Blog Entry: 3/25/2006 1:42:25 PM
Hi,
I can't seem to find the code where it limits the upload file size. I want to limit the upload size to 1.5 mg for all users. Also I've noticed that the 500 pix doesn't seem to work. As in if an image is bigger than 500 pix the script still uploads it. i am using Upload_post_VBSCRIPT.ASP.
Thanks , If you want to have a login form on a non protected page that posts
to a protected ".asp" page use code like this.
Change the action of the form to the page you want them to log into.
Make sure the page you send them to is protected by the "check_user_inc.asp" file.
<center>
<table border="0" width="400" height="200" bgcolor="#000000">
<tr>
<td bgcolor="#F4F4F4">
<form method="POST" action="memberarea.asp">
<input type="hidden" name="Status" value="Checkem">
<p align="center"><font face="Arial">ASPProtect Login</font></p>
<div align="center">
<center>
<table border="0" bgcolor="#C0C0C0">
<tr>
<td bgcolor="#EBEBEB"><strong><small><font face="Arial">Username</font></small></stro ng></td>
<td><input type="text" name="Username" size="10"></td>
</tr>
<tr>
<td bgcolor="#EBEBEB"><strong><small><font face="Arial">Password</font></small></stro ng></td>
<td><input type="Password" name="Password" size="10"></td>
</tr>
<tr>
<td bgcolor="#EBEBEB" colspan="2"><font face="Verdana, Arial, Helvetica" size="-1"><input type="checkbox" name="KEEPMESIGNEDIN" value="True">Keep
me signed in on this computer unless I log off.</font></td>
</tr>
</table>
</center>
</div>
<div align="center">
<center>
<p> <input type="submit" value="Login"></p>
</center>
</div>
</form>
</td>
</tr>
</table>
</center>
cwilliams38411.453912037,
Are you aware ASP can run on any machine running win95/95,2000,xp pro, 2003. You really should test all asp code locally before running it on live servers but anyway... that is your deal
I am not sure if memory alone will be enough for that server but it could help. I saw a decent amount of free memory when I looked. Its just about an 8-10 year old system on every aspect (processer,OS,Hard drives, memory etc etc) and not only that something is tasking the heck out of the resources left over for asp database access. Something is just wrong. I don't know what it is but I am pretty sure it is not aspprotect. I got rid of my last nt 4 server about 4-5 years ago but the application always ran great on NT and I still have some customers using NT 4. Not many though.
if you email me the import file and the encryption keys you are using I will make a database for you.. just zip it up and send it to chris-cjwsoft.com
replace - with @ , Javascript Popup/Pop Under Generator
Until I have time to make one I suggest using the one on the banmanpro support site as it is pretty nice.
Just dont use option 2 on that page as that is specific to banmanpro
http://www.banmanpro.com/support/popupgenerator.asp
cwilliams38291.614849537, been working on this for about 5 hours today.. I think I found the problem and it involves a vbNullChar that the encryption process is creating only during login attempts
it then messes up during ASPProtect authentication because it blows up the SQL Statement to the database
like I mentioned before the chances off this happening are slim but possible as two people so far have been able to create the situation
I seem to have the HANNAH password working now using your encrption key
I need a little bit more time to clean up the files I have been working on. Then I will give you new "check_user_inc.asp" and "check_admin_inc.asp" files to try out , the following error message appears, but only when attempting to log off. all other parts of the program seem to be working.
[Microsoft][ODBC Microsoft Access Driver]General error Unable to open registry key 'Temporary (volatile) Jet DSN for process 0xa04 Thread 0xa38 DBC 0x21ff024 Jet'.
, ok, that probably means the physical path you have set for the logfile directory (in the admin settings area) is not correc t
the error pretty much means just what it says
, I am running .asp pages and using the longer code method to display flash banners on my site.
I have noticed a considerable decrease in the loading of my index page when I have a banner called. When I remove the banner, all is fine.
Any suggestions?
Dave , Great Thank you!
As of thus far the program is working rather nicely.
I am very impressed :) , 1st of all when I look at the site I see a lot of non US characters and I can see the regional settings of the site are foreign.
ASPClassifieds in only intended to run under US and Canadian regional settings as stated on the site.
Thus the BIG notice on the purchase page.
http://www.aspclassifieds.com/purchase.asp
It won't run right like that for a lot of reasons and it is not supported like that as that notice says.
The categories showing 0 is just one of the problems you will have.
If I help you fix this it will just lead to 4 more issues right after.
If you would like support with the classifieds application you need to run it on a server with US or Canadian regional settings like the site says. , ok, glad it is working, When did you download the ASPProtect Version 7 zip file ?
what did you enter as a wrong password to make that happen ?
does it it do it when other wrong passwords are entered ?
cwilliams38452.722037037, Hello Chris:
Yes I'm using the Option Pack.
