">
9.
Return to the previous page<P>
10.
</FORM>
11.
</BODY></HTML>
24
2004 Tau Yenny, SI - Binus
ASP Server Object
The Properties of the Server Object
Property Description
ScriptTimeout Integer . Default = 90.
Sets or returns the number of seconds that script in the page can execute for before the server aborts page execution and reports an error.
This automatically halts and removes from memory pages that contain errors that may lock execution into a loop, or those that stall while waiting for a resource to become available. This prevents the server becoming overloaded with badly behaved pages. You may need to increase this value for pages that do take a long time to run.
25
2004 Tau Yenny, SI - Binus
26
ASP Server Object
The Methods of the Server Object
Method Description
CreateObject(“ identifier ”) Creates an instance of the object (a component, application or scripting object) that is identified by “ identifier
”, and return a reference to it that can be used in our code. Can be used in the global.asa
page of a virtual application to create objects with session-level or application-level scope. The object can be identified by its ClassID such as “{clsid:BD96C556-65A3…37A9}” or by a ProgID string such as “ADODB.Connection”.
Execute(“ url ”) Stops executing of the current page and transfer control to the page specified in “ url ”. The user’s current environment is carried over to the new page. After that page has finished execution, control passes back to the original page and execution resumes at the statement after the Execute method call.
GetLastError( ) Returns a reference to an ASPError object that holds details of the last error that occurred within the ASP processing of the page. The information exposed by the ASPError object includes the file name, line number, error code, etc.
2004 Tau Yenny, SI - Binus
27
ASP Server Object
The Methods of the Server Object
Method Description
HTMLEncode(“ string ”) Returns a string that is a copy of the input value “string” but with all non-legal HTML characters
– such as ‘<‘. ‘>’, ‘&’, and double quotes
– converted into the equivalent HTML entity – i.e.
< ,
> , & , " , etc.
MapPath(“ url ”) Returns the full physical path and filename of the file or resource specified in “ url
”.
Transfer(“ url ”)
URLEncode(“ string ”)
Stops execution of the current page and transfers control to the page specified in “ url ”. The user’s current environment (i.e. session state and any current transaction state) is carried over to the new page. Unlike the Execute method, execution doesn’t resume in the original page, but ends when the new page has completed executing.
Return a string that is a copy of the input value “ string ” but with all characters that are not valid in a URL
– such as ‘
?
’, ‘
&
’ and spaces
– converted into the equivalent URL entity – i.e. ‘
%3F
’, ‘
%26
’, and
‘
+
’.
2004 Tau Yenny, SI - Binus
Creating Object Instances
VBScript supports CreateObject and GetObject methods.
CreateObject method takes as its argument a ClassID or (more usually) a ProgID string, and returns a new object of that type:
Set objNewObject = CreateObject(“ADODB.Connection”)
GetObject method is normally used when we have a document of a specific type, and we want to create an instance of an object that can handle this type of document:
Set objExcel = getObject(“C:\myfiles\sales.xlw”)
We can also specify the type of object that we want as well as a filename, which is useful if we have several objects that can handle that document type:
Set objExcel = getObject(“C:\myfiles\sales.xlw”, “Excel.Application”)
2004 Tau Yenny, SI - Binus
28
Creating Object Instances
JScript has getObject , which works like the
VBScript version.
JScript implements a function that works in the same way as VBScript CreateObject method, named ActiveXObject .
objNewObject = new ActiveXObject(“This.Object”);
29
2004 Tau Yenny, SI - Binus
1.
2.
<HTML>
<HEAD> <TITLE>The Server Object</TITLE> </HEAD>
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
15.
16.
17.
18.
19.
<BODY>
<H2>The ASP Server Object<HR></H2>
<%
Quot = Chr(34)
If Len(Request.Form("cmdCreate")) Then strObjectName = Request.Form("txtObjectName")
On Error Resume Next 'Turn off default error handling
Set objObject = Server.CreateObject(strObjectName)
On Error Goto 0
If IsObject (objObject) Then
Response.Write "<B>Results:</B><BR>Successfully created object of " _
& "<B>" & Quot & strObjectName & Quot & "</B><HR>"
Else
Response.Write "<B>Results:</B><BR>Failed to create object of " _
& "<B>" & Quot & strObjectName & Quot & "</B><HR>"
End If
End If
24.
