View
216
Download
0
Tags:
Embed Size (px)
Citation preview
2004 Tau Yenny, SI - Binus
M0194 Web-based Programming Lanjut
Session 3
2004 Tau Yenny, SI - Binus
2
Server Processes and the ASP Server Object Include Files and ASP Server-side Include (SSI) Directive The ASP Server Object Error Handling with the Server Object
2004 Tau Yenny, SI - Binus
3
ASP #include Directive
#include instruction takes the entire content of file and insert it into the page, replacing the <!--#include..--> line. separating script from content reduced maintenance costs an easy way to insert information that is specific to a server
1. <%
2. strConnect = “SERVER=myserver;DATABASE=mydb;DRIVER={SQL SERVER}; “ _
3. & “UID=username;PWD=secretpassword”
4. %>
1. <!-- #include file=“path_to_file\connect.inc” -->
2. <%
3. ….
4. strTheConnectionString = strConnect ‘From include file
5. ….
6. %>
connect.inc
we can use connect.inc in any of our page with:
2004 Tau Yenny, SI - Binus
4
Include File and ASP
The #include instruction in an ASP page isn’t actually processed like a true SSI directive.
ASP recognizes as it parses the file.
ssinc.dll is used directly to carry out the SSI #include directive.
The complete page, with #include instruction replaced by the contents of the file, is then interpreted by ASP.
ASP has no control over what happens in the #include statement. To set the value of the #include instruction file reference with ASP code doesn’t work.
2004 Tau Yenny, SI - Binus
5
Include File and ASP
This won’t work because ssinc.dll will look for a file named <%= strIncludeURL %>, and won’t be able to find it
1. <%
2. ‘This will *not* work
3. strIncludeURL = Request.Form(“FileName”)
4. %>
…
<!-- #include file=“ <% = strIncludeURL %> “ -- >
2004 Tau Yenny, SI - Binus
6
Security of Include Files
ASP page on a Web server cannot be downloaded through the Web services section of IIS without the script they content being executed.
Include files are often given the .inc or .txt file extension.
If someone discovers the path and filename of include file, they can download it without being executed as part of an ASP page by typing the URL into the Address bar.
To prevent, you may wish to give them the .asp file extension. In this case, if a user attempts to download one, it is passed to ASP first. ASP will execute any script code in the file, and only send the results.
2004 Tau Yenny, SI - Binus
7
Security of Include Files
The client will only receive a single carriage return and not the script code, because it’s been executed on the server by ASP.
If we don’t include the carriage return, the browser hangs waiting for a response.
1. <%
2. strConnect = “SERVER=myserver;DATABASE=mydb;DRIVER={SQL SERVER}; “ _
3. & “UID=username;PWD=secretpassword”
4. Response.Write vbCrlf ‘Output a carriage return character
5. %>
2004 Tau Yenny, SI - Binus
8
Server Side Include Directives
Directive Description
#include Insert the contents of a specified file into the response stream being sent to the client, replacing the directive. For example:
<!-- #include FILE=“usefulbits.inc” -->
This inserts the contents of the file named usefulbits.inc into the response. The file can be described by a relative or full path and filename combination, such as FILE=“..\scripts\myscr.inc”. It can alternatively be described using a virtual relative or absolute path using the VIRTUAL attribute, for example:
<!-- #include VIRTUAL=“/mysite/usefulbits.inc” -->
<!-- #include VIRTUAL=“../../thisbits/usefulbits.inc” -->
2004 Tau Yenny, SI - Binus
9
Server Side Include DirectivesDirective Description
#config Specifies the format that will be used for dates, times, and file sizes in following directives, and the text of the generic SSI error message that is returned to the client. For example:
<!-- #config ERRMSG=“SSI Processing Error” -->
Sets the SSI error message text to ‘SSI Processing Error’.
<!-- #config TIMEFMT=“%A, %B %d %Y %H:%M:%S” -->
Sets the format for dates and times that are returned by following SSI directives .This example sets a format style of Saturday, August 14 2004 10:34:50.
<!-- #config SIZEFMT=“BYTES”-->
Sets the unit by which file size returned by following SSI directives will be calculated. This example sets the unit to bytes. The alternative value for SIZEFMT is “ABBREV”, which specifies that the size calculation will return the file size in kilobytes (KB).
