If you have found out that parent paths are disabled on the web server you can still use the application.

Before you continue.

If it is your server consider enabling parent paths to solve the problem.

If it is not your server consider asking them to enable parent paths for your web site to solve the problem.

If that is not possible please download this zip file.
2005-02-20_150703_aspprotect_v7.x_alternate_include_file_pat hs.zip

This zip file contains 3 sets of alternate files depending on your situation. You simply replace your existing aspprotect v7.x files with these new ones.

The zip file contains the following folders and files.

Below is the contents of the readme.txt file which explains everything.

The following folders each have a version of all the files in the ASPProtect system that might need to be edited in case you need to change the paths for the server side include files. There are 3 different scenarios.

(parent paths enabled) - This is the way the application comes.
The files in this folder have FILE server side includes containing "../" information. While these includes will work when the applicaion in is any location of a website they will not work if parent paths are disabled on the web server. Generally you will want to use these on your xp development machine. You can of course use them on your real server if parent paths are enabled. Parent Paths are now disabled on II6 by default and some hosting company will not enable them.

(domain root)
The files in this folder have VIRTUAL server side includes in them.
These includes only work when the applicaion is installed in the root of your web domain. For example if your domain was called "www.somedomain.com" the following aspprotect files and folders would end up like this
"http://www.somedomain.com/check_user_inc.asp"
"http://www.somedomain.com/password_admin"
"http://www.somedomain.com/users"

(domain directory)
The files in this folder have VIRTUAL server side includes in them.
These includes only work when the applicaion is installed in a directory called "aspprotect" in the root of your web domain. For example if your domain was called "www.somedomain.com" the
following aspprotect files and folders would end up like this
"http://www.somedomain.com/aspprotect/check_user_inc.asp"
"http://www.somedomain.com/aspprotect/password_admin"
"http://www.somedomain.com/aspprotect/users"
You can change the name of the "aspprotect" directory but you will will have to edit the includes in the files.

Lastly, if you are on a local machine and insist on using the VIRTUAL INCLUDES you would also use the (domain directory files) even though you dont have a domain on your local machine most likely
For example if your site was installed like so.
"http://localhost/aspprotect/check_user_inc.asp"
"http://localhost/aspprotect/password_admin"
"http://localhost/aspprotect/users"

I am still a little confused... one thing I would like to mention is that the passwords in the aspprotect database are encrypted... meaning you cant just add a password to the user database by hand because it wont be the encrypted value and wont work.

It is something the application takes care of when you add a user via the web based interface.

You can however still add users manaully or with careful import/exporting... but you will have to use the existing password conversion technique which is covered at the end of our upgrade instructions in these forums.
http://support.cjwsoft.com/code/moreinfo174-1.htm

Basically you want to add a field to the "ASPP_Users" table called "Old_Password" and that is where you enter the password in plain text. Then after you are finished adding users to the database manually you do this.

You want to run a special page via the browser.

http://www.mysite.com/password_admin/convert_to_encrypted.asp

Which will convert the passwords to the encrypted value for you.
See the bottom of this thread for all the info on that.
http://support.cjwsoft.com/code/moreinfo174-1.htm

The application automatically generates all the code for you for each method of calling banners. It does this on the zones screen.

If you are using flash it also possible that the actualy flash file is what is causing things to slow up.

It really all depends... it could also be server resource related

using sql server or access.. ? etc etc

all important details

Suprising I started this tread off on ASPImage, but I resolved my issue and forgot to change the thread topic.  I will try your suggestion.

Hi,

Ok, well... you have a lot of stuff going on there.

More importantly than that.. you cant even log into the admin area using the admin account. There is something majorly wrong with the installation.

I also notice you havent even saved any path settings in the settings page of the admin area. I am looking that over now and filling in the missing info. That information needs to be populated.

Is there a way to protect other virtual sites on the server that are not under the default web site considering people may have different websites running off one server?  I get the following error:

Parser Error Message: Cannot use a leading .. to exit above the top directory.

Source Error:

Line 1: <%@ Register TagPrefix="aspprotect" TagName="checkaccess" Src="../../protectpage.ascx" %> Line 2: <aspprotect:checkaccess level="4" groups="null" runat="server"></aspprotect:checkaccess> Line 3:

Thanks!

I think you getting all confused about dsn's and what they really are.

A system dsn gets created via the ODBC control panel and gets listed there. A system dsn is nothing more than a registry entry telling information about where the database is an how to connect to it. Then every time code accesses the database it has to do a registry lookup. The whole process adds a lot of delays, causes very poor performance and is unnecessary.

A dsn-less connection simply connects directly to the database by specifying the driver being used, where the database is, and some other information like the password if there is one.

To get aspprotect or any other ASP application using a database all you have to do is make sure the database folder has correct permissions and then make a connection string like so. (with the correct info for your directory structure of course)

DBQ=c:\inetpub\wwwroot\aspprotect_6\data\database\ASPProtect _access2002.mdb;Driver={Microsoft Access Driver (*.mdb)};UID=Admin;Password=temp

If you are wondering Access databases always use the same username.

So, basically if permissions are set correctly and the directory is valid it will work.
It is really that simple. 99% of the time when people have problems it is one or the other.

That being said, don't worry about the odbc control panel and what is listed there for connections. All we really care about is that odbc drivers are installed and somewhat current.


