Blog Entry: 3/25/2006 1:47:53 PM
Upgrade from V6 to v7.x with an MSSQL SERVER DATABASE
1st of all, backup your existing ASPProtect files and database before performing this upgrade. Please be really careful while performing this upgrade. Version 7.x is a highly advanced application compared to any previous versions. CJWSoft under no circumstances is responsible if you lose information or have website downtime.
BOTTOM LINE: (PERFORM THIS UPGRADE AT YOUR OWN RISK)
To do this upgrade you're going to need to have SQL Enterprise Manager and SQL Query Analyzer
That being said, on with the upgrade..
Open your SQL database in SQL Enterprise Manager
Regarding the following Tables
Rename "Users" to "ASPP_Users"
Rename "Groups" to "ASPP_Groups"
If you do not have a "Groups" table do not worry about it right now.
Now right click and DELETE the Config Table.
Yes, delete it..
Now, go into Design View for the "ASPP_Users" Table.
Rename the "Password" field to "Old_Password"
Be sure to spell it perfectly using the Underscore
If you have a "Groups" Field... leave it alone
If you do not have a "Groups" Field add one and make it a "nvarchar" field with a lengh of 255.
Now, we are going to add a few more new fields.
Add a field called "Redirection_URL" make it a "nvarchar" field with a lengh of 150.
Add a field called "PayPal_Subscriber_ID" make it a "nvarchar" field with a lengh of 100.
Add a field called "Newsletter" and make it a "bit" field
Add a field called "Password" and make it a "nvarchar" field with a lengh of 100.
Now close that window and save the changes..
Download these scripts.
2005-02-23_171110_aspprotect_v7_sql_upgrade_scripts.zip
Now open up SQL Query Analyzer
Connect to your SQL server.
Then load the script "aspprotect_v7_config_table.sql" into the Query Analyzer. Click the green play button at the top. If everything goes well the response should read something like this.
******************************************************
(1 row(s) affected)
******************************************************
Now, if you had a Groups Table your done with the database changes.
If you didnt have a groups table.
Then load the script "aspprotect_v7_groups_table.sql" into the Query Analyzer. Click the green play button at the top.
Now, go back to your database in Enterprise Manager and make sure all 3 tables are there and look ok. You might need to do a refresh or two to see them.
Now make sure an existing or new SQL user has (public / datareader / datawriter) permissions for all three tables. You reference this user in the asp code connection string so this user must be set up correctly. You may need your SQL server admins or hosting company to help you on this step as you may not have access to do this. You may not need to create a user and set permissions as the sql user you were logged in as to use query analyzer may by default get the correct permissions on anything you create.
Regardless, as you can see from this screenshot I have a SQL user called "aspprotectuser" and proceeded to set the permissions for that user. Under database access giving him (public,datareader, and datewriter permissions).
Now, you are done upgrading your SQL Server Database.
The existing passwords still have to be encrytped and moved from the "Old_Password" to the "Password" field
To that we have a special page we run in the application that will take care of that.
So, for now... go install the application, but using the database we just created.
Follow these instructions for the most part...
http://support.cjwsoft.com/forum/forum_posts.asp?TID=181& ; ;PN=1
When you get to the part where you finally get into the admin area and need to make an admin account you will notice that your existing user database is there but none of the users have passwords if you look at them in the edit screen.
That is normal. Simply do what the instructions say and create and admin account using a username that does not exist..
Then log off... then back in as that new admin account. If that works you are ready to convert the passwords.
This part is very easy.
You want to run a special page via the browser.
http://www.mysite.com/password_admin/convert_to_encrypted.asp
Replacing the part in blue with your website info.
Once you get the page running you will see a login prompt and one form field just like before with the "get_me_in.asp" page
You will need to paste the "PasswordEncryptionKey" value that you used in the "config_inc.asp" file in the form field and hit enter.
If all goes well you will see a page telling you to click here to encrypt the passwords and copy them over.
So do what it says... dont click more than once and wait.
Eventually it should say it is finished. So go log in to the admin area of the system using the new admin account.
Now edit some users but dont save... you want to see if the passwords are showing up. If they are the conversion worked. If you see nothing or a garbled mess it did not work and you made a mistake during this whole process.