2004 Tau Yenny, SI - Binus
10
Server Side Include Directives
Directive Description
#echo Inserts the value of an HTTP environment variable into the response stream being sent to the client, replacing the directive. For example:
<!-- #echo VAR=“SERVER_NAME”-->
Writes the name of the server that is executing the directive into the page.
#fsize Inserts the size of a specified file into the response stream being sent to the client, replacing the directive. For example:
<!-- #fsize FILE=“Default.asp”-->
Like the #include directive, the file can alternatively be defined using a VIRTUAL path such as:
VIRTUAL=“/mysite/usefulbits.inc”
or
VIRTUAL=“../thisbits/usefulbits.inc”
2004 Tau Yenny, SI - Binus
11
Server Side Include DirectivesDirective Description
#exec Executes a program or a shell command on the server. For example:
<!-- #exec CGI=“/scripts/myapp.exe?value1=this&value2=that”-->
Executes the CGI application named myapp.exe in the context of the Web server. It will also pass the value of the query string value1=this&value2=that to the application. The application runs in a separate memory space from the Web server.
<!-- #exec CMD=“cmd.exe /C iisreset /stop”-->
Starts an instance of the specified operating system command interpreter (in this case cmd.exe), and executes the command iisreset /stop. The /C parameter instructs the command interpreter to exit automatically once the command has been executed. You must add the following entry to the Windows Registry when using the CMD version of #exec:
HKEY_LOCAL_MACHINE
\SYSTEM
\CurrentControlSet
\Services
\W3SVC
\Parameters
\SSIEnableCmdDirective
Set the value to 1 and restart the WWW service to allow the CMD token to be used in the #exec directive. Set it to 0 to disable it and prevent unauthorized use.
2004 Tau Yenny, SI - Binus
12
Server Side Include DirectivesDirective Description
#flastmod Insert the date and time that a specified file was last modified into the response stream being sent to the client, replacing the directive. For example:
<!-- #flastmod FILE=“Default.asp” -->
Like the #include directive, the file can alternatively be defined using a VIRTUAL path such as:
VIRTUAL=“/mysite/usefulbits.inc”
or
VIRTUAL=“../thisbit/usefulbits.inc”
2004 Tau Yenny, SI - Binus
13
SSI/CGI In Action1. <HTML>2. <HEAD><TITLE>SSI Directives and The ASP Server Object</TITLE></HEAD>3. <BODY>4. <H1>SSI Directives and The ASP Server Object<HR></H1>5. <UL><LI><A HREF="ssi_cgi.stm">Server Side Include and CGI Statements</A></LI>6. <LI><A HREF="ssi_exec.asp">Using the #exec Server Side Include Directive</A></LI>7. <LI><A HREF="show_server.asp">Using the ASP Server Object</A></LI></UL>8. </BODY>9. </HTML>
2004 Tau Yenny, SI - Binus
14
Using the SSI/CGI Processing Directives
1. <P><DIV CLASS="subhead">Including Files with SSI</DIV>2. This text has been inserted into the page using the Server-Side Include(SSI)3. instruction:<BR>4. <!-- #include file="intro.inc" --><P>
intro.inc
ssi_cgi.stm1. <HTML>2. <HEAD>3. <TITLE>SSI and CGI Instructions</TITLE>4. <STYLE TYPE="text/css">5. .subhead {font-size=1.25em }6. </STYLE>7. </HEAD>8. <BODY> 9. <!-- #include FILE="intro.inc" -->10. <P><DIV CLASS="subhead">SSI Statement</DIV>11. <!-- #config ERRMSG="SSI Processing Error" --> 12. (sets error message in case of SSI error)<BR>13. <!-- #config ERRMSG="SSI Processing Error" --><P>
2004 Tau Yenny, SI - Binus
15
14. Details of file 'Default.asp':<BR>15. <!-- #config SIZEFMT="BYTES" --> 16. (sets fsize to return size in bytes)<BR>17. <!-- #config SIZEFMT="BYTES" -->
18. <!-- #fsize FILE="Default.asp" --> 19. returns: <B> <!-- #fsize FILE="Default.asp" --> bytes</B><BR>
