Permissions

Now that we've covered the basics, we should discuss permissions. The FSO runs in the user account that created it. In other words, if someone accesses your page from the internet, then the internet account created the FSO. If you are logged onto your computer as the administrator and you access the page, then the administrator account created it. This is very important, because certain accounts have certain permissions, and the FSO requires a lot of permissions in order to function fully.

The internet account (IUSER_MachineName, where MachineName is the name of the server) generally has only reading privileges. That means that users will never be able to write to the guestbook file. There are, however, several options to skirt around this issue.

The first, and more difficult, would be to require the user to log on to the server before they fill out the guestbook. However, the point of a guestbook is to get information from anonymous users, and to log users on, we'd have to know who they are, so we'll skip this option and move on.

The second is to create a directory or file that allows the IUSER_MachineName account writing privileges. This can open up some potential security holes, because anyone who knows the proper directory and some savvy web skills can write stuff to your server. This is a big no-no. So you want to make sure you place the writeable directory in a nice and hidden spot, and possibly place it outside of the web directory structure (i.e. in Windows, place it in a directory that is outside the inetpub directory)

Reading Files
The wonders of the File System Object
Searching with the FSO