Author: Gan Jiping
The basic knowledge is discussed above, and then the issue of permissions is discussed. FSO runs with permissions to create it's user account, in other words, if someone is from the Internet
Visit your page on, and then this internet account creates FSO. If you log in to the computer as administrator and log in to the page, then
The administrator account creates the FSO. This is very important because a certain account has certain permissions, and FSO requires some permissions to be fully
Execute function.
Internet accounts (IUSER_MachineName, MachineName is the name of the server) generally only have read permission, which means that the user will not be able to write to the server.
Guardbook documents. However, there are several options to bypass this problem.
First of all, it is also very difficult, requiring users to log in to the server before filling in the guestbook. However, the key point of the guestbook is to collect information from anonymous users, such as
If users are required to log in, they must know who they are. So, skip this option and see the next one.
The second method is to create a directory or file, and the IUSER_MachineName user has write permissions. Doing so may open up some potential security leaks
Hole, because anyone who knows the correct directory and has certain web skills can fill in content on the server. This is a serious taboo. So you have to confirm
The hidden place saves the information of these writable directories and sets them outside the web directory structure as much as possible (for example, under Windows, this is a
Not in a directory under the inetpub directory).
The basic knowledge is discussed above, and then the issue of permissions is discussed. FSO runs with permissions to create it's user account, in other words, if someone is from the Internet
Visit your page on, and then this internet account creates FSO. If you log in to the computer as administrator and log in to the page, then
The administrator account creates the FSO. This is very important because a certain account has certain permissions, and FSO requires some permissions to be fully
Execute function.
Internet accounts (IUSER_MachineName, MachineName is the name of the server) generally only have read permission, which means that the user will not be able to write to the server.
Guardbook documents. However, there are several options to bypass this problem.
First of all, it is also very difficult, requiring users to log in to the server before filling in the guestbook. However, the key point of the guestbook is to collect information from anonymous users, such as
If users are required to log in, they must know who they are. So, skip this option and see the next one.
The second method is to create a directory or file, and the IUSER_MachineName user has write permissions. Doing so may open up some potential security leaks
Hole, because anyone who knows the correct directory and has certain web skills can fill in content on the server. This is a serious taboo. So you have to confirm
The hidden place saves the information of these writable directories and sets them outside the web directory structure as much as possible (for example, under Windows, this is a
Not in a directory under the inetpub directory).