Blog Entry: 3/25/2006 1:47:29 PM
Chris,
2Checkout.com has added to their required cart parameters:
https://www.2checkout.com/documentation/newparameters.html
Do you have a version of 2checkout2.asp that will support these?
Thanks,
Nick
, Hi Chris,
I have a small problem, I have installed asp photo gallery pro on a hosted site, and after eventually getting them to modify permissions on directories it is essentially working, except that it won't delete pictures from an album. If I delete an album the pictures are left in the pictures directory, but the album is no longer displayed. If I then make a new album it is labelled incrementally... ie I had one album "album_ID_1", deleted it created a new album it is labelled "album_ID_2". I would have thought that the new album would be called "album_ID_1" ie taking the place of the deleted one. It seems to me that the delete album function isn't fully working either. My hosting comppany swears that the permissions on the pictures directory are set to full access for everybody. What have I done wrong?
Thank you
Nigel
,
I did the initial steps of downloading the sql scripts and running it in Query Analyser, tables created fine.
I can login for the first time. I exit from the browser and then I cannot login again. This happens for every user and admin.
I noticed that the values in the fields "Login_limit" and "Active" in the ASPP_Users table in the SQL changed to NULL and 0 when login and remained in those values after close the browser.
So iam just struck not able to log in. Pls advice.
, its one or the other... you cant protect upload.asp at the same time if upload.asp is included in another page..
I mean sure you can protect upload.asp from running when another page calls it by password protecting the page calling it.
And sure you can protect upload.asp by itself if it also runs all by itself. But you can not include the "check_user_inc.asp" more than once in any order of execution scenario. That includes pages being included.
Generally anytime a page is included in another that included page is not meant to run by itself and wouldn't produce any outcome if run by itself so this would never be an issue.
if you don't want "upload.asp" to ever be run by itself in that scenario put it somewhere in your web site that is not web browser accessible.
I would also suggest you look into using Virtual includes. It will save you a lot of time figuring out this sort of thing "../../../../../" becuase once you figure out the virtual include path you can use the same server side include from any directory level.
http://www.powerasp.com/content/code-snippets/includes.asp
, again.. more custom code work would be required to handle it
, Just to put an end to this thread here is the solution for anyone reading.
The permissions were ok.
The data connection string never got edited in the "dataconn_inc.asp" file so it was invalid the whole time.
Once that was corrected the application ran.
So really this whole thread was over not following the directions and not editing the data connection string...
, I finally spoke with someone who knew what I was asking for and they set the rights and all is fine.
Thanks for your help. Wish all business' had customer support like here
, Ok, I started the database tables from scratch. I did everything using sql enterprise manager and query analizer..
Same thing happens... certain passwords just do not work.
So I did a lot of testing and I have come to the conclusion that this has something to do with the regional settings of that SQL server.
Here is an example.. see the screenshot below.
Username "admin" password "petepetepete"
The top query done in Enterprise Manager is valid and shows the user.
The bottom query is also valid but it does not show the user.
And that is exactly what is happening from the ASP codes point of view.
Now, this means that even though that encrypted password is getting saved to the databse correctly this particular SQL server just cant deal with it from a QUERY.
It works fine on two different SQL servers that I have. It's just got to be something regional related like unicode characters not being dealt with correctly or something odd like that.
I tried changing the collation data for the "Password" field type on that SQL server and it looks right. I don't know what else to do but it is something about that SQL server. There may be a way to change the regional setting through the connection string but I cant find any articles on that right now.
One solution I have for you to get this working there is to eliminate the encryption factor then I dont think you will have these issues.
It's either that or find another SQL server with US type settings or use MSAccess. ASPProtect runs nearly as fast on Access as long as you do not have over 10,000 users or whatever. The system hardly ever accesses the database so it performance under MSAccess is always good.
Let me know what you want to do. I can shows you how to eliminate the encrypytion factor if you want to try that. I think if I make you a custom version of the RC4 function you can just replace that and then the system will use plain passwords.
Your call..
, The folder named Pictures permissions are set to your specs. It has jpg's that were uploaded per the aspphotogal instructions. But, the error message still appears and I am unable to access using aspphotogal.,
|
These Settings:
Picture upload feature settings. |
| Use_Picture_Upload |
< = value=True name=Use_Picture_Upload> Check this if you will be using the picture uploading feature. |
| UploadDirectory |
< size=60 value=C:\Inetpub\virtuals\aspphotogallery.com\Web\demo\pictu res name=UploadDirectory>
Example: "C:\Inetpub\wwwroot\ASPPhotoGallery\pictures"
Ask your server admin if you are not sure.
