ALL FIXED.. tested with real paypal accounts and a live system
works perfectly

THIS FIX IS ONLY FOR PAYPAL SUBSCRIPTIONS

Download this file "ipn.asp" and put it in the "paypal_sub_signup" folder
2005-03-10_164645_aspprotect_subscription_fix.zip

Basically somehow an older version of the this file was in the original download archive.

I am VERY SORRY

Anyone who purchased ASPProtect 7 before March 11, 2005 should download this fix.

I just installed the software, but I can't find any place where I can see when users logged in, can someone please tell me where I can do this?

Thanks

no, there is not not.

If you wanted to to that you would have to add some code to check their album count in the database and not allow them to make a new album if they were at the limit.

Just an update,,,

the permission were all correct.... i left it and tried from my pc at work and it works fine... so i dont know what hahhpened.... thansk for your quick response

regards

Domenic

Sydney, Australia

(User Photo Upload Mod) for ASPProtect Version 7.x

This will allow an individual user to upload a user picture instead of just the admin.

Notes: This is a down and dirty mod. The user upload code was copied from the admin area and there are no safeguards. Meaning there is no limit on the file size a user uploads and there is no confirmation process in case something they upload is inappropriate. etc etc etc

If you want that you will have to work on that on your own.

Directions:
Back up your existing ASPProtect installation.

copy these files into your "users" folder

2006-01-24_111305_User_Upload_Mod.zip

Can I have the logon be in a top frame while having the protected pages displayed in a main frame?

Using frames with forms based authentication is not the best thing to be doing. Your much better off not using frames and using includes files to do a virtual frames sort of thing (search google) but if you are going to use frames I would suggest password protecting the frameset page as well as any pages it contains.

If you want to have a login form in a non protected top frame all the time.. that posts to a lower frame that is password protected.. you would do this
http://support.cjwsoft.com/code/moreinfo169-1.htm
but change the target of the form to one of your frames

personally though I think that would be a somewhat goofy setup to have going on


Also, how will it behave if a user moves in between a protected page to a public page and back to the protected page again?

As long as they have cookies enabled which is required for session variables to work... then you will have no issues because once they come back to a page they have permission to they will just be allowed in without login.. at least while that session is still active.. or for a longer time if they choose the remeber me option which keeps track of them with a cookie .

Really, the best thing to do is expirment and see how things behave.

ok.. There are various spots that call the end_date variable.  That is why I am asking.  Then incorporating it into the forms that have been developed, made me wonder.

Chris.

After I had you install ASPProtect I added the ASP protecting code to the top of my home page:

<%@ LANGUAGE="VBSCRIPT" %>

<% CHECKFOR = "1" %>
<!--#INCLUDE FILE="../../check_user_inc.asp"-->

Then I made my index.html page my login page buy using the script "Login form on a non protected page" on that I changed <form method="POST" action="memberarea.asp"> to <form method="POST" action="home.html">. 

When I try to log on to that page I get en error page HTTP Error 405 - The HTTP verb used to access this page is not allowed. Internet Information Services (IIS). I checked with my hosting company GoDaddy.com and they informed me that due to the fact that they do not have ASPProtect instaled on there systems they can not support it.  In recent conversations you told me that you have customers that do use godaddy and you products. 

Can you please tell me what I can do to get this working?

Thank you for your time and help.

Hallo,

Can I change the number of the access levels?

I want to have about 20 levels...

Glad it is working.. for anyone reading this the customer bascially did this
http://support.cjwsoft.com/forum/forum_posts.asp?TID=36& PN=1

That being said asp photo gallery actually has a few more places that send email that you going to need to modify as well. Off hand the reply to album, admin massemail, admin send email,and postcard features come to mind possibly as 3 of them.

using a multiple file search and replace utility like ReplaceEm would be the easy way to do all of this in one step and find all the instances

http://www.orbit.org/replace/

i've got a client who has handed me a 151 character banner URL, and i see that the database is designed to take 150 characters. i took the obvious step of just increasing the size of that text field in the database, but i still get this error when i try to enter the URL in the proper form field:

Multiple-step OLE DB operation generated errors. Check each OLE DB status value, if available. No work was done.