20. <!-- #config TIMEFMT="%A, %B %d %Y %H:%M:%S" --> 21. (sets format for date/time results)<BR>22. <!-- #config TIMEFMT="%A, %B %d %Y %H:%M:%S" -->
23. <!-- #flastmod FILE="Default.asp" -->24. returns: <B> <!-- #flastmod FILE="Default.asp" --></B><P>
25. <DIV CLASS="subhead">HTTP Variables</DIV>26. <!-- #echo VAR="AUTH_TYPE" -->27. returns: <B> <!-- #echo VAR="AUTH_TYPE" --></B><BR>28. <!-- #echo VAR="AUTH_PASSWORD" -->29. returns: <B> <!-- #echo VAR="AUTH_PASSWORD" --></B><BR>30. </BODY>31. </HTML>
ssi_cgi.stm
Using the SSI/CGI Processing Directives
2004 Tau Yenny, SI - Binus
16
Using the SSI/CGI Processing DirectivesThis page uses all the directives we’ve looked at earlier except #exec directive
2004 Tau Yenny, SI - Binus
17
Using the #exec Directive1. <HTML><HEAD>2. <TITLE>The SSI #exec Directive</TITLE>3. <STYLE TYPE="text/css">4. .subhead {font-size=1.25em }5. </STYLE></HEAD>6. <BODY>7. <H1>The SSI #exec Directive<HR></H1>8. <DIV CLASS="subhead">Stopping and Starting a Service</DIV>9. <FORM ACTION="<%=Request.ServerVariables("SCRIPT_NAME") %>" METHOD="POST">10. <INPUT TYPE="SUBMIT" NAME="cmdStop" VALUE=" ">11. Stop the Microsoft Indexing Service<BR><BR>12. <INPUT TYPE="SUBMIT" NAME="cmdStart" VALUE=" ">13. Start the Microsoft Indexing Service<BR>14. </FORM>15. <%16. If Len(Request.Form("cmdStart")) Then17. Response.Redirect("startcis.stm")18. End If19. If Len(Request.Form("cmdStop")) Then20. Response.Redirect("stopcis.stm")21. End If22. %>23. </BODY>24. </HTML>
ssi_exec.asp
2004 Tau Yenny, SI - Binus
18
Using the #exec Directive
2004 Tau Yenny, SI - Binus
19
Running #exec Directive First, create the SSIEnableCmdDirective entry (with type DWORD) in the Registry
on your Web server machine under the existing key named:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W3SVC\Parameters
And then set the value to 1, as shown below:
2004 Tau Yenny, SI - Binus
20
Running #exec DirectiveFire up the Internet Services Manager utility and Select the directory containing the .stm files that use #exec. Then open the Properties dialog for that directory. In the Direcory Security page click the Edit button in the Anonymous access and authentication control section to open the Authentication Methods dialog.
Turn off the Anonymous access checkbox. If you’re not using IE, turn on the Basic authentication option to allow non-IE browsers to submit a username/password to access the pages.
2004 Tau Yenny, SI - Binus
21
Running #exec Directive
Restart the WWW service.
2004 Tau Yenny, SI - Binus
22
Running #exec Directive
To be able to see the results of starting and stopping the service, open the Service MMC snap-in and stop the Indexing Service.
2004 Tau Yenny, SI - Binus
23
Starting and Stopping the Indexing Service
2004 Tau Yenny, SI - Binus
24
1. <HTML><HEAD><TITLE>The SSI #exec Directive</TITLE></HEAD>2. <BODY>3. <H1>The SSI #exec Directive<HR></H1>4. <P>Processing the SSI directive:</P>5. <P><B><!-- #exec CMD="cmd.exe /c net start ciscv" --></B></P>6. <!-- #exec CMD="cmd.exe /c net start ciscv" -->7. <FORM ACTION="ssi_exec.asp">8. <INPUT TYPE="SUBMIT" NAME="cmdOK" VALUE=" ">9. Return to the previous page<P>10. </FORM>11. </BODY></HTML>
1. <HTML><HEAD><TITLE>The SSI #exec Directive</TITLE></HEAD>2. <BODY>3. <H1>The SSI #exec Directive<HR></H1>4. <P>Processing the SSI directive:</P>5. <P><B><!-- #exec CMD="cmd.exe /c net stop ciscv" --></B></P>6. <!-- #exec CMD="cmd.exe /c net stop ciscv" -->7. <FORM ACTION="ssi_exec.asp">8. <INPUT TYPE="SUBMIT" NAME="cmdOK" VALUE=" ">9. Return to the previous page<P>10. </FORM>11. </BODY></HTML>
startcis.stm
stopcis.stm
Starting and Stopping the Indexing Service
2004 Tau Yenny, SI - Binus
25
ASP Server Object
Property Description
ScriptTimeout Integer. Default = 90.
