Blog Entry: 3/25/2006 1:48:56 PM
Access to some sections of the forums must be requested.
Please Click on the following link and read all of it carefully.
http://support.cjwsoft.com/
cwilliams38291.6121296296,
I'm having another problem-hopefully it's a quick fix.
it tries to go to a page: default.aspx
Server Error in '/' Application.
The resource cannot be found.
Description: HTTP 404. The resource you are looking for (or one of its dependencies) could have been removed, had its name changed, or is temporarily unavailable. Please review the following URL and make sure that it is spelled correctly.
Requested Url: /default.aspx
When i log in as admin from the aspprotectadmin/default.aspx that works fine...
where should the user be sent when they log in? Am i supposed to specify that or is it automatic? Why isnt it working for me? I dont believe i changed any settings that correspond to that either ,
When using the ASPProtect admin panel. My firewall software is going crazy or Blocking it on the Mass E-Mail, Newsletter, and other pages.
Here are some of the messages:
[Unauthorized Access Attempt] This signatures detects an attempt by a web server to deliver a malicious HTML page to a browser client, in an
[Suspicious Activity] This signature detects HTML documents attempting to spoof a link destination in the browser's status bar.
I am using Black Ice...
Will users also get this kind of activity from the pages ??? Or is it only because of using the Admin Interface of the software ???
Thanks
, I have ASP Photogallery running and it seems to be great, but I would like to allow uploads using DUNDAS the problem is I can't seem to find it on the linked website. I did find an EXE install in another place but I am running on a Shared Host (Godaddy) and can't run an executable on it. Where can I find Dundas and is there a way to install it without running an EXE??, I have written asp.net application pages- obviously i knew what viewstate was, or else when they made a mistake on that page it would not have saved their filled in info. Same thing for after they submitted, when they hit the back button their info would be gone.
For someone who wrote this software it seems you are not able to do simple things. Im begining to think you didn't write it. The only reason no one else asked this many questions is possibly because they didnt NEED the functions i am TRYING to do.
I know how the log boxes work. Esp. reg ASP... they all allow you to enter your username and password and then when you hit submit it gets verified and transfers you to your destination. ASP.NET has that capability also.. i didn't purchase a program to go and have to re-write it in visual studio. It would take me longer to re-write YOUR code than it would to have LEARNED ASP.NET and made MY OWN.
The program seems to have some great complex features, however, your not able to incorporate this easy login from a diff. page function... fishy , I agree -- don't use the code as is. I provided it only as an idea for a work-around if your ASPProtect users with Internet Explorer complain about the Page Expired message.
I did not test it to be sure the parms coming into the target page (which would be part of the URL when bookmarking) are properly preserved. It would be easy to make sure they are preserved, but I am not sure the code in the example does that. I also customized the code with my own page header and footer.
I have the Option Pack but the site does not need it yet so I haven't applied it. I don't expect many problems re-applying my few lines of modifications.
The IE behavior is not a big deal if you provide an explicit login page, since users would have less interest in paging back to that. In my case, I simply gave a link to a protected part of the site, and when they take that link, they instead get the login form if they aren't logged on. Once they log on, they get their desired content page, to which they sometimes want to page back later on.
From searching the Microsoft Knowledge Base and other sources, I could not find a way (using HTML) to turn off IE's behavior of refusing to quietly reload a page containing form data. Netscape does not do this. So my IE workaround is to ensure my target page does not contain the login form. It does not solve the cause of the problem, but in this case it gets rid of the Page Expired error message for my IE users.
I also purchased ASPProtect for another site, and I'm using that "out of the box" unmodified. I'm very pleased with ASPProtect's functionality and the fact that it works completely without the need to customize. However, I've found it is very easy to customize if I want to.
Jim
Puli Club of America , did you fix it because I see all the pictures just fine ?
http://mcintoshcounty.org/real_estate/view_item.asp?Ad_ID=1
, yes, PM me the encryption and cookie keys if you don't mind.
I can add it to my combinations that cause trouble.
it might help me to figure this problem out. , Lastly, I put there information here to help, but please don't ask me any questions about it.