This directory needs proper permissions for the SAFILEUP component or the VBSCRIPT solution to work correctly. It basically needs to same permissions as the database directory would need when using Microsoft Access. |
| PictureURL |
< size=60 value=http://www.aspphotogallery.com/demo/pictures name=PictureURL>
Example: "http://p600laptop/ASPPhotoGallery/pictures"
This is the web URL of the the upload directory specified above. |
| Use_SAFILEUP_Upload |
< = value=SAUP name=Upload_Solution>
This option will enable file uploads using a component called SAFILEUP which is high end upload component available from www.softartisans.com. It is far superior in performance and reliability compared to the VBSCRIPT file upload solution.It is highly recommended for a busy site. If you enable this component and do not have it installed on your web server you will cause an error. |
| Use_ASPUPLOAD_Upload |
< = value=ASPUPLOAD name=Upload_Solution>
This option will enable file uploads using a component called ASPUPLOAD which is high end upload component available from www.persits.com. It is also far superior in performance and reliability compared to the VBSCRIPT file upload solution.It is highly recommended for a busy site. If you enable this component and do not have it installed on your web server you will cause an error. |
| Use_DUNDAS_Upload |
< = value=DUNDAS name=Upload_Solution>
This option will enable file uploads using a (FREE) component called DUNDAS UPLOAD which is a high end upload component available from www.dundas.com. It is also far superior in performance and reliability compared to the VBSCRIPT file upload solution.It is highly recommended for a busy site. If you enable this component and do not have it installed on your web server you will cause an error. |
| Use_VBSCRIPT_Upload |
< = value= name=Upload_Solution>
This option will enable file uploads using a pure VBSCRIPT solution. It requires VBSCRIPT version 5 or higher to be installed on the server. The solution usually works fine, but has been reported to cause memory leaks on XP machines. |
, Is there any way to make the ads in ASPClassifieds end on a day of the week. I would like all of my ads to end on Sunday night and was wondering if there was a way to automatically do that in the database??
Thanks
Dave
, Sounds cool.. post info when you get it sorted out
thx
hopefully someday I'll get the new version finished.. I just never seem to have time. Lately ASPProtect takes up all my time and now aspclassifieds seems to be in need of a new version more so than asp photo gallery
, Not sure what you mean about the path to the IIS files being
wierd...what else should it be? The wf directory is the root of
the aspprotect stuff for this project.
I assume the permissions need to be read, write at least. I was
looking at the permissions dialog from a file explorer and I see a web
sharing tab and a security tab. I look at the security tab but I
am not really sure which type of user I am looking for to add and give
permissions to so that I can get it right. Maybe that is not the
right place to set the permissions....
Sorry to be "windows challenged" but I am not super familliar with all
the different places to set various permissions for OS vs. IIS. I
looked in the "Internet Services Manager" and browsed to the logfiles
directory and looked at its permissions...is that the place to set
things up? I see a "directory" and "Directory security"
tabs...which is the important one? I made sure "write" was
checked and went to the directory security tab and enabled anonomous
access....still no logs are showing up. Restarted server a bunch of
times to make sure it took the permission settings. I logged in
and out correctly and incorrectly to see if a log would be generated
but no luck.
The physical path to the logfiles directory is set correctly in the setup tab in aspprotect... sorry to still be baffled.
How do I know if the filesystem object is disabled on the server?? I can copy and paste things in there...
Thanks!!
, its that server, it's way underpowered when it comes to running dynamic code and databases.. and that other app is probably stealing all the leftover odbc resources..... did you try doing the import on another machine running ASP? Thats the way to go.. I am afraid I won't be much help at the moment.. I am battling with a crashed system and a lot of lost data,
Both
the NET and Classic ASP versions of this application are designed for
fine granularity protection of individual apsx extension files.
ASPProtect.NET is not designed or intended to protect sub directories,
or non aspx content such as Adobe Acrobat .pdf files etc etc.
