Blog Entry: 3/25/2006 1:51:19 PM
I am using v7 with other software written in ASP.NET. When I include the the "checkfor" and include file, I'm receiving a compliation error.
Here is the include I have on the .aspx file:
<% CHECKFOR = "4" %>
<!--#INCLUDE FILE="../../ASPProtect/check_user_inc.asp"-->
Here is the error:
Compilation Error
Description: An error occurred during the compilation of a resource required to service this request. Please review the following specific error details and modify your source code appropriately.
Compiler Error Message: BC30689: Statement cannot appear outside of a method body.
Source Error:
Line 15: <%
Line 16: ' This is part of the too many login attempts lockdown code which sets a cookie to block login attempts for a certain amount of time
Line 17: If LoginLockDown Then
Line 18: If Request.Cookies("PASSWORDSYSTEMCOOKIETRIAL")("LoginTries") <> "" Then
Line 19: If Cint(Request.Cookies("PASSWORDSYSTEMCOOKIETRIAL")("L oginTries")) = Cint(LoginLockDownAttempts) Then
Source File:
D:\Sites\resadmin\NetOptions\testsite.com\www\ASPProtect\che ck_user_inc.asp Line: 17
, Okay, got it!! just in case anyone else is having the same
problem, after creating the new thumbnails using the
"generate_new_thumbnails.asp". Turn off the random photo
selection for a 10 minutes or so, and then turn it back on.
bwinklesky38324.5085069444,
Regarding hosting companies..
Now.. obviously if you are hosting on someone elses server you may not be able to set permissions like this.
Ultimately, if you are hosting somewhere and ASP and Database connectivity is part of your hosting plan. It is the hosting company's responsibility to set these permissions for you when asked or to give you a special interface to do so on your own. If they are not helping you do this then maybe it is time to get a hosting company that is serious about your ASP Hosting Needs.
Also... JUST TO BE PERFECTLY CLEAR
The permissions we are talking about cannot be set via FTP or Frontpage access to your web site. They must be set like shown above or via a special interface meant to set the permissions correctly. For all you people out there messing with the permissions you see in FTP and Frontpage.. you are wasting your time and possibly creating problems in your web.
All ASP scripts that communicate with an Access Database, Upload Pictures, Modify Text files.... are going to need these permissions set in some way or another. We have no control over that fact.
cwilliams38360.69125, A nice addition for the listing script would be if the script would allow a "featured ad" or ads that would appear on the default page. , Actually this was rather easy to fix. Once you restrict the permissions on the folder, open up IIS admin. Goto the selected folder, and right click/properties. Once there you modify directory listing and add defauly.asp to documents. This will provide an automatic load with you enter in the unmask route. 
, Still not ready... I have no time to finsih it at the moment..
release date is unknown...
, If you makes you feel any better the photo gallery app runs awesome off an access database. Mostly because all of the picture work is done in the filesystem, not the database. The load on the database is relatively low even with a lot of users., Hello,
I dont know exactly how you go about that and it would really depend on a lot of things like when the ad started and how yu wanted t handle that. it would involve custom coding though, not a change in the database.
, Javascript Popup/Pop Under Generator
Until I have time to make one I suggest using the one on the banmanpro support site as it is pretty nice.
Just dont use option 2 on that page as that is specific to banmanpro
http://www.banmanpro.com/support/popupgenerator.asp
cwilliams38291.614849537, It almost seems like allow images is denied. When I look at the ad it doesn't even show a place where the thumbnail or image would go:
Columns now are Ad Name/ Price / Expires / Hits
There used to be one before Ad Name.
Even unchecked (saved) and checked
| Use_Picture_Upload |
< = value=True name=Use_Picture_Upload> Check this if you will be using the picture uploading feature. |
, Alternate Method to call banners from non ".asp" pages.
<iframe src ="http://localhost/aspbanner/aspbanner/aspbanner_inc.asp?Ban nerZone=4" width="468" height="60" frameborder="0" marginwidth="0" marginheight="0" scrolling="no"></iframe>
Be sure to delete the space in the BannerZone variable above. I am not sure why it is doing that in this post.
