I have a fairly simple block of code.
Sub Run(Name)
on error resume next
Set objShell = CreateObject("WScript.Shell")
if Err.Number = 429 then
alert("Invalid Security Level.")
exit sub
end if
objShell.Run Name
if Err.Number <> 0 then
Alert("Please verify your Operating System Choice")
end if
Set objShell = Nothing
End Sub
I'm using this with links on the website to allow the user to defrag their hard drive via:
Defrag Windows Vista<br>
Defrag Windows Server 2003 SE or Windows XP
As you can probably guess.. using:
Set objShell = CreateObject("WScript.Shell")
Is causing a bit of a problem, and it is throwing an error that the object cannot be created. I can go into IE security and change the security setting for,
"Initialize and script ActiveX
controls not marked as safe for
scripting"
to "Prompt", and it will actually prompt me and run when I click yes.
My question at this point is;
Since this is not a seperate block of code coming from an asp server (htm page w/ no code behind). Do I really need to spend $20 to get it signed, and how would I do that in the first place on a vbscript in an htm page?
Also.. the site that this will be implemented into DOES have an SSL cert. Is it possible to integrate into the existing cert in some way shape or form?
All I want to do is have links that are like...
"If you want to defrag your computer,
click here"
"If you want to run a disk scan, click
here"
And telling all our customers to go in and change their security settings is not an option.
Your code isn't the problem. When you create the "WScript.Shell" object, IE asks that control if it is safe for scripting. The object returns "No". That's why your code doesn't work. As long as you use "WScript.Shell" you will have the problem.
One way around this is to create your own ActiveX control that is marked as "safe for scripting", but then you would have to get all of your users to install it.
Related
We have recently added a new feature on our application to be able to shell out to another application. One of the commands is WScript.exe
In one part of the script, I wanted to be able to show a dialogue, so I create an instance of Internet Explorer, inject my html, and then wait for a hidden input element to be updated.
The windows scripting file (containing VBS) then calls
Dim explorer
Set explorer = WScript.CreateObject("InternetExplorer.Application")
explorer.StatusBar = 0
explorer.ToolBar = 0
explorer.Navigate "about:blank"
Dim document
Set document = explorer.Document
document.open
document.write html
document.close
explorer.Visible = True
Do
WScript.Sleep 250
Loop Until document.getElementById("myValue") <> ""
This seems to work fine when I am debugging my main application. But when I run the application outside the debugger, the dialogue appears behind the application.
I believe that the problem is explained in the answer to this item:
WScript.Shell AppActivate doesn't work every time
Essentially, this was working because I was developing this in debug mode. When out of debug mode, the instance of iexplore.exe was not directly started by wscript.exe - the iexplore.exe process is actually started by an instance of svchost.exe. This meant that the implicit SetForegroundWindow() does not work.
Can anyone suggest a way I can put this internet explorer windows in the foreground?
Or is there another way I can create a dialogue, without having to distribute any more components?
I want to change the homepage in the Edge browser via Registry but it's encrypted and I see (Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy) in Registry. Please help me to edit homepage in Registry or find where it's a violation of Windows policy to modify. See aka.ms/browserpolicy
ProtectedHomepages value is not really encrypted, instead it is an obfuscated buffer which contains homepages strings and the cryptographic hash for these strings. Buffer is obfuscated using the random generated seed which is also stored as a part of the buffer. I have done some reverse engineering research and published the results here.
So, basically, reading and decrypting this value is easier than modifying due to the required crypto-hash. However, reading capability is the only required for anti-malware software. I don't know what reasons you have to modify this value, hopefully you are not writing a piece of malware...
If it is only the homepage in Edge you want to set then change the URL below to your preference and then save this as a .reg file:
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Main]
"HomeButtonEnabled"=dword:00000001
"HomeButtonPage"="https://www.google.com/"
Currently it is not possible to change the startpage of Microsoft Edge writing string or binary value into the registry. The entry to change is "Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy" -> Value "ProtectedHomepages". The value is a encrypted binary value, in which the current homepage is not readable.
