To read the article online, visit http://www.4GuysFromRolla.com/webtech/080600-1.2.shtml

How the "Print this Page" Script Works, Part 2


  • Read Part 1

  • In Part 1 we looked at what was needed to get the PrintPage.asp script to work to display a truly printer-friendly format. In this part we'll look two shortcomings of the system and examine the source code to the PrintPage.asp script!

    First off, the shortcoming. Since the printer-friendly format exists in a directory separate from the articles (the PrintPage.asp format on 4Guys is in the /ASPScripts directory while articles, FAQs, SQLGuru questions, and other information are in the /webtech, /webtech/faq, /webtech/sqlguru and others), it is essential that all the hyperlinks in the articles are non-relative. Non-relative URLs are those that are not dependent upon the location of the current ASP page; URLs beginning with http://ServerName/ArticleURL or /DirectoryName/ArticleURL are non-relative. Relative URLs are ones like ArticleURL.

    If relative URLs are used, in the printer-friendly rendition the hyperlinks will be broken. For example, if in an article I have the following hyperlink:

    <A HREF="092298-3.shtml">
       Using the Request.ServerVariables Object
    </A>

    Then in the printer-friendly format, if someone clicks on the hyperlink, they will be taken to: /ASPScripts/092298-3.shtml, which doesn't exist and will return a 404. How annyoing! Therefore, I make certain to use non-relative URLs in all of the articles. For example, the above hyperlink would be recoded to read:

    <A HREF="/webtech/092298-3.shtml">
       Using the Request.ServerVariables Object
    </A>

    That /webtech/ before the article URL ensures that the printer-friendly format will not produce dead (or erroneous) links.

    The PrintPage.asp script was designed for simplicity... yes, modifications could be made so that it checked for hyperlinks and fixed relative URLs. If you would like to add such functionality, I heartily invite you to (and hope you would share your results and script with 4Guys)!

    A second shortcoming that merits great warning is the fact that with the PrintPage.asp any clever person could view the source to your ASP scripts! For instance, imagine that the user entered the following URL into their browser: http://www.4GuysFromRolla.com/ASPScripts/PrintPage.asp?REF=/ASPScripts/search.asp, they could view the source to the our Search Engine (they would need to do View/Source once they entered this URL). Therefore, in the PrintPage.asp script a line of code ensures that users only view printer-friendly versions of articles form the /webtech/ directory of one of its subdirectories. Furthermore, an even cleverer person could enter: http://www.4GuysFromRolla.com/ASPScripts/PrintPage.asp?REF=/webtech/../ASPScripts/search.asp, bypassing just the check for /webtech in the referring string. Therefore a check is also made to ensure that there are no .. in the referring string. (Thanks to Rick S. for pointing this one out...)

    Now has come the time to view the source for PrintPage.asp (finally!). Upon inspection I think you'll agree that it is quite simple (it was that way be design!). Without further fuss, here is the code!

    Happy Programming!


    <%@ Language=VBScript %>
    <%  Option Explicit   %>
    <HTML>
    <HEAD>
    <TITLE>
    4GuysFromRolla.com Article
    </TITLE>
    </HEAD>
    <BODY>
    <CENTER>
      <TABLE WIDTH=90% BORDER=2 CELLSPACING=1 BGCOLOR=WHITE>
        <TR><TD ALIGN=CENTER>
          <FONT SIZE=3><I>
            This article was brought to you by 4GuysFromRolla.com!
            When you think ASP, think 4GuysFromRolla.com!<BR>
            http://www.4GuysFromRolla.com
          </FONT></I>
        </TD></TR>
      </TABLE>
    </CENTER>
    <P>
    <% 
     Const ForReading = 1
     
     Dim strReferrer, objFSO, objOpenFile, strLine 
     strReferrer = Request.QueryString("REF")
     
     If Len(strReferrer) < 1 then
        strReferrer = Request.ServerVariables("HTTP_REFERER")
        
        If Len(strReferrer) < 1 then
          Response.Write "Egad!  An Error occurred!  We could not" & _
            " determine what page you wanted to view the source for..."
          Response.End
        Else
          'With the HTTP_REFERER, the entire URL is passed along... we
          'need to hack out the http://www.4guysfromrolla.com part
          strReferrer = Right(strReferrer,len(strReferrer)-7)
          strReferrer = Right(strReferrer,len(strReferrer) - _
                              instr(1,strReferrer,"/")+1)
        End If
        
      End If
    
      'Make sure the user isn't trying to view ASP source
      '(You should alter this below statement to make sure that the
      ' reader is trying to view an article in the proper directory.
      ' If you do not care where the user views the articles from,
      ' simply remove the If statement altogether...)
      If InStr(1,UCase(strReferrer),"/WEBTECH/") = 0 OR _
           InStr(1,strReferrer,"..") <> 0 then
        'Shame on you, trying to view a page you're not suppose to...
        Response.Write "Only pages in the /webtech/" & _
                   " directory may be viewed in printer-friendly format..."
        Response.End
      End If
       
      Set objFSO = Server.CreateObject("Scripting.FileSystemObject")
      Set objOpenFile = objFSO.OpenTextFile(Server.MapPath(strReferrer), _
                                                         ForReading)
      
      'Output each line of the file...
      Do Until objOpenFile.AtEndOfStream
        strLine = objOpenFile.ReadLine
        Response.Write  strLine & vbCrLf
      Loop
      
      objOpenFile.Close
      Set objOpenFile = Nothing
      Set objFSO = Nothing
    %>
    <P><HR><P><CENTER><FONT SIZE=2><I>
    This article was brought to you by 4GuysFromRolla.com!  When you think ASP, 
    think 4GuysFromRolla.com!<BR>
    http://www.4GuysFromRolla.com</FONT></I></CENTER><P>
    </BODY>
    </HTML>
    


    Article Information
    Article Title: How the 'Print this Page' Script Works, Part 2
    Article Author: Scott Mitchell
    Published Date: Sunday, August 06, 2000
    Article URL: http://www.4GuysFromRolla.com/webtech/080600-1.2.shtml


    Copyright 2017 QuinStreet Inc. All Rights Reserved.
    Legal Notices, Licensing, Permissions, Privacy Policy.
    Advertise | Newsletters | E-mail Offers