Turning off ‘An error occurred on the server … ’

Posted on September 14, 2009 by Nick Mallare

The full error message actually reads:

An error occurred on the server when processing the URL. Please contact the system administrator

I recently needed a more descriptive error message when debugging a script, and had too much trouble finding the answer I needed. The good news is, if you are reading this, I will tell you how to easily disable the default error message so that IIS will display a much more appropriate error message.

Before I go on, I do want to let you know that this setting should only be set when debugging a script. There are security risks with showing the exact error message to a [malicious] visitor.

Open IIS
Expand the local computer directory
Expand the ‘Web Sites’ directory
Right-click the website you are interested in showing detailed errors, select ‘Properties’.
Select the ‘Home Directory’ tab across the top
Select the ‘Configuration…’ button in the lower-right
Select the ‘Debugging’ tab across the top [far right]
Under ‘Error messages for script errors’, make sure you have the first radio button selected; ‘Send detailed ASP error messages to client’.

And there you have it. Go back to your browser and hit refresh. Presto!

Nick

MySQL Data Type INT: Signed vs. Unsigned

Posted on August 31, 2009 by Nick Mallare

I have been meaning to actually look at the storage differences between signed and unsigned for a few months now, and I have finally remembered to do it! A quick Google search returned just the information I was looking for, so I thought that I would repost the blurb that was worthwhile.

An UNSIGNED INT can go from 0 to 4294967295 (aprox 4 billion). A SIGNED INT , on the other hand, starts at -2147483648 and goes to 2147483648 (aprox 2 billion).

source: http://www.verysimple.com/blog/2006/10/22/mysql-data-type-optimization-tips/

Nick

Fair Compensation and Website Security

Posted on August 25, 2009 by Nick Mallare

Just throwing a question out there. What would you deem fair compensation if somebody found a security exploit in your website?

This particular exploit that I discovered offered access to half of a members credit card number, as well as personal information [i.e. - full name, address, etc] for every order on their [e-commerce] website.

Since first finding the exploit, I have also been able to exploit the download section of the website. I can gain access to every file on the site, without having to purchase them. I am still waiting on a return phone call on this particular issue.

What do you think [a] I was offered and [b] what I should have been offered?

Nick

Using JQuery to clear a div [or an element]

Posted on August 7, 2009 by Nick Mallare

JQuery continues to make things easy on us. The following code will remove all of the children elements from the parent.

$('#idOfElement').empty();

Now, that was easy, eh?

Nick

Using ORDER BY with UPDATE

Posted on July 21, 2009 by Nick Mallare

Yep, you read the title correctly. This problem presented itself when I needed a quick and dirty way to update an auto_increment [a_i] field in a database. I wanted to move the a_i field up by n, where a_i > x. The query looked like this:

UPDATE table_name SET id = (id + n) WHERE id > x ORDER BY id DESC

To see why one must do it this way, try to do the query without the ORDER BY.

Nick

nickmallare.com

By Nick, for You

Author Archives: Nick Mallare

Turning off ‘An error occurred on the server … ’

MySQL Data Type INT: Signed vs. Unsigned

Fair Compensation and Website Security

Using JQuery to clear a div [or an element]

Using ORDER BY with UPDATE