I am not microsoft SQL server support. If this doesn't work for you simply start troubleshooting and doing google searches like I do. , Awesome -thanks - I'll give it a try , ok, I have sent an registration email (as test) to both a yahoo account and also my own email server and in both cases I get the same issue, all else is working great. I am sure its somthing simple, perhaps I am over looking somthing else. the site url is www.rochestertek.us/asp/users/register.asp if this helps
Again thanks. , Upgrade from V6 to v7.x with an MSACCESS DATABASE
1st of all, backup your existing ASPProtect files and database before performing this upgrade. Please be really careful while performing this upgrade. Version 7.x is a highly advanced application compared to any previous versions. CJWSoft under no circumstances is responsible if you lose information or have website downtime.
BOTTOM LINE: (PERFORM THIS UPGRADE AT YOUR OWN RISK)
To do this upgrade you're going to need to have the Microsoft Access Application.
To work with an Access .mdb file it can not be newer than the version of Microsoft Access you are running.
That being said, on with the upgrade..
Open you're existing Acccess Database up in Microsoft Access..
You should see this something like this.
By right clicking on then choosing rename
Rename "Users" to "ASPP_Users"
Rename "Groups" to "ASPP_Groups"
If you do not have a "Groups" table do not worry about it right now.
Now right click and DELETE the Config Table.
Yes, delete it..
You should now see this. (with or without the "Groups" table)
Now, right click on "ASPP_Users" and go into design view.
It should look like this.
Rename the "Password" field to "Old_Password"
Be sure to spell it perfectly using the Underscore
It will look like this.
Now scroll down to the bottom a bit It should look like this.
Now..
If you have a "Groups" Field... leave it alone
If you do not have a "Groups" Field add one and make it a memo field.
Now, we are going to add a few more new fields.
Add a field called "Redirection_URL" make it a "text" field with 150 field size
Add a field called "PayPal_Subscriber_ID" make it a "text" field with 100 field size
Add a field called "Newsletter" and make it a yes/no field
Add a field called "Password" and make it a "text" field with 100 field size
It should now look like this.
(you do not need to worry about the field descriptions.. that part is optional and only seen when working on the database)
Now close that window and save the changes..
Your now going to open up another Access Database while still leaving the one you have on your screen open. You going to open up one of the new databases that came with v7.x. This database has some info we are simply going to copy and paste.
You'll want to open it and put it side by side on your desktop like so.
(the old database is on the left.. the new one is on the right)
Now, for the fun part.
On the new database to the right.. right click on the "ASPP_Config" table and pick "Copy"
Then move your mouse over to the old database on the left. Right click in the open white area and click "paste"
It will ask you for a database name. Type in "ASPP_Config"
Leave "Structure and Data" checked and hit OK
Your old database on the left should now have a nice new "ASPP_Config" table.
OK, now for the "ASPP_Groups" table
If you already have a "ASPP_Groups" table in your old database you are done.
If you do not have one your going to copy and paste the table from the New Database to your old database just like we just did with the "ASPP_config" table.
Your old database should now look like this.
Now, you are done upgrading your database from within Microsoft Access.
The existing passwords still have to be encrytped and moved from the "Old_Password" to the "Password" field
To that we have a special page we run in the application that will take care of that.
So, for now... go install the application, but using the database we just created.
Follow these instructions for the most part...
http://support.cjwsoft.com/forum/forum_posts.asp?TID=181& ; ;PN=1
When you get to the part where you finally get into the admin area and need to make an admin account you will notice that your existing user database is there but none of the users have passwords if you look at them in the edit screen.
That is normal. Simply do what the instructions say and create and admin account using a username that does not exist..
Then log off... then back in as that new admin account. If that works you are ready to convert the passwords.
This part is very easy.
You want to run a special page via the browser.
http://www.mysite.com/password_admin/convert_to_encrypted.asp
Replacing the part in blue with your website info.
Once you get the page running you will see a login prompt and one form field just like before with the "get_me_in.asp" page
You will need to paste the "PasswordEncryptionKey" value that you used in the "config_inc.asp" file in the form field and hit enter.
If all goes well you will see a page telling you to click here to encrypt the passwords and copy them over.
So do what it says... dont click more than once and wait.
