Blog Entry: 3/25/2006 1:51:31 PM
it might.. I might be wrong though as I guess that could still be an issue with access not being able to keep up.. and then the xml parser just isnt getting the page it is requesting in time, Hi,
I have a question re ASP Protect, I have got it up and running on a dev server which also hosts a e-com engine (ASP / Access), when users check out they are presented with the e-com log in screen (which is sharing the same ASPP_User table). All's well and registration and editing user details is fine both in the Admin section and the front end of ASP and if I request an email reminder from the ecom scripts I get back the encrypted password.
I'm using <% = Session("Email") %> and <% = Session("Password") %> to populate the fields on the ecom log in page so users can click though and progress, the checkout process needs the username/password, all user info shows up ok, however, when I proceed with these credentials, it doesn't work, even though I know these to be correct and even without requesting a password reminder and using the one that gets me in everywhere else, I still can't get through? do I need some code re the crypto so the ecom can decode??
Any help would be great - I've been on it for about 10 hours, and checked through the posts here but can't fathom it out?
Thanks Craig
,
Here is an example of a query I made in MSACCESS that deletes all users that belong to Group ID of 3. I used the graphical query designer in MSACCESS to do this. Took a few minutes.
DELETE
FROM ASPP_Users
WHERE (((InStr([ASPP_Users]![Groups],"*3*"))>"0"));
Because of the way groups are stored in the Groups fields you have to use the InStr function to determine if the user is part of a particular group
We are deleting all users that of Group ID of 1 so we look for *3* in this example
The SQL statement for a MSSQL database may be slightly different but the general Idea is the same
The SQL statment used in an ".asp" page will be very similar as well.
SQL Statements are the TRUE POWER of working with databases. They are something everyone should learn to work with because they allow you to do some very powerful things., Am very interesting in purchasing ASPProtect, but am curious as to whether anyone has had success/failure with Network Solutions "standard windows hosting" solution? Thought I would ask just in case someone has had recent experience. thx, , You have old code I think.
It's probably because his password used with your encryption key by chance creates a single quote and messes up the database query
A notice went out about this. I will PM you the latest download with the updated files.
, Hi Chris,
I've got a page with a form that includes an input field with
'type="file"' for uploading an image. The page posts back to
itself to save the info to the database and run the code necessary to
upload and resize the image.
I need to limit this page to a group. So like usual, at the top of the page I put:
<% GROUPACCESS = "1" %>
<!--#INCLUDE FILE="../check_user_inc.asp"-->
This gives me the error: "Cannot call BinaryRead after using Request.Form collection"
I have used ASPUpload and SA-FileUP before and know that this is caused
by the components having their own .form collection. This script
is using "Pure ASP File Upload" from DMXZone for the upload which I'm
not familiar with.
So...my question is, do you know a way around the BinaryRead problem wtih ASPProtect?
Thanks,
Michelle
P.S. PLEASE don't send me to DMXZone for help....they've got notoriously bad support!
, Actually this was rather easy to fix. Once you restrict the permissions on the folder, open up IIS admin. Goto the selected folder, and right click/properties. Once there you modify directory listing and add defauly.asp to documents. This will provide an automatic load with you enter in the unmask route. 
, let's try this... edit that page with a text editor like notepad...
Carefully replace any instance of "Cint" with "CDbl".. I may have missed some of those when testing the last time I edited the code.
, Everything is running fine.. I can read ads... reply to them. but when I click sign in or register.. I get a server error.
Any suggestions
Thank You
, did you fix it because I see all the pictures just fine ?
http://mcintoshcounty.org/real_estate/view_item.asp?Ad_ID=1
, I am out of the server now and I have to get up early to help friends pour concrete in a huge building in 20-30 degree weather (woo hoo)
So I am going to take a break on this until later tommoro.
In the mean time try connecting to the access database with no password on it as well as the access 97 version that I put in the data folder... and see if it runs any faster...screens like the user screen should load fast... not after 15 seconds of waiting like they seem to be doing right now
If none of that helps which it probably wont I can set up the database for you here including the importing later tommoro when I am done pouring concrete
, 5300 users honetly wouldn't even phase the database or the code... even with MSAccess...you got other problems and I can say that with 150% certainty
my guess is permissions on the database folder are not quite right or the odbc drivers have issues.. something along those lines..
