Blog Entry: 3/25/2006 1:50:54 PM
Not sure because of the nature of the javascript method
for starters tighten up the html around the banner call
change
<tr>
<td width="460" height="60" align="center" valign="middle" class="imagead">
<!------- ASPBanner Ad code ------------->
<script language="JavaScript">
var code = '';
var now = new Date();
var nIndex = now.getTime();
document.write('<s' + 'cript src=" http://www.nababaseball.com/aspbannernet/aspbanner/injectban ner.aspx?BannerZone=1&nocache=' + nIndex + '">');
document.write('</' + 's' + 'cript>');
</script>
<script language="JavaScript">document.write(jscode);</script >
</td>
to
<tr>
<td width="460" height="60" align="center" valign="middle" class="imagead">
<script language="JavaScript">
var code = '';
var now = new Date();
var nIndex = now.getTime();
document.write('<s' + 'cript src=" http://www.nababaseball.com/aspbannernet/aspbanner/injectban ner.aspx?BannerZone=1&nocache=' + nIndex + '">');
document.write('</' + 's' + 'cript>');
</script>
<script language="JavaScript">document.write(jscode);</script >
</td>
If that doesn't help I would suggest using the ASP 3.0 version of ASPBanner. It can serve banners to a any type of page extension and it runs just as well as the .NET version. There is a new iframe method for calling banners that you can try instead of the javascript. The iframe method is explained in the ASPBanner Unlimited section of the forum. cwilliams38150.6443634259, Actually this was rather easy to fix. Once you restrict the permissions on the folder, open up IIS admin. Goto the selected folder, and right click/properties. Once there you modify directory listing and add defauly.asp to documents. This will provide an automatic load with you enter in the unmask route.  ,
It should be released sometime late May 2004 or early June 2004 but no gurantees as I am pretty busy right now with some projects.
There will be upgrade instructions and it should be a fairly easy upgrade. , [QUOTE=afifm]
I was actually able to do similar thing by allowing our dedicated search engine to access the site unchallanged.
<%
If Trim(Left(Request.ServerVariables("HTTP_USER_AGENT"),11)) = "MYPASSWORD" Then
SearchFlag = True
End If
If SearchFlag <> True Then
If Session("Access_Level") > CHECKFOR or Session("Access_Level") = "" Then
%>
<!--#include virtual="/Auth/check_user_Code.asp" -->
<head>
<title>My Title</title>
</head>
<body>
My Protected stuff here
</body>
</html>
For this to work, the search engine must pass the PW to the web site. I just was not sure how to do the same thing with IPs. I will play with the code and see what happens. If it works, I will post it here to help others, if this is OK with forum rules.
Thanks,
Mo
[/QUOTE]
I just added couple of lines and it works fine
If (Request.ServerVariables("REMOTE_ADDR")) = "xxx.xx.xxx.xxx" Then
' Session("PasswordAccess") = "Yes"
SearchFlag = true
End If , Hi,
I don't fully understand what you are explaining ... the part about showing a user but not working???? but if you PM me the details I will glady go into your live webserver and see if I can get it working. , Done!
I was able to put my experience was based on *40 months* of usage! I
think I bought a version way back in 2001, IIRC, so it's been a long,
happy trip with ASPProtect for me!
, If you have messed up the admin account or forgotten the admin password you generally should open up the database manually and add a new account or see what the old account is.
In version 7 however you have another option. Go through the installation instructions again. Specifically the part where you use the "get_me_in.asp" page to get back into the admin area by pasting in the password encrpytion keye you are using from your config file. , It happens at least once per hour or every time a banner is edited in the system by the admin.