Eventually it should say it is finished. So go log in to the admin area of the system using the new admin account.
Now edit some users but dont save... you want to see if the passwords are showing up. If they are the conversion worked. If you see nothing or a garbled mess it did not work and you made a mistake during this whole process.
If things went well backup and delete the conversion file below.
http://www.mysite.com/password_admin/convert_to_encrypted.asp
You do not need it anymore.
Once you are positive every thing is running smoothly and everyone's passwords are ok you can go in and delete the "Old_Password" field as well.
If things didnt go well.. try again from scratch and go slowly.
If they still dont go well get ahold of us for help.
We are here to help, but if you really want us to we can be hired to do the conversion. , ASPProtect v7 comes with working example code of protecting a file download.
This comes with the system as an example folder with some files in it.
(some of the initial purchaser's of the system might not have that directory.. if that is the case please ask)
Here is how it works...
Basically we protect the file download by only allowing a logged in user to download it. The special ".asp" page we use the stream the file is password protected. It also hides the true location of the file so you can keep your files out of your web or keep them in a folder in your web that does not allow file browsing. Under this scenario even if someone looks at the html source they can not tell where the file really came from and they can only download if they are logged in and you offered them the link to the file.
For the file download protection examples to work you may need to edit some values
in the stream_download.asp file that are valid for your setup.
Look at the source. The values you can edit are commented.
Now, you also need to call a valid "download file name" from the download_link.asp file which is an example of how make a download link to the streamed download.
Lastly, we provide a working example. Now, you obviously may need to customize it to fit your needs. Please realize you are going to have to make special download links in your .asp pages and not only should you only show those links to people with appropriate access to download the files, but you should also protect the streaming download page accordingly as well as far as level, groups, and particular users. What I am saying is which files a particular user is allowed to download is not automatically handled by ASPProtect in any way. We give you all the tools to provide protected downloads to logged in users, but if you have complex needs you’re probably going to need to come up with a system that works for you. It's not really difficult because we did all the complicated stuff, but its something you have to sort out.
Perhaps someday in the future ASPProtect will have an interface to upload files and associate them with certain users. But at the moment it does not. , i've got a client who has handed me a 151 character banner URL, and i see that the database is designed to take 150 characters. i took the obvious step of just increasing the size of that text field in the database, but i still get this error when i try to enter the URL in the proper form field:
Multiple-step OLE DB operation generated errors. Check each OLE DB status value, if available. No work was done.
/banners/aspbanner/save_banner.asp, line 200
now, line 200 is just this:
If Banner_Link_URL = "" THEN
CmdEditBanner.Fields("Banner_Link_URL") = NULL
Else
CmdEditBanner.Fields("Banner_Link_URL") = Banner_Link_URL
End If
which tells me that something is blocking the assignment of that long value to that field, even though i believed i had extended the length of that field in the source database.
where else might i look?
, Thank you so much that works great.
I will test with the other settings on the email server again thanks for the advice,
best regards , I cleaned up the code as you suggested, and I still can't get the images to display without the whitespace around it.
How do I download the ASP version? I'll give it a try.
Thanks for your help,
JDooley , For some odd reason, the the export path has two backslashes (\\) at the end, thus generating an error each time I try to export. For example
C:\path\website\protect\data\export\\
This appears toward the bottom of the import_export_manager.asp page and is called by =ExportDirectory.
I checked under settings tab, no path ends with a "\". Any idea where else I need to look?
Nick
, well, you should probably be backing up the SQL database on a regular basis. That is between you and hosting company. If they let you connect via SQL Enterprise Manager you can do backups on your own.
As far as the aspprotect files and folders go back them up somewhere, and then only worry about backing them up again if you change some of the files.
That's really all there is to it. None of the ASPProtect files change on their own except the generated log files that you may or may not care about backing up.
I mean the important thing is the Database, and then of course any your own .asp pages that you protected as well as any custimizations you made to the users area or your site... , [QUOTE=cwilliams]Humm, Did you make any changes to the code ?
Solid Black is not the default so it must have changed at least once.[/quote]
I did change the top_logo.gif and the associated link. That was on the default page not the Solid Black skin which is unchanged. After downloading/uploading the skins I tried changing it to one of the Beach skins and that's when it changed to Solid Black and has been stuck there ever since.
