Is it actually possible, with your product, to password-protect the folder that has the actual database without having to require customers browsing the listings to enter a password, or will password-protecting the database folder prevent customers from browsing the classifeds listings?

again I will ask you what is the real error??

see the link above when I asked you the 1st time.
(I need the error details and line number.. etc etc)

and what kind of a server are you trying to run it on ?
you mention xp pro but in a confusing way ?

Hi,  Its just a generic error that really doesn't mean much of anything except that something wrong with your data connection.

http://support.cjwsoft.com/code/moreinfo27-1.htm

could be invalid permissions on the database folder... could be any number of things

when setting up your connection I suggest going dsn-less.
http://support.cjwsoft.com/code/moreinfo9-1.htm

It is better/faster and also a lot easier to set up.

I'm having an issue importing. It moves the images from the /import folder and creates the thumbnails with no problem, but the full-size photos all have a size of 0 bytes.

http://www.larrysampas.com/gallery2/default.asp?CatLevel=2&a mp;Cat1_ID=1

I have a solution for asp already but thanks anyway. Is there a good book or other learning tool I can purchase that you might know about? I would know where to start about how create a timed subscription in .NET.

I am successfully using ASP protect on our site. I have one question:

The file Check_user_inc.asp looks a bit bland as I can't seem to use the sites Dreamweaver template. If I apply a template to this page, it is duplicated on other pages with this template.

How can I apply a template to this page?

Thanks

Clark

Chris, that fixed it.  Found 2-references to guestbook2 in the file show_messages_inc.asp located in the \guestbook\ directory.

Suggestion for future release.  Create an option to email the admin when a message is posted.  If this code already exists please advise.

Thanks, Lance

IMPORTANT UPDATE - READ THIS
http://support.cjwsoft.com/forum/forum_posts.asp?TID=205& ;PN=1


The IPN Subscription Pack which is built in to ASPProtect 7 contains all the pre-built scripts you need to implement PayPal IPN Subscriptions with ASPProtect. IPN stands for (Instant Payment Notification). It allows you to set up scripts on your server so whenever a PayPal payment is processed the PayPal server sends info to your server regarding the transaction and vice versa. This is a fully automated process and allows you to charge users for access by the month or however long you like.

The Subscription feature of PayPal handles recurring billing automatically. The PayPal server will communicate with the ASPProtect system and keep everything up to date with users and their subscriptions.

This Support Pack basically gives you an additional signup and registration directory "paypal_sub_signup" and it should not interfere with any changes or customizations you have made to your ASPProtect setup. New users can register in this directory and sign up for a subscription at the same time. Existing users whether active or expired can be sent to this directory where they can lookup their account and start a subscription. You can also assign various Access and Group Levels during signup and you can set up various prices for various amounts of time as well. This is a real-time setup for the most part. As soon as a user pays via PayPal your system is updated and they will have access.

To use this all you need to do in ASPProtect 7 is enter your PayPal account name into the settings screen. It will be an email address. You'll need a business or premier account with PayPal and you will need log into your PayPal account and turn on IPN in you profile. They make you enter a default IPN URL. We do not use that so if you already have something there leave it there. If you dont have something there you can type in any the full url to any page on your server. It's probably best to send it to an empty ".asp" page or something.

Changing Payment Options

In the "paypal1.asp" file there are some sample payment options set up.

They look like this and you can have as many as you like.

<!-- Begin Payment Option Code -->
<form action="https://www.paypal.com/cgi-bin/webscr" method="post" target="_blank">

<% Label = "Membership (1 Month) $9.99 Recurring" %>
<!-- Begin Form Fields You Can Edit.. See PayPal Subscription Manual For Details -->
<input type="hidden" name="no_shipping" value="1">
<input type="hidden" name="no_note" value="1">
<input type="hidden" name="a3" value="9.99">
<input type="hidden" name="p3" value="1">
<input type="hidden" name="t3" value="M">
<input type="hidden" name="src" value="1">
<input type="hidden" name="sra" value="1">
<!-- Field Below must have 2 commas First two values are optional (access level,groups,user ID)-->
<input type="hidden" name="custom" value=",,<% =User_ID %>">
<!-- End Form Fields You Can Edit.. See PayPal Subscription Manual For Details -->

<!--#INCLUDE FILE="form_data_inc.asp"-->
<input type="image" src="https://www.paypal.com/images/x-click-but20.gif" border="0" name="submit" alt="Make payments with PayPal - it's fast, free and secure!">

</form>
<hr>
<!-- End Payment Option Code -->
 

To really understand what these form values mean it is best to look through the PayPal Subscriptions Manual which is a PDF file you can get from the PayPal Site.