Sets or returns the number of seconds that script in the page can execute for before the server aborts page execution and reports an error. This automatically halts and removes from memory pages that contain errors that may lock execution into a loop, or those that stall while waiting for a resource to become available. This prevents the server becoming overloaded with badly behaved pages. You may need to increase this value for pages that do take a long time to run.
The Properties of the Server Object
2004 Tau Yenny, SI - Binus
26
ASP Server ObjectThe Methods of the Server Object
Method Description
CreateObject(“identifier”) Creates an instance of the object (a component, application or scripting object) that is identified by “identifier”, and return a reference to it that can be used in our code. Can be used in the global.asa page of a virtual application to create objects with session-level or application-level scope. The object can be identified by its ClassID such as “{clsid:BD96C556-65A3…37A9}” or by a ProgID string such as “ADODB.Connection”.
Execute(“url”) Stops executing of the current page and transfer control to the page specified in “url”. The user’s current environment is carried over to the new page. After that page has finished execution, control passes back to the original page and execution resumes at the statement after the Execute method call.
GetLastError( ) Returns a reference to an ASPError object that holds details of the last error that occurred within the ASP processing of the page. The information exposed by the ASPError object includes the file name, line number, error code, etc.
2004 Tau Yenny, SI - Binus
27
ASP Server ObjectThe Methods of the Server Object
Method Description
HTMLEncode(“string”) Returns a string that is a copy of the input value “string” but with all non-legal HTML characters – such as ‘<‘. ‘>’, ‘&’, and double quotes – converted into the equivalent HTML entity – i.e. <, >, &, ", etc.
MapPath(“url”) Returns the full physical path and filename of the file or resource specified in “url”.
Transfer(“url”) Stops execution of the current page and transfers control to the page specified in “url”. The user’s current environment (i.e. session state and any current transaction state) is carried over to the new page. Unlike the Execute method, execution doesn’t resume in the original page, but ends when the new page has completed executing.
URLEncode(“string”) Return a string that is a copy of the input value “string” but with all characters that are not valid in a URL – such as ‘?’, ‘&’ and spaces – converted into the equivalent URL entity – i.e. ‘%3F’, ‘%26’, and ‘+’.
2004 Tau Yenny, SI - Binus
28
Creating Object Instances
VBScript supports CreateObject and GetObject methods.
CreateObject method takes as its argument a ClassID or (more usually) a ProgID string, and returns a new object of that type:Set objNewObject = CreateObject(“ADODB.Connection”)
GetObject method is normally used when we have a document of a specific type, and we want to create an instance of an object that can handle this type of document:Set objExcel = getObject(“C:\myfiles\sales.xlw”)
We can also specify the type of object that we want as well as a filename, which is useful if we have several objects that can handle that document type:Set objExcel = getObject(“C:\myfiles\sales.xlw”, “Excel.Application”)
2004 Tau Yenny, SI - Binus
29
Creating Object Instances
JScript has getObject, which works like the VBScript version.
JScript implements a function that works in the same way as VBScript CreateObject method, named ActiveXObject.
