Chris Worfolk's Blog

Sometimes you will have applications running when Windows starts up and some which you may not even be aware of. If you can’t find the application in Start > Programs > Start Up or you just want to see what exactly is running then try your MS Config box.

Goto Start > Run
Type ‘msconfig’ into the box
Hit the ok button
Wait for the box to load
Click the start up tab

This displays a list of all the applications that run of start up. Many are Windows applications which should generally be left alone. You can disable them from starting up by unticking the box next to it.

Building an admin log in system is pretty simple for s small site. You don’t need a username so a password is acceptable for log in and you can writee your password into the code. However because it is an admin section it needs to be fairly secure – no having the password available for any old joe to find in the source code.

The solution – a simple server side script. The password will be in the code but because it is server side is will never reach the end user and so they cannot get hold of it.

For this you will need three pages. A main page, a log in and page and log out page.

index.asp
login.asp
logout.asp

Because we need it to be fairly secure I am going to use a session cookie for the password. Let’s start with the main page.

<%
If Session("adminpassword") <> "dog" Then
Response.Redirect ("login.asp")
End If
%>

<html>
<head>
<title>Admin Homepage</title>
</head>

<body>
<p>Welcome to the admin secction.</p>
</body>
</html>

For this I have chosen the pasword “dog.” If this is not present in a session cookie called adminpassword, the user will be redirected to login.aso. Lets look at that now.

<html>
<head>
<title>Admin Log In</title>
</head>
<p>Please enter the admin password:</p>
<form action="login.asp" method="post" name="login_form" id="login_form">
<input name="password" type="password" id="password" size="40">
<input type="submit" name="Submit" value="Log In">
</form>
</body>
</html>

The first thing I have done is to add a form called “login_form” to allow the user to log in. In the form I have placed a text field called “password” and a submit button so they can type in the password and click submit to log in. This sends the user and the form variable, “password” to login.asp (the same page but reloaded). Now we need to add some server side scripting to the top of the game above the <html> tag.

<%
' checks to see if the password has been submitted
If Request.Form ("password") <> "" Then
' it has so writes in the session cookie
Session ("adminpassword") = Request.Form("password")
' if the user's password is correct they should now be able
' to gain access to the main page
' if they entered an incorrect password they will be
' redirected back here. Because the form variable
' is not sent when they are redirected back here
' they will not be redirected back to index.asp
Response.Redirect ("index.asp")
%>

If the password is incorrect, eg, they entered a password that is different from “dog” eg they entered “cat” it will still be saved in the session variable and the user will still be redirected to index.asp, but because the password is not “dog” they will be redirected back here again.

The fact that the incorrect password is saved in the session cookie allows us to give the user some more information when they are redirected back to login.asp because index.asp won’t give them access.

<%
' if the user is on login.asp but still has a password
' in the session cookie, they must have entered
' and incorrect password
If Session ("adminpassword") <> "" Then
%>
<p>You entered an incorrect password.</p>
<%
End If
%>

You can then insert the script that we placed at the top of index.asp to all the pages you want protecting. To save yourself having to change the script on every protected page when you want to change the password, you could also save the script, by itself, in a separate file and use file include to all the pages you want protecting.

<!--#include file="passwordcheck.asp" -->

You can then just update the script in passwordcheck.asp and all the protected pages would now use the new password.

Finally we need to create a log out page for the user to logout, to stop anyone else getting in after the user is done. This maybe not be needed if you are on a home pc which nobody else has access to but you might want to build one anyway. The log out page is amazingly simple.

<%
Session.Abandon ()
Response.Redirect ("index.asp")
%>

This should log the user out. If the user has not been logged out for some reason they will know because they will gain access to index.asp when they are redirected to it. If the user has been logged out successfully, index.asp will redirect them to login.asp and so they will know they have been logged out.

Now just o make it easier on you I will include the full source code including links, html and asp code, ready for you to copy and paste into your text editor and save as the appropriate files.

index.asp

<%
If Session("adminpassword") <> "dog" Then
Response.Redirect ("login.asp")
End If
%>

<html>
<head>
<title>Admin Homepage</title>
</head>

<body>
<p>Welcome to the admin secction.</p>
<p><a href="logout.asp">Click here to log out.</a></p>
</body>
</html>

login.asp

<%
' checks to see if the password has been submitted
If Request.Form ("password") <> "" Then
' it has so writes in the session cookie
Session ("adminpassword") = Request.Form("password")
' if the user's password is correct they should now be able
' to gain access to the main page
' if they entered an incorrect password they will be
' redirected back here. Because the form variable
' is not sent when they are redirected back here
' they will not be redirected back to index.asp
Response.Redirect ("index.asp")
%>

<html>
<head>
<title>Admin Log In</title>
</head>
<p>Please enter the admin password:</p>
<form action="login.asp" method="post" name="login_form" id="login_form">
<input name="password" type="password" id="password" size="40">
<input type="submit" name="Submit" value="Log In">
</form>
</body>
</html>

logout.asp

<%
Session.Abandon ()
Response.Redirect ("index.asp")
%>

This tutorial will show you how to build a simple hit counter. It does not use any SQL or databases; it stores the hits in a text file.

