I know what is happening.. its the old single quote thing messing up the query string..
but it shouldnt be happening with the newer code as I fixed it.

If you like I can go in and reproduce/fix the issue. I can not think of any other way I can help you as other users have not reported the issue.

Chances are if it is happening in one situation it will happen again in the future.. it really all depends on the passwords being used and your encyrption key... other passwords may produce the issue even if the password is correct

basically once the password gets encrypted it by chance has a single quote in it... then it messes up the query

I take care of the situation by replacing the single quote with a double quote but it looks like you found a situation where that didn't work out

Is there a possibility to build in a option that the administrator will be notifed when a banner expired.

Greetings:

I am doing the initial set-up and have run into a problem. Everything has gone smoothly up to and including pulling up the get_me_in.asp page. When I enter the "PasswordEncryptionKey", nothing happens. The page just sits there without doing anything and the browser says it's opening the page, but never does. I have tried entering the value with and without the double-quotes. The value is the correct one from the config_inc.asp file. I did a copy paste from the file twice to insure I transferred it correctly.

I am running Windows 2000 server.

What now?

Warren

Hi, I am glad you like the system.
Thx for the comments..

The banner logic in aspbanner it tweaked for speed and performance.. that sort of thing really wouldn't fit into the current code structure very well. It would slow things down and be a nightmare to code because of the way aspbanner uses ultra fast application variables for the banner rotation. Basically its a feature I didnt incorporate for performance and pricing reasons.

I would suggest making different zones for different conditions.. then surrounding the banner calling code with if else logic so a different baner zone was called under certain conditions.

That way performance would not be effected and you could actually show a different group of banners based on certain conditions.

Sorry, but that is the best advice I can offer at this time.

I built ASPBanner for performance and at this time I refuse to sacrifice that for any feature that will slow it down and consume more resources.

I'll give it a shot loading it on the laptop and publishing it, if it doesn't work I'll let you know and you can take a look at it tomorrow afternoon.  Thanks for all the help tonight...

Good luck pouring that concrete!

Turn off "Show Friendly HTTP error messages"
If you are getting errors with your ASP application go to Internet Explorer and make sure this setting is unchecked. Having this checked can cause a generic error to be displayed in you web browser when ASP code encounters an error. This generic error message doesn't really help you fix the problem. Having this setting unchecked will usually result in a more detailed error message and the line number the error is occurring at, thus giving you a good clue as to where the problem is within the ASP code. If detailed ASP error messages have been disabled at the server level this setting will make no difference.

that wont work the way you did it because groups are not stored like like.

groups are stored "*1*"
or "*1*,*9,*"

so if you test for them you must do so using the InStr function of vbscript

example:

If InStr(Session("Groups"),"*1*") Then
    ' do whatever
End If

also.. as for the session variable
it should be    Session("Groups")

And in Version 6.... (its all ready to go in version 7) that session variable must be saved in the check_user_inc.asp file near where all the others are saved. If it is not there by default "I dont remember if it is or not" you have to add it like so near where all the others are saved

Session("Groups") = CmdCheckUser("Groups")

If you are wondering if it is being saved correctly you can always response.write out the Session("Groups") to see if it holds a value

Below is the email I received when testing the self-registration. Does anyone know what setting I configured incorrectly?

I received the email to confirm the registration but the link to activate is invalied.

Thanks!

Your registration still has to be validated.
Go to
?u=bubbaj&v=4579
to verify your registration.

Nobody ever asked me, so i guess npegley sorted it.

The solution is indeed a single line added to your button form code ..

eg :

<input type='hidden' name='return' value='http://www.your-return-url/here.asp'>

This will overwrite any settings you have in your paypal preferences.

I posted this reply for anyone stumbling on here with the same problem. Hope it helps. :)

Dave.

Hello,

1.)

I dont really have any ideas about the japanese characters. I also don't have any ideas about changing settings in the database. Your going to have to do some research on all of that.

Perhaps try pasting the text into a text document 1st.. then copy/paste them into the application. Perhaps that will eliminate any unseen weird characters. I do it sometimes when pasting things from word to my html editors and it works great.


2.)

I dont/cant support custimization to the code but here are some tips to get you started.

edit "items_inc.asp" carefully with a text editor
(back it up before you begin so you can revert back)

change this anywhere you see it

?SORTBY=Name

to

?SORTBY=Name+Asc

or

?SORTBY=Name+Desc

Expiriment to see which gives you the desired sorting.
Do the same process for the price.
The + Sign just passes a "space" back to the page in the proper format if you are wondering.

3.)

The items for page setting is easy. Just go to the settings page when logged in as the admin. Edit this field.   "ResultPageSize"

sure and thats probably what you should do... that pure asp upload thing must not be able to handle the size of your import file... another thing which can very .. also some versions of IIS require registry changes to upload bigger files via asp code alone

No rush, I have it out on the internet, but have not gone live with the site yet.

