Blog Entry: 3/25/2006 1:46:24 PM
I assumed when it said "expected path" that it understand that was the default and unless I wanted it in a different directory I could leave that blank. I'm checking on it now.,
Hi Chris,
Alright. We figured out how to work with both C# and VB, by creating a separate VB web project in VStudio, and then passing the aspprotectnet.dll to the C# project.
Ok. I have another question:
How can our code determine the identity and user_id of the currently logged in user:
Is it Session["User_ID"].ToString() and Session["Username"].ToString()?
thank you
,
Humm.. that should have worked fine
why are you getting a "OLE DB" error I wonder ?
I need more information.
Database being used and version ?
Server OS Version?
Connection String being used ?
etc etc , I did not make a mistake.. what I typed is what I meant to say. I think maybe you are taking it the opposite way as I explained it.
Regardless,
What you want to do... logging them in under https and then having them continue though the site under http is not possible.
It doesn't work that. way. As far as the webserver is concerned https is a totally different site than http and each have their own unique set of application and session variables.
In a sense no different than www.somesite.com is different then somesite.com (each has their own unique set of application and session variables as well).
Now, because of the nature of Forms Based Authentication session varibles created under one will not carry over to the over and thus no password access if you switch over from a secure url to a non secure url.
If you want them logging in under SSL you need to keep them under SSL.
That is not to say there is some ultra complex scenario to mimic the session variables on the non secure side of things (possible with a complex http post to a non secure page from the scure page telling it what variables to create and set), but doing so means a ton of work and also has security concerns of its own. , Yes, as long as each installation is in in it's own web site.
(or at least in it's own application in IIS)
Meaning you could have 5 directories in your site each with the app installed as long as each directory got set as an application in IIS.
Remember, a license must purchased for each running install except for development reasons on local machines. cwilliams38400.5162384259, Hello,
It is very possible, however there may be some issues such as the session variables specific to a particular user would not be able to be created because there would not be a specific user.
I can't tell you exactly how to do it as it would probably take a few hours of messing around with the code to sort it out. Bascially, it's not something I could tell you how to do real quick and I do not support custimizations to the code.
But, it is very possible. You want to check the server variable for the IP address. The tricky part would be where and how this all just integrated into the "check_user_inc.asp" file , Hi Chris
Unfortunately the bl**dy server was down and unavailable for 17 hrs so I couldnt even get to see what the settings were!
It is on, the relevant users appear to have all rights for the data/tempstats folder.
I'm guessing you're going to suggest turning it off and see if the problem still appears.
Colin
, Ahhh, I see it, thanks that was the ticket.
, Actually, as far the "aspprotectnet.dll" file goes it makes sense because of the following.
The "aspprotectlicense.dll" is something we do not provide the source code for. We also do not compile it in "debug" mode because you not want dll's running in "debug" mode in a production environment and we also do not want that dll in debug mode because of reverse engineering reasons.
Now, that being said that DLL is no different than any other 3rd party dll "so to speak" that you would use in a project. Many of which will not be in debug mode and you will also not have the source for.
"Microsoft.Data.Odbc.dll" being an example
Regardless, there must be a way to do what your trying to do. I am just not sure at the moment. It is nothing anyone has brought up before and I personally have never had any issues like that when I work on the application so I am just not sure.
It probably has something to do with the way you set up your project., humm, I am curious
If these people are employees and sales reps why are are you using expiration dates at all ? and why the renewing issues... etc etc
I am sure there is a reason but you did not explain.
it might help me to better understand and possibly think about new features for new versions in the future., Hi,
Sorry, but the way the system works you can not call an individual banner like that. It just not something the system was meant to do.
If you wanted a specific banner to show up at all times you would have to make an individual banner and a zone just for that.
After looking at your site since you have so many banners there I dont know if that is the greatest option for you. It would also put a lot of stress of the Version 7 software because it is not really meant to call so many banners zones at one time on one page.