Allou need to create for this script is your ASP file and a text file. In the text file, simply enter the number 0 and save it in the same directory as count.txt. Take a look at the basic source code.

<%@ Language="VBScript" %>
<% Response.Expires= -1
Response.AddHeader "Cache-Control", "no-cache"
Response.AddHeader "Pragma", "no-cache" %>
<%
if Session("ct") = "" then
fp = Server.MapPath("db\count.txt")
Set fs = CreateObject("Scripting.FileSystemObject")
Set a = fs.OpenTextFile(fp)
ct = Clng(a.ReadLine)
ct = ct + 1
Session("ct") = ct
a.close
Set a = fs.CreateTextFile(fp, True)
a.WriteLine(ct)
a.Close
Set a = Nothing
Set fs = Nothing
else
ct = Clng(Session("ct"))
end if 
%>

Now lets break it down into three sections.

<%@ Language="VBScript" %>

This just states that the page is a VB script page.

<% Response.Expires= -1
Response.AddHeader "Cache-Control", "no-cache"
Response.AddHeader "Pragma", "no-cache" %>

This section stops the user refreshing the page to clock up hits.

<%
if Session("ct") = "" then
fp = Server.MapPath("count.txt")
Set fs = CreateObject("Scripting.FileSystemObject")
Set a = fs.OpenTextFile(fp)
ct = Clng(a.ReadLine)
ct = ct + 1
Session("ct") = ct
a.close
Set a = fs.CreateTextFile(fp, True)
a.WriteLine(ct)
a.Close
Set a = Nothing
Set fs = Nothing
else
ct = Clng(Session("ct"))
end if 
%>

This is the main section which adds the hits.

fp = Server.MapPath("count.txt")

This tells the server where to find the file. You can modify the file location by changing count.txt. So for instance if you wanted to to be called hitcounter.txt and in the directory db you would use:

fp = Server.MapPath("db\hitcounter.txt")

All you have to do is alter the file path in the quote marks.

Set fs = CreateObject("Scripting.FileSystemObject")
Set a = fs.OpenTextFile(fp)
ct = Clng(a.ReadLine)

This section opens the file using FileSystemObject and reads the first line. It then sets the variable ct to the amount of hits it has already had.

ct = ct + 1

This line adds one hit to the total number of visitors.

Session("ct") = ct
a.close

This part saves a session variable as the new click through with the new amount of visitors and closes the text file.

Set a = fs.CreateTextFile(fp, True)
a.WriteLine(ct)
a.Close

This code creates a new text file over the old one and adds in the new amount of visitors to it. Then it closes the text file.

Now you have a working hit counter. All you need to do is add the hit counter into your page:

You are a visitor number <%=ct%>!

This would display the amount of visitors. Now to save confusion, here is the full source code for the page:

<%@ Language="VBScript" %>
<% Response.Expires= -1
Response.AddHeader "Cache-Control", "no-cache"
Response.AddHeader "Pragma", "no-cache" %>
<%
if Session("ct") = "" then
fp = Server.MapPath("db\count.txt")
Set fs = CreateObject("Scripting.FileSystemObject")
Set a = fs.OpenTextFile(fp)
ct = Clng(a.ReadLine)
ct = ct + 1
Session("ct") = ct
a.close
Set a = fs.CreateTextFile(fp, True)
a.WriteLine(ct)
a.Close
Set a = Nothing
Set fs = Nothing
else
ct = Clng(Session("ct"))
end if 
%>
<html>
<body>
You are a visitor number <%=ct%>!
</body>
</html>

Server.MapPath is used to create a file path from a virtual path.

Here’s a typical DNS-less database connection:

Connection = "Driver={Microsoft Access Driver (*.mdb)}; DBQ=C:\wwwroot\users\someaddress\db\data.mdb"

This isn’t much good though if you don’t know the full file path and if you are using a web host the chances are that you won’t know it. So you can use Server.MapPath instead.

Lets say that database is on the internet at the following address. Not that it is a good idea to have your database web accessible of course.

http://www.someaddress.com/db/data.mdb

Instead of having to use the file path as the top you could use a virtual path:

Connection = "Driver={Microsoft Access Driver (*.mdb)}; DBQ=" + Server.MapPath("/db/data.mdb")

This would get the server to “map” a file path to the database from the virtual path you give it. Notice that after DBQ= the tag (“) is closed as you don’t want the server to think + Sever.Map… is part of the file path.

The request function, surprisingly, requests a value. This could be a URL variable, form variable, or some other value. For example if you were at the url.

http://www.somepage.com/home.asp?ID=23

You would use the following code in your script.

Request.QueryString("ID")

The line would then return the value 23.

