473,387 Members | 1,453 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > asp / active server pages > questions > include file that is outside of web directory

Join Bytes to post your question to a community of 473,387 software developers and data experts.

include file that is outside of web directory

Hi all -

I would like to do something like this:
<!--#include file="C:\dbutils\dbConfig.asp"-->

Where the directory C:\dbutils is OUTSIDE of the web directory and not
accessible by a client web browser.

The reason I would like to do this is in case somehow ASP processing
gets turned off in IIS. Since "dbConfig.asp" contains a
username/password for the database, I don't want this file to somehow
get sent back to a client browser as plain text.

Two questions:
1) is it possible to use an include file that is outside of the web
directory?
2) is there even any way that ASP processing can be turned off?
perhaps not explicitly, but maybe via malicious code or virus?

thanks in advance,
Jon LaRosa
jlarosa at alumni dot brown dot edu
Jul 19 '05 #1
8 2162
> 1) is it possible to use an include file that is outside of the web
directory?
Did you try what you posted?
2) is there even any way that ASP processing can be turned off?
perhaps not explicitly, but maybe via malicious code or virus?


Sure, anything is possible. However if a malicious user can get access to
the filesystem in order to put and execute a virus, they could probably just
open all the ASP files and find your usernames/passwords anyway.

--
http://www.aspfaq.com/
(Reverse address to reply.)
Jul 19 '05 #2
I did try it - I get a "Include file not found" error.

When you write "Did you try what you posted?" are you saying this
because it should work? Or are you saying this because you think it
might work but you're not sure?

thanks for you help.

jon


*** Sent via Developersdex http://www.developersdex.com ***
Don't just participate in USENET...get rewarded for it!
Jul 19 '05 #3
To my knowledge you can not access an include file that is not hosted on
the same server within the web shares.

Jonathan LaRosa wrote:
Hi all -

I would like to do something like this:
<!--#include file="C:\dbutils\dbConfig.asp"-->

Where the directory C:\dbutils is OUTSIDE of the web directory and not
accessible by a client web browser.

The reason I would like to do this is in case somehow ASP processing
gets turned off in IIS. Since "dbConfig.asp" contains a
username/password for the database, I don't want this file to somehow
get sent back to a client browser as plain text.

Two questions:
1) is it possible to use an include file that is outside of the web
directory?
2) is there even any way that ASP processing can be turned off?
perhaps not explicitly, but maybe via malicious code or virus?

thanks in advance,
Jon LaRosa
jlarosa at alumni dot brown dot edu


Jul 19 '05 #4
> I did try it - I get a "Include file not found" error.

Perhaps it's a permissions issue. Does IUSR_<your_machine_name> have
sufficient access to c:\DBUtils\ ?
When you write "Did you try what you posted?" are you saying this
because it should work?


I asked this for two reasons:

(a) I'm sure I've seen this work before (likely IIS 4.0), but on my current
OS (which runs IIS 6.0), it doesn't seem to work.

(b) it wasn't clear that you had tried it. Many people post things like
"will this code work?" without bothering to try it. Usually, if the person
*had* tried it, they will also include information about what happened when
they tried it, without being prodded.

--
http://www.aspfaq.com/
(Reverse address to reply.)
Jul 19 '05 #5

"Aaron [SQL Server MVP]" <te*****@dnartreb.noraa> wrote in message
news:e%****************@TK2MSFTNGP09.phx.gbl...

(a) I'm sure I've seen this work before (likely IIS 4.0), but on my
current
OS (which runs IIS 6.0), it doesn't seem to work.


Did you enable "Enable parent paths?" :]

Ray at work
Jul 19 '05 #6
I completely forgot about the permissions on that directory, but
unfortunately that was not it. I still get the "Include file not found
error".

Maybe IIS no longer allows it. Damn.

thanks for everyone's responses.

jon
*** Sent via Developersdex http://www.developersdex.com ***
Don't just participate in USENET...get rewarded for it!
Jul 19 '05 #7
I didn't think "enabling parent paths" would come into play, since I
wasn't using "../" at all. And indeed, enabling parent paths still
doesn't allow me to use:
<!--#include file="C:\dbutils\dbConfig.asp"-->

But interestingly enough enabling parent paths did allow me to use this:
<!--#include file=../../../../dbutils/dbConfig.asp-->

so the problem is more or less solved. Of course the latter is a little
messy with all the "../" and I would prefer to use a reference that
didn't depend on the location of the file that had the include statement
in it (e.g. the former), but oh well.