objNewObject = new ActiveXObject(“This.Object”);
2004 Tau Yenny, SI - Binus
301. <HTML>2. <HEAD> <TITLE>The Server Object</TITLE> </HEAD>
3. <BODY>4. <H2>The ASP Server Object<HR></H2>5. <%6. Quot = Chr(34)
7. If Len(Request.Form("cmdCreate")) Then8. strObjectName = Request.Form("txtObjectName")9. On Error Resume Next 'Turn off default error handling10. Set objObject = Server.CreateObject(strObjectName)11. On Error Goto 012. If IsObject (objObject) Then13. Response.Write "<B>Results:</B><BR>Successfully created object of " _14. & "<B>" & Quot & strObjectName & Quot & "</B><HR>"15. Else16. Response.Write "<B>Results:</B><BR>Failed to create object of " _17. & "<B>" & Quot & strObjectName & Quot & "</B><HR>"18. End If19. End If
20. If Len(Request.Form("cmdExecute")) Then21. strPath = Request.Form("txtExecute")22. Response.Write "Currently executing the page: <B>" _23. & Request.ServerVariables("SCRIPT_NAME") & "</B><BR>"24. Server.Execute (strPath)25. Response.Write "Currently executing the page: <B>" _26. & Request.ServerVariables("SCRIPT_NAME") & "</B><BR><BR>"27. End If
show_server.asp
2004 Tau Yenny, SI - Binus
3130. If Len(Request.Form("cmdTransfer")) Then
31. strPath = Request.Form("txtTransfer")
32. Response.Write "Currently executing the page: <B>" _
33. & Request.ServerVariables("SCRIPT_NAME") & "</B><BR>"
34. Server.Transfer(strPath)
35. End If
36. If Len(Request.Form("cmdGetLastError")) Then
37. Dim arrThis(3)
38. arrThis(4) = "Causes an error"
39. End If
40. If Len(Request.Form("cmdMapPath")) Then
41. strValue = Request.Form("txtMapPath")
42. Response.Write "<B>Results:</B><BR>Server.MapPath(" & Quot & strValue _
43. & Quot & ") returned <B>" & Quot & Server.MapPath(strValue) _
44. & Quot & "</B><HR>"
45. End If
46. If Len(Request.Form("cmdHTMLEncode")) Then
47. strValue = Request.Form("txtHTMLEncode")
48. strResult = Server.HTMLEncode(strValue)
49. strDisplay = Server.HTMLEncode(strResult)
50. Response.Write "<B>Results:</B><BR>Server.HTMLEncode (" & Quot & strResult _
51. & Quot & ") returned<BR><B>" & Quot & strDisplay & Quot _
52. & "</B><HR>"
53. End If
show_server.asp
2004 Tau Yenny, SI - Binus
3254. If Len(Request.Form("cmdURLEncode")) Then
55. strValue = Request.Form("txtURLEncode")
56. Response.Write "<B>Results:</B><BR>Server.URLEncode (" & Quot & strValue _
57. & Quot & ") returned<BR><B>" & Quot & Server.URLEncode (strValue) & Quot _
58. & "</B><HR>"
59. End If
60. %>
61. <BIG>Property Value</BIG><BR>
62. <% Response.Write "Server.Timeout = <B>" & Server.ScriptTimeout & "</B></P>“ %>
63. <FORM ACTION="<%=Request.ServerVariables("SCRIPT_NAME") %>" METHOD="POST">
64. <BIG>Create an Instance of a Component</BIG><BR>
65. <INPUT TYPE="SUBMIT" NAME="cmdCreate" VALUE=" ">
66. Server.CreateObject(“ <INPUT TYPE="TEXT" NAME="txtObjectName" VALUE="">")<BR><BR>
67. <BIG>Execute Another ASP Page</BIG><BR>
68. <INPUT TYPE="SUBMIT" NAME="cmdExecute" VALUE=" ">
69. Server.Execute(“ <INPUT TYPE="TEXT" NAME="txtExecute" VALUE="">")<BR>
70. <INPUT TYPE="SUBMIT" NAME="cmdTransfer" VALUE=" ">
71. Server.Transfer(“ <INPUT TYPE="TEXT" NAME="txtTransfer" VALUE="">")<BR><BR>
72. <BIG>Get ASP Error Details</BIG><BR>
73. <INPUT TYPE="SUBMIT" NAME="cmdGetLastError" VALUE=" ">
74. Server.GetLastError()<BR><BR>
show_server.asp
2004 Tau Yenny, SI - Binus
3378. <BIG>Miscellaneous Methods</BIG><BR>
79. <INPUT TYPE="SUBMIT" NAME="cmdMapPath" VALUE=" ">
80. Server.MapPath(“ <INPUT TYPE="TEXT" NAME="txtMapPath" VALUE="" SIZE="30">")<BR>
81. <INPUT TYPE="SUBMIT" NAME="cmdHTMLEncode" VALUE=" ">
82. Server.HTMLEncode(“ <INPUT TYPE="TEXT" NAME="txtHTMLEncode" VALUE="" SIZE="30">")<BR>
