Security Error: The path to the products

I understand that the problems that Comcity is experiancing has to do with bad .asp scripting. There is nothing in the manual explaining what we are to do regarding this issue.

Here is a copy of an email we get daily.
*********
This is an automated response sent from SalesCart

Security Error: The path to the products database is invalid. Open checkpost.asp and change fpDBPath (for FrontPage) or dwDBPath (for
Dreamweaver) to a valid database path.

Order Number: 2309
Item Number: DM-Ford Gauge Kit
Posted Price: 0
Actual Price: 0

Posting URL: ../mall/default.asp
Browser: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)
Server: www.dieselmanor.com
************

So my question is, what do I change the path to?

Edited by davidmurphy

Try this:

'FrontPage products database path

Comment out the line ->' fpDBPath = Application("Products1_ConnectionString")

'Dreamweaver products database path

Comment out the line ->' dwDBPath = "Driver={Microsoft Access Driver (*.mdb)};DBQ=" & Server.MapPath("/") & "/fpdb/products.mdb;"

In ASP, if you add the apostrophe in front of the code it comments it out and renders that portion inactive. Developers use comment lines to remind them what this portion of the code does.

Example:

Not Commented
fpDBPath = Application

Commented
'fpDBPath = Application

debsy,
I did exactly as was described, just put an ' in front of the fpDBPath = Application("Products1_ConnectionString")
and I no longer get teh messages.

Well...that takes care of the emails but what about the actual SECURITY of the website or just its functionality in general? I was doing some testing and noticed that I hit the "add to cart" button and since I have the "postpone checkout for this item" feature selected the page refreshed, however it did not add the item to my shopping cart. I hit the "add to cart" button again and this time it added it. In a matter of seconds, I received the email stating that "Security Error: The path to the products database is invalid..."
I am assuming that the "non adding to the webcart" is a biproduct of the code in checkpost.asp

I am more interested in solving the problem than simply not receiving the emails. Should I be concerned about this???

Thanks...anybody

No, it wouldn't be...because everybody's database path is different. The software would work for no one instead of 1 guy who is doing something off the most traveled path (no pun intended).

Security is a point of view and 1000 shades of grey. What is secure to one is not to another. The purpose of this routine is to check prices against the database. I believe the solution proposed is simply to make an older out dated version of checkpost.asp work or to make it work in cases where somebody has broken something.

Not adding products is not a bi-product of checkpost unless you have specifically set it not to not allow price posts that don't match to be added....