You can try calling the banners in an simple iframe like so.
This method should work much better than the javascript method because users with javascript turned off will still see the banners. You also will not have any of the limitations the javascript method has. Iframe is now supported by most recent browsers so it is now a good solution. Here is a chart that shows which browser versions support iframe.
Be sure however to edit the height and width values accordingly as that is very important.
cwilliams38105.8437384259, The path is correct for the logfile directory. This is still not working.
, I am running into problems with the import function. I have 25 photos loaded into the import folder. The page see all of the photos. But after I click on the import process it takes me Picture Manager with no pictures loaded. I have hit the refresh button, but there is nothing there. dr_bones38394.676412037, Let me put it this way.
My home page (default.asp) is an unprotected page.
When a user that has signed in on another (protected pages) and has the remember me checkbox checked closes the browser cookies should be set for the next time they return.
When the user opens their browser and returns to my home page (default.asp), I'd like to put a message saying:
Welcome back <%Session ("Username")%>
How is this done?
, Humm, Did you make any changes to the code ?
Solid Black is not the default so it must have changed at least once.
Otherwise it might be some sort of application variable problem.
I would make sure the web is and "application" in the IIS console.
, I have been able to successfully edit some text colors, but there seems to be one page that wont change the text color. Inside the users/ folder, the login.asp page, i cant seem to change the text color from ffffff to 000000 so it can be read on my background color. Every page in the script is correct but this one.
Thanks.
, You are NEVER supposed to move any files, especially that one. Of course that is going to break a lot of things.
Please put it back the way it was.
You change the path of the include file when you call it, never the location of the include file., do you have "use picture uploading" checked in the settings ?
that is important..
have proper permissions been set on the picture folder ?
are the paths set correctly for the picture folder ?, Just as an FYI, I found the problem. FP2003 has an "Optimize" feature that removes so called not needed spaces and comments from the pages. It also completely screws up .ASP code.
I turned off the optimization feature and all the pages I was having problems with worked. However, I would still recommend not using it too!
, Thankyou, that was very helpful, Did you see this thread. It shows how to set up the project in Visual Studio in detail.
http://support.cjwsoft.com/code/moreinfo85-1.htm
, I did try to redit the banner and the old link was there, not the new one. In addition I tried to ad a new banner to an account but it too was not saved.
Since I can see the banners from the aspbanner solution, does that not tell me that the solution is properly connected to the database? The only thing is the solution only appears to be able to read the data and not write or delete it.
The settings for the directory are read write execute and delete so I am not sure what I need to do to get it working again
, When using the ASPProtect admin panel. My firewall software is going crazy or Blocking it on the Mass E-Mail, Newsletter, and other pages.
Here are some of the messages:
[Unauthorized Access Attempt] This signatures detects an attempt by a web server to deliver a malicious HTML page to a browser client, in an
[Suspicious Activity] This signature detects HTML documents attempting to spoof a link destination in the browser's status bar.
I am using Black Ice...
Will users also get this kind of activity from the pages ??? Or is it only because of using the Admin Interface of the software ???
Thanks
, This is what "John Evans" of CJWSoft has to say on the matter...
"I think that’s pretty much impossible. If the server sees a .JPG or .JPEG extension why in the world would it go and try to read it or do anything with it.
I believe there may have been some issues with Outlook and Outlook express that made it look like a vbs script sent as an attachment was actually a JPG because someone found an exploit in those programs and it would appear as if double extension files were one thing when in fact they were not.
Having a real time virus scanner on the server (which any good host will) should also catch anything infected being built on the server drives as the file uploads. Always worked for me and I had a lot of people uploading ZIP files on winxptheme.com at one point. Many had viruses in them although I suspect it was totally innocent on the end users part. Some people didn’t even know they had a virus on their rig.