/banners/aspbanner/save_banner.asp, line 200

now, line 200 is just this:

If Banner_Link_URL = "" THEN
 CmdEditBanner.Fields("Banner_Link_URL") = NULL
Else
 CmdEditBanner.Fields("Banner_Link_URL") = Banner_Link_URL
End If

which tells me that something is blocking the assignment of that long value to that field, even though i believed i had extended the length of that field in the source database.

where else might i look?

Hello,

You are correct regarding what you noticed.. ASPBanner only allows one person to administrate. If if did what you are asking about it would probably cost more.
(you get the ASP source so if you really wanted that you could always add it on your own fairly easily, but it all depends on your skills)

AS for keyword advertising and different ads based on certain pages ASPBanner does not get into that. The main reason being performance as I built ASPBanner primarily as a performance banner rotation solution.
http://support.cjwsoft.com/forum/forum_posts.asp?TID=144& ; ; ; ; ;PN=1

Like that thread says, you could make different zones for different conditions.. then surround the banner calling code with if else logic so a different banner zone was called under certain conditions.

Regardless, if you really need something that has every bell and whistle. BanManPro is where it is at.

ok,

when you say "we have set up to use the Subscription services exclusively for all new members "

I am sorry to have to ask this again but what does that mean exactly ?

how was that accomplished ?

The reason I say this is because when a subscription is created by a user through the normal channels.. meaning they went to the paypal subscription directory and either started a new account or found their old one to start a subscription with.. either way the PayPal Subscripber ID that paypal assigns is added to the database for that user and the expiration date is set to null.

Now, that being said the function that sends expiration emails to users will NEVER send an expiration to a user that has info in their PayPal Subscriber Field in the database. I just double checked that.

So that is where I am confused ? How did all these users get set up to use subscriptions and not have the PayPal Subscriber ID field popluated in the database ?

Seems to me the only way this could happen is if you set some stuff up manually and the PayPal Subscriber ID for each user never got put in the database. That and the expiration date didnt get set to null.

Again, I am sorry to keep asking this but it just seems to me that something else must be going on that I am not clear on regarding how you upgraded these people to use subscriptions.

In the end I think the answer may be to manually make sure each old user now using subscriptions has their PayPal Subscription ID set in the database as well as their expiration date from before set to null.

I have just purchased ASP v7 and loaded.  Followed instructions.  Obtained codes not prob.  Get to single field login screen, enter password and following page appears:

Method Not Allowed

The requested method POST is not allowed for the URL /temp/aspprotect/password_admin/get_me_in.asp.

Added folder aspprotect under (temp web) folder - temp, but also tried under root folder of web site.

Still no luck.

Password Retrieval System

CDO.Message.1 error '80040213'

The transport failed to connect to the server.

/aspprotect/scripts/emailing_subs_inc.asp, line 174

This is running on Windows 2000 server.

Any ideas?

Warren

You should read my article on server side includes… the path to the include file must of course be adjusted depending on where in your web you are.
http://www.powerasp.com/content/code-snippets/includes.asp

You will also notice if you look at the provided example pages that the include paths have been adjusted to make sense.

If it is 2 directories down it should probably look different..

example:)   "../../checkuser_inc.asp"

It’s weird that if you are not getting an error because if the path to the server side include is wrong you should get a nasty server error.

Also..

The ASPProtect system and any pages it protects must also be part of the same Application in IIS. It’s the nature of forms based authentication. Do a google search if you are not sure what an application is in IIS.

Lasty…. If you are logged in at the time

Whether your current session at the site is still active… or you have the cookie set to remember you.

Well, nothing will happen… cause your already logged in and you will just see the page as normal.

Perhaps things are working and you just don’t understand that part ?

You need to go to the log off page.. log off… then close all instances of the web browser windows..

Then come back to the site… then see if it prompts you to log in.

Are you reffering to the number of the left of the users name in admin.

I thought it was a counter at first but that number only displays the number of albums they have set up.

Here is what I have in settings.

ServerSoftware	Microsoft-IIS/6.0
ServerName	www.107threnegades.com
ServerProtocol	HTTP/1.1
PathInfo	/gallery/gallery_admin
PathTranslated	d:\hosting\arisky1\gallery\gallery_admin
FILE SYSTEM OBJECT	Installed
ADODB (ActiveX Data Object)	Version: 1.2 Installed
CDONTS	Version: 2.80 Installed
SMTPMail	Not Installed
JMail	Not Installed
AspEmail	Not Installed
AspMail	Not Installed
SAFILEUP	Not Installed
Dundas Upload	Not Installed
ASPImage	Not Installed
AspJpeg	Version: 1.4.0.1 Installed
ImgWriter	Not Installed
Script Engine
Type	VBScript
Version	5.6
Build	8515

I do not even see ASPUpload listed but when I run the test_asp_components.asp from the extras/more_component_info folder, it shows that it is installed.

