ASP Classic Active Server Pages IIS Servers
I've been programming ASP SQL for just about 17 years now. Still have my IIS 2.0 with my Visual Basic books that guided me down the path of ASP programming. (I also have Java, .Net, but I enjoy the long winded left to right top to bottom coding that my ASP offers.)
In this section I'll be offering my examples of how I do things.
If you're one of those asking the question "Should I upgrade or change my programming from ASP to ASP.Net or PHP"?
About 7 years ago I asked the same question and setup my first PHP and .Net sites. I still have 2 or 3 .Net sites online but I've returned to the ASP Classic programming from NOTEPAD++ . No need to purchase anything to program in ASP and really the learning is all about your creative talents. If you can read "Left to Right, Top to Bottom" and remember that all exploits start with you then you're on your way to being a good programmer of ASP. From what I have read I have another 10 + years of programming and I'll be challenging the newer software programmers in Web and Mobile Web based apps to come up with something that's impossible to do in ASP Classic. (Be nice and I'll share with you how it's done on IIS servers.)
Every programmer is different and if there is one thing I have learned from programming in ASP Classic is you are only limited by 2 things.
- Your Servers Memory.
- Your Creativity.
It's not easy to know if you're doing things right when their is really no set rules.
If you need help contact me.
If you have inherited ASP Code and are building a new environment that doesn't include ASP Classic on IIS 7+ send me a detailed project description that's under 250 words. What I offer is a side by side site setup so you can make sure your new code has everything your old code has. I'll be glad to help for a fee ($) if you need me to do all the work and offer my servers.
Yes, I can provide you with several very large websites that I have programmed and still have online today. One of my oldest is 17 years and the newest just under 1 year.
Without debating the best practices of ASP programming I'll stick to what I do and what I know has been working for me and let you debate if you should DIM every variable or if you should never do something because someone else said it was dangerous.
The articles are setup so I can field some questions.
If you are a .Net programmer and have inherited some mixed VB with ASP and everything seems to have MM in front of it your in the middle of the first years of outsourcing to India.
I'm not sure why but years ago some developers thought it would be wise to use a programming method that required you to have a notebook of cipher text and symbols.
Let me layout my first rule.
- Always host your own ASP Classic IIS Server.
Now your first issue of Memory has been resolved.
- Learn to Cache Dynamic and Static pages in your IIS server.
My first tip:
- Don't listen to those that say your pages are too long.
Ok, lesson one, make your code read from left to right, top to bottom and make it a storybook that you enjoy.
One of the hardest things is picking up someone else's code that was coded in a weird almost over the top geeky I'm going to jump on a comets tail type of weird.
Don't encode your Variables.
str = String
strA = String with an A
strMurray = String with Murray
str1 = String with the number 1
Now, what I mean by not encoding your var's is don't use some crap method of
mmX2231 = mm which only you know, X is the column or table I think and 2231 is... Holly crap batman, this isn't a string, it's not an array it's just some damn coder that things mmX is a good replacement for str.
Remember your History of Programming. str = String , arr = Array , blah blah blah..
I have a cheat sheet for you but if you search, "Visual Basic command references" and "ASP Classic Command references" you should find a few things that will help you right now.
Now, let's get going... Lesson Number One. SQL Injection .. Learning how to do it will make it harder for you to justify using anything related to a database... (joking...)
I'm Out of Retirement and Programming in ASP Classic until 2021 or something like that.
I am picking up Python, very similar to my Computer programming of the 80's with a touch of VB in the mix should be a walk in the park. Only if I can create my own sub routines and get away from that "In a BOX" programming style that was created for Boxed People.
Monday Mar 9 2015
CDO.Message, you know how to use it, you have had it since the 90's and now you can actually make it secure. Force TLS via you firewall to your email server without rollback unsecured port 25 connection options. Sometimes software vendors need to just listen and allow us hard coding rules. But when they don't, find a different software vendor that does.
Friday Jan 30 2015
Have you ever wanted to get a message to a person that repeats over and over the same thing causing your inbox to flood with "Why isn't your website working?" Huh? My Website? Let me make this very clear, your typing the wrong name and it's not my website that's redirecting you because you use a search toolbar from My Smile's or something. Not just that, when you need to tell a person their email is not going to work and you're done with it
Thursday Jan 8 2015
The ASP Classic Cookie Code is some of the easiest to overlook when building your ASP ... Wait a minute, you're not still building in ASP Classic are you? Well, let's start with the Cookie Code that will be used over and over within your ASP Classic website. Be sure to offer different visitors different settings. I disapprove of cookies that are set for more than 14 days and really don't return to sites with unlimited time on cookies. Cookies are to enhance the interaction with your website first!
Saturday Dec 20 2014
ASP SQL Injection Part I - Encode and Decode it is still about SQL Injection and when you see what you can do with URL Encode and URL Decode you can start down the path of Encoding and Decoding your URL strings to have a safer, more search engine friendly Dynamic ASP website and ... Ok, all the jazz included let's just work on the SQL Injection side of things before I show you how to really be creative with URL encoding as a SEO method.
Saturday Dec 20 2014
ASP SQL Injection Intro then ASP SQL Encode - Decode is finished now we enter the room and look around to find the QueryString Var Split function. How you take your SQL INjection Protection to the next level. I haven't started the Salting process to keep it simple, but it's coming soon. We need to do this next split the var carefully so we don't spend the Holiday's debugging.
Saturday Dec 20 2014
ASP SQL Checksum to Length of String. It is that time, let's count the characters of our string, add a digit or two then mix them up to split them out.. I did say split them out into a pre-defined pattern that only our decode knows. Well, you might think that but anyway, it is time to measure our strings to keep us safer.