Hi,
I want to hide connection string to the database. Presently i have that hard coded in the asp page. But i want hide the connection string in registry or somewhere more secure.

Can anyone help me with the procedure how to do it and also the asp code as to how to access that connecitonstring.

thanks,
atul kumar.

You could use an include and put the connection string is a separate page.

<!--#include file="../connection/connect.asp"-->


connect.asp might look something like this if you are using a MS Access database:
<%
' this will create the connection to the database
dim MyConnection
set MYConnection = server.CreateObject("ADODB.Connection")
MyConnection.ConnectionString = "DRIVER={Microsoft Access Driver (*.mdb)};" & "DBQ=C:\pathtodatabase\Mydb.mdb"

MyConnection.Open
%>

There is no way to completely hide the connection string. But if you want to hide the database server, username, and password, you should create a DSN on the server. Then all you have to do is put the DSN name in the connection string. On Windows 2000, it's under Start > Settings > Control Panel > Administrative Tools > Data Sources ODBC.

you can hide it int he registry but you would want/need to write a com object to get the value from the registry (atleast I'm not aware of any way to look at the registry using ASP). you could put it in a file and encrypt it but then you would need to have a decryption function as well which would (basically) be easily hacked so it probably wouldn't help.