-Ricardo , After turning off the friendly errors, here is the detail.
Active Server Pages error 'ASP 0131'
Disallowed Parent Path
/users/register.asp, line 16
The Include file '../dataconn_inc.asp' cannot contain '..' to indicate the parent directory.
ANSWER:
http://support.cjwsoft.com/forum/forum_posts.asp?TID=5&K W=Disallowed+Parent+Path+ lancem38310.6408101852, It is not something I did when I wrote the emailing sub routines. You would have to edit the email sub routine for CDONTS and add something to it most likely. The email sub routines are in the "scripts" folder in the "emailing_subs_inc.asp" file.
I am not sure you can do that when using CDONTS though I think you can do it with CDOSYS. You would have to do some research and edit the code like I mentioned.
, If you are developing using Windows XP Pro and running the NTFS file system setting proper permissions on a folder in your website requires that you 1st disable simple file sharing.
To do so open up "my computer". At the top open up "tools/folder options"
Then the "view" tab.
Then at the bottom uncheck "use simple file sharing"
After that that is done... using "my computer" browse to the folder in your web that you need to set permissions on.
Right click on that folder and then choose the "security" tab.
(If simple file sharing is on that tab wont be there)
Give the "Internet Guest Account" Modify Permissions
This will check all the boxes under modify as well.
You can also give permissions to the everyone account and accomplish the same thing.
BTW:
If you are using ASP.NET you need to give permissions to an account called ASPNET. It wont show up in the user list. You'll need to click "add" and then type in "ASPNET"
cwilliams38203.582337963, Protecting ASP Pages
To protect a page without using the Access_Level or Groups feature simply add this code to the top of that page.
Put this under the <%@ LANGUAGE="VBSCRIPT" %>
<!--#INCLUDE FILE="check_user_inc.asp"-->
This is an example of a File Server Side Include. You could also use a Virtual Server Side Include.
The following URL explains what Server Side Includes are.
http://www.powerasp.com/content/code-snippets/includes.asp
Now when someone runs that page they will prompted to login. They will not be allowed access to that page until they successfully logged in.
An example of doing this is provided in the "default.asp" file included in the root of the Password System.
Look at the source code with a text editor to see the working code. It is quite simple.
Protecting ASP Pages Using Access Levels
To protect a page using the Access Level feature simply add this code to the top of that page.
You simply specify the Access Level before the include file is called. In this example we are protecting the page with Access Level 4.
Put this under the <%@ LANGUAGE="VBSCRIPT" %>
<% CHECKFOR = "4" %>
<!--#INCLUDE FILE="check_user_inc.asp"-->
This is an example of a File Server Side Include. You could also use a Virtual Server Side Include.
The following URL explains what Server Side Includes are.
http://www.powerasp.com/content/code-snippets/includes.asp
Now when someone runs that page they will prompted to login. They will not be allowed access to that page until they successfully logged in as a Level 4 user.
Examples of managing Access Levels are provided in the "multiple_access_levels" folder included in the root of the Password System.
Look at the source code of the ASP pages in that folder with a text editor to see the working code. Again, It is quite simple to follow.
Protecting ASP Pages Using Groups
Please see the code generators in the admin are for the code to do that. cwilliams38403.6864351852, that's they way it should be done..
the only other thing would have been to test everything with sql before trying to import any data.. and make sure all was fine at that stage
more info on the errors would be helpful.
Id' also carefully visually compare the SQL tables and fields with the SQL scripts and make sure all field types and settings got set correctly.
Also, make sure the user accessign the database has datareader and datawriter permissions of course. , The pages in the ASProtect Full version that have emailing code in them are as follows.
password_admin/email_user.asp
password_admin/send_mass_email.asp
users/add_new_account.asp
users/email_password.asp , Not really. The way I thought activity would work is that I would always see the last 50 users. Not sure what controls that and why I wasn't seeing it, but it sounds like it is an IIS thing and since my site is not all that busy, it will not show the users if some process has reset the numbers. Not a big deal.
As for the log files, I think it is related to my other question regarding the export directory. I have the ISP looking into things at thier end to see if they are doing anything that could cause the directories to disappear.
Thanks,
Dave , I have written asp.net application pages- obviously i knew what viewstate was, or else when they made a mistake on that page it would not have saved their filled in info. Same thing for after they submitted, when they hit the back button their info would be gone.
For someone who wrote this software it seems you are not able to do simple things. Im begining to think you didn't write it. The only reason no one else asked this many questions is possibly because they didnt NEED the functions i am TRYING to do.
I know how the log boxes work. Esp. reg ASP... they all allow you to enter your username and password and then when you hit submit it gets verified and transfers you to your destination. ASP.NET has that capability also.. i didn't purchase a program to go and have to re-write it in visual studio. It would take me longer to re-write YOUR code than it would to have LEARNED ASP.NET and made MY OWN.