25.
26.
27.
20.
21.
22.
23.
If Len(Request.Form("cmdExecute")) Then strPath = Request.Form("txtExecute")
Response.Write "Currently executing the page: <B>" _
& Request.ServerVariables("SCRIPT_NAME") & "</B><BR>"
Server.Execute (strPath)
Response.Write "Currently executing the page: <B>" _
& Request.ServerVariables("SCRIPT_NAME") & "</B><BR><BR>"
End If show_server.asp
2004 Tau Yenny, SI - Binus
30
36.
37.
38.
39.
30.
31.
32.
33.
34.
35.
If Len(Request.Form("cmdTransfer")) Then strPath = Request.Form("txtTransfer")
Response.Write "Currently executing the page: <B>" _
& Request.ServerVariables("SCRIPT_NAME") & "</B><BR>"
Server.Transfer(strPath)
End If
If Len(Request.Form("cmdGetLastError")) Then
Dim arrThis(3) arrThis(4) = "Causes an error"
End If
40.
41.
42.
43.
44.
45.
If Len(Request.Form("cmdMapPath")) Then strValue = Request.Form("txtMapPath")
Response.Write "<B>Results:</B><BR>Server.MapPath(" & Quot & strValue _
& Quot & ") returned <B>" & Quot & Server.MapPath(strValue) _
& Quot & "</B><HR>"
End If
50.
51.
52.
53.
46.
47.
48.
49.
If Len(Request.Form("cmdHTMLEncode")) Then strValue = Request.Form("txtHTMLEncode") strResult = Server.HTMLEncode(strValue) strDisplay = Server.HTMLEncode(strResult)
Response.Write "<B>Results:</B><BR>Server.HTMLEncode (" & Quot & strResult _
& Quot & ") returned<BR><B>" & Quot & strDisplay & Quot _
& "</B><HR>"
End If show_server.asp
2004 Tau Yenny, SI - Binus
31
61.
62.
63.
54.
55.
56.
57.
58.
59.
60.
67.
68.
69.
70.
71.
64.
65.
66.
72.
73.
74.
%>
If Len(Request.Form("cmdURLEncode")) Then strValue = Request.Form("txtURLEncode")
Response.Write "<B>Results:</B><BR>Server.URLEncode (" & Quot & strValue _
& Quot & ") returned<BR><B>" & Quot & Server.URLEncode (strValue) & Quot _
& "</B><HR>"
End If
32
<BIG>Property Value</BIG><BR>
<% Response.Write "Server.Timeout = <B>" & Server.ScriptTimeout & "</B></P>“ %>
<FORM ACTION="<%=Request.ServerVariables("SCRIPT_NAME") %>" METHOD="POST">
<BIG>Create an Instance of a Component</BIG><BR>
<INPUT TYPE="SUBMIT" NAME="cmdCreate" VALUE=" ">
Server.CreateObject(“ <INPUT TYPE="TEXT" NAME="txtObjectName" VALUE="">")<BR><BR>
<BIG>Execute Another ASP Page</BIG><BR>
<INPUT TYPE="SUBMIT" NAME="cmdExecute" VALUE=" ">
Server.Execute(“ <INPUT TYPE="TEXT" NAME="txtExecute" VALUE="">")<BR>
<INPUT TYPE="SUBMIT" NAME="cmdTransfer" VALUE=" ">
Server.Transfer(“ <INPUT TYPE="TEXT" NAME="txtTransfer" VALUE="">")<BR><BR>
<BIG>Get ASP Error Details</BIG><BR>
<INPUT TYPE="SUBMIT" NAME="cmdGetLastError" VALUE=" ">
Server.GetLastError()<BR><BR> show_server.asp
2004 Tau Yenny, SI - Binus
83.
84.
85.
86.
87.
88.
78.
79.
80.
81.
82.