I
completely disagree with your statement that “most sites” have a login
box on the left hand side of the page. I suspect you thinking of the
ever popular php based forums and “Nuke” type CMS systems which are set
up that way but if you look at any site written entirely using .NET
that’s rarely if ever the case. (Granted I cant say for sure because I
personally haven’t looked at >50% of the estimated 18 billion + web
pages on the internet) Just off the top of my head www.CafePress.com
come to mind as a pure .NET site. If you take a look the login button
it takes you to its own login page there is not global login form used
throughout the site. Reason being that .NET introduced this thing
called a “view state” which is used to store things like your session
ID (and way more) and must be posted back to the server in order to
keep track of visitors. This technology comes in especially handy when
you have a web farm in place and your content is being spit out out by
more than one server at the same time
I
can think of loads of scenarios where the web servers need to know who
you are even though you are never directly contacting them via http.
This approach is a very smooth and actually very clever solution for
enterprise level websites that simply can’t be handled with a single
web server.
On
a practical level I know what you are saying but that application sets
up all sorts of things when a protected page is accessed and the user
is not yet authenticated. That’s the entire reason you need to put that
snippet of code at the top of a page you want to protect. That code
snippet calls the ASPProtect.NET class and runs through all the logic
to see if you are able to access the page. If you are the subroutine
exits and the server continues to process the remaining logic on the
page. AKA you are able to access its content. If you are NOT
authenticated ASPProtect will setup all the proper session and
viewstate info and redirect you to the login page for authentication.
You may have also noticed a parameter on the login page called
ReturnURL. The application looks for that info and if you do have a
user ID and password the application automatically redirects you to the
page you were trying to access in the first place.
Really
I have no idea what you are trying to do, but there is a world of
difference in how something looks verses how it works. Lets just say
there was a simple way to do what your thinking, what are you going to
do with that login form after the person logs in? Just keep displaying
it on the entire site so people get confused and don’t know if they are
logged in or not? Just that little part of the equation will require
making some changes to either ASPProtect.NET or your application will
have to have some logic built into it to stop displaying the login
forum.
It
sounds to me like your basically looking for a super simple 101 type
deal that allows people to sign up for an event and you the admin can
see that information? I’m guessing they can also log in again and check
out their details and see what event they signed up for?
If
that’s the case you’re trying to take a very sophisticated protection
application and downgrade it into something that would be one heck of a
lot easier to write all from scratch in about an hour.
Your
not going to be able to “plug and play” a simple form into a page and
turn that application as a magic universal login solution for a
website, while its 100% possible to use the application that way if you
choose, you need to check out the source code and plan your custom
integration accordingly.
, Javascript Popup/Pop Under Generator
Until I have time to make one I suggest using the one on the banmanpro support site as it is pretty nice.
Just dont use option 2 on that page as that is specific to banmanpro
http://www.banmanpro.com/support/popupgenerator.asp
cwilliams38291.614849537, Making progress. I have made the appropriate settings and now I have the option to upload. When I upload, I get the following message:
"Your upload did not succeed, most likely because your browser does not support Upload via this mechanism.
Your browser must support a standard called RFC 1867. Please check with your browser vendor for support of this standard"
I am using IE6 XP SP2. I also am using DUNDAS UPLOAD, ASPIMAGE.
I think I set permissions correctly bot not positive. I have given all auth to everyone for the database etc.
, Totally 100% depends on what you are doing.. you certainly can't be renaming any fields unless you plan on editing a lot of code that references them. Adding new fields is nothing to worry about.
Also, you really should post a question like this under the forum section for the application you are referring to as well as specify exactly what changes you are talking about. For example I don't even know what application you are referring to.
I sell about 8 applications., Glad your getting the hang of it.
no difference as far as that goes. It is just different ways to reference the server side include file and it's location on the server cwilliams38457.6019675926, [QUOTE=cwilliams]
Is that a real term or just something you named it cause they have like a zillion people using that SQL server?[/QUOTE]
yeah thats it, you buy into a part of the sql server so it's an sql server hotel...
, Not a problem. Have a good time at your wedding.
thanks!
, Parent Paths ?
http://support.cjwsoft.com/forum/forum_posts.asp?TID=5&P N=1
, A very common and extremely bothersome error encountered when running ASP apps that connect to a database is the "80004005" error. It comes in many varieties.
These articles cover it.
