Also.. if you want to customize each person's experience individually it really does not make sense to use groups or access levels for that purpose alone.

I mean, why bother making a group or access level for every user and worrying about keeping track of it all when you can just access the available session info about the user to create dynamic pages specific to that user.

http://support.cjwsoft.com/forum/forum_posts.asp?TID=198& ; ; ; ;PN=1

That is why that information is there.


You can of course use some combination of the two technologies as well should you have groups of users that you want to have a slightly different experience.

The ASPProtect v7.x Documentation is now available as a download in windows ".chm" format. (needs to be viewed on a windows based machine that can read it) If you are using XP with Service Pack 2 follow the instructions below or you will not be able to view the help file.

Download Documentation

You should save this file and then open it.
Just opening it from download may not work and you will not be able to read it correctly.

Please continue to check the support forum threads for the most up to date documentation.


IMPORTANT
If your are using xp with service pack 2 there are some new security features that can block the access of help files you download. So as far as the ".chm" file goes.. you have to download it... right click on it...go to properties... then  choose unblock down in the lower right corner ...then you can open and view the file correctly

No worries

then..

is there any way I can get rid of those information shown on User activity screen, so I can at least know who logged in current day?

thank you in advance

Hello,

I think you’ll definitely like aspbanner. It's very easy to setup and use and it should work great with your portal. 

You’ll have banners rotating in no time. All you have to do is add banner calling code in your pages where you want the banners to show. There are enough methods that you will definitely find a few that work well for you. 

BTW, there are actually 7 methods now as we have a new one.
Information about it can be found in our ASPBanner support forums

Yea.. that error is totally because the asp pages are looking for fields in the database that are not there.. and causing a nasty loop.

if using the option pack you must go over the directions very carefully...
Make sure everything works step by step..

After upgrading to option pack code you either need to upgrade the database from the base system or use the newer database provided with the option pack.

Then.. you want to test every function of the groups.. if pages act slow and seem odd... especially the groups page and edit users page..
Then your not using a valid database. Either you didnt upgrade the old one, are not using the new one, or your connecting to an older verison by accident and not realizing it.

That's pretty much it...

Okay thanks, I'll have to consider wether or not to go down the path of the upgrade or cut my losses as the Access cannot handle the pressure

It's just errored out again with the following message:

msxml3.dll error '80072ee2'

The operation timed out

/forum/banner.asp, line 15

Regards,

Dave

ConnectionString = "DBQ=C:\TradersReportsCom\aspprotect\data\database\ASPProtec t_access2002.mdb;Driver={Microsoft Access Driver (*.mdb)};UID=Admin;Password=temp"

I have already set the folder permissions as indicated in the documentation.

Upgrade from V6 to v7.x with an MSSQL SERVER DATABASE

1st of all, backup your existing ASPProtect files and database before performing this upgrade. Please be really careful while performing this upgrade. Version 7.x  is a highly advanced application compared to any previous versions. CJWSoft under no circumstances is responsible if you lose information or have website downtime.

BOTTOM LINE: (PERFORM THIS UPGRADE AT YOUR OWN RISK)

To do this upgrade you're going to need to have SQL Enterprise Manager and SQL Query Analyzer

That being said, on with the upgrade..

Open your SQL database in SQL Enterprise Manager

Regarding the following Tables

Rename "Users" to "ASPP_Users"
Rename "Groups" to "ASPP_Groups"

If you do not have a "Groups" table do not worry about it right now.

Now right click and DELETE the Config Table.
Yes, delete it..

Now, go into Design View for the "ASPP_Users" Table.

Rename the "Password" field to "Old_Password"
Be sure to spell it perfectly using the Underscore

If you have a "Groups" Field... leave it alone
If you do not have a "Groups" Field add one and make it a "nvarchar" field with a lengh of 255.

Now, we are going to add a few more new fields.

Add a field called "Redirection_URL" make it a "nvarchar" field with a lengh of 150.
Add a field called "PayPal_Subscriber_ID" make it a "nvarchar" field with a lengh of 100.
Add a field called "Newsletter" and make it a "bit" field
Add a field called "Password" and make it a "nvarchar" field with a lengh of 100.

