Blog Entry: 3/25/2006 1:39:50 PM
Hello -
Believe it or not I finally can access the photogallery. You were right Chris regarding the unzipping of the files.
Now onto the next challenge! I have set up three categories and proceeded to create a test album. I uploaded a couple of pictures (yeah that worked!!!) but the album does not show up on the default.asp page under the category.
Please advise -
Rhona (rookie)  , Hi,
I only just purchased the product and I would be very keen to
a) is the upgrade available very soon as I don't want to spend the time developing one and than find the other released shortly &
b) would I only need to pay the difference for the upgrade or have I already downloaded the upgrade already.
I cant see what version I current have.
I look forward to your response. ripcurlsurf38138.816099537,
After you click the link in the confirmation e-mail you are directed to
the Thank you page. Right above is a sign in link. When I
click this I get that funky error message.
I am trying to integrate the scripts with the look of my
site, if that is what you mean by changing things around too
much. But, I don't think I have done anything out of the ordinary.
Cheers,
Roy
, Oh, I just remembered something..
It's been a while since I did this... :)
Nevermind what I said above as that is a different sort of "debug"
When you want to debug like your talking about find this section in the "web.config"
<compilation defaultLanguage="vb" debug="false" />
change it to this
<compilation defaultLanguage="vb" debug="true" />
When you run the code in a production environment change it back though
More Info
http://support.microsoft.com/default.aspx?scid=kb;EN-US;3061 56
, Actually quite well. I have this problem worked out and it
actually isn't to bad. But now I am getting some strange
error messages. I will start another post.
Cheers
Roy
, Hi,
I have just one quick question, I know this works with Paypal but does this work with Merchant Account?
How difficult it is to make it workable with Merchant account? I appreciate your answer.
Thanks.
, Well, thats not normal.
(it should work just like our online demo does)
Do you have everything turned on in the settings ?
Uploading needs to be enabled and you also have to pick a valid upload method. , That would be great.
I am sure you know that many virus that are sent via email have the same property. (double extension). The code can be executed even though Windows identifies them as simple text files etc.
Thanks again , I guess i am not being clear as to what i am trying to do. As far as the event thing... lets hold off on that for now. It seems Chris has answered my question and i am on my own for that one...
As far as the log in goes: I went to that site you mentioned;www.CafePress.com to see if they had what i was talking about. and they do. Notice on the bottom of the page it says "sign in to your account"
I want that option on my home page where users can sign in to go to their account. It will either take them to a page where they can update their info, or it will take them to a protected page. Pretty much instead of posting a link on the site to say... click here to go to members.aspx and have it return an "access denied" the user can enter their info from the main page and be automatically re-directed to that members.aspx page.
I know how the viewstate works and i also know what that returnURL thing does..pretty self-explanitory.
Hopefully that makes things easier. I just want a user to log in from the homepage and be redirected to either a protected page or their account page...
(as does that cafepress website) , This post unfortutely needs to be here because this application has been the biggest pain in the neck for me you could possibly imagine. This is not because of problems with the application, but because of people's general lack of knowlegde regarding ASP.NET. This post totally voices my stance on what sort of knowledge you need to have and also the fact that I am not going to support anything but general installation on a correctly and professionaly set up live server.
ASPProtect.NET is a great application but using ASP.NET requires a lot more basic knowledge than using classic ASP and there are a lot of basic low level ASP.NET things that need to be set up correctly for an application like ASPProtect.NET to run. These are things I do not cover because you should know the ASP.NET basics when using an application as complex as this. It's just that I don't have time to nor should I have to teach people the basics of ASP.NET. I don't charge nearly enough for ASPProtect.NET to offer that kind of support.
So, I will say it one more time. ASPProtect.NET is targeted towards experienced Visual Studio.NET developers that know how to work with Code Behind VB.NET and are familiar with basic ASP concepts such as IIS application settings, the .NET framework, the aspnet_client folder, and the basics of the web.config file. If you are using ASP.NET for whatever reason you need to know about these things. The best way is to get some good books and do set up ASP.NET on a local development machine so you can start learning.
If you are one of the ASP.NET challenged let me say this as well.