(an article I wrote)
http://www.powerasp.com/content/hintstips/permissions.asp
(more articles)
http://www.aspfaq.com/show.asp?id=2009
http://support.microsoft.com/default.aspx?scid=kb;en-us;3065 18
http://www.aspfaqs.com/aspfaqs/ShowFAQ.asp?FAQID=115
http://www.macromedia.com/support/ultradev/ts/documents/8004 005_cannot_open_unknown.htm
cwilliams38102.4447222222, humm.. can I possibly see this happening ?
any changes to that part of the code ?
, Regarding hosting companies..
Now.. obviously if you are hosting on someone elses server you may not be able to set permissions like this.
Ultimately, if you are hosting somewhere and ASP and Database connectivity is part of your hosting plan. It is the hosting company's responsibility to set these permissions for you when asked or to give you a special interface to do so on your own. If they are not helping you do this then maybe it is time to get a hosting company that is serious about your ASP Hosting Needs.
Also... JUST TO BE PERFECTLY CLEAR
The permissions we are talking about cannot be set via FTP or Frontpage access to your web site. They must be set like shown above or via a special interface meant to set the permissions correctly. For all you people out there messing with the permissions you see in FTP and Frontpage.. you are wasting your time and possibly creating problems in your web.
All ASP scripts that communicate with an Access Database, Upload Pictures, Modify Text files.... are going to need these permissions set in some way or another. We have no control over that fact.
cwilliams38360.69125, It sounds like permissions... to the database folder specifically
they are not correct
It could also be that your odbc drivers are very new and you are not using a new enough version of the access Database. I recommened using the 2002-2003 verison of MSACCESS
Now.. if using a SQL Server Database permissions to certain tables are handled in enterpise manager
cwilliams38303.5892708333, Haven't gotten to it yet. I do know there are a few customers using it to edit the app and said it was not all that different. Maybe they will chime in with some tips., I dont get it.. I am still looking into it..
I think this has something to do with your original experience when things would work and then not work.
something weird is going on
, Once you have the LANGUAGE = VBSCRIPT and Checkfor = 1 on your page,
you'll have it secured. I've got over 1600 pages secured in such a
manner, thanks to ASPProtect!
, Now, we can connect to the MySQL database with ASPBanner using the following connection string if we like.
"driver={MySQL ODBC 3.51 Driver};server=localhost;port=3306;uid=root;pwd=temp;databas e=aspbanner;option=16386"
But we really do not want to connect to the aspbanner MySQL database using the "root" account
So, lets make an account to use..
In MySQL Administrator select "User Administration"
Down below you will see the user "root"
Right click on "root" and select "Add new user"
Type in a New MySQL Username and Password
I am going to call my new user "aspbanneruser"
Hit the Schema Privileges" tab
In this case since I am using the root account to manage my MySQL system I am just going to give this new user account what it needs to use the aspbanner database.. you may want to apply more permissions to the new account, that is up to you.. I am giving the new user (select, insert, update, delete, execute) So I right click on the aspbanner and then bring over the permissions I need for it.. and hit apply changes down in the bottom right.
We can now connect to the aspbanner MySQL database using this new account like so.
"driver={MySQL ODBC 3.51 Driver};server=localhost;port=3306;uid=aspbanneruser;pwd=tem p;databas e=aspbanner;option=16386"
------------------------------------------------------------ -----
article still in the process of being written (3/14/06)
, I am trying to import a database into my list of registered
users. When I go the import_export_manager.asp page most of the
content is missing. All that appears is the first 2 lines of text
and a box. The rest of the page is blank. I have tried this
under 5 different browsers on 3 different machines and on 2 operating
systems. I also ftp'd the original .asp file with no success. Any
clues?
, This is what it says in that thread I pointed you to
This zip file contains 3 sets of alternate files depending on your situation. You simply replace your existing aspprotect v7.x files with these new ones.
I really dont see what is confusing about it. I think I explained it all in detail in that thread.