If things went well backup and delete the conversion file below.
http://www.mysite.com/password_admin/convert_to_encrypted.asp
You do not need it anymore.
Once you are positive every thing is running smoothly and everyone's passwords are ok you can go in and delete the "Old_Password" field as well.
If things didnt go well.. try again from scratch and go slowly.
If they still dont go well get ahold of us for help.
We are here to help, but if you really want us to we can be hired to do the conversion. , Ok, so I checked to see if ASP is running on the server and it is. then I added code to the top of a page and this is what i can see when 'view Source' on the web browser:
<%@ LANGUAGE="VBSCRIPT" %>
<!-- Begin ASPProtect Code -->
<!-- Groups with access to this page. ( * Admins * ) -->
<% GROUPACCESS = "4" %>
<! #INCLUDE FILE="check_user_inc.asp">
<!-- End ASPProtect Code -->
<html>
<head>
<title>TeamManagers</title>
Yet I get no challenage for a password and no error message!
,
I am an experienced ASP developer. Can you tell me whether this would be a very involved process, or whether it is pretty straightforward? I don't yet have a merchant account, so I am not yet familiar with any aspect of accepting credit cards online.
Thanks. , The album ID thing is completely normal and by design. Once an ID in the database is used it can not be used again. That is how autonumber fields in a database work.
As far as not being able to delete images... Are you by chance using ASP.NET to show dynamic thumbnails... Because if you are you must turn that feature off and wait 20 minutes or so (maybe more) before you will be able to delete any of the images. It is because the current version of the ASP.NET script used to make the thumbnails locks the images on the server temporarily anytime it creates a thumbnail.
It is a known issue... and there is no fix at the moment other than what I told you above. cwilliams38324.744525463, here is a thread that may help you if this is what you were getting at
http://support.cjwsoft.com/code/moreinfo389-1.htm
, do you have the url path to the registration page set correctly in the settings cause not having it there would do that ? , Just installed software, when I attempt to log on I get the following error (actually this is after I moved some of the include files to user).
Active Server Pages error 'ASP 0131'
Disallowed Parent Path
/gallery_admin/default.asp, line 25
The Include file '../dataconn_inc.asp' cannot contain '..' to indicate the parent directory.
What do I need to do to fix?
thanks. , Thanks for your rapid responses, your support is excellent!
It may be best that I stick with html then. You mention that is stresses the Version 7 software, would the unlimited version perform any differently if I use multiple zones?
Also, if I do go with a single zone, would either program be able to make sure each banner is unique, or would there by duplicates for each page view?
Sorry to post so many questions in one day. , Really awesome, thanks..
If possible please be sure to respond to the email they send so the review ends up authenticated
, Where is the system getting the random user name and password, and why does it keep selecting the same user name and password every time?
, no, you cannot unless you plan to write a lot of custom code.
That is why the option pack has groups which eliminate the need to use access levels because groups can do everything access levels can and more.
There is an article here regarding that.
http://support.cjwsoft.com/forum/forum_posts.asp?TID=32& PN=1
cwilliams38303.5555439815, If you PM your site info and I can go in and troubleshoot. I have no more ideas. Usually people have zero issues installating this application as I got it pretty tweaked so I need to see what is going on in order to help., MSACCESS 2000
server: windows
option pack: yes (after the install I have this problems with groups and edit users )
host permissions: yes
MESSAGGE:
Active Server Pages error 'ASP0113' Script time out/password_admin/groups.asp The maximum amount of the time for a script to execute was exceeded. ...
vaghelis38300.5484143519, OK, thanks.
Nick , you have to check the session variables for groups a little differently.. info on that is here
http://support.cjwsoft.com/code/moreinfo198-1.htm
, Two things you can do to test..
make sure there is at least one ".log" file in that directory.. then if you go to the log file screen and it does not show up in the list the physical path you are using is just not correct
remember the physcial path must contain a drive letter (sometimes a network path starting with // is ok if they have it setup as a network drive)
the other thing you can do is use this script to try and write a simple text file in the directory
http://www.devasp.com/samples/writetofile.asp
That will show you if permissions are correct
, How can I make so it goes to certain webpages if user enters valid username and password??
I suppose user enters its information on check_user_inc.asp page, and username and password are stored on SQL database.
