Blog Entry: 3/25/2006 1:45:08 PM
Yes, thats cool.. post it here for sure.
Also, the way you allowed for your search engine is clever and probably was the easiest way to go.
You could do the same thing with the IP. Much easieri than the way I was thinking of doing it.
, Then you should have current enough code.
If you PM me the encryption key you are using and the plain text password for this user I can see if I can reproduce the error and come up with a fix.
I believe you found one of the rare examples where the encryption creates a strange character that messes up things. Sometimes those characters are not even visable.
Changing the password should solve the problem in the meantime.,
ok, I just sent you a private message with download information.
replace you existing
"check_user_inc.asp"
"admin/check_admin_inc.asp"
"admin/email_user.asp"
with the new versions in the download
Do some testing to make sure that HANNAH password works ok for you.
Hopefully this cures the issue...
If it works ok for you for a while I will offer the fixes to everyone and start using this code from now on
BTW:
"admin/email_user.asp" had an unrelated bug in it that only happened if its error handling got triggered... it was posting back to the wrong page when that happened and causing an error , ITS WORKING
...I have earned a beer (dont tell anyone im underage)  , I got ya. Well hey, that's what's great about the iframe right? , OK. If no return page is set, do they end up on a PayPal confirmation page and have to navigate back to my site by going Back or typing the web address?
Nick , I am up to speed on how it works. My goal was to not have just a link to a protected page- so that when a user clicks it they get the "access denied" screen and then have to log in. My goal was to avoid that if possible by having them log in and then redirected to the protected page.
So this isnt possible? The only way for it to work is for a user to click a link to the protected page, get the denied screen, then login and be redirected?
Or is there another way..?
I made my point by rebuttling your "cafepress" with agreeing "YES" that is what i want... now you are changing this around on me. I dont think i can be ANY clearer in what i intend to do. It is extremely clear and i am not sure why its becoming more than it should be. I just want the user to be able to log in from ANY PAGE ON THE WEBSITE AND THEN BE REDIRECTED TO THE PROTECTED PAGE IF THE HAVE THE PROPER CREDENTIALS. It would be nice if this software gave an error message when an incorrect username/password was entered instead of simply refreshing the screen. , how you connecting... lets see the connection string...
could be permissions related too.. if they are not set correctly
(always give them to the folder, never just the mdb file)
Some of this might help...
http://support.cjwsoft.com/code/moreinfo11-1.htm
http://support.cjwsoft.com/code/moreinfo136-1.htm
http://support.cjwsoft.com/code/moreinfo56-1.htm
you may want to download some of the different versions of the access database from the support area and try connecting to them as you may have older odbc drivers on the server
You may also want to try to get ASPTest from our website working before you go any further , No, Unfortunately.
I have seen your messages.
I have not edited the code at all.
Tomorrow I will install the sql database again from your script as I
did before and I will try again. I will send all the details.
Thank you again.
, humm, those are some very big images to be starting off with but I am not sure that would cause a problem under the importing scenario
what width are you having the system resize them to ?
What happens when you upload a image manually (one a t a time)
Also, try the import process out with some pictures no bigger than say 1024 and lets see what happens , Just installed software, when I attempt to log on I get the following error (actually this is after I moved some of the include files to user).
Active Server Pages error 'ASP 0131'
Disallowed Parent Path
/gallery_admin/default.asp, line 25
The Include file '../dataconn_inc.asp' cannot contain '..' to indicate the parent directory.
What do I need to do to fix?
thanks. , Actually, your whole site is like that.
http://www.bones.myftpsite.net/rfamilystuff/
You should definetly fix that..
I can't help ya with it though. You'll have to figure it out.
I know ya can do it...
later
cwilliams38394.7738657407, I've got an ecommerce module that's running on it that uses access for the db. Connecting into that thing is slow as well, but I figured that's because of the complications and volume it handles.
So as far as importing on a faster machine and copying it over to the server...what suggestions do you have? , Ok, I started the database tables from scratch. I did everything using sql enterprise manager and query analizer..