Stick with Classic ASP. ASP.NET is a step in the wrong direction for the average user which I like to refer to as "Joe Coder". Classic ASP is very powerful and easy to pick up. ASP.NET is not easy to pick up and never will be for a lot of people. In my opinion it’s actually the wrong technology to use for anyone other than big corporations who need extreme scalability in their applications or for the hobbyist or object oriented programmer who just wants to use the latest and greatest. Ask yourself if you really want to deal with compiling Code Behind code each time you make changes to your web site as opposed to just editing some files in notepad real quick like you can do with classic ASP ? Do you have the money to purchase and use Visual Studio.NET or are you going to struggle with compiling all your ASP.NET pages using a command line compiler and a batch file ? Yes, you can build ASP.NET code that isn't code behind but why even bother if that is the case because your missing the point of ASP.NET if you do that and missing out on a lot of powerful new features and concepts.
When I do custom projects for bigger clients I usually end up using ASP.NET because they want to go that way and understand the time and money involved. When I do any of my own projects I use Classic ASP because the truth is you can still make some rockin busy scalable web sites with Classic ASP just like you can still make great web sites with CGI, PP, Cold Fusion.. etc etc. Look around the web because a lot of the biggest sites out there still use those scripting technologies and their stuff runs very well. ASP.NET is a lot of hype and although some things about it are plain awesome it is an environment best suited for real object oriented programmers, not the weekend code warriors.
The other thing to keep in mind about classic ASP is the shear abundance of applications and scripts available for it. ASP.NET can be expensive for that reason alone as there still is a shortage of good time tested applications out there and what is out there is always priced a lot higher.
In addition to that half of the ASP.NET applications out there are just half baked poorly converted versions of their Classic ASP counterparts. Is that the kind of thing you want to sink twice the money into or would you rather have something that runs well and has been tweaked year after year into a rock solid product?
To make things worse a lot of the hosting companies out there offering ASP.NET hosting are severely limiting the basic abilities of ASP.NET because of various security concerns. This means if you go with a Host that does that 75% of the asp.net stuff out there won't run on the hosted server. Isn't that wonderful ?
Now, Let's make things even worse. So far every time Microsoft has released a new version of ASP.NET a lot of things from the previous version have stopped working and needed to be modified to work correctly. Is that really something you will have the time, resources, and energy to deal with.
You may ask "but is classic ASP going to be around 5 years from now?" Though you never really know until the new version of windows server ships I say "Hell Yes" it will be. According to my sources at Port80 Software who work very closely with the folks at Microsoft (as well as many other sources out there) it will almost certainly be in Longhorn which is the next version of Windows Server. Longhorn probably won't come out until 2007 and will be popular for 3-4 years after that. The version of windows server after that will most likely support Classic ASP as well and if it doesn't I am sure there will be a way to make ASP run on it. If you really look around a lot of hosting companies are still running Windows Server 2000 which is 5 years old at the moment. The bottom line is Classic ASP helped put Microsoft web technologies on the map. Microsoft can not simply drop it because if they do they give up a dominate market share to the scripting competition being PHP, CGI, Cold Fusion.. etc etc PHP for instance a huge installed base on many platforms which are essentially free. ASP.NET can not compete with that in any way and not supporting Classic ASP would put microsoft in a bad position.
Take it from me. If you are a weekend code warrior/script kiddie. You'll be a lot happier sticking with classic ASP. You will also have save a lot of money and you can still have great web sites. There are tons of great applications out there in ASP and ASP still is and always will be the easiest scripting language to work with and learn. Better yet look around on sites like www.4guysfromrolla.com and see if you actually understand any of the latest articles. If it looks like Greek to you that is yet another sign that you should stick to classic ASP.
Personally, I will be focusing just as much time and effort on ASP.NET as I will on Classic ASP in the years to come for a few reasons.
- Because I sell software I obviously need to convert/re-write most of my appIications to work with ASP.NET. My living may eventually depend on it.
- Because I love using the latest technologies I want to continue to develop using ASP.NET.
- Because I do many custom projects for various clients using ASP.NET is a must.
- Because in some cases using ASP.NET over classic ASP makes total sense.