83. <INPUT TYPE="SUBMIT" NAME="cmdURLEncode" VALUE=" ">
84. Server.URLEncode(“ <INPUT TYPE="TEXT" NAME="txtURLEncode" VALUE="" SIZE="30">")<BR>
85. <BR>
86. </FORM>
87. </BODY>
88. </HTML>
show_server.asp
2004 Tau Yenny, SI - Binus
34
ASP Server Object
2004 Tau Yenny, SI - Binus
35
The CreateObject Method of the Server Object
Quot = Chr(34)
If Len(Request.Form("cmdCreate")) Then strObjectName = Request.Form("txtObjectName") On Error Resume Next 'Turn off default error handling Set objObject = Server.CreateObject(strObjectName) On Error Goto 0 If IsObject (objObject) Then Response.Write "<B>Results:</B><BR>Successfully created object of " _
& "<B>" & Quot & strObjectName & Quot & "</B><HR>" Else Response.Write "<B>Results:</B><BR>Failed to create object of " _
& "<B>" & Quot & strObjectName & Quot & "</B><HR>" End IfEnd If
2004 Tau Yenny, SI - Binus
36
Executing Other Pages
If Len(Request.Form("cmdExecute")) Then strPath = Request.Form("txtExecute") Response.Write "Currently executing the page: <B>" _ & Request.ServerVariables("SCRIPT_NAME") _ & "</B><BR>" Server.Execute (strPath) Response.Write "Currently executing the page: <B>" _ & Request.ServerVariables("SCRIPT_NAME") _ & "</B><BR><BR>"End If
2004 Tau Yenny, SI - Binus
37
Executing Other Pages
If Len(Request.Form("cmdTransfer")) Then strPath = Request.Form("txtTransfer") Response.Write "Currently executing the page: <B>" _ & Request.ServerVariables("SCRIPT_NAME") & "</B><BR>" Server.Transfer(strPath)End If
1. <%@ LANGUAGE=VBSCRIPT%>2. <HR>3. Currently executing the page: <B>Another_Page.asp</B><BR>4. However the value of
<B>Request.ServerVariables("SCRIPT_NAME")</B> is still<BR>5. <B><% =Request.ServerVariables("SCRIPT_NAME") %></B>6. because the <B>Request</B> collection hold</BR>7. the same values as they had in the page that executed this
one.<BR>
8. <FORM ACTION="<% = Request.ServerVariables("HTTP_REFERER") %>" METHOD="POST">
9. <INPUT TYPE="SUBMIT" NAME="cmdOK" VALUE=" ">
10. Return to the Previous Page<P>11. </FORM>12. <HR>
Another_Page.asp
2004 Tau Yenny, SI - Binus
38
Error Handling with the Server ObjectProperty Description
ASPCode Integer. The error number generated by ASP/IIS such as 0x800A0009.
ASPDescription String. A detailed description of the error if it is ASP-related.
Category String. The source of the error, i.e. internal to ASP, the scripting language, or an object.
Column Integer. The character position within the file that generated the error.
Description String. A short description of the error.
File String. The name of the file that was being processed when the error occurred.
Line Integer. The number of the line within the file that generated the error.
Number Integer. A standard COM error code.
Source Integer. The actual code, where available, of the line that caused the error.
Properties of the ASPError Object
2004 Tau Yenny, SI - Binus
39
Error Page Mapping in IIS
In Internet Services Manager, right click on the directory for which you want to edit mappings, and select Properties.
2004 Tau Yenny, SI - Binus
40
Error Page Mapping in IIS
In the Custom Errors page of the Properties dialog is a list of the default mapping set up when IIS is installed (unless, of course you’ve already changed any).
Near the bottom of the list an entry for HTTP error 500:100. These are the generic errors such as Invalid Application, Server Shutting Down, etc. However, the 500:100 error occurs specifically when ASP loads a page that contains a syntax error. The default mapping shown the page named 500-100.asp will be executed when such error occurs.
