Blog Entry: 3/25/2006 1:51:28 PM
Our login works great, variables even help determine menu options. When user logs on, however, it opens in a new page. Is there a setting somewhere that sets whether you can open in a new or existing page?
Also, when you log off
, I would also double check that you changed the field size correctly and on the correct database that is being used in the connection string
,
Great software.
How easy would it be to copy the email address entered at registration directly into the login id field so that the user's email address is automatically used as the login id?
Also, where in the code can I turn off the random password generator - I'd rather force people to pick something they can remember themselves.
Thanks,
Nick
, humm, those are some very big images to be starting off with but I am not sure that would cause a problem under the importing scenario
what width are you having the system resize them to ?
What happens when you upload a image manually (one a t a time)
Also, try the import process out with some pictures no bigger than say 1024 and lets see what happens
, The file check_user_inc.asp as the lines: (which include Session("groups")
Here we set some valus about the user into session variables
Session("PasswordAccess") = "Yes"
Session("Access_Level") = CmdCheckUser("Access_Level")
Session("Admin") = CmdCheckUser("Admin")
Session("Active") = CmdCheckUser("Active")
Session("Expiration_Date") = Expiration_Date
Session("User_ID") = CmdCheckUser("User_ID")
Session("Groups") = CmdCheckUser("Groups")
Session("Redirection_URL") = CmdCheckUser("Redirection_URL")
Session("Password") = RC4(CmdCheckUser("Password"), PasswordEncryptionKey)
Session("Username") = CmdCheckUser("Username")
, I am confused.
Humm, how did ASPBanner 8 come with your purchase of ASPProtect ? That is not something I am aware of or something I do. Please provide more information on how you obtained ASPBanner 8. If I gave yu a copy for some reason please refresh my memory so I can go look up th emails about it. I need to know you have a valid license.
Now, as for the two not working together and the login screens messing with each other. I am even more confused. Tell me more as I just do not understand what you did ? ASPBanner has it's own user database and login system so there is no reason you should be mixing the two together as far as logins go. The two applications can certainly be in the same web together and not bother each other. ASPBanner can certainly serve banners to any pages you protect with ASPProtect or don't protect, but you certainly should not be protecting any ASPBanner code with ASPProtect code. ASPBanner already has code in it to do that. If that is the case don't do that. ASPProtect is not meant to protect code that already has a login system. That should just be obvious as far as I am concerned and hopefully you dintn't try to do that.
(you said you just put the directory in there but there must be more too this than that)
But again, tell me more. I can't really know everything ??
I just dont see how your ASPProtect pages could be effected by ASPBanner unless you really did something wacky like included the ASPBanner "check_user_inc.asp" instead of the one that comes with ASPProtect or overwrote it... etc ect
If in the same web aspprotect can be wherever and aspbanner needs to be in a folder called "aspbanner". There should be no conflicts under normal use and the two will essentially run seperate of one another.
, Thats what I needed. Thank you!, We want to insert a hyperlink i the mesage area when we e-mail users from the Password Admin area. Is ther an easy way to insert the hyperlink so when the user gets the e-mail, they can just click on it and go the the page we want them to?
Thanks,
Andy
cwilliams38456.0983101852, It seems that if a user attempts to access a page that is not in their access level or they do not have the group permission they are redirected to the login page. Re entering their ID generates an eror and they cannot go back to the pages they are alowed to access. Is there a way for them to simply be blocked and return to the previous page or to a defined page so they can continue using the site?
thankyou
, The folder named Pictures permissions are set to your specs. It has jpg's that were uploaded per the aspphotogal instructions. But, the error message still appears and I am unable to access using aspphotogal., It is common when testing a site that this happens because of the nature of session variables.
Admins have access to EVERYTHING so it is very important when testing different user accounts that you specifically log out... and then close every single browser window before logging in as a different user. This is to ensure session info from the previous user does not overlap in any areas.