The program seems to have some great complex features, however, your not able to incorporate this easy login from a diff. page function... fishy , ok, I am home.. missed flight.. just got home an hour ago.
lets see.. I really need more info...
For starters are you using the delayed stats feature ? that is expirmental and could cause that problem , Chris,
When I set up a test user name it does accept name and passwords and the passwords are encrypted, no problem there.
All I want to do is to restrict access to the protected pages to the members only. Only those users will be accepted and allowed to view.
I have entered all of thier names, address, phone number, email and company in the database, which is still named ASPProtect_access2002.mdb and in the fpdb directory of wwwroot. To get it there I uploaded via FTP. I hope I expained the situation well enough. , I just installed ASPProtect on my site. The instructions were definately on the target. Very very good instructions.
But... Isn't there always a but ??? 
I needed to setup my site with MS SQL and it is hosted so I don't have Enterprise Manager. I tried the web based Enterprise Manager and any other one I could find. But, I kept getting errors when trying to use the SQL Script.
I finally had to go back to my work where we do have the licenses and get an SQL Admin to use Enterprise Manager to run the script and it worked finally.
I don't know if this is a common problem ??? But, maybe you would want to look at the SQL Server script or make a different version that would work with the Web Based SQL manager.
Thanks , humm, those are some very big images to be starting off with but I am not sure that would cause a problem under the importing scenario
what width are you having the system resize them to ?
What happens when you upload a image manually (one a t a time)
Also, try the import process out with some pictures no bigger than say 1024 and lets see what happens , It's not normal at all. My guess you accidently edited the code in a bad way.
(thats the same code the every guestbook in every application I sell uses including ASPGuest which gets downloaded for free about 50 times a day)
No one has ever said it acted funny.
I would do a default installation with the original code somewhere and see if the problem occurs. If it does I can take a look.
In the meantime I wouldn't be running that as it is probably using up massive processor time because of whatever is wrong with it. cwilliams38454.954212963, The album ID thing is completely normal and by design. Once an ID in the database is used it can not be used again. That is how autonumber fields in a database work.
As far as not being able to delete images... Are you by chance using ASP.NET to show dynamic thumbnails... Because if you are you must turn that feature off and wait 20 minutes or so (maybe more) before you will be able to delete any of the images. It is because the current version of the ASP.NET script used to make the thumbnails locks the images on the server temporarily anytime it creates a thumbnail.
It is a known issue... and there is no fix at the moment other than what I told you above. cwilliams38324.744525463, Sorry, you cannot, that is how it works and that is how it has to work for reasons I am not going to try to explain as it is pretty technical. (it works the same way even when not using paypal and using email authentication... nearly every registration system out there does it that way under an email authentication scenario or a PayPal IPN thing.)
Basically, if you are concerned about it you need to periodically manually check for accounts that were never activated and delete them. Maybe when I get some time some day I will make a little interface to help find those and clean them up at once.
, I have activated both activity and log files. The directories exist on my server and don't give any errors.
When I check the activity tab, some times there are a number of items in it. Other times, there is only my login info. From what I can see, it is supposed to show the last 50 items of activity at all times. Am I missing something?
Also, when I click on the log file tab, there is no file or information to see. Is there something I need to do beyond activating it in the settings area and making sure the directory has write permissions?
Thanks. , More info on the groups session variable.
Session("Groups") will contain the ID numbers of whatever groups the user is a part of.
It does not store the descriptive name of that group. It will show the same data that is actually stored in the "Groups" field in the database.
for example it might hold a value like this
*2*,*5*,*9*
meaning a user is part of groups 2, 5, and 9
so if you wanted to check to see if a user was part of a particular group you would do something like this
<%
If InStr(Session("Groups"),"*9*") Then
Response.Write("You are a member of group 9")
End If
%>
Taking this even further, if you really wanted to get a particular group's name or description you would have to query the database like so. In this case we ask it the name and description for group 9.
Group_ID=9
Set ConnPasswords = Server.CreateObject("ADODB.Connection")
ConnPasswords.Open ConnectionString
Set cmdTemp = Server.CreateObject("ADODB.Command")
Set CmdEditGroup = Server.CreateObject("ADODB.Recordset")
cmdTemp.CommandText = "SELECT " & tbl_label_groups & ".* FROM " & tbl_label_groups & " WHERE (Group_ID = " & Group_ID & ")"
cmdTemp.CommandType = 1
Set cmdTemp.ActiveConnection = ConnPasswords
CmdEditGroup.Open cmdTemp, , 0, 1
Group_Name = CmdEditGroup("Group_Name")
Group_Desc = CmdEditGroup("Group_Desc")
, Chris-
That appears to have fixed it!!! Thanks alot for your patience, I will never question your brilliance (or customer service) again! Where do I write you a smashing review?