Just don't fall for the HYPE folks. I am one of the few established developers out there that has a set of Balls and is willing to put the truth out there and see past the bullsh*t. If you go ASP.NET do it because you seriosuly think you need the power and scalabilty and money and time is not an issue or because you are a hobbiest and object oriented programmer who likes working with and has time to work with the latest and greatest web scripting technolgies out there. I truly believe that so far ASP.NET is as much a success as it is a failure. I am sure some of you out there know what I mean by that.
All this being said you should also realize that ASPProtect.NET is a little different than your average ASP.NET application because it uses a lot of advanced ASP.NET techniques and you essentially use it to password protect your existing scripts meaning you need to integrate your stuff with our stuff in a sense. If you just go buy some random ASP.NET application like a classifieds system or storefront it is probably just going to run on it's own an therefore will be a lot easier to set up and deal with.
Here are some links you folks should read as well.
http://rtfm.atrax.co.uk/infinitemonkeys/articles/asp/905.asp
http://www.itnewsgroups.net/group/microsoft.public.inetserve r.asp.general/topic2074.aspx
http://support.microsoft.com/default.aspx?scid=fh;%5Bln%5D;L ifeWin
Chris Willians
http://www.cjwsoft.com/about.asp , that information is actually not helpful in determining whether parent paths is enabled or not.
You should really ask your hosting company or better yet try doing a server side include to page one directory up and see if you get an error.
example
<!--#include file = "../myfile.asp"-->
cwilliams38302.6484259259, I checked the option pack code as well and it looks correct.
I tested it and it acted as it should.
You can see it in active at the live demo
http://www.aspprotect.com/demo3/demo.asp
admin
test
go the the admin area.. you will notice 3 users with level 4 access
1 of them is inactive
then go to the mass email area and pick active and level 4
it will say it is sending email to 2 users which is correct
then go to mass email again and pick level 4 and inactive
it will say it is sending email to 1 user which is correct
choose any status and access level 4 and it will send email to 3 users which is correct
When you do this please realize you can not choose a group as well.
That will cause a problem because you can not choose a group and an access level at the same time.
Anyway... perhaps you can private message or use the contact us form and and let me take a look at your system. Since I can't reproduce the behavior that is the only way we might figure this out. cwilliams38104.690787037, This is what "John Evans" of CJWSoft has to say on the matter...
"I think that’s pretty much impossible. If the server sees a .JPG or .JPEG extension why in the world would it go and try to read it or do anything with it.
I believe there may have been some issues with Outlook and Outlook express that made it look like a vbs script sent as an attachment was actually a JPG because someone found an exploit in those programs and it would appear as if double extension files were one thing when in fact they were not.
Having a real time virus scanner on the server (which any good host will) should also catch anything infected being built on the server drives as the file uploads. Always worked for me and I had a lot of people uploading ZIP files on winxptheme.com at one point. Many had viruses in them although I suspect it was totally innocent on the end users part. Some people didn’t even know they had a virus on their rig.
Fact is anything is possible but I think chances of getting a virus or being hacked in some way from this sort of upload are really slim."
cwilliams38447.0602083333, question 2 is answered best here
http://support.cjwsoft.com/code/code_info.asp?TID=319&KW =paypal
Ok, got it. Didn't know if there was something already set up for this that I was missing.
>>I should also mention that the paypals scenarios used in ASPProtect can not be tested using PayPal's sandbox.
Ok. Thanks.
>>Also test using two real PayPal accounts and on a live setup. (You'll allowed two paypal accounts) then you can log into the other and refund the transctions and of
course it makes sense to use low amount like 1 cent and what not.
Yeah, been messing around with
that. Got everything going except the return page which I can't
do until the site is live. 
>>Also, I'd love to see what you came up with with the
integration. I have been working on it here as well and took it in a
different direction as I plan to sell directions for it as an add-on
for aspprotect.
Ok. Will email you with a username and password for access to the site once it's live.
Sounds like a great add-on for ASPProtect!
Thanks!
Michelle
, Does emailing work under the simplest scenario ? (directly from the users screen)
Thats the way to test it..
All that error means is whatever reason the settings you have chosen are not working. It could be the server. It could be what you chosen. (and yes I realize your pop info from outlook should probably work with the settings you chose)
Whenever I do installs I often have to try 3-5 different emailing scenarios before I come across one that works.