(The session variable for admin access being the main one)
Under normal circumstances a user would not log in with many different accounts on the same computer this this would only be a problem for a developer who is testing.
So make sure you go to the to log-off page and log off.. then close all browser windows.. then test another user.
If all this is not the case then something else is going on and I will need more information. I pretty much know the level checking code for ASPProtect Version 6 is correct as there has been no reason to change any of it in over a year. I would have heard reports of problems with it. , humm, did you edit any of the registration code ?
this is not something anyone has ever mentioned and the aspprotect 6 code has not been changed in over a year ?
can I see where there is happening ?
I may need ftp or frontpage access to the server in order to troubleshoot unless you can provide me with more details here.
thx..
, A question. Does this apply to all areas of the application. I have recently uploaded 50 photes. But when I look at the site from the url, I have X where the picture should be. Now, if I look at it though the localhost, I see the pictures perfectly.
, Your users with Internet Explorer may have received the "Page Expired" error. For ASPProtect users, it happens when the user is not logged on and tries to invoke the target page. check_user_inc.asp puts up the login form, and IE sees it as part of the target page. Any later attempt to Back up and reload from cache gives the errror.
My solution was, after successful login, instead of falling through the bottom of check_user_inc.asp and running the target page, I issue a re-direct to reload the target page. I also added META tags on the dynamic login form to say no-cache and expire now, so the re-direct really does reload the target page. This time, of course, check_user_inc.asp does not need to put up the login form, and the new target page in cache contains no form at all. So, IE will not give a Page Expired error when Backing up to it later.
Netscape, and I gather other browsers, do not behave the same way, so I limited the solution to IE. Also, the solution only works if the target page has no form of its own.
I'm uploading my customized version of check_user_inc.asp that contains this solution. (In it, I also used the Javascript focus method to place the "cursor" in the Username field when the login form loads.)
2004-11-22_050940_check_user_inc.zip
cwilliams38313.494537037, at this point I would say install a fresh untouched copy in the web in a different directory and lets see if it acts weird from scratch.. the we can go from there.. I dont know what is going on
, Why all the pages at the directory .../password_admin/ are very slow to open online?
vaghelis38300.5280208333, The code is ok..
Your getting an error because no banners are showing up in that zones rotation.
run this directly in the browser and you will see that there are no banners being generated for that zone ID
http://www.poconocommuter.com/aspbanner/aspbanner_inc.asp?Ba nnerZone=6
As a matter of fact I dont see any banners showing up for any zones previous to 6 which tells me either you dont have valid banners in there or the application variable info got corrupted do to a server crash / power off or something.
http://support.cjwsoft.com/code/moreinfo95-1.htm
, ok
, If you are developing using Windows 2003 Server and running the NTFS file system setting proper permissions on a folder in your website is done like so.
using "my computer" browse to the folder in your web that you need to set permissions on.
Right click on that folder and then choose the "security" tab.
Give the "Internet Guest Account" Modify Permissions
This will check all the boxes under modify as well.
You can also give permissions to the everyone account and accomplish the same thing.
Other things to note:
If you are using ASP.NET you need to give permissions to an account called ASPNET. It wont show up in the user list. You'll need to click "add" and then type in "ASPNET"
In some cases you may want to go into the advanced tab and check both checkboxes shown in order to make sure the permissions you need get set. It really all depends on the situation.
cwilliams38342.7343981481, Humm, its hard to explain but I am not sure that is a good way to be testing that. I hear what you are saying but I am not sure that really means anything. Whatever is going on its some sort of client side issue with the browser and the meta refreshing over a very long period of time during which there really is no user doing anything at the site. , humm.. their FAQ is interesting...it looks like some sort of .NET configuration issue regarding security policies like you mentioned
Thats one of the big problems with hosting .NET. Some hosting companies just do do some oddball things. ASPProtect.NET works under default conditions but when hosts go around locking things down to the max there is bound to be trouble. This is the 1st I have heard of this.