When you have to set a specific homepage more than one time and you want to do it with C# here a Workaround:
Set the startpage you want via UI of the Microsoft Edge browser. After Change of it restart the browser and export the registrykey named above. Open the exported file and copy the binary data into a string constant or resource in your C# Solution. In the function to write this Setting you can copy the string into a byte-Array and than writing as binary value into the registry. This entry has effect after restart of Microsoft Edge.
The same way you should use also when you want to Change the Default Search Provider. But in this case in addition to the value "ProtectedSearchScopes" one more registrykey is to use -> "OpenSearch". This key does/should exists by third Party search Providers only. This key should be deleted or does not exist if the search Provider is Bing.
Disable your computer's network interface
Launch MS Edge. The recovery page will error out
Open a new MS Edge tab
Close the MS Edge tab containing the error message
Close MS Edge
Enable your computer's network interface
Launch MS Edge
Also...
Some malware will change the Edge homepage. You can see the malicious URL in address bar, record it.
Kill Edge with Task Manager or reboot.
Edit your hosts file in c:\windows\system32\drivers\etc, from an Administrative command prompt go to that directory and type notepad hosts and hit Enter.
Add a host entry like this
127.0.0.1 bad.url (substitute the URL you recorded above for bad.url)
Save the hosts file then open Edge. This method is helpful when you are remoted in and cannot disconnect the network connection.
No need to do it in registry. You can now change the homepage via the settings in Microsoft Edge
I am new to coding and everytime I ask a question I feel like stupid because I mostly am unfamiliar with most known things in this "industry" so I will sum up the whole situation fastly.
I learned how to code html css and js, I learned how to use VS 2012 asp.net mvc 4 and finally I made a webside for a student club I am into. Hosting is provided by our school and they only gave me ftp user name and password, I dont know which hosting firm is it or what is going on and so on, I got Filezilla to delete and unpublish the old webside, and I didnt know a proper way to publish asp.net websides through filezilla so I used VS 2012 publish tool.
I choosed FTP as publish method because I had ftp user name... I choosed relase as configuration and thats it ( I didnt open options here ) finally I could push on publish...
I faced 2 main problems so I couldnt publish
Problems I faced were;
1) While I was trying to publish I got an error like
" Validation (HTML5): Element 'a' must not be nested within element 'a button' "
I was trying to make a nav with sub items on it, It worked while I was trying it on local host I saw similar problems spoken out here on VS 2010 I tried to make exstensions to VS didnt work out
Anyway I deleted that part from the project and I tried publishing again.
2)It worked out perfect it seemed like no problem occoured. But when I try to open the webside it was saying I had no permisson to view.
I hope I didnt write any off topic staff here just try to tell you my problems so maybe someone can get help like I did from prior topics.
" Validation (HTML5): Element 'a' must not be nested within element 'a
button' "
You cannot have one anchor tag inside another anchor tag. If you have it that will cause you the problem.
Check out this thread to find out valid elements which can be nested inside an Anchor tag.
I had no permisson to view.
You need to give proper read/write permissions for the ApplicationPool Identity on the folder structure you have for your website. Or else IIS Apppool will not be able to get the files and execute them.
Give permissions to AppPool Identity for a particular folder/file. That resource will guide you one how to give you permissions to Application Pool Identity.
Alternatively you can give permissions from FileZilla itself. Simply right click the application root folder and select permissions. Then you can specify permissions from client side itself. But in most of the production cases, we have to add app pool user to the folder/file permissions list manually. But definitely give a try with FileZilla.
Can I get a little code example to use DDE as a server? I know how to use the client part, but can't figure setting up my app to act as a server and receive data.
Have a look in your Delphi installation for a folder called DDEDemo. It's a DDE project that Delphi use to ship with (I'm not 100% sure it's still included, but have a look). The demo includes a DDE client and server.
Edit - Try this link for some example code.
It is so easy to use the DDE server that you don't even need sample code. You can do it just at designtime inside the Delphi form designer:
To create a server that sends out data:
Drop a TDDEServerConv and
TDDEServerItem on your form or data
module.
Connect the server item to
the server conversation (set
DDEServerItem1.ServerConv=DdeServerConv1
using object inspector, there is a
drop down list, but double clicking
it is enough).
