Comments for Building a Download Manager for Your WebSite, Using ISAPI, ADO and - of course - Delphi 5http://dn.codegear.com/article/217962008-11-19T07:57:24-08:00Building a Download Manager for Your WebSite, Using ISAPI, ADO and - of course - Delphi 5Martin Minkahttp://threads.codegear.com/threads/threads.exe/userall?commentid=27395http://threads.codegear.com/threads/threads.exe/view?commentid=273952000-12-21T00:30:04-08:002000-12-21T00:30:04-08:00Building a Download Manager for Your WebSite, Using ISAPI, ADO and - of course - Delphi 5i readed the article http://community.borland.com/article/0,1410,21796,00.html , but it dont worked for me. then i found article http://support.microsoft.com/support/kb/articles/Q260/5/19.asp.i replaced the line iResponse.SetCustomHeader('Content-Disposition', 'filename='+ExtractFilename(iFilename)); to iResponse.SetCustomHeader('Content-Disposition', 'attachment; filename='+ExtractFilename(iFilename)); and now it is ok.sincerly,Martin Minkare: Connection cachingmarc hoffmanhttp://threads.codegear.com/threads/threads.exe/userall?commentid=25364http://threads.codegear.com/threads/threads.exe/view?commentid=253642000-06-14T08:32:12-07:002000-06-14T08:32:12-07:00re: Connection cachingPaulo,thanx a lot for the info.re: Connection cachingPaulo Gasparhttp://threads.codegear.com/threads/threads.exe/userall?commentid=25241http://threads.codegear.com/threads/threads.exe/view?commentid=252412000-05-31T15:24:30-07:002000-05-31T15:24:30-07:00re: Connection cachingI have been using ADO connection caching.It sure works and it is currently the recommended method tu use in ASPs.But reopenning still takes some 70 ms in my machine. Although this is faster than I would get trough any other Open/Close method (MTS included) in Delphi/WebBroker ISAPIs you can do another much faster thing: keep the connections open yourself.You can keep a connection open per module - all the time the WebModule exists - or implement you own cache on DLL level as I did. (ADO is free threaded, although it might need to be marked as such.)re: Putting a password in Cookie..marc hoffmanhttp://threads.codegear.com/threads/threads.exe/userall?commentid=25054http://threads.codegear.com/threads/threads.exe/view?commentid=250542000-05-02T11:05:43-07:002000-05-02T11:05:43-07:00re: Putting a password in Cookie..Loren,you are correct. however, the password has to go from the client to the server sometime, and when you are not using SSL, the password will always be sent in clear text.in the case of our site, when the user logs on to the site, the login information is always stored in a cookie, so the user will be re-recognized the next time he visits, even though the session expired.whatever you store inside the cookie, whether it is a username/password or a unique value used to reference the user - whenever an outsider gets this information, he will be able to pose as the original user.the _only_ way to get this part totally secure is by using SLL. either way, thanx for your thoughts, and i'm looking forward to haeing more from you,marc hoffmanPutting a password in Cookie..Loren Kosshttp://threads.codegear.com/threads/threads.exe/userall?commentid=25046http://threads.codegear.com/threads/threads.exe/view?commentid=250462000-05-01T18:23:01-07:002000-05-01T18:23:01-07:00Putting a password in Cookie..This is not a good thing because cookies go back and forth in the header. I would suggest creating a session table and putting a session id and an expiration time from the ASP code and put that session id in the cookie. Then the ISAPI DLL just looks for that session id in the table. If someone hacks that, they may only "become" a user while that session exists, but even better, they dont know the users password OR their user id (two very key factors in security).Even better, is to create a COM object that keeps track of sessions and use it from your ASP code as well as your ISAPI code, then you dont need to write anything to the database.Just a few thoughts. I've done many of these types of things myself..re: Connection cachingmarc hoffmanhttp://threads.codegear.com/threads/threads.exe/userall?commentid=24981http://threads.codegear.com/threads/threads.exe/view?commentid=249812000-04-25T09:48:54-07:002000-04-25T09:48:54-07:00re: Connection cachingMarcelo,you are propably right. i have not looked into this specifically, yet, but i will.thanx for pointing it out,marcConnection cachingMarcelo Lopez Ruizhttp://threads.codegear.com/threads/threads.exe/userall?commentid=24962http://threads.codegear.com/threads/threads.exe/view?commentid=249622000-04-24T14:25:57-07:002000-04-24T14:25:57-07:00Connection cachingPlease, correct me if I'm wrong, but AFAIK:ADO connection caching will happen, if you setup your extension under an isolated or pooled IIS "application", because these run under MTS (http://msdn.microsoft.com/isapi/msdnlib.idc?theURL=/library/psdk/iisref/isgu76ur.htm)ADO will anyway, by default, the OLE DB pooling services (http://msdn.microsoft.com/isapi/msdnlib.idc?theURL=/library/psdk/dasdk/olpr5uxz.htm).