access databases act up when full modify permissions are not given to the folder they are in.... they can also act up if the odbc drivers are very new and you are not using a newer version of the access database such as 2002 version as opposed to a 97 or 2000 version
using a system dsn as opposed to a dsn-less connection can also cause BIG issues. always use a DSN-LESS connection
you can also have big problems if just the database file is given permissions instead of the whole directory it is in
also, the script timeout has nothing to do with it.. if that is happening something is wrong with the data connection like I said... no amount of changing timeouts is going to cure it...
how permissions are correctly set
http://www.powerasp.com/content/new/windows_2003_server_and_ permissions.asp
why system dsn's with access databases are bad news
http://support.cjwsoft.com/code/moreinfo9-1.htm
I know it worked at 1st but it can still be related to all of this because when permissions are not perfect databases will work ok for a while and then act up. it all has to do with the temporay lock files that access creates and deletes on a regualr basis
, I was able to get it all figured out. Thanks a lot for your help, I really appreciate it. I ended up copying the database with the password to the directory and used the user/password connection code and it works great. I believe it was related to that but I cannot be sure. Thanks again!
,
I pull that crap on myself once and a while... or my
favorite is leaving a bootable CD in the drive and then wondering why the heck
the OS doesn’t come back up. I pretty much promised myself back in 2002 that I
would never mess with anything minor after 10PM. For whatever reason I always
start messing around trying to "fix" something and end up sorry...
Granted if it’s an emergency I am all for it, but I get dresses in advance
anticipating the practically inevitable drive down to the datacenter.
Good luck with that, I am sure you will be much better off
in the long run.
, Below is the email I received when testing the self-registration. Does anyone know what setting I configured incorrectly?
I received the email to confirm the registration but the link to activate is invalied.
Thanks!
Your registration still has to be validated.
Go to
?u=bubbaj&v=4579
to verify your registration.
,
I'm having another problem-hopefully it's a quick fix.
it tries to go to a page: default.aspx
Server Error in '/' Application.
The resource cannot be found.
Description: HTTP 404. The resource you are looking for (or one of its dependencies) could have been removed, had its name changed, or is temporarily unavailable. Please review the following URL and make sure that it is spelled correctly.
Requested Url: /default.aspx
When i log in as admin from the aspprotectadmin/default.aspx that works fine...
where should the user be sent when they log in? Am i supposed to specify that or is it automatic? Why isnt it working for me? I dont believe i changed any settings that correspond to that either
, well, ultimately it comes down to this and this is stated in the footer of every page in the cjwsoft family of websites.
"In some cases in order to receive proper tech support your application will be need to be installed on a live professionaly setup server on the Internet. We simply cannot troubleshoot all issues when the application is only installed on your local machine."
and if you have some sort of weird timeout going on on your local machine and cant even give me a detailed error message there is just no way I can possibly troubleshoot it... I told you what to check and thats really all I can do... all my applications run on XP. As a matter of fact I do all my development on XP boxes.
It could be any numbers of things... odbc drivers, versions of vbscript... other software on the pc interfering such as antivirus script blockers like norton... all sorts of issues can pop up on personal machines running xp
If you put this up on a live professionally setup web server I can help you. On your local machine there is only so much I can suggest. , Hi Chris:
Is there a way I can include the username and password in the URL of a protected page to gain access to a that page without going through the log-in page?
I'm not quite sure what the syntax would be in the URL.
Warren
, Thought that was already done....
Back to the drawing board...
, If you are developing using Windows 2003 Server and running the NTFS file system setting proper permissions on a folder in your website is done like so.
using "my computer" browse to the folder in your web that you need to set permissions on.
Right click on that folder and then choose the "security" tab.
Give the "Internet Guest Account" Modify Permissions
This will check all the boxes under modify as well.
You can also give permissions to the everyone account and accomplish the same thing.
Other things to note:
If you are using ASP.NET you need to give permissions to an account called ASPNET. It wont show up in the user list. You'll need to click "add" and then type in "ASPNET"
In some cases you may want to go into the advanced tab and check both checkboxes shown in order to make sure the permissions you need get set. It really all depends on the situation.
cwilliams38342.7343981481, ASPProtect Version 7
Expiry Notices go out to members who have recently renewed by subscription.
When an existing member from ASPProtect Version 6, with an expiry date, renews with SUBSCRIPTION in v7, the previous expiry date remains unchanged.
We assume the expiry date remains blank with NEW Subscriptions and that Paypal takes care of notifications.
But our notifications to the "about to expire" dating from v6 catches the "Renewed by subscrtiption" as well, as the date has nor been changed or removed, and this REALLY confuses our members.
Can this be resolved?