An example of where this can be used is on the M World News channel. The news is stored dynamically in a database so when you click on a link to the full story from the news homepage you are taken to a dynamic page which selects the story based on the ID of the story you want passed to the page as a url variable. For example the link could be as follows.

http://www.mworld.us/news/story.asp?ID=52

Examples of use

Request.QueryString("SomeURLVariable")
Request.Form("SomeFormElement")
Request.Cookies("SomeCookie")

Well I appear to have lost all my channels on Google Adsense. None of them display any data when I select a channel to view, which really sucks as I had them all configured to different websites. Still, some good has come of my long term chance that I took in the program.

Although I can’t say how much I earned per click (due to the terms and such), my income yesterday was awesome. Well not mega amounts but let’s say like 10, 20 times what I normally could. Could have been a fluke but I really hope not. I added the code to a new site yesterday so I think that is the reason.

If so then I can finally understand why everyone likes Adsense. I must have been running it like forever now and never really made anything substantial although this changes things. I earned more off Adsense yesterday than I did using Mamma, which has traditionally been a far, far bigger earner.

Still, that said, that hasn’t earned much either recently. I am getting a good rate but over 50% of the ads are unsold – most of the ads I display for them are default redirects back to my own ads.

Ok, I am starting to think that Mozilla have actually gone backwards with Firefox 1.0 since I upgraded from Firefox 0.9. I am still without my IE View extension although there are bigger problems emerging.

The first is that when I went to find something and I typed it into the bar at the top right of the screen it searched Google instead. I though, oh it must have defaulted back to Google. But no, find on this page is missing from there totally!

Secondly, is the random screen space taken up. When it blocks a pop-up or when you go to find on this page from the edit menu, it brings up this huge toolbar on your page. How is this better than what is was before?

Thirdly, and post annoyingly, Firefox has gone Internet Explorer on us. When you click a link in Outlook Express, it opens up in your current window rather than opening up a new window. Is there a way to fix this? This is terrible!

I have just upgraded from Firefox 0.9 to Firefox 1.0. Everything downloaded ok and the installation seemed to go fine I did a full install thing with the extra web developer component though I haven’t played around with it yet. The installation kept all my settings from what I can see so far too.

I did run into a problem with the extensions though. I have three installed, an RSS reader, a proxy tool and a view this page in IE tool. Though I have to compliment it on being able to look for compatible extensions and install them I am still without Sage and ieview. The latter of which I use a lot.

I am almost tempted to switch back to get the functionality back. Still maybe I will hold out and see if an updated version comes out or there is something else to do the job. From what I here, compatibility problems with sites site GameSpot are less in 1.0 than in 0.9. The homepage finally works in 1.0 at least.

I still need to make a GameSpot rant sometime but anyway. Firefox 1.0 seems ok, the menu bar lights up when your in a secure area and the go button looks strangely new. I managed to find a new version of Sage that seemed to install ok, though my new version of IE View is still not compatible apparently. That’s not what the website says.

There was much talk before today about who would be hanging around on the internet on Christmas Day. Well I’m on now and I appear to be all by my lonesome. No posts on Buffy Talk, nobody on the instant messager networks (ok I have plenty of people on just none of the people I want to me on).

Still I guess nothing went to plan. I was going to be on all day from around 9 am onwards. However due to family interuptions I was distracted and only got in 30 minutes online before it was time to eat. That look almost 4 hours and I have only now got away.

Still this should free up some time although no doubt I will be dragged back in and out of the frey severals times before the day is over. All I really want is to play my guitar, download some porn and chat to some friends. Still, that is Christmas Day for you.

Bad, "don’t think I can’t hear you playing my guitar." People treat it like public property, just like the way we all use my mum’s camera. Well except me as I got mine back from the service centre recently. That is a post I had already made though.

Anyway, I think I made my point, I might go on a little to talk about Chrismukka in a later post. My sister didn’t even get that when I wrote it in her card though, she needs to watch more of The O.C.

For those of you who are not in the know (shame on you, watch more TV!) Chrismukka is a hybrid of Christmas and Hannukah created by Seth on The O.C. Great show. Anyway, I was going to do this post tomorrow but we are well past midnight anyway. I will probably do some more tomorrow as well as I will be working online tomorrow too.

I had to stay up till at least midnight as it was reset day for both Black Nova Traders and Paranormal Deathmatch on Fallen Nation. So I did these just before midnight and though I can finally go to sleep. Then I remembered I hadn’t updated my daily news sites :o.

Well that took another 20 minutes out of me. Ah well, once I rule the web it will be all worth it – right? Finally it is all wrapped up though and everything else can weight for tomorrow or maybe the day after. Except domains and daily news which will have to come tomorrow. I need to freeze time somehow.

Not that I am complaining though. Well I am but I still enjoy it. Running websites, no matter how annoying and stressful is still what I want to do. How did this post get emo? Anyway, the Chrismukka celebrations stuff can wait until the morning. Or maybe this is the morning and I won’t post till afternoon. Whatever it is, I will post – later!