<BIG>Miscellaneous Methods</BIG><BR>
<INPUT TYPE="SUBMIT" NAME="cmdMapPath" VALUE=" ">
Server.MapPath(“ <INPUT TYPE="TEXT" NAME="txtMapPath" VALUE="" SIZE="30">")<BR>
<INPUT TYPE="SUBMIT" NAME="cmdHTMLEncode" VALUE=" ">
Server.HTMLEncode(“ <INPUT TYPE="TEXT" NAME="txtHTMLEncode" VALUE="" SIZE="30">")<BR>
<INPUT TYPE="SUBMIT" NAME="cmdURLEncode" VALUE=" ">
Server.URLEncode(“ <INPUT TYPE="TEXT" NAME="txtURLEncode" VALUE="" SIZE="30">")<BR>
<BR>
</FORM>
</BODY>
</HTML>
33 show_server.asp
2004 Tau Yenny, SI - Binus
ASP Server Object
34
2004 Tau Yenny, SI - Binus
The CreateObject Method of the Server
Object
Quot = Chr(34)
If Len(Request.Form("cmdCreate")) Then strObjectName = Request.Form("txtObjectName")
On Error Resume Next 'Turn off default error handling
Set objObject = Server.CreateObject(strObjectName)
On Error Goto 0
If IsObject (objObject) Then
Response.Write "<B>Results:</B><BR>Successfully created object of " _
& "<B>" & Quot & strObjectName & Quot & "</B><HR>"
Else
Response.Write "<B>Results:</B><BR>Failed to create object of " _
& "<B>" & Quot & strObjectName & Quot & "</B><HR>"
End If
End If
35
2004 Tau Yenny, SI - Binus
Executing Other Pages
If Len(Request.Form("cmdExecute")) Then strPath = Request.Form("txtExecute")
Response.Write "Currently executing the page: <B>" _
& Request.ServerVariables("SCRIPT_NAME") _
& "</B><BR>"
Server.Execute (strPath)
Response.Write "Currently executing the page: <B>" _
& Request.ServerVariables("SCRIPT_NAME") _
& "</B><BR><BR>"
End If
36
2004 Tau Yenny, SI - Binus
Executing Other Pages
If Len(Request.Form("cmdTransfer")) Then strPath = Request.Form("txtTransfer")
Response.Write "Currently executing the page: <B>" _
& Request.ServerVariables("SCRIPT_NAME") & "</B><BR>"
Server.Transfer(strPath)
End If
Another_Page.asp
5.
6.
7.
1.
2.
3.
4.
<%@ LANGUAGE=VBSCRIPT%>
<HR>
Currently executing the page: <B>Another_Page.asp</B><BR>
However the value of
<B>Request.ServerVariables("SCRIPT_NAME")</B> is still<BR>
<B><% =Request.ServerVariables("SCRIPT_NAME") %></B> because the <B>Request</B> collection hold</BR> the same values as they had in the page that executed this one.<BR>
8.
9.
10.
11.
12.
<FORM ACTION="<% =
Request.ServerVariables("HTTP_REFERER") %>"
METHOD="POST">
<INPUT TYPE="SUBMIT" NAME="cmdOK"
VALUE=" ">
Return to the Previous Page<P>
</FORM>
<HR>
2004 Tau Yenny, SI - Binus
37
Error Handling with the Server Object
38
Properties of the ASPError Object
Property Description
ASPCode Integer . The error number generated by ASP/IIS such as 0x800A0009.
ASPDescription String. A detailed description of the error if it is ASP-related.
Category
Column
Description
File
Line
Number
Source
String. The source of the error, i.e. internal to ASP, the scripting language, or an object.
Integer . The character position within the file that generated the error.
String. A short description of the error.
String. The name of the file that was being processed when the error occurred.
Integer . The number of the line within the file that generated the error.
Integer . A standard COM error code.
Integer . The actual code, where available, of the line that caused the error.
2004 Tau Yenny, SI - Binus
Error Page Mapping in IIS
In Internet Services
Manager, right click on the directory for which you want to edit mappings, and select
Properties.
39
2004 Tau Yenny, SI - Binus
Error Page Mapping in IIS
In the Custom Errors page of the
Properties dialog is a list of the default mapping set up when IIS is installed (unless, of course you’ve already changed any).
Near the bottom of the list an entry for HTTP error 500:100. These are the generic errors such as Invalid
Application, Server Shutting Down, etc. However, the 500:100 error occurs specifically when ASP loads a page that contains a syntax error.
The default mapping shown the page named 500-100.asp will be executed when such error occurs.
2004 Tau Yenny, SI - Binus
40
Specifying a Custom Error Page
Click the Edit Properties button in the Custom Errors page to open the Error Mapping Properties dialog.