Fact is anything is possible but I think chances of getting a virus or being hacked in some way from this sort of upload are really slim."
cwilliams38447.0602083333, i've got a client who has handed me a 151 character banner URL, and i see that the database is designed to take 150 characters. i took the obvious step of just increasing the size of that text field in the database, but i still get this error when i try to enter the URL in the proper form field:
Multiple-step OLE DB operation generated errors. Check each OLE DB status value, if available. No work was done.
/banners/aspbanner/save_banner.asp, line 200
now, line 200 is just this:
If Banner_Link_URL = "" THEN
CmdEditBanner.Fields("Banner_Link_URL") = NULL
Else
CmdEditBanner.Fields("Banner_Link_URL") = Banner_Link_URL
End If
which tells me that something is blocking the assignment of that long value to that field, even though i believed i had extended the length of that field in the source database.
where else might i look?
, yeah.. thats an old graphic probably only seen in a few places.
it is not on the main site
http://www.cjwsoft.com/
or here
http://www.aspprotect.com/
or here
http://www.aspbanner.com/
or here
http://www.aspclassifieds.com/
or here
http://www.aspphotogallery.com/
but I am sure there are a couple of pages left over still using it like the aspvendor and asplistings pages.. etc I am aware of it, just been too busy to go change them and I didn't consider it a big deal
2003 servers are NT based anyway
, I am having severe trouble with the SQL database connection for ASPlisting (generic version).
I have used all of the suggested connection strings but still get error messages such as:
[DBNETLIB][ConnectionOpen (Connect()).]Specified SQL server not found.
I have set up the tables in the database, although the database existed already with many other tables in it as it costs me per database per month so one has to suffice with many tables in it.
I use SQL a fair amount on my site but have not suffered any probs like this yet.
Any advise or help would be useful.
, When I attempt to upload, it appears that the image uploads. I get a "Original Image Size 0 X 0 pixels"
they don't appear in the web pages, any thoughts? I am using VBscript to upload, my host has safileup but I am unable to use it in this script, thanks for any help
http://mcintoshcounty.org/real_estate/extras/server_info.asp
here's the site link
Never mind, had the path to the image folder screwed up
, "do you know a way around the BinaryRead problem with ASPProtect?"
Let me rephrase:
Do you know a way in which ASPProtect can be modified to get around the BinaryRead problem?
Thanks,
Michelle
, Microsoft has a free version of SQL server 2000 than you can run on a development machine.
http://www.microsoft.com/downloads/details.aspx?FamilyID=413 744d1-a0bc-479f-bafa-e4b278eb9147&DisplayLang=en
This is really the same thing as the MSDN version of SQL server that comes with Visual Studio
It is limited in two ways.
No single database can exceed 2 gigabytes in size. However, each Desktop Engine server instance can contain many databases, each of which can be up to 2 gigabytes in size. Each computer can host up to sixteen instances of Desktop Engine.
Performance will rapidly decline when more than five simultaneous users use the database engine at the same time. With five users or less Desktop Engine will operate with full SQL Server speed.
After you install this your going to need a way to connect to your sql server as well as a way to run queires on it.
I suggest either install the client tools off any SQL 2000 Installation Disc (giving you enterprise manager and query manager)
or use the FREE SQL Server Web Data Administrator which will do amost everything you will need to do. It is really very slick
http://support.cjwsoft.com/forum/forum_posts.asp?TID=127& ; ; ;PN=1
Then you have a pretty sweet setup for testing and developing locally using SQL server.
If you are wondering why someone with a real SQL Server 2000 cd wouldn't just install the real SQL server locally it is because the server part will usually not install on XP Pro or non server versions of windows for licensing reasons. (at least every SQL 2000 CD I have is like that regardless of whether it is standard or enterprise) But the client side tools on the cd are invaluable so I just install the Desktop Version of SQL along with the client side tools and everything works great.