[quote]Otherwise it might be some sort of application variable problem.
I would make sure the web is and "application" in the IIS console.[/quote]I don't have access to the Microsoft IIS console as this is a host site. I can access the site's "control panel" but it does allow for those type of settings. Mostly just permissions, DSN entries, etc.
Thanks.
Al , Great! Sounds good Chris. , Some of our users complained that their users id and passwords are sent in the clear. So we decided to invest in an SSL certificate from Verisign. It has been tested fine with all forms and pages in ASPProtect version 6. The only remaining page which I am not sure how to protect is the home page. Let's say my home page is http://www.MyDomain.com/index.asp. When the user goes to this link he/she will be presented with the check_user_inc.asp page so he/she can enter their ID and PW. So how to make the login information send from this page thru HTTPS? , I just upgraded from 6.0 to 7.0 primarily because we were limited in the choices of email systems we could use to send an email validation message.
Previously, with 6.0, we were using CDONTS to send an email validation message to new registrants. Unfortunately, AOL email addressee's were not receiving the vaildation email from us. I received a reply to another post I made on this forum that the problem was due to the fact that aCDONTS generated email has no MX record and AOL blocks non-MX record containing emails.
Well, I upgraded to 7.0, switched to CDOSYS (Using SMTP Virtual Server) with SMTP Authentication and it appears that AOL is still blocking the validation email.
Any suggestions, comments?
, now, even though it should work with two slashes or not... here is an updated file that will clear that issue up.
You can try it but I think you have other issues like I said above.
just replace this file in the "scripts" folder
2005-12-16_141245_populate_config_variables_inc.zip , 
ASPProtect v7.x runs on Microsoft IIS servers only.
That means Windows XP Pro, Windows 2000 server and Windows 2003 server. The web server must have ASP support enabled and support Data Connections. 99% of them do as it's a pretty normal thing, but you should ask and make sure your hosting plan supports it.
ASPProtect can use a Microsoft Access Database or Microsoft SQL Server as it's data source. We provide the access databases and everything you need to create the SQL database, however customer's using Microsoft SQL Server are required to have SQL Enterprise Manager and SQL Query Analyzer in order to setup and maintain the SQL database. Other scenarios are possible but we do not support them.
ASPProtect v7.supports 13 different emailing methods and components so chances are you will have no problem finding one that will work for you.
CDONTS
CDOSYS
ASPEMAIL
ASPMAIL
ASPSMARTMAIL
DUNDASMAILER
JMAIL
SASMTPMAIL
Bamboo Mail
Simple Mail
ASPQMail
QuickSoft EasyMail Objects
OCXMail
We extensivley support all implemenations of CDOSYS which is installed on all the servers by default. We also support outgoing SMTP authentication requirements. If you can not send emails from the application using one of our 13 methods and you have an ASP solution that can send an email on your server we will work with you to make sure the application can send emails.
FINALLY
ASPProtect v7.x does not run under Chillisoft ASP. That means it does not run under Unix, Linux, Apache, etc etc. ASPProtect v7.x can not use a MySQL database. MySQL and Microsoft SQL are not the same thing.
If you are wondering if your web server runs Windows or Linux you can try using the header check here.
http://www.port80software.com/support/p80tools
Be warned however it will not always be accurate because some people cloak that information or show something different than what they are running to trick potential hackers. With commerical hosting though the the header information is usually accurate. , is that lindsey lohan and her fake boobs as ur avatar?
I am installing IIS and all of its glory on the other computer now... gotta love remote desktop (the pc is at work  ) , All fixed... I changed the remote server from localhost.omegaphibeta.net or whatever it said there to localhost
I sent a test email to myself and got it no problem
the error you were getting was email component related , Okay, thanks, I'm going to change the method tonight and see if it makes a difference
I'll report back
Dave , You would have to carefully edit the asp code in the "add_new_account.asp" file. It you look that file over with a text editor it is pretty easy to see where the text to edit is. Just make sure you edit it in the section for the email component you are using. Back the file up before you make any changes to it so you can revert back if you mess anything up., Hello Chris:
Let me run some more test if it's working on your end it should be on mine? I have made some custom updates to the code but no in that area.