If you could live with tracking clicks on the home page but not displays I would suggest making banners for the home page in one zone. Then hard coding the banner images into your homepage like you already do but linking to the tracking part of aspbanner instead of where they would usually link to. That way you could at least track clicks and there owuld be no performance issues.
for example.. one of the images might link to
http://www.poconocommuter.com/aspbanner/banner_redirect.asp? Banner_ID=4
which would track clicks for you.. and then send then wherever they are supposed to go
, We are using this photo gallery to manage galeries of all the prodcut
lines we carry, we have no use for users to be able to sign up so i hid
that part of the pages, what i am wondering is how can i hide the rest
of the navigational links and still be able to get logged in to
admin. Here is a link to the unfinished demo site.
http://www.scs-cases.com/photogallery/
, Just installed sofware everything works fine except I see no way to upload any photos. There is no reference or link to allow an upload on any of the asp pages (I have surfed them all). I am sure it is something simple, but I am not aware. I am using SQL2000., The count is in the album area where the small pictures and description of album. Viewed 1 time(s) This count never changes.
Thanks
John , here is the next response to this which was emailed to me but should have been posted here
From: Mo Afifi
Sent: Sunday, October 23, 2005 4:47 PM
To: CJWSoft Support Info
Subject: Re: CJWSoft Support Info : SSL - Verisign Certifcates
Hello,
Thank you for responding to my posting. In the second line of your response you said “not start them off at an http:// url". I think what you meant is to "not start them off at an https:// url". If this is your intention then I agree with you 100%. I have revised my pages so the users will go first to a non-https page and then make a choice either to use secure or non-secure access. Please note that the site is not intended to be completely SSL protected but only the sign up pages. I have another problem though when I click on the "Secure Log In" and enter my log in information; the entire subsequent URLs will have https:// in them which I could not shake off. As I said the intention was to use the https for sign in only.
I realize that this issue does not have any thing to do with your product, but any input will be appreciated. Best,
, I'll try to help when I get back tues night,, see the contact page for info on where I am
http://www.cjwsoft.com/contact/default.asp?Subject=CJWSoft+G eneral+Inquiry , I really do not know for sure, but I imagine there are customers using their windows hosting. Usually I do not know what hosting company a customer uses and I am usualy the only one that responds to forum questions.
Why not download the current Free lite version and try it out ?
CJW
, Hi,
In my search for a product to administer my banners I came across ASPBanner. In my site: http://www.lovenest.co.il I have 3 locations for banners:
In the top section a big banner and a small banner
At the bottom a serie of 5 banners.
My question: is it possible to place a list of banners (let's say 8 banners) and randomally pull 5 banners each time the page loads?
If yes please explain in detail.
Thanks. , hi,
Sounds like permissions.. the text file that the config file data is not being written to.
open the file "data/config/aspbanner_unlimited_config.asp" with a text editor and see if your values are getting saved.. if they are not its permissions to that folder and file as far as not saving config settings goes.
You may also want to check out "data/show_path_info.asp" which if run from the browser has info on manual/alternate setup scenarios.. as far as what directories you put things in and also editing the config file manually.
lastly make sure the filesystem object is not disabled by something like norton script blovking or something similar which can also cause trouble regarding writing to text files.
, Chris,
2Checkout.com has added to their required cart parameters:
https://www.2checkout.com/documentation/newparameters.html
Do you have a version of 2checkout2.asp that will support these?
Thanks,
Nick , I run F-secure on my laptop which has the anti-virus and firewall modules, and the servers aren't running anything like that. , Okay Chris, I wold like to get rid of the encryption then if it's not too much trouble.
I have no option of running the production server against an ms access db, since the db needs to be online and accessible from another system. , UPDATE
Version 8.1 has code generators for these new methods built in... , well, I need more details..
you got SQL server or data connection issues is pretty much the bottom line
If I remember right we went down this road with a SQL setup quite a while back (auguest 2005) and that never really got resolved
here it is
http://support.cjwsoft.com/code/code_info.asp?TID=321&KW =yiak
, Hi Chris:
Is there a way I can include the username and password in the URL of a protected page to gain access to a that page without going through the log-in page?
I'm not quite sure what the syntax would be in the URL.
Warren , that variable comes from the settings acreen in the admin area. If you do not have it set properly things like what you are describing will happen., ok, now were getting somewhere
I didn't know you imported from another system,
chances are you are missing field information that an ASPProtect user requires.
Start off from scratch with a new aspprotect database... create a new user and look at the info that gets entered by default for every field in the database
make sure when you import a user that you mimic it all
dont import directly using access because the passwords will not get converted to encrypted versions of themselves correctly.. and the whole process will be usesless as no passwords will be correct
Use the import feature built into ASPProtect.. because it is smart enough to take the clear text passwords and encrypt them accordingly
if you want to know a correctly formatted import file needs to look like make one and check it out
do one user at a time and make sure you can log in to an example protected page till you get it right...
once you get that working do them all
Thats really the best advice I can give you. , Thanks for that. The upload size is just as effective and possibly a better solution to maintain server space.