Same thing happens... certain passwords just do not work.
So I did a lot of testing and I have come to the conclusion that this has something to do with the regional settings of that SQL server.
Here is an example.. see the screenshot below.
Username "admin" password "petepetepete"
The top query done in Enterprise Manager is valid and shows the user.
The bottom query is also valid but it does not show the user.
And that is exactly what is happening from the ASP codes point of view.
Now, this means that even though that encrypted password is getting saved to the databse correctly this particular SQL server just cant deal with it from a QUERY.
It works fine on two different SQL servers that I have. It's just got to be something regional related like unicode characters not being dealt with correctly or something odd like that.
I tried changing the collation data for the "Password" field type on that SQL server and it looks right. I don't know what else to do but it is something about that SQL server. There may be a way to change the regional setting through the connection string but I cant find any articles on that right now.
One solution I have for you to get this working there is to eliminate the encryption factor then I dont think you will have these issues.
It's either that or find another SQL server with US type settings or use MSAccess. ASPProtect runs nearly as fast on Access as long as you do not have over 10,000 users or whatever. The system hardly ever accesses the database so it performance under MSAccess is always good.
Let me know what you want to do. I can shows you how to eliminate the encrypytion factor if you want to try that. I think if I make you a custom version of the RC4 function you can just replace that and then the system will use plain passwords.
Your call..
, This has not been officially released yet, but it is ready.
Here is the overview...
http://www.aspprotect.com/demo3/paypal_signup2/overview.asp
And the Code for the IPN Subscription Pack is 30.00.
http://www.aspprotect.com/ipn_subscription_support_pack.asp
A few people are using it and say it works very well.
Like the IPN Single Purchase System it is a separate directory you copy into the web site. One change must be made to your database so it’s pretty easy to get working.
Though I am not guaranteeing this you should be able to accept Single IPN payments and IPN Subscriptions at the same time without the two bothering each other. I haven’t tested it but one customer is doing it and said it is working fine. It just involves manually specifying the IPN URL for one of the systems so it overrides the default IPN URL on your paypal settings. (As each system needs its own IPN URL) Its easy to do… just a form field you would add to the subscription form. I already looked it up. See below.
Specifying Your Notification URL
If you only need to receive your IPNs at a single URL, you can enter that URL in the Preferences section of your Profile. If you would like to receive payment notifications for different payments at different URLs (i.e. if you need to separate payments made to different websites you run), you can manually pass the IPN URL with each payment by including it in that payment’s HTML code. Use the notify_url field to pass this information. The notify_url for a specific payment will be saved, and any subsequent updates to that payment (e.g. cleared eCheck) will be sent to that notify_url. When you pass a notify_url in your HTML code, it will override any preferences you set in your Profile.
Anyway.. the Code for the IPN Subscription Pack is 30.00.
http://www.aspprotect.com/ipn_subscription_support_pack.asp
cwilliams38342.8775578704, We have no add-ons for anything but accepting payments through paypal and 2checkout... if you want to accept payments through some other setup you have make a payment directory addon and write code to do it based on the system you are using..
We provide the ASP source code so that is doable for someone that is good with ASP. If not then it won't be doable.
, You know what, you really are frigin goofy to say you might think we
didn't write the software. I got source code to the license dll as well
as about 12 revisions of the application sitting on my development
server as well as about 1200 emails between John & Myself as we
worked on it. Not to mention all those .vb files that come with the
application. What do you think those are ? I bet you don't even really
know based on something you said in one of your earlier forum posts.
Did you even read this cause this is YOU... !!!
http://support.cjwsoft.com/code/moreinfo234-1.htm
And we say right on the ASPProtect.NET product page to read that article before making a purchase.
Moving
on... it basically says on the site ASPProtect.NET works the way
it is shown to work. You can use it that way or you can further edit
the code with Visual Studio.NET. If you are so good with asp.net then
you should be editing the code to work differently or writing your own
authentication that works exactly how you want it to. End of story. You
keep arguing about things your done... you are so done !!! I won't keep
putting up with you., Thanks for the quick reply!