, do you have "use picture uploading" checked in the settings ?
that is important..
have proper permissions been set on the picture folder ?
are the paths set correctly for the picture folder ?, For all you advanced users..
Here are two examples of ASP.NET code you can use on your ".aspx" pages to call banners from the ASP 3.0 version of ASPBaner Unlimited V8
This code is not supported... and you of course must change things accordingly like the variable names and zone numbers to match the zone you want to call banners from as well as the url.
2004-08-27_153832_asp.net_examples.zip
cwilliams38226.6523263889, you basically have to edit the html in the links in the various pages and remove them... some are in includes files
use a text editor and be causious / back things up before you remove links so you can revert back
, download the free version...
check out this tutorial...
http://support.cjwsoft.com/code/moreinfo169-1.htm
If your application can post to the page and provide all the form variables needed to log in it may work out for you..
You'll have to try it out... all the form variables needed are in that login form example.
Basically you'd be posting to a protected (.asp) page..
and providing the following for the most part.. how your app creates it post data is on your end...
<input type="hidden" name="Status" value="Checkem">
<input type="text" name="Username" value="Yourusername">
<input type="Password" name="Password" value="YourPassword">
As an alternate scenario...
Now, by default the "check_user_inc.asp" file is looking for posted form data... for security reasons it is not looking for querystring info..
If you change this bit of code in that file
from
Username = Replace(Request.Form("Username"),"'","''")
Password = Request.Form("Password")
to
Username = Replace(Request("Username"),"'","''")
Password = Request("Password")
It will then grab either form or querystring data...
Meaning you wouldn't necessary have to create a true post to the page with form data. You could just access the page via a querysting like so
http://www.mysite.com/somepage.asp?Status=Checkem&Userna me=Yourusername&Password=Yourpassword
Of course that introduces security risks as the username and password would be passed in plain text over the net
Another option is...
You can also make a copy of the "check_user_inc.asp" page called whatever with those modifications just to use in pages you need your little application to post to... thus reducing the security concerns a a bit as the rest of yoru site could still have its pages protected under the normal scenario.
I hope this answers your question... I havent really ever tried any of this but that is how I think it would work... , Hope the wedding went well. I have one this weekend.
I was successful at performing an upload. The free upload software was either not configure properly (probably) or not working. I downloaded the trial version of softartisan's upload (which is like over $300) and it started working.
Can more than one photo be uploaded at one time (like a whole folder full of photos) or does each have to be done individually?
, Because employees and sales reps might leave or go to work at competitors without our knowledge and we can't have them get an perm account so we need to implement some sort of expiry and then review their account with them., I downloaded the skins, ftp'd them to the skins folder and can see them in the list of available skins. No matter which one I try to apply it keeps solid_color_black.
Al
, can add photo album but after i upload a pic, nothing shows.
where do i look to research why pics aren't showing in the albums
, again I will ask you what is the real error??
see the link above when I asked you the 1st time.
(I need the error details and line number.. etc etc)
and what kind of a server are you trying to run it on ?
you mention xp pro but in a confusing way ?
, Whenever you are running software that can block scripts from certain things you are going to have issues like this.
I imagine many complex asp scripts you will download will do things like this as well.
A highly doubt it is anything to worry about regarding people that use your site.
ASP code delivers standard html to the browser... nothing weird goes on as far as that goes.
This system has been sold for 6 years and this is just not something to worry about. Trust me.. though you may want to tone down black ice so it doesn't give you issues as it tries to block various things.
If I were you I would do some google searches on black ice and issues with it blocking asp scripts.. etc etc
Now, if you are running black ice right on the server that a whole other story and something you as a server admin need to decide what to do about. I doubt that is the case as black ice is not probably suitable for a commercial webserver but I just thought I would throw that out there.
, I've had an error I saw described here, couldn't figure out what it
was. My SQL statement was being cut off, though a bit differently
because it was created on multiple lines with the amper-underscore
string construction design; my statement had no UPDATE, only started
with the junk screen characters of the encrypted password.
So, from what you said above about the vbNullChar, Chris, it looks like
I've hit the same problem, maybe from an old version (downloaded March
22, 2005). Could I request a copy of the updated logic?
Thanks a lot.
,
grrrrrr
As far as the users thing... my fault that was setup wrong in the settings of the admin login page.
but still dont have a solution for what im trying to do
, I really do not know to tell you the truth. I'll do some research.
The script only allows .jpg, .jpeg, and .gif extensions.
If someone uploads a file called... "filename.vbs.jpeg" with bad vbscript in it I seriously doubt anything can happen because of it because of the extension.