What about individual gallery permissions. So only 1 member can post in only 1 gallery. I have a forum of 500 plus members so if they want to add a gallery than setting a permission would be idea for each gallery. , It's seems to work fine after renaming the file, rebuilding the application, and editing the web.config file to point to login.aspx. It looks like I can use your fine product and thanks again for the help. It was unusually easy. Merry Christmas… , Guess who!
I have a user/client who can't access stats. Even when I give them a
new username, I get the message that their username has expired.
In the notes of the account it says "Level 1 access" and I can't
figure out what that is and where it is edited or set or even what it
means. Seems like I must have hit something somewhere that goofed
up this account. I could just delete the account/user and set it
back up but I'm worried I'd just make this same mistake later and
figured I'd get the info on it. Any ideas?
TIA! (So far, I'm VERY happy with this product)
Laura
, I down loaded your latest ASPProtect.NET_v1.4 and now when i try to get in the admin area it won't let me in. The admin box is selected in the database under the admin user and i can update my user information (password and Address, not username). Is there something that was changed on this version or is it more likely user error on my part? What do you think i should try first?, The setting I am most interested in is what you have for the "Pic_Max_Image_Width" used when the image resizing components resize the big image
setting it to nothing or zero could cause this
, ok, here is what is going on
you are password protecting an ".asp" page that requires querystring info to run correctly (example - "somepage.asp?ID=3"")
that is something I never intended anyone to do.. while it does handle and repass the querystring info along during successful login it does not re-pass that info during a failed login as you have found out
this is all by design.. the only reason the system re-passes the querystring info at all is because I wanted to make it smart for the sake of the remember me/cookie feature.. so if someone was using that and bookmarked a page deep in your site with querstring info...then when they went back to that bookmark they would get authenticated and still see the page as intended with the querystring info in tact
it was a nice feature never intended to handle any situations other than what I just described...
now...
notice the url in the browser after failing a login.. then logging in successfully.. it is missing the querystring info
that more than anything is what is going on.. browser caching can cause some confusion when dealing with this because the browser likes to return you to the page minus the querstring info... when that happens a simple browser refresh at that time may very well solve the problem and then you see the page you are supposed to see...
To avoid all of this...
One solution to this is to always start people logging in to an ".asp" page that has no querystring info. That way this won't happen. Once they are logged in you can then offer them links to the pages they need to go to. (you of course still want to password protect those pages)
Another solution is to log them into a page with no querystring info and then do a response.redirect to the page with quersytring info.. thus accomplishing the same thing but without the possibility of the issue because of a failed login.
Another solutions is to do checks in your asp page for missing querstring info.. and if it isn't there do something about it like send them somewhere else.. or display a message about there being an error... etc etc
So,basically you don't want to tell people to login into such and such page with querstring info... and providing a username and password..... You can do it but like you found out it can cause an error if they mess up logging in the 1st time. The system just was not designed to handle that. There are complex reasons for that involving security that would just take me too long to explain.
I hope this makes some sense to you.. it is very hard to try and explain , OK, well, that error is pretty self explanatory really. There isn't anything else it could mean.
What you showed me in that screen shot all looked correct, but still permissions to that file just can't be correct. The paths are correct. The path to the file looks correct. The ASPNET (ASP.NET) account looks correct.
I would try settings permissions directly on that XML file. Perhaps child permissions did not go through the way you intended. (the advanced tab must be used for that) If that doesn't work try giving ASPNET and Everyone full permissions on the file directly.
Possibly check the paths in the web.config file just for the heck of it.
Last case scenario, you can edit that XML file directly instead of using the screens in the application. Of course if that file does not have correct permission chances are other things like log files will give you issues as well.
That is all I can think of right now. , I would highly suggest setting up a DSN-LESS connection.
That system dsn is most likely the source of your trouble It is probably that or permissions are still not correct.
I can't tell you how many people have had trouble with system dsn's and finally set up a dsn-less connection and everything then worked as it should.
The location of your database is fine as long as permissions are truly set correctly like I mentioned.
Also, be sure you are setting the database type correctly in the dataconn_inc.asp file. That can cause problems as well as some people have been known to delete that line.
