Skip to main content
Visual C++ Samples 
WebFeatures Sample: Demonstrates Various ATL Server Tasks 

Download sample

Demonstrates a variety of tasks related to writing ATL Server Web applications, including setting and viewing cookies, using session state, handling uploaded files, pulling images from a database, recognizing users' localization preferences, protecting resources, registering users with a Web site, and more.

The WebFeatures sample consists of a number of small, focused Web application DLLs that each show one particular aspect of using ATL Server to write Web applications. All the Web application DLLs use the same ISAPI extension DLL and can be viewed from the links on the default Web page. The code for each feature being demonstrated is in a separate subfolder of WebFeatures.


In the file ShowCookies.cpp, the code that allows you to view cookies echoes cookies to the client. This is done for demonstration only. In production code, you should never echo cookies to the client. In addition, the following line of code echoes an error message back to the client, a practice that you should also avoid:

m_HttpResponse << "<i>" << GetErrorString() << "</i>";
Security noteSecurity Note

This sample code is provided to illustrate a concept and should not be used in applications or Web sites, as it may not illustrate the safest coding practices. Microsoft assumes no liability for incidental or consequential damages should the sample code be used for purposes other than as intended.

Building and Running the Sample

To build and run this sample

  1. Open the solution file, WebFeatures.sln, in the Visual Studio development environment.

  2. Build the solution. This will also deploy the solution to the local Web server.

  3. Use a Web browser to view http://localhost/webfeatures/default.htm.

  4. See ConfirmUser and ShowImage for the database installation steps for those parts of the sample.

For more information, see the following links:

Feature Description


Demonstrates how to register a user with a Web site and confirm the validity of the user's e-mail address.


Demonstrates how to set cookie data in the response and get cookie data from a request.


Demonstrates custom user validation and the use of a cookie to identify a previously validated user. Also shows simple use of the CryptoAPI.


Demonstrates how to implement the simplest possible ATL Server request handler.


Demonstrates how to send the Last-Modified response header and check for the If-Modified-Since request header to avoid generating a response body and transmitting data to the client unnecessarily.


Demonstrates how to read the HTTP_ACCEPT, HTTP_ACCEPT_ENCODING, HTTP_ACCEPT_LANGUAGE, and HTTP_ACCEPT_CHARSET request headers and order the elements according to the user's preference.


Demonstrates how to get information about the user's browser from the browser capabilities service.


Demonstrates techniques for generating error responses to send to the user. Shows the use of ATL Server's default error response, custom static responses, and custom dynamic responses.


Demonstrates the use of the request object's files collection to get information about files uploaded to the server.


Demonstrates the use of the request object's form variables collection to get information about forms sent to the server.


Demonstrates how to convert, store, and retrieve images. Allows the user to upload images that the server will attempt to convert to PNG format. If successful, the PNG format data is added to a database. Images in the database can be downloaded using a URL that contains the ID of the image as a parameter in the query string.


Demonstrates how to match the user's language settings against languages supported by the server and display content specific to the user's locale. The server attempts to use the language setting to display a localized phrase loaded from a resource and the appropriately formatted system time.


Demonstrates the use of the request object's query parameters collection to get information about the query string sent to the server.


Demonstrates how to gather information about the current request by retrieving the properties of the CHttpRequest object.


Demonstrates how to get and set session information.


Demonstrates the server variables that are affected by the user and the security settings used on the page, shows how to require authentication by returning a 401 (Unauthorized) status code if the LOGON_USER server variable is empty, and shows how to get the impersonation token for the client.


Demonstrates how to retrieve the values of the server variables that IIS makes available to your ISAPI extension and request handlers.

See Also