But I really do not know.
It has never happened to any sites I have or know of.
cwilliams38447.0491435185, >>1. What is telling paypal to return the info to the ipn.asp page for
processing? Is that something I have to set up in my paypal
account?
Nevermind on this question. I found the notify_url variable. :-\
Thanks,
Michelle
, Hi,
Its just not enough information to go on. I need more details on what is going on. There are a lot of configuration settings in these applications. I really do not know what to make of that screen shot.
My 1st guess is that if you cannot delete a picture that the picture folder does not have delete permissions ??
I also need to mention that I am not sure what this has to do with ASPImage ?
, Sorry, there is not any documentation on that.. it is basic asp/database work and customization like that is not supported. I recommended looking at what is already there and using that as a guide to produce more fields. etc etc
, If I also password protect the pricelist pages then someone will have to login twice.
nobody should have to log in twice... ?
session variables keep track of access... once your in - your in and you can browse to and from any password protected pages you like
If it is making you log in each time then cookies are most likely disabled.. session variables requires cookies being on to work.. cookies being on is a requirement of aspprotect and is how Formed Based Authentication works..
let me know if that is the issue there...
you shouldnt have to be logging in more than once per session
Thats the whole point of the application...
, Hi there, I am not exactly what you mean when you say "moved some of the include files to user"
are you saying you are moving files around ? I am not sure what you mean there.
but.. the parent path issue is described in detail here
http://support.cjwsoft.com/code/moreinfo5-1.htm
Having is enabled is actually a requirment of the photo gallery application as stated on the web site
http://www.aspphotogallery.com/aspgallery_pro.asp
You can certainly still use the apllication but as that article says you will need to change any file includes to virtual includes so they will work with parent paths disabled
, The version of aspbanner you have should not matter.
What you are doing here is wrong.
<PARAM NAME=movie VALUE=" http://www.innovationtools.com/aspbanner/aspbanner/banner_re direct.asp?Banner_ID=25">
PARAM NAME=movie is supposed to link to your ".swf" file.
And thats why all you see is black.
I don't think you quite understood all of that information fully.
Your ".swf" files needs to be coded in FLASH to link to the aspbanner redirect url. You don't change that flash calling code like that.
The ".swf" file links to the aspbanner redirect url which tracks the click and then redirects the user to the Link URL
You basically need to code your ".swf" flash file to go to that aspbanner URL or code your flash file so it can take a parameter for the url it clicks to (like the macromedia article talks about. This has to be done when editing the flash file in the flash editor before the file is saved.
If you dont have access to the original ".swf" to edit it and re-save it.. your out of luck as far as tracking clicks goes
,
Timecard Entry: 3/25/2006 1:51:31 PM
Prepare for Investors Meeting, and IPRS conference call with BA and NS, lunch, remove Pack-n-travel web site, drive to Crown Point NY (50 miles_, on line and rad log,,dial ups, (chris wanted tehm) time card, staraighten area, met with Tom and Peggy about fastenmates.com images, emails, WORKED ON THE sEACOMM PROBLEM- RESCHEDULED WITH lAUREL AND DAVE- SPOKE TO NIC ABOUT ISSUES WITH WANS AND WIRELESS NOT GETTING INSTALLED- NO SUPPPORT FOR CUSTOMERS, Morning Meeting, misc web billing that was missed, work with darrell on iprs stuff, Three hours of vacation time -loved it, Time spent throughout day working w/ on-site techs and inside router for TI Council trouble., General, callbacks, lunch, readied money for Clayton, checked accts in imail, trained with jodi on billing email, answered phones - signups, acct changes, cancels, wrote procedures for csr manual for batch daily and receipts to clayton, created form for daily batch. trained on cc batch with jodi, filed customer paperwork., Working w/ Hitty and Ben regarding TS Peck, AT Work working on Cortland database conversion. Matt is also helping with this as best he can., Picked up mail and opened. Posted accounts, counted the cash drawer, ans. phone, and sorted the mail., Charge card deposit, Preparing for stlra.com meeting, Times - School Stats basketball input form validations., Emails, chow, wwnytv.net/72k - Completed & tested ''Contact Us'' form. Setup to email HTML formatted email response selecte recipient. Contacted Jim Corbin to let him know its done., Got a little busy streak. Checked voice mail again. Checked up on DUI, Rad, AUQ. , worked on designing Ives Hill web page (iveshill.com, design), course 3161 & 3162 passport training, Phone and Email message catch up- tried to get accurate info on where our various dedicated solutions are available. ,