I was thinking it was an ASP config/install issue.
I usually deal with Linux/PHP, so this is all new to me :) , Hi Chris:
Is there a way I can include the username and password in the URL of a protected page to gain access to a that page without going through the log-in page?
I'm not quite sure what the syntax would be in the URL.
Warren , The ASPProtect v7.x Documentation is now available as a download in windows ".chm" format. (needs to be viewed on a windows based machine that can read it) If you are using XP with Service Pack 2 follow the instructions below or you will not be able to view the help file.
Download Documentation
You should save this file and then open it.
Just opening it from download may not work and you will not be able to read it correctly.
Please continue to check the support forum threads for the most up to date documentation.
IMPORTANT
If your are using xp with service pack 2 there are some new security features that can block the access of help files you download. So as far as the ".chm" file goes.. you have to download it... right click on it...go to properties... then choose unblock down in the lower right corner ...then you can open and view the file correctly , After I approve someone's username and password, then go to send them the default e mail telling them of the approval, the e mail never goes through. The e mailing used to work well for many months, but it stopped working. Any thoughts?
Spider , The application is only intended for use with $ the way it comes.
Use of other currencies is not supported.
(this is noted on the product page)
However, it can probably be used fairly easily with UK customers.
You'll probably want to look into setting the currency to UK in the code generated for the PayPal buttons which is in "view_item.asp". There is probably a hidden form variable you add to it to specify the currency. PayPal's shopping cart documentation and help system would have more info on that.
Doing a search real quick there I came up with this.
<input type="hidden" name="currency_code" value="GBP">
Then you may also want to change the LCID settings for the web site to UK. (I think)
To do that edit the "config_inc.asp" file with a text editor.
Add this code between the <% and %> tags.
Near the top is good
Session.LCID = 2057 There may also be hard coded dollar signs in the code that you will need to change to whatever.. If after you do the above to steps you see then you'll know where to change them based on the named of the page you on.
It is quite possible that simply changing the LCID will take care of everything, but I am not sure.
Those are the tips I can give you. , this error really does not mean anything specific
Your browser must support a standard called RFC 1867. Please check with your browser vendor for support of this standard"
If you get an error its real weird that the file is being uploaded.
Generally if you get an error during upload it is because of one of these 3 things
Invalid physical path specified
Unsupported upload method chosen
Permissions
See my article on XP and permissions
http://www.powerasp.com/content/new/windows_xp_pro_and_permi ssions.asp
many people dont do their permissions right on XP Pro and that article covers everything , A question. Does this apply to all areas of the application. I have recently uploaded 50 photes. But when I look at the site from the url, I have X where the picture should be. Now, if I look at it though the localhost, I see the pictures perfectly.
, Thankyou, that was very helpful,
Flash files cannot track clicks unless you edit the original flash file to link to the aspbanner system redirect URL.. feeding it the correct ID of the banner.
When that link is clicked on it will then track the click and redirect the user to the “link url” specified for that banner.
The system actually generates the necessary ASPBanner URL for you. That link is shown on the banner edit screen.(you must save the banner at least once and come back to that screen to see the link though)
Really the best way to show it is with an example as seen below.
Basically the flash banner file "powerasp.swf" highlighted in green needs to be edited to link to the banner redirect url which is highlighted in red.... the banner redirect url will then track the click and ultimately send the user to the Link_URL highligthed in blue.
All banners systems work this way when it comes to flash files.
It’s the nature of flash and the web browser,
The flash source code must be edited to link to the redirect url in the ASPBanner system. There is no possible way any banner system can track a flash click unless the flash file links to the banner system 1st.... because that click is handled by Flash and the web browser.
In some cases if you do have the original source file for the flash banner then you are out of luck as far as tracking clicks goes.
