Snitz Forums 2000
Snitz Forums 2000
Home | Profile | Register | Active Topics | Members | Search | FAQ
Username:
 Password:
Save Password
Forgot your Password?

 All Forums
 Snitz Forums 2000 MOD-Group
 MOD Add-On Forum (W/Code)
 Password Salting - Updated 1-17-08		  New Topic  Reply to Topic
 Printer Friendly
Previous Page | Next Page
Author Previous Topic Topic Next Topic
Page: of 4

Shaggy
Support Moderator

Ireland
6780 Posts
Posted - 05 March 2008 :  04:03:28  Show Profile  Reply with Quote
Using server.mappath would be a much better solution to this.

<
Search is your friend
“I was having a mildly paranoid day, mostly due to the
fact that the mad priest lady from over the river had
taken to nailing weasels to my front door again.”
Go to Top of Page

muzishun
Senior Member

United States
1079 Posts
Posted - 05 March 2008 :  09:09:34  Show Profile  Visit muzishun's Homepage  Reply with Quote
Good point. I'm planning to update the readme for this MOD this afternoon, so I'll change that line to use server.mapppath when I do.<
Bill Parrott
Senior Web Programmer, University of Kansas
Co-Owner and Code Monkey, Eternal Second Designs (www.eternalsecond.com)
Personal Website (www.chimericdream.com)
Go to Top of Page

leesh695
Junior Member

101 Posts
Posted - 07 March 2008 :  14:47:48  Show Profile  Reply with Quote
I got this when I uploaded the new files.

Microsoft VBScript compilation error '800a0414'

Cannot use parentheses when calling a Sub

/forum/forum/inc_header.asp, line 195

UpdateSaltedPassword(strDBNTFUserName, MemberID, strEncodedPassword)
--------------------------------------------------------------------^
<
Go to Top of Page

leesh695
Junior Member

101 Posts
Posted - 09 March 2008 :  13:59:42  Show Profile  Reply with Quote
Anyideas on this? I would really like to implent this mod

I cant seem to work it out and I dont want to change to much incase I destroy everyones password <
Edited by - leesh695 on 09 March 2008 14:00:03
Go to Top of Page

AnonJr
Moderator

United States
5768 Posts
Posted - 10 March 2008 :  13:54:09  Show Profile  Visit AnonJr's Homepage  Reply with Quote
Just a random thought, but what version of VBScript is running on your server? I ask ony because its odd that no one else has had this issue before...<
Go to Top of Page

leesh695
Junior Member

101 Posts
Posted - 10 March 2008 :  15:52:09  Show Profile  Reply with Quote
ASP.Net Runtime Version: 2.0
IIS Version: IIS 6.0

If your asking about somthing else can you tell me how to find out?<
Edited by - leesh695 on 10 March 2008 15:58:06
Go to Top of Page

AnonJr
Moderator

United States
5768 Posts
Posted - 10 March 2008 :  16:39:45  Show Profile  Visit AnonJr's Homepage  Reply with Quote
Snitz uses Classic ASP, not .NET... I was looking for the version of VBScript your server had installed. One way to find out:

*All I've got handy is a highly modified version of Snitz, so I can only give you an approximation of what you'll see and what you should add...

Look for a code block that looks something like*:
for each key in Request.ServerVariables
	Response.Write "<tr>" & _
	"<td class=""putc"" valign=""top""><b>" & key & "</b></td>" & _
	"<td class=""putc"" style=""font-family:courier"">"
	if Request.ServerVariables(key) = "" then
		Response.Write " "
	else
		Response.Write Request.Servervariables(key)
	end if 
	Response.Write "</td>" & _
	"</tr>"
next


After that and before this:
if blnDisplay = True then
	'## Code below added to show general ADO/Database Information
	Response.Write "<tr>" & _
	"<td class=""hcc hfc c"" colspan=""2""><b>Database Connection Properties</b></td>" & _
	"</tr>"
	for each item in my_Conn.Properties
		Response.Write "<tr>" & _
		"<td class=""putc"" valign=""top""><b>" & item.name & "</b></td>" & _
		"<td class=""putc"" style=""font-family:courier"">"
		if item.value = "" then
			Response.Write " "
		else
			Response.Write	item.value
		end if
		Response.Write "</td>" & _
		"</tr>"
	next
	'## Code above added to show general ADO/Database Information
end if



Add this:
'Write out the VBScript Version
Response.Write("<tr class=""putc"">" & vbNewLine & _
				"<td valign=""top"" class=""l""><b>Scripting Engine:</b></td>" & _
				"<td class=""putc l"" style=""font-family:courier"">" & _
				ScriptEngine & " v" & ScriptEngineMajorVersion & "." & ScriptEngineMinorVersion & " build " & ScriptEngineBuildVersion & _
				"</td>" & vbNewLine & "</tr>" & vbNewLine)



All told, mine looks like this:
for each key in Request.ServerVariables
	Response.Write "<tr>" & _
	"<td class=""putc"" valign=""top""><b>" & key & "</b></td>" & _
	"<td class=""putc"" style=""font-family:courier"">"
	if Request.ServerVariables(key) = "" then
		Response.Write " "
	else
		Response.Write Request.Servervariables(key)
	end if 
	Response.Write "</td>" & _
	"</tr>"
next