, So do I just replace the four folders that came with aspprotect with the four (in my case domain directory) folders in the patch or just move the files?, After understanding how the count works i checked the IP in the db. They are all set to the same IP (my web server) no matter what ip is doing the viewing. This is probably due to my ISA2004 firewall that is posting the ip address of the web server with each log on. So, can you help me with where the code would be to modify so the db does not get updated? I risk the refresh problem, don't think it is an issue with me.
Thanks,
, If you PM your site info and I can go in and troubleshoot. I have no more ideas. Usually people have zero issues installating this application as I got it pretty tweaked so I need to see what is going on in order to help., Please Note : Users with the option pack a new feature called groups that is much more powerful than access levels.
More On Access Levels
Again, Examples of managing Access Levels are provided in the "multiple_access_levels" folder included in the root of the Password System. Look at the source code of the ASP pages in that folder with a text editor to see the working code.
Access Levels and how they work can be re-coded to work in many different ways. However, you have to be a good ASP developer to make changes to it. Here is some information on how they work by default and also info on an alternate scenario we have provided.
In the "check_user_inc.asp" that comes in the root of this system Access Levels works as follows.
Level 1 has Access to - Level 1
Level 2 has Access to - Level 1,2
Level 3 has Access to - Level 1,2,3
Level 4 has Access to - Level 1,2,3,4
Level 5 has Access to - Level 1,2,3,4,5
Level 6 has Access to - Level 1,2,3,4,5,6
Level 7 has Access to - Level 1,2,3,4,5,6,7
Level 8 has Access to - Level 1,2,3,4,5,6,7,8
ADMIN has Access to - Level 1,2,3,4,5,6,7,8,ADMIN
The "check_user_inc.asp" included in the "extras" directory is an example of changing the access level checking code
to work differently. In that "check_user_inc.asp" Access Levels works as follows.
Level 1 has Access to - Level 1
Level 2 has Access to - Level 2
Level 3 has Access to - Level 3
Level 4 has Access to - Level 4
Level 5 has Access to - Level 5
Level 6 has Access to - Level 6
Level 7 has Access to - Level 7
Level 8 has Access to - Level 8
ADMIN has Access to - Level 1,2,3,4,5,6,7,8,ADMIN
If you get creative you can create some interesting access level checking scenarios.
Here is some additional info..
If the access levels are too restrictive you can ignore them all together and create your own totally custom solutions.
Here is a quick rundown of some of the things you can do.
Ok... so if you want to be really specific about what each user can see and
can't .. here's an example of what you can do
Don't use the access levels before the include file..
Don't worry about what you set a user to in the admin area since the access levels won't be used.
Do something like this..
Every time a user logs in session variables are set that you can access at
any time.. thus allowing you to know who they are.
So you could do something like this...
<%@ LANGUAGE="VBSCRIPT" %>
<!--#INCLUDE FILE="check_user_inc.asp"-->
<%
If Session("USERNAME") = "bob1267" or Session("USERNAME") = "carl45" or Session("ADMIN") = "True" Then
Session("PASSWORDACCESS") = "Yes"
Else
Session("PASSWORDACCESS") = "No"
Response.Redirect(Request.ServerVariables("script_name"))
End If
%>
The following URL explains what Redirects are.
http://www.powerasp.com/content/code-snippets/redirects.asp
That would in effect create totally custom access levels.. but you would
have to do it manually for each user.
You can also do things like this after a person logs in
Show custom html to any specific user based on either their username or
access level ... like so
say there was a menu and a certain link should only show up to username
"paully67"
you could do something like this
<HTML>
<HEAD>
<TITLE></TITLE>
</HEAD>
<BODY>
<br>
<a href="main.asp">Home Page</a>
<%
If Session("USERNAME") = "paully67" Then
%>
<br>
<a href="paullys_page.asp">Pauls Stats Page</a>
<%
End If
%>
<br>
<a href="links.asp">Links Page</a>
</BODY>
</HTML>
Or you can show custom HTML or links based on Access Levels or any other info.
You can do just about anything with if-then statements and
using the built in vbscript functions..
Hopefully this info will help to give you some ideas...