Now close that window and save the changes..

Download these scripts.
2005-02-23_171110_aspprotect_v7_sql_upgrade_scripts.zip

Now open up SQL Query Analyzer
Connect to your SQL server.

Then load the script  "aspprotect_v7_config_table.sql" into the Query Analyzer.  Click the green play button at the top. If everything goes well the response should read something like this.

******************************************************
(1 row(s) affected)
******************************************************

Now, if you had a Groups Table your done with the database changes.

If you didnt have a groups table.

Then load the script  "aspprotect_v7_groups_table.sql" into the Query Analyzer.  Click the green play button at the top.

Now, go back to your database in Enterprise Manager and make sure all 3 tables are there and look ok. You might need to do a refresh or two to see them.

Now make sure an existing or new SQL user has (public / datareader / datawriter) permissions for all three tables. You reference this user in the asp code connection string so this user must be set up correctly. You may need your SQL server admins or hosting company to help you on this step as you may not have access to do this. You may not need to create a user and set permissions as the sql user you were logged in as to use query analyzer may by default get the correct permissions on anything you create.

Regardless, as you can see from this screenshot I have a SQL user called "aspprotectuser" and proceeded to set the permissions for that user. Under database access giving him (public,datareader, and datewriter permissions).


Now, you are done upgrading your SQL Server Database.

The existing passwords still have to be encrytped and moved from the "Old_Password" to the "Password" field

To that we have a special page we run in the application that will take care of that.

So, for now... go install the application, but using the database we just created.
Follow these instructions for the most part...
http://support.cjwsoft.com/forum/forum_posts.asp?TID=181& ; ;PN=1

When you get to the part where you finally get into the admin area and need to make an admin account you will notice that your existing user database is there but none of the users have passwords if you look at them in the edit screen.

That is normal. Simply do what the instructions say and create and admin account using a username that does not exist..

Then log off... then back in as that new admin account. If that works you are ready to convert the passwords.

This part is very easy.

You want to run a special page via the browser.

http://www.mysite.com/password_admin/convert_to_encrypted.asp

Replacing the part in blue with your website info.

Once you get the page running you will see a login prompt and one form field just like before with the "get_me_in.asp" page

You will need to paste the "PasswordEncryptionKey" value that you used in the "config_inc.asp" file in the form field and hit enter.

If all goes well you will see a page telling you to click here to encrypt the passwords and copy them over.

So do what it says... dont click more than once and wait.

Eventually it should say it is finished. So go log in to the admin area of the system using the new admin account.

Now edit some users but dont save... you want to see if the passwords are showing up. If they are the conversion worked. If you see nothing or a garbled mess it did not work and you made a mistake during this whole process.

If things went well backup and delete the conversion file below.

http://www.mysite.com/password_admin/convert_to_encrypted.asp

You do not need it anymore.

Once you are positive every thing is running smoothly and everyone's passwords are ok you can go in and delete the "Old_Password" field as well.



If things didnt go well.. try again from scratch and go slowly.
If they still dont go well get ahold of us for help.

We are here to help, but if you really want us to we can be hired to do the conversion.

This is a great article from my old powerasp.com site.
Connections And Server Database Permissions

yes, PM me the encryption and cookie keys if you don't mind.
I can add it to my combinations that cause trouble.

it might help me to figure this problem out.

Not a problem.  Have a good time at your wedding.

thanks!

It appears there was a flag problem. When reading it into SQL Server, it converted the True/False in Access to 1/0 in SQL Server.

Just wanted to let you know that after modifying the remote host string in the email pages and getting the correct connection from my server, everything is running fine.

I hope you enjoyed your vacation.

thank you
adam

Hi,

I don't see any good reason to rename any of those files.

Changing them though may involve changes to the code recompiling, etc etc... it is not something I support.

I would like to create a login form on the home page which will not be password protected to the site for members so that they can login right from the home page and not a password protected page like many sites have. And every portal I have seen.

Plus the login form looks really pretty and proffesional on the home page   ...

I can't find anything in the documentation that says how to do this or if it's even possible. Everything I have found says to password protect a page and then direct them there which isn't what I would like to do.