Each time making some changes and sending out test emails from the users screen until I get somewhere. Often time getting a working example of how your Hosting Company wants you to send email from ASP is the info to get your hands on. (what method and settings)
In this case they may have blocked the usee of a remote server and want you to use some other settings for sending email from asp. A lot of times they put that info in their help system.
If I were you I would start by trying the other two CDOSYS options for starters, and then try the remote server option again but using "localhost" as the server, if none of those work consult your host for example code and settings to send email from asp. If you still have no luck I can help for sure.
Realize too when testing the emails may take a bit to arrive. A delay of sorts. Best to type in a quick note about which method you are trying in the email text. That way when you finally get one delivered you'll know which method worked. , Look in the "check_user_inc.asp" file..
You'll see the name of the cookie there and also get an idea how to access it.
In most versions it looks like this.
Request.Cookies("PASWORDSYSTEMCOOKIE")("COOKIE_USERNAME")
You'll want the cookie for the username because the session variable will not exist unless they have actually gone to a protected page during that session at the site.
It would probably be best the check for both the session and the cookie. That will make sure people logged in that arent using the cookie option still see the message you want to display.
Sorta like this..
GetUsername = ""
If Request.Cookies("PASWORDSYSTEMCOOKIE")("COOKIE_USERNAME") <> "" Then
GetUsername = Request.Cookies("PASWORDSYSTEMCOOKIE")("COOKIE_USERNAME")
Else If Session("Username") <> "" Then
GetUsername = Session("Username")
End If
Response.Write GetUsername cwilliams38298.9175, Access Database Password
By default all of the Access Databases we give out have a default password of "temp"
The Default username that and Access database uses is "Admin" but you should not be concerned with that except in your connection strings.
The default password for the Access Database can only be changed using Microsoft Access to do so. If you have security concerns it would make sense to change the password. The help system built into Microsoft Access best explains how to do that. cwilliams38403.6820833333, also.. every once in a while I get some nervous person concerned about security... and the pros and cons of having parent paths enabled.
etc etc etc
so let me add this bit of info..
I don’t know what your hosting company will say because it is an iffy topic and those that understand it have a hard time explaining it to someone who doesn't. Also usually the hosting company doesn't have a clue except they heard it was a security risk.
Here is the low down from someone that really understands it...
(well, at least I think I do)
The only real security risks are from YOU and possibly other people hosting on the same server if they have parent paths enabled that is.
Meaning your site visitors can't possibly do anything with it unless of course you let them upload and run their own asp files to the server.
Anyway.. if YOU run malicious asp scripts you could potentially attack other sites on the server and look at things you shouldn't. As could other sites on the same server do to you I suppose.
So, unless you plan on doing that or some other site admin on the server does it to you its not really a concern. Just an advantage in coding abilities.
If you attack someone elses site on the server or lurk where you shouldnt then you are probably violating your hosting agreement.
99% of the time everyone gets all nervous over nothing.. half the people nervous about this have sites nobody would ever want to hack anyway.
Many people with a really important/busy sites are going to have a dedicated server somewhere so the setting is not relevant..
The hosting companies of course have to warn you.
This setting was enabled by default for years on IIS4-IIS5. I never once heard one single real story about anyone attacking anything because of this setting. That doesn't mean it doesn't happen but I am just telling you what I know.
This is all my opinion so take it for what it is...
If you are a Hosting Company your better off turning it on at the customers request, giving them a warning about it, and in turn having happy customers.
The big hosting companies like Alentus and MaximumASP do it...
There are far worse things than this to let people do after all.
Beleive it or not I have actually been in servers where they gave the anonymous webserver acount modify permissions EVERYWHERE yet they disabled parent paths ???? cwilliams38391.6024189815, I down loaded your latest ASPProtect.NET_v1.4 and now when i try to get in the admin area it won't let me in. The admin box is selected in the database under the admin user and i can update my user information (password and Address, not username). Is there something that was changed on this version or is it more likely user error on my part? What do you think i should try first?, We have a site that currently runs ASPProtect and would like to install a second instance of it. The reason is that the current one is set up to manually authorize new users (it is for applying discounts to the Trade), but we want a second instance that will allow new users to register freely (this is for personalization).
Has anyone set up such a goofy scenario themselves? Is this even possible?