Thanks
, Because employees and sales reps might leave or go to work at competitors without our knowledge and we can't have them get an perm account so we need to implement some sort of expiry and then review their account with them., I really need more information.
Connection strings being used ?
How have permissions for the database folder been set ?
etc etc the more specific the better
You also may want to download ASPTest from our main site and see if you can get that running.
I would suspect your problem relates to the databases having a password set on them. Probably the ones you connected to didn't. It complicates setting up a connection correctly (especially a dsn) but there is a good reason for it as it adds a little extra security.
And of course my detailed article on the error.
http://support.cjwsoft.com/forum/forum_posts.asp?TID=27& PN=1
, Having a quality professionally set up ASP.NET server that is going to support your needs is CRITICAL whether it is yours or someone elses. Them saying they will not set permissions is useless. Quite honestly Network Solutions is a joke when it comes to ASP.NET hosting. They are all about CHEAP MASS HOSTING and that is not where you go when you plan on running complex ASP.NET applications. What good is ASP.NET hosting if you can not permissions set on folders you need it for? A lot of people run ASPProtect.NET and their hosts set permissions for them without issue. We made one folder that they could click on and set all permissions at once easily. If they truly knew anything they would understand that and set permissions for you in a heartbeart. You have to have a correctly set up server or a hosting company that is serious about your ASP hosting needs.
I mean you come to us with this mess of a situation, we tell you its a bad setup. We tell you to rebuild the server correctly or make a new one. Now instead of doing that you come to us with another mess of a situation. Now you act all frustrated because you have spent so much time on this. How the heck do you think we learned everything we know ? Do you think we have never spent weeks on a problem or stayed up for 4 nights in a row without sleep. That is how you learn and it is called experience. I have no sympathy for someone that complains about how long something took because I am right there with the best of them and I have paid my dues.
Have you by chance read all of this thread below because despite what you keep telling me you are totally falling into this category.
http://support.cjwsoft.com/code/moreinfo234-1.htm
Granted you may not be "Joe Coder" but you are definetly "that guy" who doesn't really know what is going on with ASP.NET. "that guy" who sets up his own server and knows enough to be dangerous. You definetly have enough sense/basic skills to dig around and read articles and try things but when you are on the wrong track that only helps out so much.
Also: I really was pretty tired when I got home last night, but now that I really think about what you did with that webserver/domain controller is about the worst moves possible when it comes to IIS hosting setups.. That is just SO BAD !! Now, don't think that I haven't done some REAL stupid things in the past. John too, like the time 5 or so years back when thought he could make a Windows XP Pro webserver for serious non development use . Anyway, that is how you learn. I suggest you get your server running correctly (not a domain controller) or you get a real host like www.alentus.com for your asp hosting needs. I mean you can get an account for like 10.00 a month and end all these headaches right now. I even know one of the head techs there as well as the general manager. Their ASP and ASP.NET support is 2nd to none.
You may not like what I have to say, (hell, I can pretty much guarantee you won't) but I tell it like it is and in the long run you will be better off for it.. We spent a ton of time developing the .NET version of this product and we sell it way less than it is worth especially since we provide source code. It is an awesome product, but if the server isn't truly and correctly supporting ASP.NET or they host will not set permissions than it is out of our hands. As far as I am concerned anything else is a waste of everyone's time. I am not going to play that game. Quite frankly, you need to get your stuff together. Nothing you have come up with so far has anything to do with a bug with ASPProtect.NET. Everything has been server related.
QUALITY HOSTING !!!
PROFESSIONALY AND CORRECTLY SET UP SERVER !!!
THERE IS NO SUBSTITUTE !!! , Thanks
It wasn't a complaint. I just bought it last night and installed it today. But, I must have missed the part about requiring Enterprise Manager for installing it on SQL.
If you want it the link to the Web Based SQL Manager is : http://www.aspenterprisemanager.com/ which is free and the Trialware that I tried is EMS SQL Manager.
Maybe that will help a little in not requiring that people have an MS SQL license to access their hosted MS SQL to install the software.
Thanks
, There is nothing built in to the system but it is very doable.
However, you need to be a decent asp coder because your going to have to write some code.
Basically you would want to do a check on the screen where a user uploads to count how many pictures they have uploaded.
Then act accordinly and either let them or dont let them proceed.
