Alternative to ADODB.Stream for saving documents into MS Access Database from within ASP page

Re: Microsoft Knowledge Base Article - 870669
How to disable the ADODB.Stream object from Internet Explorer

You may recently have heard of the vulnarability exposed by Internet
Explorer as described in that article:

"An ADO stream object contains methods for reading and writing binary
files and text files. When an ADO stream object is combined with known
security vulnerabilities in Internet Explorer, a Web site could
execute scripts from the Local Machine zone. To help protect your
computer from this kind of attack, you can manually modify your
registry."

I'm using the ADODB.Stream object in an asp page to provide Intranet
users in a corporate environment a facility to upload and download
documents, such as Word and Excel, into an Access database.

When the security patch will be installed, this functionality will
have to be rewritten using another method than ADODB.Stream. Does
anyone know any alternative to uploading and downloading documents to
and from a MS Access database, from within an .asp page hosted in IIS?

I would prefer methods that do not require a COM component to be
installed on the server.

Thanks

Nov 13 '05 #1

Subscribe Reply

9452

Kevin R

"C" <tc****@hotmail.com> wrote in message
news:1f*************************@posting.google.co m...

I'm using the ADODB.Stream object in an asp page to provide Intranet
users in a corporate environment a facility to upload and download
documents, such as Word and Excel, into an Access database.

When the security patch will be installed, this functionality will
have to be rewritten using another method than ADODB.Stream. Does
anyone know any alternative to uploading and downloading documents to
and from a MS Access database, from within an .asp page hosted in IIS?

I could be wrong, but I thought the "patch" for disabling ADODB.Stream
really only kept Internet Explorer from loading it (basically it sets a
"kill bit" on the object). It should continue to work just fine from other
scripting environments (including ASP).

So, unless you're using it *client-side*, I believe you'll be fine.

- Kevin

Nov 13 '05 #2

"Kevin R" <kp****@hotmail.com> wrote in message news:<Bz**********************@newssvr28.news.prod igy.com>...

"C" <tc****@hotmail.com> wrote in message
news:1f*************************@posting.google.co m...
I'm using the ADODB.Stream object in an asp page to provide Intranet
users in a corporate environment a facility to upload and download
documents, such as Word and Excel, into an Access database.

When the security patch will be installed, this functionality will
have to be rewritten using another method than ADODB.Stream. Does
anyone know any alternative to uploading and downloading documents to
and from a MS Access database, from within an .asp page hosted in IIS?

I could be wrong, but I thought the "patch" for disabling ADODB.Stream
really only kept Internet Explorer from loading it (basically it sets a
"kill bit" on the object). It should continue to work just fine from other
scripting environments (including ASP).

So, unless you're using it *client-side*, I believe you'll be fine.

- Kevin

Hi Kevin,

Uhm... I'm actually providing a user interface in Internet Explorer
that allows users to browse to a file on their machine or on a network
drive to upload the file and store it in long binary format in an
Access database.
The Microsoft article eplained that once the registry key is amended,
we will get the error "ActiveX component can't create object:
'ADODB.Stream'".
If the object cannot be created, the files will not be up or
downloadable anymore. Any ideas how to work around this?

Nov 13 '05 #3

Kevin R

"C" <tc****@hotmail.com> wrote in message
news:1f*************************@posting.google.co m...

So, unless you're using it *client-side*, I believe you'll be fine.
Uhm... I'm actually providing a user interface in Internet Explorer
that allows users to browse to a file on their machine or on a network
drive to upload the file and store it in long binary format in an
Access database.
The Microsoft article eplained that once the registry key is amended,
we will get the error "ActiveX component can't create object:
'ADODB.Stream'".
If the object cannot be created, the files will not be up or
downloadable anymore. Any ideas how to work around this?

If you have a budget available... I'm partial to SoftArtisans' FileUp and
XFile components. www.softartisans.com. Note that I'm not connected to that
company at all; I'm just a satisfied user of their products.

If not, I believe you could go low-tech and just make use of IE's built-in
file upload capability. For example, the following HTML enables a simple
file-upload box (and Browse... button) in any web client:

<form enctype="multipart/form-data" method="post" action="formresp.asp">
Enter filename to upload: <input type="file" name="f1"><br>
<input type="submit">

(if those angle brackets get eaten by your newsreader, try searching for
'enctype="multipart/form-data"' on google...)

You'll have to also have something on the web server side that can accept
the upload. Chances are what you're already using will continue to work
fine, but since I have no idea what you're already do, I wouldn't know.

By the way, this seems a little off-topic for an Access forum.....

- Kevin

Nov 13 '05 #4

Similar topics

Question about ADODB

by: David Gray | last post by:

Greetings all, How can I use ADODB to return all tables in an access DB chosen by the user? I'm able so far to select the DB file and build up my connect string, but I would like to offer a...