Thank you! , Ok i was wanting to know what the "if then" statement would be if i wanted to show xxx if your group is xxx.
I tried
<% If Session("Groups") = "1" then%>
<font size="2">TEXT HERE</font>
<%end if%>
But that did not seem to work. , hi,
Sounds like permissions.. the text file that the config file data is not being written to.
open the file "data/config/aspbanner_unlimited_config.asp" with a text editor and see if your values are getting saved.. if they are not its permissions to that folder and file as far as not saving config settings goes.
You may also want to check out "data/show_path_info.asp" which if run from the browser has info on manual/alternate setup scenarios.. as far as what directories you put things in and also editing the config file manually.
lastly make sure the filesystem object is not disabled by something like norton script blovking or something similar which can also cause trouble regarding writing to text files.
, humm, those are some very big images to be starting off with but I am not sure that would cause a problem under the importing scenario
what width are you having the system resize them to ?
What happens when you upload a image manually (one a t a time)
Also, try the import process out with some pictures no bigger than say 1024 and lets see what happens , Is there somthing I need to change in the settings to get the hit count to update?, After taking another look at this and trying your suggestions without success, it appears that in Windows 2003 server it is nearly impossible to remove the READ ONLY attribute from the _database folder. I'm wonder if this could the cause?
Thanks , Does ASPprotect support Paypal's Website Payments Pro option, where a user can use a credit card directly on a web site, without passing to paypal.com?
Nick , I already gave execute permissions to the stored procedures and that
cleared up the first error, but the second one I still can't figure out., one more problem I see...
I think your login box on the main page is missing the hidden form variable
http://support.cjwsoft.com/code/moreinfo169-1.htm, Honestly cannot comment much about v7 since it was just installed on a new server. We have been running 5.03 for years so I'm looking forward to the new features in v7.
Lance , Oh snap. Tried the blank database and got the same errors. Fixed THE
FILE PATHS to conform to the AspProtect 7 setup, and it worked like a
champ. I still need to copy and paste the info, but it's working just
fine with the ones I add manually.
Moral of the story: FOLLOW INSTRUCTIONS TO THE LETTER. 
, I would highly suggest setting up a DSN-LESS connection.
That system dsn is most likely the source of your trouble It is probably that or permissions are still not correct.
I can't tell you how many people have had trouble with system dsn's and finally set up a dsn-less connection and everything then worked as it should.
The location of your database is fine as long as permissions are truly set correctly like I mentioned.
Also, be sure you are setting the database type correctly in the dataconn_inc.asp file. That can cause problems as well as some people have been known to delete that line.
See my articles...
http://support.cjwsoft.com/code/moreinfo9-1.htm
http://support.cjwsoft.com/code/moreinfo136-1.htm
http://support.cjwsoft.com/code/code_info.asp?TID=40&KW= system+dsn , You can also try setting asphttp's user agent property to some browser version like in this example. It might stop that info from showing up when it fetches a page from the server.
<%
Dim BanObj1Http
Set BanObj1Http = Server.CreateObject("AspHTTP.Conn")
BanObj1Http.UserAgent = "Mozilla Compatible (MS IE 3.01 WinNT)"
BanObj1Http.Url = " http://banserver.powerasp.com/aspbanner/aspbanner_inc.asp?Ba nnerZone=1"
Response.Write BanObj1Http.GetURL
set BanObj1Http = nothing
%>
Also... I dont know if these values below will work but I got them from looking at my nt logs.
Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)
Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)
And here is more info on the asphttp component and it's settings.
http://www.serverobjects.com/comp/asphttp3.htm cwilliams38248.6481365741, No I didn't...
The one I tried is the hosted one at my provider which I gave you the link for.
Thanks very much.  I will get that one and it may be much easier if I need to get into the Nitty Gritty of the database at some time.
Thanks , It's MS Access, Version 7 (the Full one).
Anyway, I had inadvertently changed the user_id field type to "number". When I changed it back to "autonumber", everything went back to normal.
Thanks you very much for your quick reply and sorry to have bothered you. , I think this addresses your question
http://support.cjwsoft.com/code/moreinfo144-1.htm
, Have tried doing that but same error...