On a side note the overall filesize limit of the total of all pictures a user can upload can be set when you edit a user.
, ok, that probably means the physical path you have set for the logfile directory (in the admin settings area) is not correc t
the error pretty much means just what it says
, ERROR [HY000] [Microsoft][ODBC Microsoft Access Driver] Operation must use an updateable query.
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.
Exception Details: Microsoft.Data.Odbc.OdbcException: ERROR [HY000] [Microsoft][ODBC Microsoft Access Driver] Operation must use an updateable query.
Source Error:
An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below. |
Stack Trace:
[OdbcException: ERROR [HY000] [Microsoft][ODBC Microsoft Access Driver] Operation must use an updateable query.]
Microsoft.Data.Odbc.OdbcConnection.HandleError(IntPtr hHandle, SQL_HANDLE hType, RETCODE retcode) +27
Microsoft.Data.Odbc.OdbcCommand.ExecuteReaderObject(CommandB ehavior behavior, String method) +838
Microsoft.Data.Odbc.OdbcCommand.ExecuteNonQuery() +80
aspprotectnet.aspprotectlogin.Login_Click(Object sender, EventArgs e) +2284
System.Web.UI.WebControls.Button.OnClick(EventArgs e) +108
System.Web.UI.WebControls.Button.System.Web.UI.IPostBackEven tHandler.RaisePostBackEvent(String eventArgument) +57
System.Web.UI.Page.RaisePostBackEvent(IPostBackEventHandler sourceControl, String eventArgument) +18
System.Web.UI.Page.RaisePostBackEvent(NameValueCollection postData) +33
System.Web.UI.Page.ProcessRequestMain() +1292
|
Version Information: Microsoft .NET Framework Version:1.1.4322.2300; ASP.NET Version:1.1.4322.2300
I am getting this error message when trying to log in as admin or registering a new user. I am using Windows Server 2003 and it is a DOMAIN CONTROLLER.
I have read that there is NO ASPNET account for a domain controller. In its place is the IIS_WPG account. I have given this account and the IUSR account FULL CONTROL.
STILL GETTING AN ERROR. ANY SUGGESTIONS??? , Glad your getting the hang of it.
no difference as far as that goes. It is just different ways to reference the server side include file and it's location on the server cwilliams38457.6019675926, It is most likely because they have something running like Norton Ad Blocker.
Or something of that nature that blocks anything with certain words in it like "ad"
They are running something that is doing it.cwilliams38450.0079282407, If you would like me to, I also have no problem going into your machine real quick via remote access and setting permissions / putting the right connecting string in there for you.
I need to go in as an administator though to set the permissions.
, ASPProtect version 6 does not officially support any sort of redirection or is it a feature.
You can however do redirection after login with some basic ASP if-else statements and ASP redirects. Basically you check the session variables after successful login and send users where based on that info. You of course also need to protect any pages you send users to and make sure any people that aren't supposed to go there do not go there directly and bypass your security.
I highly frown on Redirecting during login (In my opinion it is poor site design and it defeats the purpose of dynamic web pages, there is seldom a good reason to even need to do it if you design your site well) but you can check out this thread which should give you lots of good information.
http://support.cjwsoft.com/code/code_info.asp?TID=17&KW= redirect, Parent paths being enabled on the server is a requirement of the application. That error means just what it says.
you can change all the server side includes to virtual includes that will work or you can ask you host to enable parent paths.. those are the options
more here...
http://support.cjwsoft.com/code/moreinfo5-1.htm
, Weird things happening, when I upload using the vb method the image fails and error is that the image was empty.
Utilizing ASPUpload and after clicking upload file I get a blank screen, no preview, no nothing (it loads with the proper header/footer) but a completely blank body.
Any hints? , when did you puchase/download the application? you may have old code., IT worked just as cwilliams said. I did see the IP address being stored in the table but it didn't dawn on me that it was tied in to the view count, I tried it from a different IP address and it worked great .
Good coding Christopher
Thanks
John , I just started using ASPJpeg, and i used the
"generate_new_thumbnails.asp" to create new thumbs of all of the
existing albums. It generates the thumbs just fine, but they
don't get picked up by the "Randomly Selected Photo" section. If
I upload new pics, they will show up in the random photo area.