, That helped very much. Thank you. Hope you enjoyed your dinner., Ok.. glad you got it working., Here is what I have in settings.
| ServerSoftware |
Microsoft-IIS/6.0 |
| ServerName |
www.107threnegades.com |
| ServerProtocol |
HTTP/1.1 |
| PathInfo |
/gallery/gallery_admin |
| PathTranslated |
d:\hosting\arisky1\gallery\gallery_admin |
|
|
| FILE SYSTEM OBJECT |
Installed |
| ADODB (ActiveX Data Object) |
Version: 1.2 Installed |
| CDONTS |
Version: 2.80 Installed |
| SMTPMail |
Not Installed |
| JMail |
Not Installed |
| AspEmail |
Not Installed |
| AspMail |
Not Installed |
| SAFILEUP |
Not Installed |
| Dundas Upload |
Not Installed |
| ASPImage |
Not Installed |
| AspJpeg |
Version: 1.4.0.1 Installed |
| ImgWriter |
Not Installed |
|
|
| Script Engine |
|
| Type |
VBScript |
| Version |
5.6 |
| Build |
8515 |
I do not even see ASPUpload listed but when I run the test_asp_components.asp from the extras/more_component_info folder, it shows that it is installed.
, More info on the groups session variable.
Session("Groups") will contain the ID numbers of whatever groups the user is a part of.
It does not store the descriptive name of that group. It will show the same data that is actually stored in the "Groups" field in the database.
for example it might hold a value like this
*2*,*5*,*9*
meaning a user is part of groups 2, 5, and 9
so if you wanted to check to see if a user was part of a particular group you would do something like this
<%
If InStr(Session("Groups"),"*9*") Then
Response.Write("You are a member of group 9")
End If
%>
Taking this even further, if you really wanted to get a particular group's name or description you would have to query the database like so. In this case we ask it the name and description for group 9.
Group_ID=9
Set ConnPasswords = Server.CreateObject("ADODB.Connection")
ConnPasswords.Open ConnectionString
Set cmdTemp = Server.CreateObject("ADODB.Command")
Set CmdEditGroup = Server.CreateObject("ADODB.Recordset")
cmdTemp.CommandText = "SELECT " & tbl_label_groups & ".* FROM " & tbl_label_groups & " WHERE (Group_ID = " & Group_ID & ")"
cmdTemp.CommandType = 1
Set cmdTemp.ActiveConnection = ConnPasswords
CmdEditGroup.Open cmdTemp, , 0, 1
Group_Name = CmdEditGroup("Group_Name")
Group_Desc = CmdEditGroup("Group_Desc")
, good news.. like I said it is probably becuase aol blocks emails sent from IP's with no MX record in the dns system , huh? I think I just covered that as that is the way it must be done., Does ASPprotect support Paypal's Website Payments Pro option, where a user can use a credit card directly on a web site, without passing to paypal.com?
Nick
, Hi -
We are trying to set up ASPProtect 7 so that the user is redirected to a specific web page based on their group membership.
For example, immediately upon successful login:
Group 1 members are directed to page A
Group 2 members are directed to page B
Group 3 members are directed to page C
Users will only ever belong to one group.
We tried to use the Redirect_URL feature but it causes the browser to loop.
Could you let us know exactly how to do this. We are not ASP programmers and need to work from an example.
Thanks!
,
Timecard Entry: 3/25/2006 1:47:29 PM
Lunch, Meet with Mike at the Chamber, E-Mail, Voice-Mail, Trying to contact Cortel., I hate WIN 95., answered phones/email, and worked on a customer's computer., gogisco/mktinginfo, travel to wwti -50 with Seth Crimmins, Helped Ken troubleshoot Madrid POP. Circuit went down. Rebooted router and CSU and router again... seemed to fix it or Bell had a temporary outage., 185 Miles : Plattsburgh - Sackets Harbor, Working with servers. Supporting customers. Working with routers. Helping other employees., time spent, the rest of the night, working on NOC issues., 3161 & 3162 Nortel Passport Training, HAD TO GO AND MEET BEN AT HOME TO CONFIGURE ISDN LINE, Took more calls, one more Lowville person.
Still not too busy., Spoke to Seth regarding the Current WAN leads- conferenced called mcCadam cheese- Matt Davis for 384K frame, mail invoices and statements, Lunch, Budget for 2001-2002, Lunch, chow, Filing, little paperwork, etc., get supplies from Wesco, getting home, Not too busy... moments of steadiness but nothing that would build up much of a hold time. Mostly RNA's and FB's, Recieve Walker Equipment, lots of expires due to that one company being expired (I can't remember the name), Drive back to Clayton (275 miles), UPDATE GOGISCO SITE, Lunch, Checking e-mail. Talking with Techs, asking about the trends lately.,