67	Upload	Installed	COM Details	Persits - ASPUpload
68	Image	Installed	COM Details	Persits - AspJpeg

I really do not know.. maybe it is a conflict with something else..

I run many instances of aspbanner on my servers and I have every item to log enabled for my iis log files... my stats server software which reads those log files (livestats and smarterstats) have never reported any 404 errors related to (aspbanner/those images)...

I do not know what is happening in your situation..

sorry.

If you are using an ACCESS Database try to avoid using a system DSN. They are much slower because they go through ODBC which then uses the Jet Drivers to access the database. They also have to do a registry lookup.

ttp://www.4guysfromrolla.com/webtech/070399-1.shtml

http://www.powerasp.com/content/database/dsn_vs_dnsless.asp



It's funny because in the 4guys article they ask the question..

"Hmmmm... so who was right, Microsoft or Wrox?"

I'll tell you who was right and who said it 1st.  It was me and I said it on my old powerasp.com site before anyone else ever did.

I found it out on my own by experimenting when I was the Systems Analyst for an large ISP. We we had web servers that were not running well. I didn't read about this solution anywhere because no one was talking about it at the time. Microsoft said use System DSN's so everyone just took their word for it.

I took a lot of heat for saying that back in the day but over time everyone started saying it.

Connecting user is dbo of database.

User_ID is primary key with auto increment identity.

SQL Script of current table:
CREATE TABLE [dbo].[Security_Users] (
 [User_ID] [int] IDENTITY (1, 1) NOT NULL ,
 [First_Name] [nvarchar] (100) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
 [Last_Name] [nvarchar] (100) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
 [Company_Name] [nvarchar] (100) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
 [Username] [nvarchar] (75) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
 [Password] [nvarchar] (15) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
 [Access_Level] [nvarchar] (30) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
 [Notes] [nvarchar] (1000) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
 [Admin] [bit] NOT NULL ,
 [Active] [bit] NOT NULL ,
 [Expiration_Date] [smalldatetime] NULL ,
 [Email] [nvarchar] (100) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
 [Address] [nvarchar] (100) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
 [City] [nvarchar] (100) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
 [State_Province] [nvarchar] (100) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
 [Zipcode_Postal_Code] [nvarchar] (20) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
 [Phone] [nvarchar] (20) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
 [Counter] [int] NULL ,
 [Last_Access] [smalldatetime] NULL ,
 [Login_Limit] [int] NULL ,
 [Custom1] [nvarchar] (255) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
 [Custom2] [nvarchar] (255) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
 [Custom3] [nvarchar] (255) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
 [Custom4] [nvarchar] (255) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
 [Custom5] [nvarchar] (255) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
 [Custom6] [nvarchar] (255) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
 [ValidateEmailCode] [nvarchar] (50) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
 [Date_Created] [datetime] NULL ,
 [Validated] [bit] NOT NULL
) ON [PRIMARY]
GO

ALTER TABLE [dbo].[Security_Users] WITH NOCHECK ADD
 CONSTRAINT [PK_Security_Users] PRIMARY KEY  CLUSTERED
 (
  [User_ID]
 )  ON [PRIMARY]
GO

Our webhost changed converted all sites from c: to d:, and without us doing anything else, our customers now get the following error message when trying to access our Classifieds site:

***********

Microsoft][ODBC Microsoft Access Driver] Not a valid password.

This means there is most likely a problem with the "ConnectionString" info that you specified.

If you are using a DSN-Less Connection with MSACCESS.

Check that the physical path to the database has been specified correctly.
It has to be perfect and correct. It cannot be specified using "http://" or by using "server.mappath".
It has to be specified like the following example.

ConnectionString = "DBQ=D:\Inetpub\wwwroot\advpass_pro\_database\passwords.mdb;Driver={Microsoft Access Driver (*.mdb)};UID=admin;PASSWORD=Xpass"

If this is running on an NT server or Win2000 Server make sure that permissions have been set on the database.
Only the server admins can do this. If you are not the admin you will have to ask for this to be done.