'Write out the VBScript Version
Response.Write("<tr class=""putc"">" & vbNewLine & _
				"<td valign=""top"" class=""l""><b>Scripting Engine:</b></td>" & _
				"<td class=""putc l"" style=""font-family:courier"">" & _
				ScriptEngine & " v" & ScriptEngineMajorVersion & "." & ScriptEngineMinorVersion & " build " & ScriptEngineBuildVersion & _
				"</td>" & vbNewLine & "</tr>" & vbNewLine)

if blnDisplay = True then
	'## Code below added to show general ADO/Database Information
	Response.Write "<tr>" & _
	"<td class=""hcc hfc c"" colspan=""2""><b>Database Connection Properties</b></td>" & _
	"</tr>"
	for each item in my_Conn.Properties
		Response.Write "<tr>" & _
		"<td class=""putc"" valign=""top""><b>" & item.name & "</b></td>" & _
		"<td class=""putc"" style=""font-family:courier"">"
		if item.value = "" then
			Response.Write " "
		else
			Response.Write	item.value
		end if
		Response.Write "</td>" & _
		"</tr>"
	next
	'## Code above added to show general ADO/Database Information
end if


You'll probably need to adjust as I've CSS'd my forum so its not quite set up for a vanilla install.

This adds an extra entry to the "Server Information" option on the Admin. page.

Having said all that, if you're using IIS 6, it shouldn't be an issue now that I think about it...<
Edited by - AnonJr on 10 March 2008 16:43:37
Go to Top of Page

muzishun
Senior Member

United States
1079 Posts
Posted - 10 March 2008 :  17:03:14  Show Profile  Visit muzishun's Homepage  Reply with Quote
Sorry for the lack of responses on this lately. I genuinely am hoping to get some work done on this in the very near future. I *was* having some spare time at work lately, but that is totally gone, and my partner and I are up to our eyeballs in client projects right now. I'll try to take a look in the next couple of days and see if I can address whatever's going on.<
Bill Parrott
Senior Web Programmer, University of Kansas
Co-Owner and Code Monkey, Eternal Second Designs (www.eternalsecond.com)
Personal Website (www.chimericdream.com)
Go to Top of Page

richfed
Average Member

United States
999 Posts
Posted - 15 March 2008 :  12:59:29  Show Profile  Visit richfed's Homepage  Reply with Quote
quote:
Originally posted by leesh695

Anyideas on this? I would really like to implent this mod

I cant seem to work it out and I dont want to change to much incase I destroy everyones password


I am getting that same error ... SQL Server<
Edited by - richfed on 15 March 2008 13:21:04
Go to Top of Page

richfed
Average Member

United States
999 Posts
Posted - 17 March 2008 :  06:10:41  Show Profile  Visit richfed's Homepage  Reply with Quote
THIS is why I would like, very much, to install this MOD: http://forum.snitz.com/forum/topic.asp?whichpage=0.6&TOPIC_ID=66574#376221<
Go to Top of Page

AnonJr
Moderator

United States
5768 Posts
Posted - 17 March 2008 :  12:27:49  Show Profile  Visit AnonJr's Homepage  Reply with Quote
Password salting doesn't prevent someone from guessing the password. It just makes it harder to use a rainbow table or other form of brute force against the hash.<
Go to Top of Page

phy1729
Average Member

USA
589 Posts
Posted - 23 March 2008 :  10:48:35  Show Profile  Reply with Quote
To those having the error 800a0414: This says to try 
CALL UpdateSaltedPassword(strDBNTFUserName, MemberID, strEncodedPassword)

Fix first posted in: 66705<
Go to Top of Page

modifichicci
Average Member

Italy
787 Posts
Posted - 24 March 2008 :  08:30:34  Show Profile  Visit modifichicci's Homepage  Reply with Quote
once inc_pwsalt.asp will be created in a dir with permission, it is possible to move it to forum dir? No more file scripting needed on it?
This is because some servers have limited upload permission ..<
Ernia e Laparocele
Forum di Ernia e Laparocele
Acces - MySql Migration Tutorial
Adamantine forum
Go to Top of Page

muzishun
Senior Member

United States
1079 Posts
Posted - 24 March 2008 :  14:01:58  Show Profile  Visit muzishun's Homepage  Reply with Quote
I've generally created the inc_pwsalt.asp in the same directory as my forum, but once you have created it, you may move it around your server as you please.<
Bill Parrott
Senior Web Programmer, University of Kansas
Co-Owner and Code Monkey, Eternal Second Designs (www.eternalsecond.com)
Personal Website (www.chimericdream.com)
Go to Top of Page

modifichicci
Average Member

Italy
787 Posts
Posted - 24 March 2008 :  14:03:50  Show Profile  Visit modifichicci's Homepage  Reply with Quote
thanks i think i will try it in next weeks<
Ernia e Laparocele
Forum di Ernia e Laparocele
Acces - MySql Migration Tutorial
Adamantine forum
Go to Top of Page
Page: of 4 Previous Topic Topic Next Topic  
Previous Page | Next Page
 New Topic  Reply to Topic
 Printer Friendly
Jump To:
Snitz Forums 2000 © 2000-2021 Snitz™ Communications Go To Top Of Page
This page was generated in 0.1 seconds. Powered By: Snitz Forums 2000 Version 3.4.07