Changing its frequency would be somewhat complicated. You'll have to make changes to the code in a few places and you will effect performance adversely by doing it more often as it will mean a lot more database queries which defeats the purpose of doing it once per hour to conserve resources. The reason is when you change the frequency of that you also change the frequency of the entire banner application variable caching system. It difficult to explain but it unlike most banner systems out there it basically fetches banner rotation info every so often instead of every single time your page needs a banner. It stores this rotation and cycling information in ultra fast application variables. The docs actually go over a little bit of how that process actually functions under "using the system / Setting Up Banners
"
Its a customization I just can not support and I do not recommend doing, but if you really want to you should look at the "aspbanner_inc.asp" file
this is the part that makes it happen at least once per hour (requires visitors to your site to happen obviously)... you'd have to cleverly recode it to work slightly more often
' Checks the time the banner data was last updated and basically updates it if an hour or more has passed
If Cint(Application("BannersLastUpdated")) <> Cint(Hour(time)) Then
%>
<!--#INCLUDE FILE="appinfo_inc.asp"-->
<%
End If
There may be more to changing this than that, but this is all I can tell you. cwilliams38441.6427083333, Thanks, I know, I have it all figured out and have thought about it before. Just no time yet to do it. It will probably be an add-on/mod when I get time. , did you fix it because I see all the pictures just fine ?
http://mcintoshcounty.org/real_estate/view_item.asp?Ad_ID=1
, We do not have plans to support recurring payments via 2checkout because their system is not flexible enough to allow it to function correctly. Basically their system will not send notifications to our system when a recurring payment fails and therefore there is no way to automatically disable a user that cancels or does not pay. etc etc.. , Below is the email I received when testing the self-registration. Does anyone know what setting I configured incorrectly?
I received the email to confirm the registration but the link to activate is invalied.
Thanks!
Your registration still has to be validated.
Go to
?u=bubbaj&v=4579
to verify your registration.
,
Error when click on banner. (I remove on error resume next in config_inc.asp)
The conversion of a char data type to a datetime data type resulted in an out-of-range datetime value.
banner_redirect.asp, line 36
Database - MS SQL Server.
Gignutyi38368.5403935185, it probably means the page you are trying to protect is (not in an iis application or not in the same iis application) which it needs to be
for a situation like using ASPProtect you really want your root of your virtual directory set up as one big application in IIS. (after you inquired about it your hosting company probably went and set the ASPProtect folder as an application in IIS which means any pages you protect need to be in there as well. (truth is they should have had your entire web starting from the root set as one in the 1st place..... its standard practice for any experienced hosting company) cwilliams38456.9306828704, While attempting the database connection test, I receive the following error:
Server Error in '/' Application.
Security Exception
Description: The application attempted to perform an operation not allowed by the security policy. To grant this application the required permission please contact your system administrator or change the application's trust level in the configuration file.
Exception Details: System.Security.SecurityException: Security error.
Source Error:
An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below. |
Stack Trace:
[SecurityException: Security error.]
aspprotectnet.DBConnectTest.Page_Load(Object sender, EventArgs e) +0
System.Web.UI.Control.OnLoad(EventArgs e) +67
System.Web.UI.Control.LoadRecursive() +35
System.Web.UI.Page.ProcessRequestMain() +2112
System.Web.UI.Page.ProcessRequest() +218
System.Web.UI.Page.ProcessRequest(HttpContext context) +18
System.Web.CallHandlerExecutionStep.System.Web.HttpApplicati on+IExecutionStep.Execute() +179
System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +87
|
Version Information: Microsoft .NET Framework Version:1.1.4322.2300; ASP.NET Version:1.1.4322.2300
My guess is that this is an issue with the fact that I'm in a shared hosting environment that is restricted by CAS. Before I move to a dedicated server, I'd like to verify that this is the issue. I'd appreciate your input.
My host is 1and1 Internet. You may find this FAQ helpful: http://faq.1and1.com/scripting_languages_supported/_net/16.h tml.
, I would kile to see more support for the groups function:
1. on the password_admin/default.asp page have a coulmn listing groups
2. ability to change groups in bulk eg change the expiry date for all group x members
Cheers , Humm, I dont see how moving to a new server could have anything to do with that.
What method of displaying the banners are you using. Perhaps try some of the other ones.
Don't use the javascript method with a javascript based ad like google.. that's for sure. cwilliams38454.8903472222, Chris,
Well some good news ! This from my hosting company this morning...
"
I'd say that the vendor is right so I've submitted a work order to
create the *****.com/aspnetprotect directory as an application.