Bottom line is you have to do some work within your site to make the Access Level system really come alive.
cwilliams38114.6506712963, also, from looking at your site your ideal scenario would be a system that allows you to show all banners in one zone at any given time but in a different order.
ASPBanner is just not that sort of system. It is only designed to show one banner at a time from a given zone in random order., I have been working on this. 2Checkout is like the most confusing and worst payment processing company on the planet. There are things about that page I just don not understand as many times as I read through it.
Doesn't seem like this stuff is mandatory just yet. (I asked)
I should have something soon.
, Hi Chris,
I have a small problem, I have installed asp photo gallery pro on a hosted site, and after eventually getting them to modify permissions on directories it is essentially working, except that it won't delete pictures from an album. If I delete an album the pictures are left in the pictures directory, but the album is no longer displayed. If I then make a new album it is labelled incrementally... ie I had one album "album_ID_1", deleted it created a new album it is labelled "album_ID_2". I would have thought that the new album would be called "album_ID_1" ie taking the place of the deleted one. It seems to me that the delete album function isn't fully working either. My hosting comppany swears that the permissions on the pictures directory are set to full access for everybody. What have I done wrong?
Thank you
Nigel
, remeber too.. you might have to edit code you used on your existing pages in your site so they still call the "check_user_inc.asp" correctly.. though it may very well work out so it works the way it is at the new site
any redirection code you might have done may need the redirection urls changed if you used full domain urls..
things like that... etc etc etc, I have one file called asplistings.sql but I have license for ASPListings_auto and ASPListings_real_estate. I really want to use the SQL server for both. Please advise how?
Thank you.
Lance
, This first one may be an obvious one, but is it only .asp files that I can protect as in no HTML files.
Can the program be set to protect my whole https directory contents (though the answer to the last question may have bearing here - there are html files as well as .asp in there) as in http://secure.mydomain.com
Thanks in advance
,
Timecard Entry: 3/25/2006 1:51:19 PM
Watertown to Syracuse, 73 miles, go down to suit in syr to see what drew and ben had done needs doing, email, voicemail, call backs, finished Johnson Lumber proposal, waite toyota, Barb Parks from AAA, followup stuff on user group-spoke to Errol about speaker for October meeting, misc communications with Dvae, Peg, Ben over current projects, lunch, SAMARITAN HEALTH.COM STARTED PHOTOSHOP DESIGN , SCANNED PHOTOS, MASK OUT BACKGROUNDS OF PHOTOS, ARRANGEMENT OF PHOTOS, BILLABLE install report system for thousand islands school, Called expiring users., Moving my stuff from the Herald Building to Creg, reconcile savings/Visa stmt, billing sheets, wo updates, email, documentation from ISPCON updates, wireless research, review mind manager, document teleconf with Jim Heary, setup apache on mdm-frm-gw, setup squid, and cross reference web billing, misc stuff...put dvd software on howards pc, learned how to use the 3com total control management software, Resetting a few modems on 4911, downloading SP6, trying to get sound card working in our system., Stuff Carol left, met with mccabe supply, meet w/walt hammond from hf&c, EveryDayDad.com development: develop page layout, Return to clayton form the Channel partner meeting (I was the driver) 45miles, answered phone; took in payments; soon to expire emails, teched calls and knowltons went red, answered tech related calls. checked and called rad log, voice mail, ask a question emails and online issues., organization and receprtion of new equipement, TAF and issued emails and credits, Bernier and carr- go over web site info - register new domain name- will send check for deposit
, Trained... Dani and I went over writing a MOP for Microcom modems, and we also reset modems on Clayton 4911, Ogdensburg 6504, and Watertown 8300., sat down with matt and built a database to hold inventory., WBDR.com graphics revision. TRADE, Picked up mail and opened. Posted accounts, customer inquiries, and cc authorizations. Ans. Phone, 2000-07-351 GOLDCUPFARMS.. RIVERRAT CHEESE MADE NEW ORDER FORM MANY FIELDS ENTERED, finished stock letters,