Here is the code of the login page which is an asp include file on the main page:

<html>

<head>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1252">
</head>

<body>
                              <td><img src="images/a026.jpg" alt="" width="187" height="21"></td>
                          </tr>
                          <tr>
                              <td bgcolor="#EBEBEB"><table width="100%"  border="0" cellspacing="0" cellpadding="3">
                                       <tr>
                                           <td><table width="180" border="0" cellpadding="0" cellspacing="0" bgcolor="#AAAAAA">
                                                   <tr>
<td><img src="images/spacer.gif" alt="" width="1" height="1"></td>
                                                         <td><img src="images/spacer.gif" alt="" width="178" height="1"></td>
                                                         <td><img src="images/spacer.gif" alt="" width="1" height="1"></td>
                                                   </tr>
                                                   <tr>
                                                         <td><img src="images/spacer.gif" alt="" width="1" height="1"></td>
                                                         <td bgcolor="#FFFFFF"><form name="form_login" method="post" action="">
                                                              <table width="100%"  border="0" cellspacing="5" cellpadding="0">
                                                                  <tr>
                                                                      <td width="53%"><input name="textfield" type="text" class="style-01" value="username"></td>
                                                                      <td width="47%"><a href="#" class="link-02">Forgot pass?</a> </td>
                                                                  </tr>
                                                                  <tr>
                                                                      <td><input name="textfield2" type="text" class="style-01" value="password"></td>
                                                                      <td><a href="#" class="link-02">Not registered?</a> </td>
                                                                  </tr>
                                                              </table>
                                                         </form></td>
                                                         <td><img src="images/spacer.gif" alt="" width="1" height="1"></td>
                                                   </tr>
                                                   <tr>
                                                         <td colspan="3"><a href="#"><img src="images/a027.jpg" alt="" width="180" height="15" border="0"></a></td>
                                                   </tr>
                                           </table></td>
                                       </tr>
                              </table></td>
</body>

</html>

Does anybody know what values I would put in the form to send the correct login to AspProtect. And, if I would have to add any extra includes or code to it.

TIA

I have been working on this. 2Checkout is like the most confusing and worst payment processing company on the planet. There are things about that page I just don not understand as many times as I read through it.

Doesn't seem like this stuff is mandatory just yet. (I asked)

I should have something soon.

How do I change the character length for the description field?

(Capcha Security Image Mod)

This mod will add a Capcha Security Image to the registration signup form.



Instructions:

Download the latest version of the ASP Security Image Generator from this site. http://www.tipstricks.org/

Unzip that download and copy "aspcaptcha.asp" and "aspcaptcha_distort.asp" into the aspprotect "users" folder.

Now edit "users/register.asp" with a text editor and add the code shown below in blue. The code to add goes near the bottom of the form right above the submit button. Just add the blue code. The code around it is shown to help you find the area of code where it gets placed.


    <tr>
      <td valign="top" align="right"><font face="Arial" size="2"><strong>
  Newsletter</strong></font></td> ; ; ; ; ; ; ;
      <td valign="top">
  <input type="checkbox" name="Newsletter" value="True" checked>
  <font face="Arial" size="1">Do you want to be subscribed to the
  newsletter ?</font></td>
    </tr>

    <tr>
      <td valign="top" align="right"></td>
      <td valign="top">&nbsp;<img src="aspcaptcha.asp" alt="" width="86" height="21" />
   <font face="Arial" size="2" color="#000000">Type the characters shown in image for verification.</font><br>
   <input name="strCAPTCHA" type="text" id="strCAPTCHA" maxlength="8" /></td>
    </tr>

    <tr>
      <td colspan="2" bgcolor="#FFFFFF">
        <p align="center"><input type="submit" value="Register"></p>
      </td>
    </tr>


ok, now edit "users/add_new_account.asp" with a text editor and add the code shown below in blue. Just add the blue code. The code around it is shown to help you find the area of code where it gets placed.