One last thign for reference: even if you do make a system dsn the database folder still needs the correct permissions.

the reason being is because when I do installs I do not touch any of your existing content. I only install the base application and make sure everything in it working correctly and also that the example protected pages are working. I do not integrate it with your existing site or edit any of your existing web content. That is up to you

sorry about that, but it would be way too time consuming and editing people's existing pages is a good way to cause a lot of headaches for me and the customer if something goes wrong. Not only that but everyone uses the system differently and it wouldnt make sense for me to be the one doing that based on access levels, groups.. etc etc  which will all be custom to how you want things set up.

more on installation policies here.
http://www.cjwsoft.com/installation_service.asp

Testing for XML Parser Support

the microsoft xml parser is generally installed by default on all new server setups..

It allows ASP code to make calls to other pages anywhere on the new as well as a lot of other handy things..

download and run this ".asp" page to verfiy that it is installed and be sure it is available for you to use

2004-12-10_132620_test_xmlparser.zip

Make sure you run it from your web server through the web browser

If things are not perfect there will be no log files and no errors.. it can only be one of these things really
http://support.cjwsoft.com/code/moreinfo313-2.htm

You may also want to make your the filesystem on the server is working and not disabled by norton script blocking or anything random like that. Testing the filesystem object is best done by writing a simple text file to a folder. Plenty of examples of doing that can be found at www.aspin.com

Recent activity is temporary and admin activity in the admin area is not tracked. If your application in IIS has reset or there has been no activity in the users area or in pages you protected there will be nothing there. The busier your site the more chance something will be there. For example usually our online demo has something there except right after 4am when my server does an iisreset.

See, and that's what I thought.  What's interesting is that if I call either an aspx page or an asp page in the iframe tag, it asks me if I want to open the page, it doesn't display it.  I'm using IE6 so there's not problem with the support for the tag.

I'll keep looking to find out what's going on. I think the iframe method might work best.

JDooley

Banners no longer show up on my site ?

If banners were working fine and now they are just not showing up.
1st check to see that you are calling a valid zone with live banners in it.
If you are then most likely this it what hapened.

The web server must have crashed or lost power and now the application variables are in limbo/not working.

I have seen this happen a few times.

Basically the application variable system gets messed up because it was not shut down properlly.

The way to cure it are as follows.

Edit and save a banner in the system. Hopefully that gets things going again.

do you have the smtp part of iis installed on your machine

cdonts needs that

then again I am not sure you can even use cdonts on a xp box without making some changes...

cdonts has kinds died out and as of windows 2000 basically got replaces by cdosys

You can mix and match banner calling methods all you want.
Try it and see what happens.

However, the only method that is going to work on non ".asp" pages is the javascript or the new iframe method listed in the support forums.

The login page sends the user to redirect.asp (which is as follows)

<%@ LANGUAGE="VBSCRIPT" %>
<!--#INCLUDE FILE="check_user_inc.asp"-->
 
<%
If InStr(Session("Groups"),"*1*") Then
    Response.Redirect("gp01.asp")
End If
%>

<%
If InStr(Session("Groups"),"*2*") Then
    Response.Redirect("gp02.asp")
End If
%>

I am not being redirected to gp02.asp if I am a member of group2.  Also, we wish users who are part of group 2 and 3 to go to a different page (ie. gp2-3.asp)

Thanks in advance.

I think I've got it to work somewhat.  I modified the 2checkout1 & 2 asp file to use and pass Product_id.  It now identifies the product correctly.  I'm good fo now. Thanks for the info though.

-Jason

when I go to that url is seems fairly fast and somewhat normal.. even when I try to log in it pops right back up asking for login info again..

I would check to make sure you are not running anything that might be effecting your web browsing.. software firewalls.. ad blockers.. script blockers... norton internet security.. zone alarm... anything like that

they can all effect a lot of things regarding how web browsers act.

sure and thats probably what you should do... that pure asp upload thing must not be able to handle the size of your import file... another thing which can very .. also some versions of IIS require registry changes to upload bigger files via asp code alone

SQL Server Datareader Datawriter Permissions..

here is a screenshot that shows how to set datareader and datawriter permissions on a database using "SQL Enterprise Manager"

In this example we are making sure the aspbanneruser has those permissions on the aspbanner database in the SQL Server

dsn-less is the way to go..
http://support.cjwsoft.com/code/moreinfo9-2.htm

you also need to use newer versions of the database as the odbc drivers on the server are sometimes very new and no longer work with access 97 databases

Gotcha.

Can you set an expiration date on a subscription?

Thanks,

Jess

I am running Windows 2000 server. I do believe asp.net IS installed as I have the .NET 1.1 framework installed.

Funny about the bounce backs. I am at about 10% of my limit, which I control as I am the network admin. I'll check into that.

pretty clever...

If anyone is interested in what the Mod function actually does this article explains it nicely. They even use it for the same purpose in the examples.

http://www.asp101.com/articles/steven/mod/default.asp

Hello,

Sorry
No, there is not.

not the way the code ships.. The program keeps tracks of everything by the way it ranames files. The system has been tested to work well with as many as 10,000 images files. Any more than that and you need something a little more serious meant for that amount of images.

You could certainly modify it do work that way if you are good with source code. There are actually as many drawbacks as doing doing it that way as there are advantages.
Take Care

How to bring up the Code Generators

Simply go to the zones screen.
Select a Zone from the list.
Check the "Show Banner Code" option.

Click on "Display Banners in Selected Zone"