This link was valid the last I checked...
Subscriptions and Recurring Payments Manual

It also may be helpful to use their wizard to create some subscription buttons with different settings and then look at the code generated.

Bascially these are the important ones..

a3 - amount to billed each recurrence t3 - time period (D=days, W=weeks, M=months, Y=years) p3 - number of time periods between each recurrence

The custom field is something we are using to send info from ASPProtect to PayPal.
it allows you to set the access_level or groups access (groups support require the ASPProtect Option Pack)

<input type="hidden" name="custom" value=",,<% =User_ID %>">

or this example where we are setting the access_level to (2) and also giving the user access to groups (3 and 4)

<input type="hidden" name="custom" value="2,*3*4*,<% =User_ID %>">

Here is how it works.
The value setting (red) is essentially and array that can be made up 3 elements separated by comma's

access_level,groups,User_ID

If you do not want to set the access_level or groups access.. then you don't even need to edit the setting.

Values must be separated by a comma even if there is no value and there can be no spaces.  If you didn't want to set an access level or groups there would still be 2 commas at the beginning.  etc etc
Basically there must always be 2 commas but you only have to set last values which is the User_ID from the ASPProtect system.

The 1st value is the access level you want to user assigned to.
The 2nd option is the groups you want the user assigned to. (requires option pack)
The 3rd option is the User_ID which the system takes care of. Do not edit this option. Leave it as <% =User_ID %>
 

Hi-

Thanks for the quick response to my previous posts.

This is my issue:

I have read over all the docs and installation instructions and can't find a way to do this:

my default page in my root dir will be a log in page which will take the user once his level is validated to a "home page". Is there a page in your examples that will perform the function of this log in page? or should I rename check_user_inc.asp as the default and change it's html output to make it look like my log in page?

I also looked within the code for check_user_inc.asp and did not see where to specify where the user will go once he signs in.

Your help is appreciated

If you run asplistings auto in its own folder with its own application in IIS. Connected to its own database.

And you run your other version of ASPListiings in its own folder with its own application in IIS. Connected to its own database.

You will have zero major changes to make to anything... other than what you did above..

But remember theyare the same app and share a lot of thing including sessions and application variables.. that is why if they are installed in the same domain each one needs its own application set in the IIS console so they run seperately of one another.

The application automatically generates all the code for you for each method of calling banners. It does this on the zones screen.

If you are using flash it also possible that the actualy flash file is what is causing things to slow up.

It really all depends... it could also be server resource related

using sql server or access.. ? etc etc

all important details

Post a request in the "custom code work" forum.
Perhaps another customer will want to do the work or help you out with some code.

I am just too busy to do any custom work for quite a while.

also.. every once in a while I get some nervous person concerned about security... and the pros and cons of having parent paths enabled.

etc etc etc

so let me add this bit of info..

I don’t know what your hosting company will say because it is an iffy topic and those that understand it have a hard time explaining it to someone who doesn't. Also usually the hosting company doesn't have a clue except they heard it was a security risk.

Hello,

Sorry
No, there is not.

not the way the code ships.. The program keeps tracks of everything by the way it ranames files. The system has been tested to work well with as many as 10,000 images files. Any more than that and you need something a little more serious meant for that amount of images.

You could certainly modify it do work that way if you are good with source code. There are actually as many drawbacks as doing doing it that way as there are advantages.
Take Care

I have an asp page that includes other asp pages via an include.  for example:

snippet code: file name: collaboration.asp

 <table bgcolor="#bed1e4" border="0" cellspacing="0" cellpadding="10" marginwidth="0" marginheight="0" leftmargin="0" topmargin="0"> 
    <tr>
    <td>     
     <!--#include file="../../../filetransfer/directory_listing2.asp" -->
    <BR><BR>
     <!--#include file="../../../filetransfer/upload.asp" -->
    </td></tr>
   </table>

I can add the code below to collaboration.asp and it seems to work,but I cant seem to figure out how to protect the other files such as upload.asp at the same time. -- can you help?  - Note: as soon as I add the code below (and adjust the path) - I cant bring up the page.

This is the protection code I am using.

<!--#INCLUDE FILE="../../../../aspprotect/check_user_inc.asp"-->

Shirely

Banners no longer show up on my site ?

If banners were working fine and now they are just not showing up.
1st check to see that you are calling a valid zone with live banners in it.
If you are then most likely this it what hapened.

The web server must have crashed or lost power and now the application variables are in limbo/not working.

I have seen this happen a few times.

Basically the application variable system gets messed up because it was not shut down properlly.