See my articles...
http://support.cjwsoft.com/code/moreinfo9-1.htm
http://support.cjwsoft.com/code/moreinfo136-1.htm
http://support.cjwsoft.com/code/code_info.asp?TID=40&KW= system+dsn ,
ok, here's a test page:
http://www.galvinelectricity.org/download_link.asp
user: test
password: test
Our company just got new computers, so everyone here has the same set-up, all Dells, all about 3 weeks old, all Windows XP.
But I did realize after reading your post that I am using Firefox and everyone else was using IE. When I used IE, I was able to duplicate the error.
But, alas, I am unable to resolve it. Client will be using IE, no doubt.
, well, like I said.. I am leaving in about 5 minutes for the wedding.
If you put this up on a live server that I can connect to I will look at it tommoro for you. I have told you everything I could possibly tell you so I dont think your going to figure it out based on the things you have told me so far.
Only other thing I can think of is make sure your not running anything goofy on that server 2003 box. Norton Antivirus script blocking... various ad blockers.. anti spyware applications... etc etc... They can cause problems as well. , you password protect an asp page in your site "where that is is up to you"
http://support.cjwsoft.com/code/moreinfo171-1.htm
then you link them there from your own pages
thats all there is to it
is that what you are asking?
Additionally...any page you password protect automatically becomes a login page... where you want to start and where you send them after or before login is something you have to handle on your own
Any pages you pasword protect will prompt the user for login info if they are not yet logged in that is.
Then once logged in it returns them to the same page they are showing the page content as it would normally appear.
cwilliams38455.7128356481, Is this the full version 7.
Did you make any changes to the code ?
Is the User_ID field still an autonumber field in the Access database ?
I do not see how this could happen unless somehow the autonumber field setting for User_ID was changed in the database? , I noticed that is grabbing the wrong URL for some reason. Even when i mouse over the URL its somehow getting the users sub directory. How.. i dont know... when i erase that users in the url it works perfectly.
I am looking at the code in the .vb file and i dont see anything that could be causing it to do that... but then again i am no programmer LOL
Its obviously kicking in that users subdirectory somehow... what are your thoughts? ,
Timecard Entry: 3/25/2006 1:46:24 PM
derferiet paper- sign contract- go over inital informatin for web site, working on new password protection code for new MLS software., Meeting with Randy and Jim referrence current projects that I am working on with Randy and server setup, e-mail / logins supply cab arange, Carthage Savings _Banner Ad, messages from statements, Trouble shoot mail routing issue, Dealing with Bell Atlantic regarding Dr. Maresco's (St. Lawrence Radiology) curcuit in Hannawa Falls. Curcuit #36YBGA260957.
Ticket #DC062360, which can also be referenced with 53280., Lunch, got some java script stuff going, Defragged/compressed PC drives for more space, Prepared Meeting Material, general dmin
Keaen montroois info for meeting with studnets for jcc,
Ross associates- looking for pasword for network solutions
\Bob Nelson- go over iwth Jason
Ed huber- domain name
Jenna register domain name for nort country childrens clinic
Remington museum- problem with email, have tim check it
Mike clark - new emails accounts
Tanya- fax infoLori scheer- left message for 13 statesMoby dick charters- infofor billing and go over opricing and info with dawn, read through all of the pamphlets that I brought back; made notes on my To Do list of stuff to follow up on., cleaned the 2nd floor hearld building - , Did realtor.com export files and FTP'd them to Realtor.com for nnymls, work on JCC wireless POP, trying to setup stuff phone called etc, Took tech calls, checked DUI, RAD, AUAQ, and Voice mail. Called users back on RAD, DUI, and Voice Mail. VERY slow., Herald Building Ground System, lunch, radlog, dial up issues, email, cleanup.
, pulled up screenshots to layout for large signs, Beth wants to have all banners/signs mounted in some fashion, I want to wait for Jason to come in to make the decision on how to best go about it , worked on minutes and filed payroll and sorted mail that came from Watertown, Moved to the new building. learned new phone system and taking billing calls, Alarm didn't go off. Came in late because no one contacted me. Doug and Heike had the old schedules. Alan came in, so he worked my shift, I worked part of the morning., Return to VT, Task Force (Vermont), posted Watertown mail, sent email for additions to bullets and activities, get info ready for clayton chamber of commerce- check voice mail .email
check ,
|