Thanks!
, I have been able to successfully edit some text colors, but there seems to be one page that wont change the text color. Inside the users/ folder, the login.asp page, i cant seem to change the text color from ffffff to 000000 so it can be read on my background color. Every page in the script is correct but this one.
Thanks. , Yes, that’s all I wanted to know. The problem is on my end. The server is not creating the .NET site correctly. I think I got it working now. Thanks.
In case you wanted to know? The only reason I asked you is because you mentioned that you where having trouble with overseas piracy and my account is new. I figured it was my user error by just though I’d ask you first. Hope you have no more piracy issues and have a good rest of the day.
Thanks again for the quick response. , Hello,
no default setting for something like that... what your thinking about doing is on the right track I'd say , Using "Email Authentication" as a registration option you cannot do that. There is no possible way I know of to have a delay on the authentication email like that. Also that method is not intended to involve any sort of manual registration like what you are doing.
Because you want to review people manually you need to change to registration process to "manual" and then send the email out manually from the users screen after making a user active. , Hello,
Again, enspecified error are not very helpful.
An error usually tells you at least a line number and page or something.
Please read this as it might help do tell me more.
http://support.cjwsoft.com/forum/forum_posts.asp?TID=11& PN=1
As for only happening once in a while. It could be a lot of things.
Version being used (when did you purchase.. what name/email was it under and I can look) ?
What banner method being used?
Access or MSSQL ?
How busy the site is ?
Server Resources ? cwilliams38414.6114930556, do you have the url path to the registration page set correctly in the settings cause not having it there would do that ? , Some of our users complained that their users id and passwords are sent in the clear. So we decided to invest in an SSL certificate from Verisign. It has been tested fine with all forms and pages in ASPProtect version 6. The only remaining page which I am not sure how to protect is the home page. Let's say my home page is http://www.MyDomain.com/index.asp. When the user goes to this link he/she will be presented with the check_user_inc.asp page so he/she can enter their ID and PW. So how to make the login information send from this page thru HTTPS? , Is there a possibility to build in a option that the administrator will be notifed when a banner expired.
, You cannot use server mappath in the connecting string of the application. If you want to know why read my article.
http://www.powerasp.com/content/hintstips/physical-path.asp
Make your connecting string just like in my example.. do not use the oledb connection string either as it will cause other problems.
If you need to find out the path to the mdb file you can use server.mappath to get that info but do not put server mappath in the connecting string. See my article again.
then if the database folder has proper permissions and the path to the mdb file is valid it will work... otherwise you get useless errors, its really that simple.
You also may want to download ASPTest from www.cjwsoft.com it is designed to show a person how to setup a working data connection.,
Timecard Entry: 3/25/2006 1:42:25 PM
answer mail/email-
basta instructions for online store.
philip ward- st anns passowrd
messene chamber- stats tracker
dennis honeywell- left message
nancy navarra- web site changes
spca- andy- web site hosting
elegant antiques web site info , Telephone conferenc with Paul Barton and Waller Capital re warrants, fixed customer's pc, VIBITS info in an email and copies of license and cc to motel and copies to Crispin, Emails , PO finding things for the intern to complete, Working on errors I am still getting when saving property type configuration info for the ST LAwrence Board of realty. Also working on agent picture upload feature and looking over Pal Pilot export files specifications that Jeff Wood Sent me., worked on the numbers.txt file for Jim with all the new access numbers (still not completed, also need to add them to the access number database for the home pages), ASP Self-paced training, ch 7, Entered bills, TICC A/P, still dealing with network problems, and trying to get proed dominas changed, setting up new domains, call backs, email, 3 miles, sunrixe, invoices-web billing, phones pretty busy, went in spurts..., Register domain for mils cottages, and Lynns; doll cottage- problem with access website, Value- homes- site iwth Beth for set up - send email with password and username, John Doldo- answer quetsion go through set up for network solutions
Problem with computer
Chris Bryun;s- changes go over iwth peggy
Check voice email /email
Send robby email on status of site, Pretty busy... mostly email questions for the first hour, then got into the disconnects. , Checked RadLog and logged incidents., Fixing new calendar component so it returns weekday name of day selected or queried., payroll, Thanksgiving, Guy from CountryNow.Com driving me nuts about placing banner ads on Froggy97 site. Repling to message to let him know I am not changing anything on the site without a work order. Trying to contact Jumpin J` to see if changes/additions have been approved but not in., worked on creating work request system (internal billable), Marketing, Calls concerning e-mail and printing problems, very easy calls, customers very satisfied., Answered phones and did radlog., re-installing computer, Building reports for backbone and modem usage., wo's developed for miscellaneous po's and waiting for hb signature to file. conduit agreements copied and mailed to chr solutions.,
| 
