Without seeing more code or having the files in front of me, here are my best answers: 1.) This folder is located on the "D" drive of the server that is running these web pages and does not affect the client's PC in any way. As long as you see this path on the web server, you should be OK. SSL does not have it's own part of a site. It's installed and covers any page that starts with "https://"; (as apposed to http:// -- note the "s") within the entire site. You might be able to configure it to only certain pages, but I have never done this as I saw no need for partial SSL.
1.) Ideally, this would go in a page with a file extension of ".asp" that is stored in the root directory of your site. Probably with all the other web pages. All ASP code must in an asp page, that's how the server knows how/when to process it. This can be changed so that a web page with a ".htm" extension can process it, but that's probably beyond the scope of your question. In order to use it, you must include it in the web page that actually needs to process it. Or you can use an include file. This is a seperate file that is referenced within another asp page. Do a google search on "using asp include files" for more information. 2.) myPrivateResultFile looks like a variable that is not being declared. It holds the name of the text file that is being created. Without seeing more of the code, like the function "SaveResultInFile", it's hard to say what happens with the test file. This function could overwrite any existing file with the current one. As far as using the person's last name, you could build the name of the file dynamically. But you would be *MUCH* better off storing this data somewhere secure like a database. Keeping sensitive data in a test file is not a good idea since someone smart enough could potentially open the file and see the contents by typing the path in the browser. Like this: http://www.yoursiteisnotsecure.com/_private/result.txt That's all it takes to open a text file on a web server that is not somehow secured. Do yourself a favor and try to get the data secured. 3.) This is getting the full URL from the form that is posting to this function. I don't see any need to change this. 4.) I believe this is the variable that holds the path to the folder where the text file is being stored. 5.) Store it in a database and retrieve the info when you need it. Thanks, Mark eileens_web <[EMAIL PROTECTED]> wrote: I do not know ASP programming and although I am a programmer, I am having a difficult time with this simple form script that was given to me by the hosting company. I have asked these questions 5 times, but with ESL they are having difficulty understanding them. I am doing this as a favor for a friend. I'm not getting paid for it and I have spent a lot of time trying to find online, some other secure code for free. Here is the situation: The form takes the information and credit card info from the user and originally emailed it to the owner (which wasn't secure). So now we have the form on the secured site and I have this ASP script that I don't know what to do with it. Here are my questions: 1.) folder myAbsolutePath = "d:\home\YourDomainName\_private\" WHERE IS THIS FOLDER CREATED/LOCATED? �IN THE DATA FOLDER on the SSL site? Does a _private folder need to be created then? (How is it done?) or ON THE MACHINE IN THE OFFICE? Where? This address implies the desktop. If this is the hard drive of the machine in the office, how does it know how to get back to the desktop machine. 1.) Is the script file(given below) stored on the SSL server as SaveResultInFile.asp or included in the code of herbs.htm ? If the script is not stored on the server as a separate file AND it's not stored in the HTML code of the form document, then WHERE IS IT STORED? This is a simple question, where is the script stored in order to be used/reference? What folder would it be stored in, if not in the HTML code for the form document? 2.) Is this File myPrivateResultFile naming the file result.txt? - Then what happens if someone else places an order right after it, wouldn't it get overwritten with that same name? How could we use the person's last name as the filename instead? 3.) Are there any other variables that need to be replaced with a specific designation in the code that you've provided above? e.g. Request.ServerVariables("URL") Does URL mean that we have to supply the URL of the secured site or the home site OR is URL a reserved word or a CONSTANT OR does URL mean something else? 4.) What is this folder myAbsolutePath used for? What goes into it? By any chance would that be the scripting file? Where would be the better place for this folder to be located? Does it need to be secure? 5.) How do we get the information in a secured way back down to the desktop in order to process the order? The website is: http://healing-arts-alliance.com where at the bottom of every page there is a link to: SSL URL: https://gh.cartmedia.com/ssl10073/herbs.htm the form Here is the script that was given to me: ======================================================================= Function SaveResultInFile ( Path, NFile ) filespec=Path & NFile Set fso = CreateObject("Scripting.FileSystemObject") If (fso.FileExists(filespec)) Then Set f = fso.GetFile(filespec) Set TextStream = f.OpenAsTextStream(8) TextStream.Writeline "=========================" TextStream.Writeline Now & " posted from : " & Request.ServerVariables("URL") For each item in Request.Form If Request.Form(item)<>"" then M=item & " : " & Request.Form(item) TextStream.Writeline (M) end if next TextStream.Close set f=nothing set TextStream=nothing else Set Folder = FSO.GetFolder(Path) Set TextStream = Folder.CreateTextFile(NFile) TextStream.Writeline "=========================" TextStream.Writeline Now & " posted from : " & Request.ServerVariables("URL") For each item in Request.Form If Request.Form(item)<>"" then M=item & " : " & Request.Form(item) TextStream.Writeline (M) end if next TextStream.Close set TextStream=nothing end if set fso=nothing end function myAbsolutePath = "d:\home\YourDomainName\_private\" myPrivateResultFile = "result.txt" ' You need to have write permission to folder myAbsolutePath SaveResultInFile myAbsolutePath, myPrivateResultFile ======================================================================= Yahoo! Groups SponsorADVERTISEMENT --------------------------------- Yahoo! Groups Links To visit your group on the web, go to: http://groups.yahoo.com/group/AspClassicAnyQuestionIsOk/ To unsubscribe from this group, send an email to: [EMAIL PROTECTED] Your use of Yahoo! Groups is subject to the Yahoo! Terms of Service. --------------------------------- Do you Yahoo!? Win a $20,000 Career Makeover at Yahoo! HotJobs [Non-text portions of this message have been removed] ------------------------ Yahoo! Groups Sponsor ---------------------~--> Buy Ink Cartridges or Refill Kits for your HP, Epson, Canon or Lexmark Printer at MyInks.com. Free s/h on orders $50 or more to the US & Canada. http://www.c1tracking.com/l.asp?cid=5511 http://us.click.yahoo.com/mOAaAA/3exGAA/qnsNAA/saFolB/TM ---------------------------------------------------------------------~-> Yahoo! Groups Links <*> To visit your group on the web, go to: http://groups.yahoo.com/group/AspClassicAnyQuestionIsOk/ <*> To unsubscribe from this group, send an email to: [EMAIL PROTECTED] <*> Your use of Yahoo! Groups is subject to: http://docs.yahoo.com/info/terms/