2004 Tau Yenny, SI - Binus
41
Specifying a Custom Error Page
Click the Edit Properties button in the Custom Errors page to open the Error Mapping Properties dialog.
Select URL in the message Type drop-down list, and type the full virtual path to your own custom error page.
2004 Tau Yenny, SI - Binus
42
Using the GetLastError Method and the ASPError Object1. <%2. Response.Status = "500 Internal Server Error"3. Set objASPError = Server.GetLastError()4. %>5. Currently executing the page: <B>show_error.asp</B><P>6. <B>Error Details:</B><BR>
7. ASPError.ASPCode = <% = objASPError.ASPCode %><BR>8. ASPError.Number = <% = objASPError.Number %><BR>9. (0x<% =Hex(objASPError.Number) %>)<BR>10. ASPError.Source = <% = Server.HTMLEncode(objASPError.Source) %><BR>11. ASPError.Category = <% = objASPError.Category %><BR>12. ASPError.File = <% = objASPError.File %><BR>13. ASPError.Line = <% = objASPError.Line %><BR>14. ASPError.Column = <% = objASPError.Column %><BR>15. ASPError.Description = <% = objASPError.Description %><BR>16. ASPError.ASPDescription = <% = objASPError.ASPDescription %><BR>
17. <FORM ACTION="<% = Request.ServerVariables("HTTP_REFERER") %>" METHOD="POST">18. <INPUT TYPE="SUBMIT" NAME="cmdOK" VALUE=" ">19. Return to the Previous Page<P>20. </FORM>
show_error.asp
2004 Tau Yenny, SI - Binus
43
Using the GetLastError Method and the ASPError Object
If Len(Request.Form("cmdGetLastError")) Then Dim arrThis(3) arrThis(4) = "Causes an error"End If
2004 Tau Yenny, SI - Binus
44
Getting Path Information with the Server ObjectIf Len(Request.Form("cmdMapPath")) Then strValue = Request.Form("txtMapPath") Response.Write "<B>Results:</B><BR>Server.MapPath(" & Quot & strValue _
& Quot & ") returned <B>" & Quot & Server.MapPath(strValue) _& Quot & "</B><HR>"
End If
2004 Tau Yenny, SI - Binus
45
The HTMLEncode Method of the Server ObjectIf Len(Request.Form("cmdHTMLEncode")) Then strValue = Request.Form("txtHTMLEncode") strResult = Server.HTMLEncode(strValue) strDisplay = Server.HTMLEncode(strResult) Response.Write "<B>Results:</B><BR>Server.HTMLEncode (" & Quot & strResult _
& Quot & ") returned<BR><B>" & Quot & strDisplay & Quot _& "</B><HR>"
End If
2004 Tau Yenny, SI - Binus
46
Formatting Data with the Server Object
CharacterHTML Entity Equivalent
CharacterHTML Entity Equivalent
< < > >
& & “ "
© © ® ®
Notice that the last of the example, the registered trademark symbol, is a numeric value preceded with the ‘#’ character, rather than a text abbreviation of the meaning (like copy for the copyright symbol).
All character with ANSI code value greater than 126 can be represented in HTML as the ANSI code of the character in decimal, prefixed with &# and suffixed with a semi-colon. So the ½ (one half) character has an entity equivalent of ½.
2004 Tau Yenny, SI - Binus
47
The URLEncode Method of the Server ObjectIf Len(Request.Form("cmdURLEncode")) Then strValue = Request.Form("txtURLEncode") Response.Write "<B>Results:</B><BR>Server.URLEncode (" & Quot & strValue _
& Quot & ") returned<BR><B>" & Quot & Server.URLEncode (strValue) & Quot _& "</B><HR>"
End If
2004 Tau Yenny, SI - Binus
48
Formatting Data for URLsCharacter HTTP/URL Replacement Character HTTP/URL Replacement
space + \ %5C
‘ %27 ] %5D
! %21 ^ %5E
# %23 ` %60
$ %24 { %7B
% %25 | %7C
& %26 } %7D
( %28 + %2B
) %29 < %3C
/ %2F = %3D
: %3A > %3E
; %3B Chr(10) ignored
[ %5B Chr(13) %0D