If there are any other directories for which this needs to be done,
please let us know. This particular task always needs to be performed
by our staff.
If you need to follow up on this job with one of our on-line or phone
technicians, you can reference ticket id 11860.
With regards "
Thanks for your help thus far
Andy
cwilliams38455.5654513889, 1) Does everything, i.e. every user, every category, every product, etc., get stored in just one single database, or are there multiple databases at work and are linked to one another? I am asking because there is only one table in the DB, and it is the "Users" table. So I am presuming that there must be other databases that are linked to the DB. Is this correct?
2) Are user-level security permissions utilized in the sample Access DB that is shipped with the software? I am asking because we cannot seem to remove the "temp" password no matter what we try, and this is the only reason I can think of. , I have been using the AspHttp Component method for displaying my ads along with the google adsense code. However, in the last few days my site was taking too long to load, so I replaced the AspHttp component, with Javascript method. The site was back to speed. But now, the Google Adsense banners do not show up. Is there a solution for that? Can the Javascript show Adsense banners also? Because they do show the Flash banners., The sql script creates aspgalleryuser
dataconn_inc.asp out of the box indicates aspgallery as the user.
GalleryConnectionString = "Provider=sqloledb;Data Source=127.0.0.1;Initial Catalog=aspgallery;User Id=aspgallery;Password=temp;" , lmao ... ya that has never happend to me before.... , That carrot doesn't really exist in the file, so I'm not sure.
I did download and place the ASPTEST file in www.drsweisberg.com/asptest and when I try to load the 2 pages it fails to load. I have another site on the same server and I uploaded the same exact set of files and the asp pages load. www.klarman.com/asptest
http://www.drsweisberg.com/asptest/server_info.asp
http://www.klarman.com/asptest/server_info.asp
This is how I set the connection:
ConnectionString = "DBQ=D:\clients\rklarman\klarman\asptest\_database\asptest.m db;Driver={Microsoft Access Driver (*.mdb)};UID=Admin;Password=temp"
ConnectionString = "DBQ=D:\clients\rklarman\drsweisberg\asptest\_database\aspte st.mdb;Driver={Microsoft Access Driver (*.mdb)};UID=Admin;Password=temp" , now, even though it should work with two slashes or not... here is an updated file that will clear that issue up.
You can try it but I think you have other issues like I said above.
just replace this file in the "scripts" folder
2005-12-16_141245_populate_config_variables_inc.zip , Now that I really think about it.. instead of logging that info to a text file and worrying about folder permissions you could probably just save the post info into an application variable during the paypal ipn.asp post like so
For Each Item In Request.Form
formdata = formdata & vbCrLf & Item & "=" & Request.Form(Item) & vbCrLf
Next
Application("PayPalPost") = formdata & " - " & NOW
then anytime you wanted to see if that info was there or when it happened you could make a simple asp page in your site to display the results like so
<%
Response.Write "(" & Application("PayPalPost") & ")"
%>
cwilliams38421.6747453704, I downloaded v7 3/7/2005
I entered a password that was supposed to be all caps with only first letter caps.
it is odd, if I go to other user and enter wrong password that does not come up. it apprpriately goes to a screen that says Access Denied.
thx , Still not having much success. I am using SQL server. I changed the permission in the following directory :sql server data\mssql\data. Is that the database directory you are referring to?, Ow.
I haven't moved (or messed with) any critical files within the directory at all, just placed them as a job lot into a subdirectory call aspprotect.
All I did was put all the files directly into a directory rather than into the root because some of the subdirectories had the same name as some already in use and would therefore have been overwritten.
I'll go back and have another look in the cold light of day (its too late tonight UK time).
Thanks anyway. , Ahhh, I see it, thanks that was the ticket.
, any asp code that accesses an access database, writes to text files, or allows for picture uploading will need permissions set on certain directories
every application out there is going to need permissions set at some point
its just a fact.. and if your hosting company does not give you a way to manage permissions or have it done when you ask they do not know what they are doing and they are not supporting your asp hosting needs
see my article for more info on the whole process
http://support.cjwsoft.com/code/moreinfo136-1.htm
the part newar the bottom talks about hosting companies , My guess is they are not going to allow you to run your own oledb connector out of your own personal bin directory.