So, it reads the new upload thumbs, but not the newly generated ones using your .asp page.
Is there anything I can do?
, Thanks for the install. After many hours I finally got part of the
system working. I can log in and log out as a user. My problem is I
want the pages
accesses by Members ONly. The database will contain the names of
the members and only they are allowed access, and no one else. I
tried Joe Blow to log in and it worked, the only thing is Joe was not
in the database and he should have been locked out and a page come us
saying something like "you are not a registered user, please complete
the membership application" and then link back to the root web,
application page.
I am also afraid of breaking the codes you provided thus far. I also
want the password protected pages in a sub-web of the root web.
This may sound like elementary stuff, but this newbie is having
constant trouble. I am also referencing books on ASP and Access
and VB and still come up with a dead end. Search the net and come up
with a few codes which are described as something I am looking for, but
dont want to add any thing like that for fear of breaking the whole
thing.
Any suggestions?
, Actually, as far the "aspprotectnet.dll" file goes it makes sense because of the following.
The "aspprotectlicense.dll" is something we do not provide the source code for. We also do not compile it in "debug" mode because you not want dll's running in "debug" mode in a production environment and we also do not want that dll in debug mode because of reverse engineering reasons.
Now, that being said that DLL is no different than any other 3rd party dll "so to speak" that you would use in a project. Many of which will not be in debug mode and you will also not have the source for.
"Microsoft.Data.Odbc.dll" being an example
Regardless, there must be a way to do what your trying to do. I am just not sure at the moment. It is nothing anyone has brought up before and I personally have never had any issues like that when I work on the application so I am just not sure.
It probably has something to do with the way you set up your project., I didn't know about it. I will try to check it out some more this week.
, who knows, thanks for your input, I am further than I was when I started talking to you!, That's exactly what it was.
The site owner couldn't see their own ads because Norton was blocking anything with the word ad in it.
On another note: I changed the word 'ad' to 'listing' and got it to show even with Norton.
, It appears there is an auto logout after inactivity for a period of time. How does one change the default time allowed for inactivity?
thx , That was wrong of me but not what I meant. It seems as soon as I purchase something like this it doesn't work right and it can't be altered to work with what I have. The support ends up sucking or being none. Listen I’ve gone thru you're product and it's wonderful and does exactly what you say it does so that's a relief. Sorry about my ignorance with .NET but I’m from an ASP world and it's a lot different. You can see what I’m trying to protect here http://www.hotmixxent.com:8087/default.aspx. The final site after testing will be http://mxais.sfmx.org/default.aspx. Again thanks for the support on Christmas Sunday, that’s defiantly beyond the call and I appreciate it a lot. ,
Timecard Entry: 3/25/2006 1:47:53 PM
Working on hold music for new phone system (Per Kris Allen/Ron Dillon), Travel to Vermont Internet, answered phone; covered for Penny's lunch; folded marketing letter, Entered bills, read and sent emails, Personal time - day off , 105 Miles - Massena - Sackets Harbor, Working on pocket Real Estate SoftMLS export file specifications, Answered business support calls., Looking over Jeff-Lewis BOR contract to see if they're entitled to what Lance claims. Seems to be true. Going to have to talk to Tim/George., submit timecards, General TS Overnight duties... cleaned and emptied trash., Trunk Forecast, TIIC DB website redesign., Printed some timecards, EveryDayDad.com, email/voicemail
, researching design book clubs to join, daily reports, approved timecards, Entered all the deposit up to 2/18 and helped Cathy sent details to Jackie, more callbacks. did a ask us a question, Looking for init strings for USR's, and trying to figure out how to automate the process of monitoring the connect-fail status of the Totol Controls., Ogdensburg.org - On phone - Fixing errors in their events calendar. Reseting permissions of database folder, fixed disappearing days in calendar., generating new report for Jim, Working on phone calls... had some time working on a customers computer... wouldnt work, had BillF look at it when he came in later on., lunch, email, voicemail, troubleshooting of T1 link from CREG to TICC, Not much happened... couple calls early on, and vacummed and took out the trash later on. Kept up a computer with emonitor on it and the volume turned on this time., finished up linking and coding for Footwear page on Hacketts site... also had to set permissions on some folders in order to enable the upload component (hackettsonline.com, billable),
|