If you are using a System DSN

It is not set up correctly. Again, make sure the permissions have been set for the database and that the system DSN has been set up correctly by the server admins.

************************************************************ *********************

We did everything the web host asked us to do, that is, changed all references to the C drive to new references to the D drive, but the error is still there.  We also never changed any passwords (as far as we can remember).  Can someone please tell us where to look (also which file might tell us what the correct password is in case it has in fact been changed.

I've encountered another problem.  When i edit the link for existing banners and save it, the banner reverts to the old link instead of the new one.

The directory where the the database is located to rwed so the permissions is not a problem.

Any advice?

Thanks

This may be an old question ??? If it is please point me to the post or documentation where I can find the answer please.

When creating protected pages I am using the following to protect them:

<%@ LANGUAGE="VBSCRIPT" %>

<!--#INCLUDE FILE="/aspprotect/check_user_inc.asp"-->

But that is not working. I get the following error when I try to access the members logon page in the directory that I wish to add the pages to:

Active Server Pages error 'ASP 0130'

Invalid File attribute

/filelocation/filename.asp, line 3

File attribute '/aspprotect/check_user_inc.asp' cannot start with forward slash or back slash.

However if I create the pages in the root of the AspProtect directory and use a link to the same page that exists in the AspProtect directory and the following include:

<%@ LANGUAGE="VBSCRIPT" %>

<!--#INCLUDE FILE="check_user_inc.asp"-->

The pages work fine.

I really do not want to put all of my protected pages in the root of the AspProtect directory.

 I would like to mix protected and unprotected pages throughout the site in order to #1 make it easier to administer. #2 keep the AspProtect directory solely for authentication. And, #3 keep any user authentication pages out of the AspProtect directory.

TIA

glad it is working now

sorry ya had trouble.

The company that hosts our business web site has been impossible to deal with in assisting me in getting asp protect to work. Getting the rights set correctly took 6 days and then getting parent paths enabled has been impossible. There last response was simply this:

The includes were changed so that if your server does not support "parent paths"
' and the "../" that you could easily change a few files like this and make the
' includes virtual includes instead of file includes. We didnt make them virtual
' includes by default because depending on where in your site you put the application
' the virtual include path would be different. They are also much different on a local
' development server than they would be on your real server
'
' Here are some examples of what you might change these includes to
'
' If you put the aspprotect folder in the root of your domain at your server
' example: www.mydomain.com/aspprotect
' then you would probably use
'
' #INCLUDE VIRTUAL="/aspprotect/dataconn_inc.asp"
' #INCLUDE VIRTUAL="/aspprotect/config_inc.asp"
' #INCLUDE VIRTUAL="/aspprotect/scripts/emailing_subs_inc.asp"
'
' Or if you didnt use the aspprotect folder and just put the contents of it in the root
' of your domain
' then you would probably use
'
' #INCLUDE VIRTUAL="/dataconn_inc.asp"
' #INCLUDE VIRTUAL="/config_inc.asp"
' #INCLUDE VIRTUAL="/scripts/emailing_subs_inc.asp"
'
' It really all depends on what works for your situation
' If you want more information on server side includes read this article at PowerASP
'
' http://www.powerasp.com/content/code-snippets/includes.asp

I am assuming that they will not enable parent paths and I need to modify some code. I do not know asp. WHere do I modify the code for a server that will not enable parent paths?

Thanks,

D

upgrade pricing is here
http://www.aspbanner.com/purchase_unlimited_v8.1_classic_upg rade.asp

what is different
http://www.aspbanner.com/v8_notes.asp

the changes to make it work with MySQL were vast to say the least
more on that from an old thread
http://support.cjwsoft.com/code/code_info.asp?TID=37&PN= 1&TPN=1

just please remember use of MySQL is just not supported
http://www.aspbanner.com/mysql.htm

I can assure you it works well as I have people using it

Banners no longer show up on my site ?

If banners were working fine and now they are just not showing up.
1st check to see that you are calling a valid zone with live banners in it.
If you are then most likely this it what hapened.

The web server must have crashed or lost power and now the application variables are in limbo/not working.

I have seen this happen a few times.

Basically the application variable system gets messed up because it was not shut down properlly.

The way to cure it are as follows.

Edit and save a banner in the system. Hopefully that gets things going again.

Great software.

How easy would it be to copy the email address entered at registration directly into the login id field so that the user's email address is automatically used as the login id? 