On a side note... if you create flash banners the way this article says you can actually feed a .swf flash file a link for it to click to. Instead of it being hardcoded.
http://www.macromedia.com/resources/richmedia/tracking/desig ners_guide/index.html
This is really the way everyone should design their flash banners from now on because the url it links to can be easily changed at any time without editing the flash file source code. cwilliams38085.095150463, Is the user ID case sensetive? In my case I use the user email as the login ID., thank you for such a quick response -- It sounds straight forward - so I should be all set. Thanks again., yes, usernames and passwords are both case sensitive. It increases security. ,
It worked after bout 15 minutes. I receive a response of *3*
However, when I log in as a user who is only a mamber of group1 I still get a response of *3* , it probably means the page you are trying to protect is (not in an iis application or not in the same iis application) which it needs to be
for a situation like using ASPProtect you really want your root of your virtual directory set up as one big application in IIS. (after you inquired about it your hosting company probably went and set the ASPProtect folder as an application in IIS which means any pages you protect need to be in there as well. (truth is they should have had your entire web starting from the root set as one in the 1st place..... its standard practice for any experienced hosting company) cwilliams38456.9306828704, The problem was that I did not have
ConnectionString = "Driver={Microsoft Access Driver (*.mdb)}.... in the connection string.
Thank You.
, I have a very weird problem. At the top of the page, where there used to be
[Place Ad] [Classifieds Home] [Register] [Sign In]
now there is only
[] [Classifieds Home] [Register] [Sign In]
so the words "Place Ad" have disappeared completely. Can you please tell me which file in which folder would control this , question 2 is answered best here
http://support.cjwsoft.com/code/code_info.asp?TID=319&KW =paypal
Ok, got it. Didn't know if there was something already set up for this that I was missing.
>>I should also mention that the paypals scenarios used in ASPProtect can not be tested using PayPal's sandbox.
Ok. Thanks.
>>Also test using two real PayPal accounts and on a live setup. (You'll allowed two paypal accounts) then you can log into the other and refund the transctions and of
course it makes sense to use low amount like 1 cent and what not.
Yeah, been messing around with
that. Got everything going except the return page which I can't
do until the site is live. 
>>Also, I'd love to see what you came up with with the
integration. I have been working on it here as well and took it in a
different direction as I plan to sell directions for it as an add-on
for aspprotect.
Ok. Will email you with a username and password for access to the site once it's live.
Sounds like a great add-on for ASPProtect!
Thanks!
Michelle
, Let me put it this way.
My home page (default.asp) is an unprotected page.
When a user that has signed in on another (protected pages) and has the remember me checkbox checked closes the browser cookies should be set for the next time they return.
When the user opens their browser and returns to my home page (default.asp), I'd like to put a message saying:
Welcome back <%Session ("Username")%>
How is this done?
, I have just started to move my sites to a new dedicated Windows 2003 box. I have parent paths enabled, SSI turned on but I still can't get ../ to work with server side includes. Everything I read online says that I need to turn on parent paths but again, they are already turned on.
The hosting company where the server is located can't tell me anything, they just say that that is the way it is with Windows 2003. I don't buy it!
Can anyone tell me anything on this issue to help enable the ../ for serverside includes? , Thank you.... yes it does
Is there a limit in the number of Zones you can have in the database.
thanking you , I really can not support it because you made that modification and it probably directly relates to the issue your having.
There are many issues that can be caused when dealing with encryption. Sometimes the encrpted passwords can end up with problematic characters. etc etc Maybe the users are changing there passwords to ones that do that... after you fix them.. Its hard to say
I know as I had to sort things like out when I designed version 7 which has built in encrpytion.
It could be anything really.. since you made changes like you sorta need to figure out what is backfiring. There has to be a reason.
Chris , When I designed the system I never really intended people to type in long descriptions for pictures
and if they did I assumed they would use the enter key once in while..
but I guess people dont do that
This thread is along the same lines and shows what someone else did about this..
http://support.cjwsoft.com/code/moreinfo99-1.htm
though they are talking about a different page its the same issue , humm, I see your using the lite version which is technically not supported.
