Print Page | Close Window

Securing connection to SQL Server

Printed From: Web Wiz Forums
Category: General Discussion
Forum Name: Classic ASP Discussion
Forum Description: Discussion on Active Server Pages (Classic ASP).
URL: https://forums.webwiz.net/forum_posts.asp?TID=14003
Printed Date: 30 March 2026 at 3:04pm
Software Version: Web Wiz Forums 12.08 - https://www.webwizforums.com


Topic: Securing connection to SQL Server
Posted By: Gary
Subject: Securing connection to SQL Server
Date Posted: 25 February 2005 at 12:59pm
Oh my God - I haive just discovered that my connection details are visible to all and sundry....
 
I am using a connect.inc file referenced inside my asp's. The inc file is in the same folder as the asp's. The inc file contains both user and password details for the database.
 
Set con = Server.CreateObject("ADODB.Connection")
CONSTR = "DSN=mydsn;UID=user;PWD=password;"
con.Open CONSTR
All that a user has to do is type http://mysiteurl.com/connect.inc - http://mysiteurl.com/connect.inc and hey presto - there's all the info.
 
I dont want to put the connection details directly into the asp pages as there are so many of them.
 
HELLLLLLPPPPPPP !!!!


Replies:
Posted By: dj air
Date Posted: 25 February 2005 at 1:26pm
put the connection details into a .asp file and then within the connect file make another include to include the new .asp file you created.


Print Page | Close Window

Forum Software by Web Wiz Forums® version 12.08 - https://www.webwizforums.com
Copyright ©2001-2026 Web Wiz Ltd. - https://www.webwiz.net