I don't think your going to be able to modify aspprotect to work under
that environment very easily, but I would give 1&1 a chance to
explain their reasoning and they might actually be able to provide a
simple fix who knows.
I have never seen a situation where a host goes messing around with
.NET that worked out good for anyone. I'm sure they have a reason, but
the entire world writes code to work on the platform as Microsoft
shipped it not as someone decided was a better way to set it up.
, ASPProtect and PayPal are fully automated and ready to go.
Accounts will automatically get activated after payment.
We actually do not tell you to put nothing in the PayPal system for the IPN URL. Something has to be there or PayPal will not let you enable IPN. We actually tell you in you PayPal settings to turn on IPN and make up an IPN url because something has to go there. (I think we suggested making a blank asp page on you're site to send it to) It really doesn't matter where you send that but it might as well be a valid page on your site to avoid any 404 errors in your logs when a non ASPProtect payment comes in.
You see, we dont set that IPN url set in the PayPal system because each ASPProtect signup script directory (single payment and subcription) uses it own IPN url and that all gets set on the fly by the aspprotect system. There is a way to overide the defaul IPN url is what I am saying.
Also:
A lot of people already have something there and we didn't want the ASPProtect system to interfere with things they already had going on. cwilliams38421.530787037, More Info on Simple File Sharing
http://www.practicallynetworked.com/sharing/xp/filesharing.h tm
http://www.theeldergeek.com/quick_guide_to_simple_file_shari ng.htm
http://support.microsoft.com/default.aspx?scid=kb;en-us;3040 40
, Windows 2000 server you said ? Just checking on that one ?, also.. every once in a while I get some nervous person concerned about security... and the pros and cons of having parent paths enabled.
etc etc etc
so let me add this bit of info..
I don’t know what your hosting company will say because it is an iffy topic and those that understand it have a hard time explaining it to someone who doesn't. Also usually the hosting company doesn't have a clue except they heard it was a security risk.
Here is the low down from someone that really understands it...
(well, at least I think I do)
The only real security risks are from YOU and possibly other people hosting on the same server if they have parent paths enabled that is.
Meaning your site visitors can't possibly do anything with it unless of course you let them upload and run their own asp files to the server.
Anyway.. if YOU run malicious asp scripts you could potentially attack other sites on the server and look at things you shouldn't. As could other sites on the same server do to you I suppose.
So, unless you plan on doing that or some other site admin on the server does it to you its not really a concern. Just an advantage in coding abilities.
If you attack someone elses site on the server or lurk where you shouldnt then you are probably violating your hosting agreement.
99% of the time everyone gets all nervous over nothing.. half the people nervous about this have sites nobody would ever want to hack anyway.
Many people with a really important/busy sites are going to have a dedicated server somewhere so the setting is not relevant..
The hosting companies of course have to warn you.
This setting was enabled by default for years on IIS4-IIS5. I never once heard one single real story about anyone attacking anything because of this setting. That doesn't mean it doesn't happen but I am just telling you what I know.
This is all my opinion so take it for what it is...
If you are a Hosting Company your better off turning it on at the customers request, giving them a warning about it, and in turn having happy customers.
The big hosting companies like Alentus and MaximumASP do it...
There are far worse things than this to let people do after all.
Beleive it or not I have actually been in servers where they gave the anonymous webserver acount modify permissions EVERYWHERE yet they disabled parent paths ???? cwilliams38391.6024189815, Connecting user is dbo of database.
User_ID is primary key with auto increment identity.