Set the DDEServerItem.Text value to some valid text value (ie 'A')
To receive data, you might want to have macros that are executed by the DDE client that pass data to the server. For this you use the DdeServerConv.OnExecuteMacro event. Try dumping the parameter Msg:TStrings to a memo like this:
Memo1.Lines.Assign(Msg);
Now save and run your project.
To test it in excel type in:
=Project1|DdeServerConv1!DdeServerItem1
The excel dde client syntax parts are Application name followed by vertical bar, conversation name, followed by exclamation mark, then item name.
And you will see the value (A, or whatever you put into the Text property in the item) appear in Excel.
That's a working single item DDE server without any code written by you.
I generally find that I create the conversations and the items at runtime, instead of at designtime, in a real world scenario that is more useful for me.
For older (non unicode) Delphi versions there is also a full featured commercial product called Django that helps a lot with DDE work.
I think also you might be looking for information on how to write a "DDE Poke" command handler on the delphi side. I don't have a demo for that. I tried it, and the obvious things didn' quite work right for me (the item on your server has an OnPoke event, I wrote a simple client, called PokeData, and it didn't work).
I've found a dilly of a pickle with a new web server. We have a new web server that is displaying dates differently than our old web servers.
We are running asp classic web pages on IIS 6.0 with windows server 2003.
We have logged in as an administrator and set the regional settings as appropriate and then applied the settings to current user and default user profile.
We then went into registry and update the appropriate formats under HKEY_USERS/.default/control panel/international.
Update the asp.net configuration for our websites to the correct code-page and locale.
Does anyone have other places that the application could be getting date formats from?
I know this isn't the 'proper' way to fix the issue. However, the application was written many years ago, getting something through planning/change control would be a pain, and is the only application running on the server. Thus it is okay to configure the server to cater to this single application. Besides it was driving me crazy that a new server that should be configured identically to an old server was not working.
It turns out that in addition to HKEY_USERS/*/Control Panel/international, there is a setting for non-unicode programs. It can be found under HKLM/system/currentcontrolset/control/nls/language/Default. Set that to the correct code page and it is golden.
On the other hand, if you prefer to not modify the registry directly, you can update all these values through the Regional settings from the control panel.
You can adjust the formats through the 'customize' button.
You can change the 'language for non-unicode programs' under advanced tab.
Just make sure that you check the 'apply to the default profile' at the bottom of the advanced tab.
I don't think the highest vote answer is right, though it's close.
I had to use regedit to change all the internationalization settings of HKU\S-1-5-19\Control Panel\International (NT Authority) and HKU\S-1-5-20\Control Panel\International (Network Service) to match the settings that were already in HKU\S-1-5-18\Control Panel\International (Local System).
This worked perfectly.
I modified all the settings I could see which were different, by hand.
I should think I only really needed to change the settings for S-1-5-20 (Network Service).
Go to Control Panel -> Regional And Language Options, set all options you need, then under 'Advanced' tab select settings for non-Unicode programs and check 'Apply all settings to the current account and to the default user profile.'. Press OK and restart server.
On Windows Server 2008 administrators have additional 'Administrative' tab. There press 'Copy to reserved accounts'.
Classic ASP Defaults to the Locale ID that was configured when the server was Setup. If you have access to the original server run the following code to get Locale ID it's operating under and verify that the new server is using the same.
<%=Session.LCID%>
If the Locale IDs are different and you cannot change it on the new server then you can add a line to the Session_OnStart sub in the global.asa for the application that assigns the correct Locale ID to Session.LCID.
Using an ASP page with the content:-
Response.Write GetLocale
Might be informative, it'll show you what locale VBScript thinks its using.
I've seen issues like this in the dim and distant past when using integrated security. The ASP caches the regional details from a user hive when it first needs to use them then continues to use those settings until the process dies. ASP gets these settings from the user hive associated with the user identity the code is currently running under. Most of the time that would be DEFAULT because the user doesn't have a profile on the system.
However if the user happens to have logged on interactively to the server they will have a profile and so their settings are used. Hence I've seen situations where the server appears to have intermitten problems with regional settings.
I can't recall if I've seen this on IIS6, I've definitely seen it on IIS5.
If you run your ASP application under a different account (not IUSR_Guest)
Login as that account, set date/time format to what you want and restart IIS.