No announcement yet.

mcsDeviceGrid error message

  • Filter
  • Time
  • Show
Clear All
new posts

    mcsDeviceGrid error message

    The HS logs are showing:
    <TABLE cellSpacing=2 cellPadding=0 width="100%" border=0><TBODY><TR><TD class=LOGDateTime1 noWrap align=left>5/3/2007 12:54:16 AM </TD><TD class=LOGType1 align=left colSpan=3>mcsDeviceGrid </TD><TD class=LOGEntry1 align=left colSpan=8>ProcessASP 0 Line 100 Object doesn't support this property or method</TD></TR></TBODY></TABLE>

    and I get a blank page when I go to http://myserver:99/mcsDeviceGrid/mcsDeviceGrid.asp

    I'm using the latest version of HS ... Any ideas?


    In the setup there is a "Use External HTML Includes" that should normally be unchecked. It invokes the Windows scripting engine. If this is unchecked then the only other object used in this procedure is Request and Response objects passed down from HS, but no methods are being used with these objects. I added error feedback to identify the line number that is it complaining about in 1.2.1 at the top of the thread

    The plan of action is to confirm checkbox unchecked and if no success then download and see what line number is the problem


      I don't like to be alarmist, but it looks like mcsdevicegrid is allowing guest users to control devices.
      After noticing this, I tested by logging into my own system through dyndns as guest to test. Sure enough, clicking on any device LED did switch the device.
      I've circumvented the problem for now, so I can keep mcsdevicegrid on my site, by modifying mcsdevicegrid.asp as follows:

      If hs.WEBLoggedInUser <> "guest" Then
      Response.Write hs.Getplugins ("mcsDeviceGrid").DeviceGridASP(request, response)
      End If

      If I'm in some way mistaken or have brought this on myself, I apologize in advance.
      Real courage is not securing your Wi-Fi network.


        You are correct and this should be brought to users attention.

        In the past in many of the scripts/plugins of this nature there was a check based upon an ini setting. Since most users did not have this ini setting to configure the external access I tended to remove the check which is similiar to what you added.