Also, where in the code can I turn off the random password generator - I'd rather force people to pick something they can remember themselves.

Thanks,

Nick

Have SQL 2000 backend...
We just moved from Windows 2000 to Windows 2003, used import data routine in SQL to move data.

Logged into admin area. When adding new user, no record is created. However, editing record works just fine.

Any ideas would be appreciated.

I dont know about the unspecified errors. I really need more detailed information. (Since it has been working fine for quite a long time you might want to consider installaing the application from scracth again and see if you still get errors)

As for the log in not persiting. Did you by chance turn off cookies in your browser ? They are required for forms based authentication to function. Otherwise, yes you would need to log in to each and every page as you moved around.

Hello:

When using the Mass Mail feature and selecting the Users to ‘Active’ and the Access Level I want to send to the system will still send e-mails to the ‘Inactive’ users from the same Access Level.

In other words it sends to everyone in the Access Level regardless if you choose “Active” only.

Any ideas to correct?

Thanks,

-Ricardo

Hello,

My guess your having trouble setting up a system dsn because the database has a password set on it. Your hosting company most likely sets up DSNs without using the advanced tab which is where the authentication information goes. Or they have some sort of web interface for the customers to use that doesn’t allow setting up that information.System DSN’s are actually difficult to set up correctly when the database has a password on it. There is of course a password on the database for security reasons so if someone ever downloads it somehow they will not get your information.

System DSN’s are not the way to go regardless as you will see mentioned at our support site.

http://support.cjwsoft.com/forum/forum_posts.asp?TID=9&P N=1

You really should try setting up a DSN-less connection. It is the best way to go. They are easier to set up, perform better, and are less load on the server. Any host that wants it customers to use system dsn’s is not on the ball as far as server performance and server resource conservation goes. They are really asking for trouble down the road.

All you need to do to make dsn-less connection is the following.

Get permissions set for the folder the database is in (by your host)… then figure out the physical path on the server to the database by using server.mappath or you simply ask your host for the info.

An article I wrote on using server.mappath

http://www.powerasp.com/content/hintstips/physical-path.asp

Then your connection string will look something like this.. (of course you edit the path to match what server.mappath tells you. And you make sure the database name is correct)

ListingsConnectionString = "DBQ=C:\Inetpub\wwwroot\asplistings\_database\asplistings_ac cess2000.mdb;Driver={Microsoft Access Driver (*.mdb)};UID=Admin;Password=temp"

Another option would be to simply remove the password from the database using MSACCESS.. then try to connect to it using a System DSN without the password. If your host is storing the databases outside of your web in the root of the server then removing the password on the database is not that bad of a thing to do as there is no way anyone will be able to dload it from your site. Of course there is a still a performace loss when using a system dsn with an Access Database

ADODB.Recordset error '800a0cc1'

Item cannot be found in the collection corresponding to the requested name or ordinal.

/aspprotect/password_admin/default.asp, line 287

I'm doing an upgrade from an OOOOOOOOOOLD version (not sure if it was 6 or not) and it read my database OK prior to adding a new user. Now I get this error message. I was able to run the password encryption function OK, but I still get this error when I try to view the password_admin stuff. I can log in via the "get_me_in" asp page just fine, but I get the above error.

If I try to log in with my admin account, I get

ADODB.Recordset error '800a0cc1'

Item cannot be found in the collection corresponding to the requested name or ordinal.

/aspprotect/password_admin/check_admin_inc.asp, line 166

*****

OK, my question is this... if I retype all the info from the old DB into a brand new one, never before used, that would work, right? I only have 108 users, so that's about an hour of work. Or is there a 5-minute fix that I can try? I've done some messing around that got nowhere and returned all edited files to their original state, with the exceptions of the ones calling the DB location.

I'll start the C&P process and await your reply...

On a side note, I really love the new format and am excited about the new features. I'm not married to upgrading the DB and if copy and paste is faster (I just need first name, last name, username, password, email, and expiration date), then I'm using v.7 that much faster.

The company is called Eschelon - there customer service leaves a lot to be desired. I have contacted them again and they said that they require the account holder to manage permissions, they won't make changes. I wish they would have told me that a week ago when I asked them about changing the permissions. They haven't responded to me yet how I am to do that though.

Frontpage ext. are not installed.

Once I hear back from them about how I connect to manage rights I should be all set.

Thanks again for all your help!