Now, ASPProtect.NET does use the "System.Data.OleDb" and "System.Data.Odbc" which your host says they block because they require full trust.
All I can really say at the moment is go with a hosting company like www.alentus.com or www.maximumasp.com that does not restrict your .NET abilities so much.
In the meantime I am going to ask John Evans what he thinks about this.
, If the physical path isnt right and the permissions are not right it just plain will not work. You will not get an error.
If the filesystem object is disabled on the webserver it will not work either.
Something has to be wrong.
Please start a new thread when the topic changes.. thanks
It helps to keep the forums organized for other users in the future.
cwilliams38454.6146180556, I am running Windows 2000 server. I do believe asp.net IS installed as I have the .NET 1.1 framework installed.
Funny about the bounce backs. I am at about 10% of my limit, which I control as I am the network admin. I'll check into that.
, While I originally thought the login form on a non-protected page idea may be similar in setup to how our Classic ASP version of ASPProtect works I could not have been more incorrect. Truth is I forgot that it works a lot differently.
ASP.NET Web forms are meant to post to themselves and there is thing called the viewstate. (google it.. its a hidden variable the server creates in the form code that is required when the form posts back to itself.. and hold all sorts of information the server uses) Doing what you are asking about means disabling the viewstate and that can have big consequences and break certain things.
Basically you cant just put a form on a non-protected page and post to a protected page if the viewstate is enabled. Disabling it can break certain web controls like data grids .etc etc.. and can also have an effect on how the session is managed at the site and sometimes disabling it is not possible depending on what is going on cause you need it.
I am still doing research on the whole thing, but it looks to me like doing that is going to have a tradeoff of some sort.
That does not mean this isn't possible somehow. I am still researching and I am also going to see what John Evans thinks.
I told you .NET was complicated.
As for your other question that is something you have to sort out on your own by editing the code and recompiling it based on your custom project needs. It is not something I can help you with. , We do not support customization of the code or any custom coding you may end up doing with Visual Studio.NET. However, if you can show me that the application functions incorrectly in its default unmodified form I can help. If not it has to be something you did most likely.
Though I do not if it is the issue, mixing c# and vb.net in the same project can be tricky if not problematic. It’s definitely just not something I can support.
If you have not seen it we have tuturial on setting up the project in visual studio.net.
http://support.cjwsoft.com/code/moreinfo85-1.htm
I would suggest starting with a clean installation. Test everything to make sure the things you say are ok or not. (if not post here about it) Then try your hand at editing the application and compiling it. Keep the c# out of the mix at 1st.
I am not even sure if adding c# to the same project is feasable.
(maybe it is , maybe it isn't)
That being said.. ASPProtect.NET can of course be used to protect pages using c#. But compiling the ASPProtect.NET project with C# code added sounds a bit iffy to me. We wrote the application in VB.NET so you really need to use vb.net when making changes to it.
, you can edit the look of it but because it is licensed software the links to aspbanner and the aspbanner logo.. etc etc must remain otherwise change it all you like., sorry your having so much trouble. A good host is a must.
Yes, that is most likely permissions related.
http://support.cjwsoft.com/code/moreinfo27-1.htm
You may want to read over my article on how permissions are set. It will give you a very good understanding of the process and may help yo when dealing with your hosting company.
http://www.powerasp.com/content/new/windows_2003_server_and_ permissions.asp
there is also an xp pro version of the article for people doing locl development and running iis on their xp box
http://www.powerasp.com/content/new/windows_xp_pro_and_permi ssions.asp
, When I enter www.vickerylightning.com/aspgallery/dataconn_inc.asp on the screen it says "Not a valid bookmark"
as far as that goes I have no idea.. I have never seen that message before but you are not suppose to run that page by itself regardless.. it is an include file not meant to run on its own
, I have accessed the "get_me_in.asp" page and entered the password encryption key. Once I entered it, I was taken to the ASPProtect Admin Area Login. It does not give me the option to create a new user as is described in the general installation documentation. How do I access the program now?, It looks like your product is perfect for my new site, but I have one question. One of the pages I want to protect on my site will be called by an application running on a remote server every 15 seconds. The application can include the username and password in the URL it is calling. Will your product allow access to the protected page on my server? , I am not sure. I can tell you that I run windows 2003 server and I have never had any issues setting permissions for ASP.NET files and folders. This very server is 2003 and the ASPProtect.NET demo runs on this server as well.