Thanks,
-Ricardo
, Hello,
If you are using ASPProtect Version 7 it is possible because version 7 supports html emailing. In any other version it would require some custom coding to add html email support. You would have to sort it out by experimenting and editing the emailing code. All the email methods have documentation on the web in some form or another showing how to send html emails.
Also,
sometimes depending on the email component being used and the email client reading the email a link in a text based email will get hyperlinked automatically. For example outlook usually will do that, but it doesn't always in other situations.
Lastly, we have special upgrade pricing should anyone want to upgrade to ASPProtect Version 7. It really has a ton of great features.
Best Regards,
Chris Williams
www.CJWSoft.com cwilliams38415.6414236111, do you have the smtp part of iis installed on your machine
cdonts needs that
then again I am not sure you can even use cdonts on a xp box without making some changes...
cdonts has kinds died out and as of windows 2000 basically got replaces by cdosys , you have to check the session variables for groups a little differently.. info on that is here
http://support.cjwsoft.com/code/moreinfo198-1.htm
, The problem was in config_inc.asp. we had renamed the field in the DB but didn't change it in this file.
But we changed it, it is back to normal.
Thanks , Chris -
Long time no talk, which is a good thing. I have purchased another product from you, ASPVendor. I am running into an issues.
When I try and remove the image through the image manager, it does not remove it. Screen shot attached.
2005-10-19_194248_image_upload.zip
Thanks , Am very interesting in purchasing ASPProtect, but am curious as to whether anyone has had success/failure with Network Solutions "standard windows hosting" solution? Thought I would ask just in case someone has had recent experience. thx, , no, but in the standard version it probably will not run so great with more than 75 or so.
The unlimited version can handle pretty much whatever., Hello,
It is very possible, however there may be some issues such as the session variables specific to a particular user would not be able to be created because there would not be a specific user.
I can't tell you exactly how to do it as it would probably take a few hours of messing around with the code to sort it out. Bascially, it's not something I could tell you how to do real quick and I do not support custimizations to the code.
But, it is very possible. You want to check the server variable for the IP address. The tricky part would be where and how this all just integrated into the "check_user_inc.asp" file , This first one may be an obvious one, but is it only .asp files that I can protect as in no HTML files.
Can the program be set to protect my whole https directory contents (though the answer to the last question may have bearing here - there are html files as well as .asp in there) as in http://secure.mydomain.com
Thanks in advance , OK.. I went with using ASPEMAIL. The above did not seem to work. No worries though, where there is a will (with options) there is a way. cwilliams38394.7265162037,
Timecard Entry: 3/25/2006 1:48:56 PM
Tasks, team meeting, presentation, Presentations, Travelled to Albany to meet w/ Capital Board of Realtors, TICC A/P, Adding code to odmls.com with Steve & Crispin, Travel back from Atlanta - 70 miles from Syracuse., Reset modems, filled out the modem maintenance log, and sat in NOC. , schedule visit to UCP's Malone and Peru sites, set for Thursday 11/18, travel back to watertown, Assisted Mel with MBO's, payroll entires & e-mails, to Watertown, logins / modem problems, Calvary Crier/black river baptist church/
Register domain name/credit card given/ web site info. what is needed/ send email
Cancel internet access for person paying for site/ moving out of area., Carol Cooper (SIIE), read/answered email (Randy about server access for Dave and Tim), fix ogdensburg pop. computone locked up, had to dialin to the remote power strip to reset. ** need to fix labels on power strip **, Staff Meetings and Dept Head Meetings, mtg with printers in watertown, TICC Team Mtg, EDZ letter, Traveled to Clayton - 23 miles , installed alexbay.com web and dns., timecards only 111 of them, emails to Beth at VT, Talked to Bell Atlantic about straightening out 5588, BILLABLE ---- went over to the times installed DNS onto vpn server. Took and showed mark holberg how to use dns, helped mark with a few problems he was having helped mark answer some questions., *BHCP, Called all 5 voice mails that were left from earlier in the day, Team meeting,
|