If User_Custom6_Used = True Then
 If User_Custom6_Required = True Then
  If  Custom6 = "" Then
   ErrorMessage = ErrorMessage & Server.URLEncode("You need to enter a " & User_Custom6_Name &".\n\n")
  End IF
 End If
End If
 
 strCAPTCHA = Trim(Request.Form("strCAPTCHA"))
 if strCAPTCHA = Trim(Session("CAPTCHA_" & Session.SessionID)) then
 else
  ErrorMessage = ErrorMessage & Server.URLEncode("You did not type in the verification info correctly.\n\n")
 End If 
 
If ErrorMessage <> "" Then
 Response.Redirect "register.asp?" & Request.Form & "&ErrorMessage=" & ErrorMessage
 Response.End
End If

Your done. You just added a Capcha Security Image to your signup form. If you would like a more distorted image that is more difficult for an automated program to figure out change the image tag to call the "aspcaptcha_distort.asp" page instead. It will look more like this.

You might just learn something and actually get your project finished before 2010

your over there hacking away on your virus infested WaReZ machine

LOL thanks for the good laugh-- i guess its time to do some reading and making my own mods to the program..

btw i never insulted cafrepress.. not sure where you got that from- just advised that what they have is exactly what i want to have done. How much for your service?

Another good tip is to make a copy of the "password_admin/default.asp" named whatever you like..

"default2.asp" would work...

then maybe add a link to it from the header_inc.asp file

then you can modify that one all you want and your will still have the original around.



That concept works for a lot of things.. for example you could make a copy of the "users" folder and call it "users2"  granted a few paths might need to be changed here and there but really not a lot. (how do you think the paypal signup folders were created, they started as a copy of the "users" folder of course)

You can even make a copy of the "check_users_inc,asp" file if you like. Then make a copy of the "scripts/login_form_inc.asp" file... then make your new "check_user_inc.asp" file reference it.

Then you can password protect pages using different versions of the "check_user_inc.asp" file. Why ? well maybe you want different looking logn forms for different parts of your website or you want to make a lot of changes to the "check_user_inc.asp" file and want to leave the original alone.

The sky is the limit really. When it comes down to it besides the actual guts of the "check_user_inc.asp" file ASPProtect is nothing but html tags and chunks of simple server side code that produce more html dynamically. What your browser ends up with is basic html. (some client side javascript in certain cases, but that is pretty basic stuff too.)

Hello,

I have ASPprotect 7 installed on my remote server.  I am able to go to the examples/default.asp page and login in without any difficulties.  If I copy the code from that page and paste it in a new page called the same thing but in a different folder, I get this error;  (Keep in mind that this is essentially the same exact page in a different location of the website)

Error Type:
Active Server Pages, ASP 0126 (0x80004005)
The include file '../../check_user_inc.asp' was not found.
/aspprotect/Pages/default.asp, line 3

I get the same error if I paste the "protection code" I have generated into the top of a current (.asp) page in my site.

Basically, the only pages that work are the ones that came with the program as examples.  Thats great, but now I need to make it work for my pages.  Any thoughts?

Honestly cannot comment much about v7 since it was just installed on a new server.  We have been running 5.03 for years so I'm looking forward to the new features in v7.

Lance

This first one may be an obvious one, but is it only .asp files that I can protect as in no HTML files.

Can the program be set to protect my whole https directory contents (though the answer to the last question may have bearing here - there are html files as well as .asp in there) as in http://secure.mydomain.com

Thanks in advance

I had not rebooted after installing the Jet driver updates, so I tried that and the asptest page worked fine, and said that all the tests were successful and that the data connection was setup correctly. I then installed aspprotect again, but with the same results. I cannot log-in from the get_me_in.asp page. It still says that it is opening the page, but does not respons for an indefinite period. The asptest page is in the same directory.

I have looked for alternate databases for this product on your site, but I cannot seem to find them.

sure, there are reasons AOL would block the email.. it might think it is spam or it might not like the fact that fact that a cdonts generated email has no MX records because it can not..

for more on MX records read my CDOSYS article
http://www.powerasp.com/content/new/sending_email_cdosys.asp


as far as the emails not being sent because notifications are off. I was not aware of that and will try to look into it.. Version 6 is no longer worked on but if I can find the time I will check that out

[QUOTE=cwilliams]actually, passwords can be up to 75 characters long in ASPProtect.
the only requirement when entered from a non admin user is that they are at least 4 characters long.

what does MSAccess have to do with this ? Are you trying to convert and old system or something? I noticed you created and "old password" field in there ? Is there something I do not know about as far as what you are trying to do?