thanks much,
jon
*** Sent via Developersdex http://www.developersdex.com ***
Don't just participate in USENET...get rewarded for it!
Jul 19 '05 #8
"Jon LaRosa" wrote in message news:OH**************@TK2MSFTNGP12.phx.gbl...
:I didn't think "enabling parent paths" would come into play, since I
: wasn't using "../" at all. And indeed, enabling parent paths still
: doesn't allow me to use:
: <!--#include file="C:\dbutils\dbConfig.asp"-->
:
: But interestingly enough enabling parent paths did allow me to use this:
: <!--#include file=../../../../dbutils/dbConfig.asp-->
:
: so the problem is more or less solved. Of course the latter is a little
: messy with all the "../" and I would prefer to use a reference that
: didn't depend on the location of the file that had the include statement
: in it (e.g. the former), but oh well.

or make a virtual root that points to c:\dbutils called /dbutils and then
use:
<!--#include virtual="/dbutils/dbconfig.asp"-->

You'll need read and script permissions.

HTH...

--
Roland Hall
/* This information is distributed in the hope that it will be useful, but
without any warranty; without even the implied warranty of merchantability
or fitness for a particular purpose. */
Technet Script Center - http://www.microsoft.com/technet/scriptcenter/
WSH 5.6 Documentation - http://msdn.microsoft.com/downloads/list/webdev.asp
MSDN Library - http://msdn.microsoft.com/library/default.asp
Jul 19 '05 #9
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

4
include() header and footer
by: Jez | last post by:
I'm ashamed that I need to ask this question. I've been using PHP for almost a year now, and have used HTML extensively in the last few years. Often, when I create a new site, I use include() to...
PHP
9
excessive use of include files
by: Tom Cat | last post by:
Is there anything wrong with using a lot of include files? On one part of my website, I have a form. The page it posts data to, includes a different file based on some of the values. The...
PHP
1
how to include a file from another dir
by: Dennis T. Holm | last post by:
Hey I wonder how i can include a file from another directory.... is this possible ? include('/directory/file.php'); Dennis T. Holm
PHP
5
include
by: Christopher Pisz | last post by:
How can I include a file relative to the top level directory from any other directory ? I really hate to use absolut url or put all my files in one directory. eg : include("<symbol for...
PHP
1
include a file outside the Web path?
by: Fabrice | last post by:
Hi, Is it possible to include a file in a web application which is outside the web path (without virtual directory). Language is ASP with IIS6. for example : physical web path application:...
ASP / Active Server Pages
4
include security -what works, what dont?
by: juglesh | last post by:
please comment on the following methods of preventing cross site scripting and/or other nastiness: 1: $pages = array('home','contact','about','links' ); // could also build this array with...
PHP
3
Include problem
by: John | last post by:
I am setting up a number of web pages and need to use an include with the following code : require_once dirname(__FILE__) . '/HTML_ToPDF.php'; $linkToPDFFull = $linkToPDF =...
PHP
5
ruminations on #include and paths
by: David Mathog | last post by:
One thing that can make porting C code from one platform to another miserable is #include. In particular, the need to either place the path to an included file within the #include statement or to...
C / C++
6
Unable to set a string to Include statement
by: tshad | last post by:
In my User control, I tried to do this: *************************************************************************** <Script runat="server"> Public ClientName As String = "<!-- #include file =...
ASP.NET
0
Easy Steps to Fix "Canon Printer Won't Connect to WiFi Network"
by: taylorcarr | last post by:
A Canon printer is a smart device known for being advanced, efficient, and reliable. It is designed for home, office, and hybrid workspace use and can also be used for a variety of purposes. However,...
General
0
Batch import of multiple excel files into the database
by: ryjfgjl | last post by:
If we have dozens or hundreds of excel to import into the database, if we use the excel import function provided by database editors such as navicat, it will be extremely tedious and time-consuming...
Data Management
0
Migrating Website to Cloud - Emmanuel Katto
by: emmanuelkatto | last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud. Please let me know. Thanks! Emmanuel
General
0
BarryA
Navigating the Data Structures and Algorithms (DSA)
by: BarryA | last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
Algorithms / Advanced Math
1
Looking to do Android software development, any suggestions? Is flutter better?
by: nemocccc | last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
General
1
Is that possible of reading the .csv file in column wise and the column have different lengths ?
by: Sonnysonu | last post by:
This is the data of csv file 1 2 3 1 2 3 1 2 3 1 2 3 2 3 2 3 3 the lengths should be different i have to store the data by column-wise with in the specific length. suppose the i have to...
C / C++
0
Changing the language in Windows 10
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
Windows Server
0
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...
C / C++
0
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
Online Marketing

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!