Thanks for responding,

Enjoy your well deserved break

Hi Chris,

Thanks for the answer. No, I am not using Paypal since these are employees and sales reps. I guess i'm on my own on this one. :)

Thanks
Sylvain

I am using cdont to send email. what do i have to do send email to other display my full name instead  of email address. In other word I want to see first name last name  in their email client instead of email address.

thanks for your help

Can I have the logon be in a top frame while having the protected pages displayed in a main frame?

Using frames with forms based authentication is not the best thing to be doing. Your much better off not using frames and using includes files to do a virtual frames sort of thing (search google) but if you are going to use frames I would suggest password protecting the frameset page as well as any pages it contains.

If you want to have a login form in a non protected top frame all the time.. that posts to a lower frame that is password protected.. you would do this
http://support.cjwsoft.com/code/moreinfo169-1.htm
but change the target of the form to one of your frames

personally though I think that would be a somewhat goofy setup to have going on


Also, how will it behave if a user moves in between a protected page to a public page and back to the protected page again?

As long as they have cookies enabled which is required for session variables to work... then you will have no issues because once they come back to a page they have permission to they will just be allowed in without login.. at least while that session is still active.. or for a longer time if they choose the remeber me option which keeps track of them with a cookie .

Really, the best thing to do is expirment and see how things behave.

Parent Paths ?

http://support.cjwsoft.com/forum/forum_posts.asp?TID=5&P N=1

Running in parallel for testing is actually a smart way to do it, but the truth is you don't use anything from version 6 except the upgraded database (we have a tutorial on how to upgrade the database)

Version 7 was a drastic change /rewrite to all of the asp files that come with the application. So you will be starting out with fresh version 7 ".asp" files and folders... You will also find that once you get version 7 running that editing certain things like the look of the users area and the login screens is much easier to do.

That being said any of your own ".asp" pages that you protect use the same protection code they always did, so there will be no drastic changes needed there when you do finalize the upgrade.



If using MSACCESS as the database I suggest installing the application somewhere in your web and using a fresh ASPProtect 7 database. Once you are familiar with the setup and everything is working fine. Attempt the database conversion and when your done stick your converted database in there and see if everything is ok.

Also, if you already purchased the application download the latest version before doing the install. It's the same download URL. If you don't have it email me and I can hook you up. I have added some new features and fixed a couple minor things since it's release.

So far the feedback on version 7 has been awesome..

IMPORTANT UPDATE - READ THIS
http://support.cjwsoft.com/forum/forum_posts.asp?TID=205& ; ; ; ; ; ; ; ; ; ; ;PN=1

The 2Checkout Support Pack which is built in to ASPProtect 7 contains all the pre-built scripts you need to implement 2Checkout Payments with ASPProtect. You must be using version 2 of the 2checkout system. They are phasing out version 1 regardless so everyone will be using version 2 very soon if they are not already.

THIS IS NOT INTENDED OR DESIGNED TO USE 2CHECKOUT SUBSCRIPTIONS. (see bottom of this thread for more info on that)

This Support Pack basically gives you an additional signup and registration directory "2checkout_signup" and it should not interfere with any changes or customizations you have made to your ASPProtect setup in general. New users can register in this directory and pay for membership at the same time. Existing users whether active or expired can be sent to this directory where they can lookup their account and buy additional membership time online. You can also assign various Access and Group Levels during signup and you can set up various prices for various amounts of time as well. This is a real-time setup for the most part. As soon as a user pays via 2Checkout your system is updated and they will have access.

The 2checkout pack is NEW.. and was released on March 19, 2005. If you don't have it and would like it please just ask.

To start using this edit the "2checkout_signup/2checkout_config_inc.asp" file

You will be entering your 2Checkout Account number in that file as well as the URL you want a user to go to after payment. It is all commented in that file. (There is also a testing variable you can set to True if you want to do testing without real charges being applied)

After editing that file run this page.

http://www.mysite.com/2checkout_signup/show_postback_path.asp

Replacing the part in blue with your website info.

It will report back that postback url you need to use in the 2checkout system.

Log into your 2checkout version 2 account and under the "look & feel section" enter that postback url for both the "Approved URL" and the  "Pending URL"

Trust me: You want the URL there for a pending URL because the 2Checkout system is quite random and 95% of the payments that come in go to the pending URL and end up being legitimate sales. (at least for me they do)

Now make sure the Direct Return option on that page is on as well. 

If set to Yes buyers will be immediately directed to your URLs below once they click the Complete Order button. If set to No the buyers will have to click a button to return to your URLs below.

Save that page... and leave 2checkout.