The way to cure it are as follows.

Edit and save a banner in the system. Hopefully that gets things going again.

Hello,

Again, enspecified error are not very helpful.
An error usually tells you at least a line number and page or something.

Please read this as it might help do tell me more.
http://support.cjwsoft.com/forum/forum_posts.asp?TID=11& PN=1

As for only happening once in a while. It could be a lot of things.

Version being used (when did you purchase.. what name/email was it under and I can look) ?
What banner method being used?
Access or MSSQL ?
How busy the site is ?
Server Resources ?

I would check out this article for starters... aspprotect is very similar to asp photo gallery and so are a lot of the page names.

http://support.cjwsoft.com/forum/forum_posts.asp?TID=49& PN=1

Jeromy, You should have access to that page.

Well, thats not normal.
(it should work just like our online demo does)

Do you have everything turned on in the settings ?

Uploading needs to be enabled and you also have to pick a valid upload method.

and the permissions, how exactly were they set ?
I find a lot of customers think they are setting permissions correctly when they really are not. That's why I wrote that long article on the subject.

As you probably know a data connection is a very low level thing. It is the foundation of any ASP application that communicates with a database. Unfortunatly it sometimes takes a while to get the hang of setting them up without issue.

Everything must be perfect.. the ODBC drivers must be up to date, folder permission are critical, sometimes you must use a new version of the access database.. etc etc etc  The errors and things that happen when all these things are not perfect and not helpful as you have found out.

I would suggest you download and get ASPTest from CJWSoft running before you go any further. It is designed to be as simple as possible and helps get a hang of the database setup process.

Thanks, I really appreciate you working on this. The software works GREAT and the support you give can't be beat. I will definately tell other that are looking for software for their sites to check your first.

one more question.

To use the bulk upload feature of aspuload, do I just need to add another upload section to the same upload page, that will allow more than one file to be selected then tell it to put the files in as Photo 1, 2, 3 etc.? I am a rookie at ASP but I think this is possible and with a little research I should be able to get it going.

Just want to make sure I am on the right track.

Thanks

(User Search & Contact Mod) for ASPProtect Version 7.x

This will allow an individual user to search for other users as well as email or call them.

Notes: This is a down and dirty mod. The users page from the admin area was used as a starting point. I then edited it up real quick to be used as a user search. The way it is it shows the user email as a regular email link. If you want to set it up so emailing is done from the application and emails are not actually shown you will have to do some extra work. If you don't want phone numbers shown you will have to remove that column which is not very difficult.

Directions:
Back up your existing ASPProtect installation.

copy "search.asp" into your "users" folder

2006-03-10_143253_User_Search_Contact_Mod.zip

Direct your users there. They will have to be logged in to view the page.

WARNING: This has not been extensively tested for SQL Injection attacks.
I think it is perfectly fine the way it is by looking it over quickly, but use it at your own risk.

The only major usability issue I've found to date is multi-zone banners. Cloning is helpful to a point, but then if you have a change to that banner, you have to make the change 6 times or what have you. I think, even at the expense of speed, multi-zone capability for a single banner would be excellent addition. Of course, that supposes I haven't just missed it and it's already there.

[QUOTE=cwilliams]
something weird is going on
[/QUOTE]

Yeah that's my impression too. I've done a lot of searching before posting this problem, but haven't solved it. Maybe it has to do with the sql-server/hotel?

Though I have compared carefully what goes on (and it should all be good) it could still be the problem? I have now made it work on a local msde sql server too..

(Password_Email_Confirmation_Mod) for ASPProtect Version 7.x

This will change the basic registration pages so that the email address and password entered must be confirmed when signing up. This eliminates the auto generated password during signup.

Some may prefer it working this way.

Directions:
Back up your existing ASPProtect installation.

Copy the two new files into your "users" folder

"register.asp"
"add_new_account.asp"

2005-12-01_182201_Password_Email_Confirmation_Mod.zip

When using the ASPProtect admin panel. My firewall software is going crazy or Blocking it on the Mass E-Mail, Newsletter, and other pages.

Here are some of the messages:

[Unauthorized Access Attempt] This signatures detects an attempt by a web server to deliver a malicious HTML page to a browser client, in an

[Suspicious Activity] This signature detects HTML documents attempting to spoof a link destination in the browser's status bar.

I am using Black Ice...

Will users also get this kind of activity from the pages ??? Or is it only because of using the Admin Interface of the software ???

Thanks

The Read-only attribute i was referring to is at the windows explorer level when looking at the folder properties under the general tab. 

ASPNET and IUSR have full access to the _database folder as you suggested - Yet still I get the permission error noted above.