Web Wiz - Solar Powered Eco Web Hosting

  New Posts New Posts RSS Feed - save_new_session_data
  FAQ FAQ  Forum Search   Events   Register Register  Login Login

save_new_session_data

 Post Reply Post Reply Page  <1 234
Author
WebWiz-Bruce View Drop Down
Admin Group
Admin Group
Avatar
Web Wiz Developer

Joined: 03 September 2001
Location: Bournemouth
Status: Offline
Points: 9780
Post Options Post Options   Thanks (0) Thanks(0)   Quote WebWiz-Bruce Quote  Post ReplyReply Direct Link To This Post Posted: 15 December 2023 at 3:20pm
Thanks will have to look in to this.

I am not sure though is Scriptlet.TypeLib is available on all servers.
Back to Top
Roberto Randall View Drop Down
Senior Member
Senior Member
Avatar

Joined: 21 August 2009
Location: San Pedro Alc.
Status: Offline
Points: 254
Post Options Post Options   Thanks (0) Thanks(0)   Quote Roberto Randall Quote  Post ReplyReply Direct Link To This Post Posted: 15 December 2023 at 3:38pm
My server is windows server 2022 and Scriptlet.TypeLib works very well for me. Now the attacks in err_SQLServer_SqlInjectionTest() appear fine in the logs and I can insert the dangerous IPs into my firewall.

If it is not compatible with all servers, you can put in the forum security menu that if the server is compatible, the owner can activate it. In this way the forum has both options.

Thanks to this code, my server's CPU is lower by being able to eliminate malicious IPs.


Edited by Roberto Randall - 15 December 2023 at 3:47pm
https://www.lanocion.es - https://www.lanocion.games - https://www.lanocion.chat
Back to Top
WebWiz-Bruce View Drop Down
Admin Group
Admin Group
Avatar
Web Wiz Developer

Joined: 03 September 2001
Location: Bournemouth
Status: Offline
Points: 9780
Post Options Post Options   Thanks (0) Thanks(0)   Quote WebWiz-Bruce Quote  Post ReplyReply Direct Link To This Post Posted: 15 December 2023 at 5:30pm
Thanks Reberto for posting the code, if I get time next week, I will take a look.
Back to Top
WebWiz-Bruce View Drop Down
Admin Group
Admin Group
Avatar
Web Wiz Developer

Joined: 03 September 2001
Location: Bournemouth
Status: Offline
Points: 9780
Post Options Post Options   Thanks (0) Thanks(0)   Quote WebWiz-Bruce Quote  Post ReplyReply Direct Link To This Post Posted: 20 December 2023 at 1:38pm
I had some time to look at this and came up with the following;

Private Function createForumSessionID()

  Dim dblNowDate 
  Dim strClientIP
  Dim objTypeLib
  Dim strTypeLibGUID
 
 
  'Set error trapping in case the system doesn't support Scriptlet.TypeLib
On Error Resume Next
 
  'Generate unique session ID
Set objTypeLib = CreateObject("Scriptlet.TypeLib")
strTypeLibGUID = LCase(Mid(CStr(objTypeLib.Guid), 2, 36))
Set objTypeLib = Nothing

'Disable error trapping
On Error goto 0

'If we have got a GUID from the system use that for the session ID
If NOT strTypeLibGUID = "" Then
createForumSessionID = strTypeLibGUID
 
  'Else we need to create a session ID
Else
  'Get the time as a double number
  dblNowDate = CDbl(Now())
  dblNowDate = Mid(dblNowDate, InStr(1, dblNowDate, ".")+1, Len(dblNowDate))
 
  'Application session number to ensure that the sessions ID is unquie
Application("SessionNum") = Application("SessionNum") + 1
 
'Calculate a code for the user
createForumSessionID = Application("SessionNum") & "-" & LCase(hexValue(20)) & dblNowDate
End If

End Function

This will attempt to use Scriptlet.TypeLib to create the session ID and if that fails it will use the old method to create the session ID.

I have been testing this for a few days and not seen any issues with duplicate sessions and it will be included in the next release.

Thanks for your help with this.
Back to Top
Roberto Randall View Drop Down
Senior Member
Senior Member
Avatar

Joined: 21 August 2009
Location: San Pedro Alc.
Status: Offline
Points: 254
Post Options Post Options   Thanks (0) Thanks(0)   Quote Roberto Randall Quote  Post ReplyReply Direct Link To This Post Posted: 20 December 2023 at 2:47pm
It's perfect. Thanks to you for your forum. Thumbs Up
https://www.lanocion.es - https://www.lanocion.games - https://www.lanocion.chat
Back to Top
 Post Reply Post Reply Page  <1 234

Forum Jump Forum Permissions View Drop Down

Forum Software by Web Wiz Forums® version 12.07
Copyright ©2001-2024 Web Wiz Ltd.


Become a Fan on Facebook Follow us on X Connect with us on LinkedIn Web Wiz Blogs
About Web Wiz | Contact Web Wiz | Terms & Conditions | Cookies | Privacy Policy

Web Wiz is the trading name of Web Wiz Ltd. Company registration No. 05977755. Registered in England and Wales.
Registered office: Web Wiz Ltd, Unit 18, The Glenmore Centre, Fancy Road, Poole, Dorset, BH12 4FB, UK.

Prices exclude VAT unless otherwise stated. VAT No. GB988999105 - $, € prices shown as a guideline only.

Copyright ©2001-2024 Web Wiz Ltd. All rights reserved.