SQL Script of current table:
CREATE TABLE [dbo].[Security_Users] (
[User_ID] [int] IDENTITY (1, 1) NOT NULL ,
[First_Name] [nvarchar] (100) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Last_Name] [nvarchar] (100) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Company_Name] [nvarchar] (100) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Username] [nvarchar] (75) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Password] [nvarchar] (15) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Access_Level] [nvarchar] (30) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Notes] [nvarchar] (1000) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Admin] [bit] NOT NULL ,
[Active] [bit] NOT NULL ,
[Expiration_Date] [smalldatetime] NULL ,
[Email] [nvarchar] (100) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Address] [nvarchar] (100) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[City] [nvarchar] (100) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[State_Province] [nvarchar] (100) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Zipcode_Postal_Code] [nvarchar] (20) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Phone] [nvarchar] (20) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Counter] [int] NULL ,
[Last_Access] [smalldatetime] NULL ,
[Login_Limit] [int] NULL ,
[Custom1] [nvarchar] (255) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Custom2] [nvarchar] (255) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Custom3] [nvarchar] (255) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Custom4] [nvarchar] (255) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Custom5] [nvarchar] (255) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Custom6] [nvarchar] (255) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[ValidateEmailCode] [nvarchar] (50) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Date_Created] [datetime] NULL ,
[Validated] [bit] NOT NULL
) ON [PRIMARY]
GO
ALTER TABLE [dbo].[Security_Users] WITH NOCHECK ADD
CONSTRAINT [PK_Security_Users] PRIMARY KEY CLUSTERED
(
[User_ID]
) ON [PRIMARY]
GO , well, ultimately it comes down to this and this is stated in the footer of every page in the cjwsoft family of websites.
"In some cases in order to receive proper tech support your application will be need to be installed on a live professionaly setup server on the Internet. We simply cannot troubleshoot all issues when the application is only installed on your local machine."
and if you have some sort of weird timeout going on on your local machine and cant even give me a detailed error message there is just no way I can possibly troubleshoot it... I told you what to check and thats really all I can do... all my applications run on XP. As a matter of fact I do all my development on XP boxes.
It could be any numbers of things... odbc drivers, versions of vbscript... other software on the pc interfering such as antivirus script blockers like norton... all sorts of issues can pop up on personal machines running xp
If you put this up on a live professionally setup web server I can help you. On your local machine there is only so much I can suggest. , Hello,
Sorry, I do not have any good ideas on this one...
Domain Name Masking can cause issues with quite a few things.
cwilliams38366.3136342593, Thanks for that.
I have tried InStr("*2*",>"0") in the query design window but it does not return any members.
I have orded a Access Bible to help me in furture , Hi,
Sorry, but if ".asp" pages download instead of run on a server then that means ASP is not working on the server and is not configured correctly. That is about as low level as it gets and it is really the hosting companie's responsibilty to sort that one out.
It is totally a system admininister's job to make sure that sort of thing is working. If this place supports ASP they really need to fix that for you. There really is nothing I can do for you until ".asp" pages at least run.
As for the Free install... that is no problem. Of course you need to get the hosting company to fix the web before I can be of any help. There is more to that problem then permissions.
For starters I would make a simple ".asp" page with hardly anything it (even some simple html text is fine) and ask them why it is downloading instead of executing and to please fix things. ,
Timecard Entry: 3/25/2006 1:50:54 PM
Responded to Dial Up issue., general site design and research, Helping Anthony, met with river trail real estate, cc deposit, pull pd receipts, Unplug laptop, Dave decided to sit in NOC room, setup again upstairs. Find paper stored away in pile of my stuff that was made while I was gone yesterday., Enter bills, training on ASP auction site, Started review of weekly cancels, radlog, dial up issues, voicemail, phones, customer service, mailings, chow, Responded to some emails, prep for telergy, download, install and familiarize with FLASH 5 upgrade..., Crystal reports, had one call about billing. had one about email, 66902=66955, Many calls regarding dial up issues and e-mail problems, most was users computers not configured properly., Nortel CI Meeting, configure circuit installed at my house, tech support supervisor duties, qlight, callbacks of expired users , follow ups, emails, voice mail, radlog, new users and helped techs with there issues. and worked on a computer that came in, ask us ? new user callbacks, Mike Soulia re: email migration, Resolve minor customer issues, Boldt Castle - add new graphic for video on home page, worked on text file upload problems to both Access and SQL databases (programming, alliedcoop.com, programming), Emails and deleted old emails and virus, customer service, sign ups, info on PC bundle, receipts, Aswered email and VM assembled materials for coupon to go to AMf,
|