Select URL in the message Type drop-down list, and type the full virtual path to your own custom error page.
41
2004 Tau Yenny, SI - Binus
4.
5.
6.
1.
2.
3.
Using the GetLastError Method and the
ASPError Object
<%
Response.Status = "500 Internal Server Error"
Set objASPError = Server.GetLastError()
%>
Currently executing the page: <B>show_error.asp</B><P>
<B>Error Details:</B><BR>
7.
8.
9.
10.
11.
12.
13.
14.
15.
16.
ASPError.ASPCode = <% = objASPError.ASPCode %><BR>
ASPError.Number = <% = objASPError.Number %><BR>
(0x<% =Hex(objASPError.Number) %>)<BR>
ASPError.Source = <% = Server.HTMLEncode(objASPError.Source) %><BR>
ASPError.Category = <% = objASPError.Category %><BR>
ASPError.File = <% = objASPError.File %><BR>
ASPError.Line = <% = objASPError.Line %><BR>
ASPError.Column = <% = objASPError.Column %><BR>
ASPError.Description = <% = objASPError.Description %><BR>
ASPError.ASPDescription = <% = objASPError.ASPDescription %><BR>
17.
18.
19.
20.
<FORM ACTION="<% = Request.ServerVariables("HTTP_REFERER") %>" METHOD="POST">
<INPUT TYPE="SUBMIT" NAME="cmdOK" VALUE=" ">
Return to the Previous Page<P>
</FORM> show_error.asp
2004 Tau Yenny, SI - Binus
42
Using the GetLastError Method and the
ASPError Object
43
If Len(Request.Form("cmdGetLastError")) Then
Dim arrThis(3) arrThis(4) = "Causes an error"
End If
2004 Tau Yenny, SI - Binus
Getting Path Information with the Server
Object
If Len(Request.Form("cmdMapPath")) Then strValue = Request.Form("txtMapPath")
Response.Write "<B>Results:</B><BR>Server.MapPath(" & Quot & strValue _
& Quot & ") returned <B>" & Quot & Server.MapPath(strValue) _
& Quot & "</B><HR>"
End If
44
2004 Tau Yenny, SI - Binus
The HTMLEncode Method of the Server
Object
If Len(Request.Form("cmdHTMLEncode")) Then strValue = Request.Form("txtHTMLEncode") strResult = Server.HTMLEncode(strValue) strDisplay = Server.HTMLEncode(strResult)
Response.Write "<B>Results:</B><BR>Server.HTMLEncode (" & Quot & strResult _
& Quot & ") returned<BR><B>" & Quot & strDisplay & Quot _
& "</B><HR>"
End If
45
2004 Tau Yenny, SI - Binus
Formatting Data with the Server Object
<
&
©
Character
HTML Entity
Equivalent
<
&
©
>
“
®
Character
HTML Entity
Equivalent
>
"
®
Notice that the last of the example, the registered trademark symbol, is a numeric value preceded with the ‘#’ character, rather than a text abbreviation of the meaning (like copy for the copyright symbol).
All character with ANSI code value greater than 126 can be represented in HTML as the ANSI code of the character in decimal, prefixed with &# and suffixed with a semi-colon . So the
½
(one half) character has an entity equivalent of ½ .
46
2004 Tau Yenny, SI - Binus
The URLEncode Method of the Server
Object
If Len(Request.Form("cmdURLEncode")) Then strValue = Request.Form("txtURLEncode")
Response.Write "<B>Results:</B><BR>Server.URLEncode (" & Quot & strValue _
& Quot & ") returned<BR><B>" & Quot & Server.URLEncode (strValue) & Quot _
& "</B><HR>"
End If
47
2004 Tau Yenny, SI - Binus
Formatting Data for URLs
Character HTTP/URL Replacement Character HTTP/URL Replacement
;
:
[
/
)
(
&
#
$
%
!
‘ space +
%27
%21
%23
%24
%25
%26
%28
%29
%2F
%3A
%3B
%5B
\
]
^
|
`
{
<
=
}
+
>
Chr(10)
Chr(13)
%5C
%5D
%5E
%60
%7B
%7C
%7D
%2B
%3C
%3D
%3E ignored
%0D
48
2004 Tau Yenny, SI - Binus
