|
301 Redirect |
Post Reply 
|
Page 12> |
| Author | ||
worldofrugs 
Senior Member 
Joined: 24-April-2008 Location: United States Status: Offline Points: 0 |
 Post Options
 Thanks(0)
 Quote Reply
 Topic: 301 RedirectPosted: 19-August-2010 at 2:38pm |
|
|
Additional question to this issue...
While the given code works perfectly (thanks Greg!), I'm wondering if the following would be an option. Say I have 5 categories: 120/121/122/123/124 I could write the code for each single line, but could it be made more simple by doing something like: If idCategory >119 AND idCategory < 125 Then .... [action to be taken] ..... I know I prob. have to convert the string to a number, but not sure on these things. Somehow I have a feeling this should be simple to do? It sure would save a lot of coding! ------ EDIT ------ Found the solution  Dim idCategory idCategory = Cint(getUserInput(Request("idCategory"),5)) if idCategory>119 AND idCategory<125 then .... [action to be taken] ..... Edited by worldofrugs - 19-August-2010 at 2:58pm |
||
 |
||
|
Greg Dinger
Certified ProductCart Developers 
Joined: 23-September-2006 Location: United States Status: Offline Points: 238 |
Post Options
Thanks(0)
Quote Reply
Posted: 03-June-2010 at 2:50pm |
|
|
I was responding to the code he posted and wanted to point out the importance that when he is dealing directly with querstring variables the need for caution.
|
||
|
||
|
Brett
Groupie 
Joined: 22-April-2008 Location: Phoenix, AZ Status: Offline Points: 89 |
Post Options
Thanks(0)
Quote Reply
Posted: 03-June-2010 at 1:45pm |
|
|
Isn't the native ProductCart variable pIdCategory category already sanitized?
*edit* Not to confuse anyone... Greg's solution is completely secure and I'm sure the processor overhead for such a simple calculation is minimal. However, it seems a bit redundant to have two variables holding the same number. Edited by Brett - 03-June-2010 at 2:18pm |
||
|
||
|
worldofrugs
Senior Member
Joined: 24-April-2008 Location: United States Status: Offline Points: 0 |
Post Options
Thanks(0)
Quote Reply
Posted: 03-June-2010 at 10:39am |
|
|
Thanks for the help Greg. I'm implementing the pages that need to be re-directed right now and it works as it should.
It's a good feeling to know that I'm "safe" now Thanks!!! |
||
|
||
|
Greg Dinger
Certified ProductCart Developers
Joined: 23-September-2006 Location: United States Status: Offline Points: 238 |
Post Options
Thanks(0)
Quote Reply
Posted: 03-June-2010 at 10:33am |
|
|
That's what I had in mind. You DO NOT want to wake up one day and receive reports that the store has been attacked. Concientious use of proper protection methods is absolutely critical.
|
||
|
||
|
worldofrugs
Senior Member
Joined: 24-April-2008 Location: United States Status: Offline Points: 0 |
Post Options
Thanks(0)
Quote Reply
Posted: 03-June-2010 at 10:30am |
|
|
Never mind Greg, I found the issue.
On the Wiki page you gave me, you have the line:
But it should actually be:
When I changed it this way, working great, so I assume that this is the best way to go? Thanks for pointing it out Greg, 'you tha man'! Edited by worldofrugs - 03-June-2010 at 10:31am |
||
|
||
|
worldofrugs
Senior Member
Joined: 24-April-2008 Location: United States Status: Offline Points: 0 |
Post Options
Thanks(0)
Quote Reply
Posted: 03-June-2010 at 10:26am |
|
|
Thanks for that tip Greg...
However, as I am not a programming guru, I'm not sure how to implement this in my situation. I have quickly tried:
but this does not work. It simply goes to the "msg.asp?message=86" page (not a valid category), not resulting in the redirect I want and not returning the 301 header status. Did I miss something? |
||
|
||
|
Greg Dinger
Certified ProductCart Developers
Joined: 23-September-2006 Location: United States Status: Offline Points: 238 |
Post Options
Thanks(0)
Quote Reply
Posted: 03-June-2010 at 9:59am |
|
|
Paul, on another note, you should make it a general practice to sanitize your reference to querystring values. Whether the resulting value is sent to a query or not, use the "getuserinput" function. Were you to not do so when sending a querystring value to a query, you would create a security hold that could be deadly.
In your example above, the following statement would cause you massive grief "catnumber" was sent to a query and a hacker discovered it.
CatNumber= lcase(Request.ServerVariables("Query_String")) Edited by Greg Dinger - 03-June-2010 at 9:59am |
||
|
||
|
worldofrugs
Senior Member
Joined: 24-April-2008 Location: United States Status: Offline Points: 0 |
Post Options
Thanks(0)
Quote Reply
Posted: 03-June-2010 at 9:50am |
|
|
Thanks for that tip Brett! Will try this out today and when it works (asuming it does), it will keep the coding a little cleaner
Thanks!  |
||
|
||
|
Brett
Groupie
Joined: 22-April-2008 Location: Phoenix, AZ Status: Offline Points: 89 |
Post Options
Thanks(0)
Quote Reply
Posted: 03-June-2010 at 1:20am |
|
|
You might be able to find the category by simply doing:
<% if pIdCategory="number you want" then %> Since viewcategories.asp is already populating that variable |
||
|
||
|
Post Reply
|
Page 12> |
Tweet
|
| Forum Jump | Forum Permissions You cannot post new topics in this forum You cannot reply to topics in this forum You cannot delete your posts in this forum You cannot edit your posts in this forum You cannot create polls in this forum You cannot vote in polls in this forum |
Topic Options