Passwords in version 7 are encrypted so I hope you understand all of that and realize you can not enter or change passwords right from SQL server. Also if you import info you must handle that accordingly and convert the passwords to encrypted format. [/QUOTE]

First off, I haven't imported anything from MS Access.. The only reason I mentioned it is cuz I thought initially it worked with Access and not SQL server.

I am not converting nor entering any data manually into the db, nor have I changed anything in the way the registration is made (don't know where the "Old password" has come from? thought it was a function you made?)

Tony,

ASPBanner.NET was discontinued about 14 months ago. It is no longer supported in any way because quite frankly the classic ASP version is faster, more stable, has more features, and is a lot easier to install and get running.

If you PM me via the forum you are welcome to a copy of the current ASP Unlimited Version. It can serve banners to any type of page extension. All you have to do is ask for a copy.

Whether or not your existing ASPBanner.NET database is exactly the same structure I do not know, but I believe it is. You should compare the two if you plan to keep using the old database and make any neccessary changes so the old database has the exact same structure as the new version. If there are any differences they are very few.

if you use either of those options the mail server info you use must of course be valid (example: mail.somesite.com) your host can provide that info

you should also make sure your sending the emails using an account at your email server.. not some other email you have


other than that if it does not send emails it could be because your hosting company may require authentication for outgoing emails...

ask them ...

if that is the case the version of ASPBanner you have does not support sending email that way and you would need to add the necessary code to any places that send email... in order for emailing to work

I am confused.

Humm, how did ASPBanner 8 come with your purchase of ASPProtect ? That is not something I am aware of or something I do. Please provide more information on how you obtained ASPBanner 8. If I gave yu a copy for some reason please refresh my memory so I can go look up th emails about it. I need to know you have a valid license.

Now, as for the two not working together and the login screens messing with each other. I am even more confused. Tell me more as I just do not understand what you did ? ASPBanner has it's own user database and login system so there is no reason you should be mixing the two together as far as logins go. The two applications can certainly be in the same web together and not bother each other. ASPBanner can certainly serve banners to any pages you protect with ASPProtect or don't protect, but you certainly should not be protecting any ASPBanner code with ASPProtect code.  ASPBanner already has code in it to do that. If that is the case don't do that. ASPProtect is not meant to protect code that already has a login system. That should just be obvious as far as I am concerned and hopefully you dintn't try to do that.

(you said you just put the directory in there but there must be more too this than that)

But again, tell me more. I can't really know everything  ??

I just dont see how your ASPProtect pages could be effected by ASPBanner unless you really did something wacky like included the ASPBanner "check_user_inc.asp" instead of the one that comes with ASPProtect or overwrote it... etc ect

If in the same web aspprotect can be wherever and aspbanner needs to be in a folder called "aspbanner". There should be no conflicts under normal use and the two will essentially run seperate of one another.

You should read my article on server side includes… the path to the include file must of course be adjusted depending on where in your web you are.
http://www.powerasp.com/content/code-snippets/includes.asp

You will also notice if you look at the provided example pages that the include paths have been adjusted to make sense.

If it is 2 directories down it should probably look different..

example:)   "../../checkuser_inc.asp"

It’s weird that if you are not getting an error because if the path to the server side include is wrong you should get a nasty server error.

Also..

The ASPProtect system and any pages it protects must also be part of the same Application in IIS. It’s the nature of forms based authentication. Do a google search if you are not sure what an application is in IIS.

Lasty…. If you are logged in at the time

Whether your current session at the site is still active… or you have the cookie set to remember you.

Well, nothing will happen… cause your already logged in and you will just see the page as normal.

Perhaps things are working and you just don’t understand that part ?

You need to go to the log off page.. log off… then close all instances of the web browser windows..

Then come back to the site… then see if it prompts you to log in.