Course, I can't say that I have specifically tried to remove ASP.NET READ permissions on the database folder as it's just not something I would not have a reason to do. Why are you trying to do that? The ASP.NET account needs that permission. If you are trying to stop file browsing and downloading in that folder that is not how you do that. The best way to do that is by keeping the database somewhere else on the server that is not part of the http web. , I had some issues with passwords not working. I cleared them up by
going to the affected user and typing in the desired password manually
on the edit screen. Worked like a champ every time, and I haven't had
to do that for some time now.
, Version 7 uses.. RC4
The upgrade process is described here in detail including a procedure to convert existing clear text passwords to the encrypted versions. (Your passwords will need to be clear text as the system shipped of course for the conversion to do its thing)
http://support.cjwsoft.com/code/info24.htm
It is also covered in the downloadbale docs
http://support.cjwsoft.com/code/moreinfo221-1.htm
Many people have done the upgrade without any issues and Version 7 is getting great feedback.
Should you decide to go with it there is upgrade pricing.
http://www.aspprotect.com/purchase_v7_upgrade_pricing.asp
, I wouldn't bother doing that. If pic uplading doesn't work it is most likely permissions to the directory pictures are uploaded to. If they are not set correctly it will not work. That dir needs the same permissions the database folder needs. , We have been using ASP Protect for a while now and are big fans of the program. We received ASP Banner 8.2 with our puchase which we now have a need for. I went to put the files on our webpage, and doing nothing else other than locating the directory there, I noticed differences with how ASP Protect operates. We have customized it a bit and want to keep the 2 programs separate. the login screen for one showed up on the other, and some ASP Protect pages appeared altered so i immediately deleted ASP Banner. did I do something wrong, and how can i ensure the 2 programs work completely independant of each other? We can't risk braking what we're now using but would really like to add banner functionality to some of our pages. maybe an update to the program before we install? puchase new software? Thanks for your help-
, Great Thank you!
As of thus far the program is working rather nicely.
I am very impressed :)
, I assume that if I am using this product, search engines such as Google cannot access and index my content. Can somebody confirm that; I want to be 100% sure.
In case it matters, I am using a basic, cheap ISP setup where my site is on a shared server.
Thanks in advance.
, yes. what you are talking about has to do with norton ad blocking software.. it blocks images or paths that have the word "ad" in them.. and you see red x's where images should be on web sites.. usually
it is different then what this thread initially mentions which has to do with a code/server issue with the application variables.
, Help!.. I need to export the username and password fields to a mail merged letter so everyone knows their username and passwords. However whenever i access the database or do an export. The passwords showup as encrypted. Is there a way to access the list, un encrypted?
thanks
, Ok nevermind that... i got by that wasn't paying attention...
The problem is even before this which i didn't know until now.
I placed the protect tag in a page i called members.aspx
When i go to this page is says ACCESS DENIED etc etc etc.
When i go to login to view this page i get the error..which i DIDNT know because i assumed it was working. This is the error im getting:
Server Error in '/MAP' Application.
The resource cannot be found.
Description: HTTP 404. The resource you are looking for (or one of its dependencies) could have been removed, had its name changed, or is temporarily unavailable. Please review the following URL and make sure that it is spelled correctly.
Requested URL: /map/users/aspprotectlogin.aspx
Version Information: Microsoft .NET Framework Version:2.0.50727.42; ASP.NET Version:2.0.50727.42
btw it says /map because that is the subfolder within the root folder
, 