Now, delete this page from your ASPProtect setup.
http://www.mysite.com/2checkout_signup/show_postback_path.asp

It's a minor security risk and is no longer needed needed.

The basic setup is finished. All you have to now is set up payments options the way you want them.


Changing Payment Options

In the "2checkout1.asp" file there are form options set up.

They look like this and you can have as many as you like.

<option selected value="30,9.95,3,">30 Days, 9.95</option>

In this option... A user has the option to purchase 30 days for $9.95 and he will be set to Access Level 3 when payment in completed.

Here is how it works.

The value setting (red) is essentially and array that can be made up 4 elements separated by comma's
They must be separated by a comma and there can be no spaces. In this example the 4th value was not used but the last comma must still be there. If you didn't want to set an access level and left out the "3" there would 2 commas at the end.  etc etc
Basically there must always be 3 commas but you only have to set the 1st 2 values which are days and price.

days,price,access level,groups

The 1st value is the amount of days.
The 2nd value is the price for the amount of days.
The 3rd value is the access level you want to user assigned to.
The 4th option is the groups you want the user assigned to. (see PayPal subscription thread for examples of specifying group info)

Now, the label for the option in (blue) can say whatever you like.

We want to insert a hyperlink i the mesage area when we e-mail users from the Password Admin area.  Is ther an easy way to insert the hyperlink so when the user gets the e-mail, they can just click on it and go the the page we want them to?

Thanks,

Andy

I'll try to help when I get back tues night,, see the contact page for info on where I am .
http://www.cjwsoft.com/contact/default.asp?Subject=CJWSoft+G eneral+Inquiry

Christopher,

Thank you again Sir. Your quick responses and helpful demeanor add greatly to the value of your software.

hi,

no.., not unless you come up with some clever way to handle it on your own
http://support.cjwsoft.com/code/code_info.asp?TID=369&KW =https
read 2nd to last post

The way ASPProtect ships it is designed to either be in http:// the whole time or https:// the whole time.... (there curently is no solution from me allowing going from one to the other)

sorry

First pass through, I don't see anything changed in the groups section of the check_user asp file. the logoff asp wasn't touched.

I noticed the demo online (on this site) only has pages protected with access levels; you say it works fine with groups also?

You need to make sure you created the SQL database using the SQL scripts we provide and that no errors occur whatsoever. That is extremely important. You must use our SQL creation scripts.

Then, when you create the user you need to go back to that user and make sure you check the admin account and save that user again. (many times when setting up a system for someone I find myself forgetting that step and then I have to go back in and check the admin box for the user I created.)

And of course create the user from the ASPProtect admin area web interface. Do not add the user to the database manually because you will have no way to enter the password correct as it is encrypted. And do not change the encryption key after making the user/.

It would also be wise to check the SQL server database at every step to make sure the user info gets created and that all the field info looks correct for the most part.

You also want to be sure to specify SQL as the database type side the connection string info as the SQL directions go over

a remote sql server should not an issue.

thats really all I can think of right now

thx for posting this..


Just a few notes... more than 100 pictures specified in the config file is not supported. You are of course on your own if you specify more than 100

Also, technically the post above should say more than 102 pictures... "I think" as you wont need more html cell code until then..

The loop in the code is probably how I should have done it in the 1st place but I was in a hurry to get this finished and I also never expected/wanted anyone to specify more than 100 pics per album.

Lastly.. depending on what style you are using in the config file the code above may not work as some of the styles do not use cells but line breaks instead..   At least from what I remember.

yes. what you are talking about has to do with norton ad blocking software.. it blocks images or paths that have the word "ad" in them.. and you see red x's where images should be on web sites.. usually

it is different then what this thread initially mentions which has to do with a code/server issue with the application variables.

I checked with our web hosting company and CDOSYS is installed and properly registered on the Windows 2003 Server our site resides on.

How do I go about changing the ASPProtect code to use CDOSYS?

Please advise.

I was actually able to do similar thing by allowing our dedicated search engine to access the site unchallanged.

<%
If Trim(Left(Request.ServerVariables("HTTP_USER_AGENT"),11)) = "MYPASSWORD" Then  
 SearchFlag = True
End If
 
If SearchFlag <> True Then
If Session("Access_Level") > CHECKFOR or Session("Access_Level") = "" Then 
%>
<!--#include virtual="/Auth/check_user_Code.asp" -->
<head>
<title>My Title</title>

</head>

<body>

My Protected stuff here

</body>

</html>

For this to work, the search engine must pass the PW to the web site. I just was not sure how to do the same thing with IPs. I will play with the code and see what happens. If it works, I will post it here to help others, if this is OK with forum rules.

Thanks,

Mo

Hey, I run a business and I will not have things like that mentioned in these forums.