I know you were responding to an existing thread but I really would rather you have posted this in the ASPProtect Lite area or at least mentioned what version you are using. Usually there are big differences in the versions and it helps me help you if I know what is going on.
Regardless, the code for this feature is actually the same and I just tested a fresh install of the lite version and it stored that verify url perfectly and all worked as it should in the verification email.
All I can think of is that you can try manually editing the "users/add_new_account.asp" file.
This part
EmailBody = EmailBody & "New Registration.." & vbCrLf & vbCrLf & "Your registration still has to be validated." & vbCrLf & "Go to " & vbCrLf & VerifyURL & "?u=" & Server.URLEncode(Request("Username")) & "&v=" & ValidateEmailCode & vbCrLf & "to verify your registration." & vbCrLf & vbCrLf
Would need your verify URL hardcoded into it which would pretty much guarantee it would get put in the email.
EmailBody = EmailBody & "New Registration.." & vbCrLf & vbCrLf & "Your registration still has to be validated." & "http://localhost/aspprotectlite/users/v.asp" & "Go to " & vbCrLf & VerifyURL & "?u=" & Server.URLEncode(Request("Username")) & "&v=" & ValidateEmailCode & vbCrLf & "to verify your registration." & vbCrLf & vbCrLf
Of course change the url to be valid for your setup.
Still, the fact that this isn't working means there is something wrong with your installation. It would probably be a good idea to erase everything, do an iisreset, and re-install the application in a different directory... immediatly log and go to the settings page, carefully set everything and save it... then register as a new user and see what happens.
There is no reason that variable shouldn't get set. I mean I tested it just now with a fresh install of the version you are using and not only that... 1000's of people have been using that same code for over a year in the full version and no one has had this problem except the guy who started this thread who never populated the value.
My guess is still a problem with your "IIS application" for that web. It is not doing it's thing for some reason. When the settings page is saved and application variable gets set telling the config file to reload the variables as it doesn't do it every time to conserve resources.
If that isn't getting triggered and that variable isn't getting set who knows what else isn't getting set and it's not pratical going around hardcoding 15 important variables.,
Timecard Entry: 3/25/2006 1:45:09 PM
CHR conf. call - Nortel conf. call
Meeting minutes
PO's
, Excel lesson #11, Picked up mail and opened. Posted accounts, an. phone and customer inquiries., Still looking for some adrotator examples, More 911 work, Talked with Ed and looked up a few products, WWNYTV7 - Converting left and right view components to wrap-left and wrap-right components., NY FELT- COPNTACT TO FINISH WEB SITE AND FINALIZE
SEND INFO TO ADAM HUGHES
CONTACT LOIS FROM GOLFD RIVER REALTY
, Meet with Arthur Andersen; meet with Paul Barton, email, team meeting, worked on new PCBundle site (continued work on required and conflicts section), enter bills, cleaning up of switch room, , contact Christopher via e-mail re; Global Petroleum migration, very steady, At watertown office installing software on Bill M.'s new computer, Ron Dillon., Emails , Talk w/ Ed re:SWMF and asked him to reset H2O cam., incident report, cancellation of invoices, taking sign ups, quality checked sign ups, answering phone, callbacks from voicemail and checked emails. , Also checked email, rad log, online reports, and called expiring users., Creating for the Web Conference - Boston, moved stuff back into room. went through folders of old imcnet and ed stuff thrashing old bad stuff
, TI BAIT ADD NEW CONTENT TO WEBSITE, Seacomm- Set up corporate program with tara for laurel- 15 dial users
Sial withyos- left message for lenny- work order made f0r Jaosn 2000-50
Randy- set up meeting with WPbs- streaming video
Steve wood- miss new york pagaaaent
Martins marina- meeting set for Wednesdayat2:00pm-changes of rweb site
go over billing with michele for new york felt
martins marina
, E-mail & timecards - Seth - database - steve CG - Graters - lien, lunch, Nothing was down :-), batching and answering phone. ,
| 