, When using this code:
<!------- ASPBanner Ad code ------------->
<script language="JavaScript"> var code = '';
var now = new Date();
var nIndex = now.getTime();
document.write('<s' + 'cript src=" http://www.poconocommuter.com/aspbanner/injectbanner.asp?Ban nerZone=6&nocache=' + nIndex + '">');
document.write('</' + 's' + 'cript>');
</script>
<script language="JavaScript">document.write(jscode);</script& gt;
<!--------- End ASPBanner Ad code --------------->
I receive an error that jscode is undefined. The banner will not display.
Any ideas how to fix this?
, Or at least I think so. I have been trying to get this software to work so I can see if it meets our needs for an upgrade purchare. Here is my error.
Microsoft JET Database Engine error '80040e10'
No value given for one or more required parameters.
/aspprotect/scripts/populate_config_variables_inc.asp, line 15
My provider says that the problem is NOT on there end, that it is a problem with the code. I think that it is a database connection problem. Can you please help. Below is my connection string based on what the setup page directed me to do:
ConnectionString = "data source=\\NAWINFS03\home\users\web\b1347\rh.957theride\asppro tect\data\database\ASPProtect_access2002.mdb; Provider=Microsoft.Jet.OLEDB.4.0;Jet OLEDB:Database Password=temp"
When I first set up the program I got this error:
Provider error '8000ffff'
Catastrophic failure
/aspprotect/scripts/populate_config_variables_inc.asp, line 11
Once again, the looked into it and said the permissions were fine and that the code was most likely bad. But then the errror changed to the one that I first listed. Which is the one I am currently getting.
BTW here is the page address
http://www.957theride.com/aspprotect/password_admin/get_me_i n.asp
Thank you! , all that docmunetation is online as well right here so you dont really need the chm file
http://support.cjwsoft.com/code/info24.htm
the chm format is a windows format that can only be viewed on windows pcs. I do not know why you can not see it. I would do reseach on viewing CHM files on whatever operating system and version you are running because perhaps you are using a mac or linux operating system which can not natively view chm files ?
, you do not run "check_user_inc.asp" by itself
Pages you protect include that file at the top.. when they someone goes to a protected page if not logged in a user then sees a login prompt..
after loggin in they see that same page as normal
its an automated process..
now, that being said if you really want to you a specify a page to be redirected to after the 1st login when you edit a users info. You can also redirect anyone anywhere like using a simple ASP redirect statement in your code.
Personally I feel that redirecting people all over the place is poor site design. ASP is all about dynamic code and ASPProtect is all about dynamically tailoring pages to the current logged in users... so why redirect people all over the place.. it justs complicates things because you still need to password protect the places you send them to.... which means twice the work and twice the confusion.
Also, here is a Version 6 thread about redirecting manually that still applies to version 7.
http://support.cjwsoft.com/code/moreinfo17-1.htm
,
Timecard Entry: 3/25/2006 1:39:50 PM
Receiving - NOC, email, voicemail, call backs, misc admin, Discuss changes to Cortland MLS site with Crispin, learn Visio chart tool, checked Netservers., work out schedule for conference in Boston, travel to wwti -50 with Seth Crimmins, phones still busy, Jim Brown- intested in training and set up/company store- cancel meeting for jan 5 , Working on internal management system for lead and development tracking, office work/email/meeting with emp's, return calls, follow up/ bundle.etc etc etc, TIIC DB Projects, Met with channel 7 regarding changes to the advertising for the next few months- worked on revision of commercials for future use, Email and Vm, Had Elaine call Ziplink. Nate pinged their CO DNS number and it timed out. Doug called and got new DNS number, called our customer, changed his settings, and he is squared away now., Filed extra tech manual sheets for Linda., Quarterly meeting... that everyone attended, learning some aspects of asp that i'm not familiar with, Answered another online issue, read and sent emails, Travel back to Watertown from Clayton., NB: customer support; E-Mail issues, taco salad at Skeemers, emerald billing questions and talked with Jackie on some accts, Tasks, CREG and GiSCO picnic, Uploading and scheduling tasks to run at night for autoresponder on wstarmls, niagaramls, house-now, cortlandmls, pull pd invoices, file web invoices, Answered tech related calls., design and layout discussion with Paul Currier (EveryDayDad.com),
| 
