ok,

IE and firefox do some things differently.

It could very well have to do with MIME types set on the server for your website. pdf probably isnt set as a mime type which can cause issues with file streaming situations.

Mime types are either set in the IIS console for your web site under the http headers tab or you can try setting the content-type header to 'application/pdf' right on the asp page the does the streaming

see this article which shows how to do that
http://psacake.com/web/gj.asp

'Specify a MIME type such as "text/html", "image/gif" or "application/pdf"
Response.contenttype = "application/pdf"
'Useful in cases for unknown file types

You would want to put the code that sets the contentype as close to the top of the asp page doing the streaming as possible.

Hi, I have not gotten anything from you about it.

click on the PM button below and send it that way through the forums.

Thanks

Permissions and Folder Locations

By default and to keep things clean we store everything in folder called "data"

That folder then has it in 4 sub folders

database (where the .mdb and temporary .ldb files are handled)
export (where the aspprotect export files are saved)
logfiles (where the aspprotect logfiles are saved)
user_pics (where the user pictures are saved)

Doing it this way makes it very easy for a system administrator to right click on one folder and set permissions for that folder and all of it's child folders.

Now, that being said.. you do not have to use these folders.

For example if you already have a folder in your web with modify permissions for the anonymous webserver account then you can use that one folder to store all of the 4 things above.

You'd simply edit your data connection string to point to that folder and then edit the other paths in the settings area of ASPProtect.

We did it that way so you would have options in case your hosting company was being difficult with your ASP hosting needs.

User Information

After a user logs in there are variables that you can always access.
They can be used to check various things or to display information
dynamically based on who has logged into the system.

   Session("PasswordAccess")
   Session("Access_Level")
   Session("Admin")
   Session("Active")
   Session("Expiration_Date")
   Session("User_ID")
   Session("Groups")
   Session("Redirection_URL")
   Session("Password")
   Session("Username")
   Session("First_Name")
   Session("Last_Name")
   Session("Company_Name")
   Session("Email")
   Session("Address")
   Session("City")
   Session("State_Province")
   Session("Zipcode_Postal_Code")
   Session("Phone")
   Session("Custom1")
   Session("Custom2")
   Session("Custom3")
   Session("Custom4")
   Session("Custom5")
   Session("Custom6")

You can display them on a page at any time using Response.Write like so

<% Response.Write(Session("FIRST_NAME")) %>

or like this

<% = Session("LAST_NAME") %>

Yes, I was referring to ASP Protect.

I had about a dozen people access the same account, but it is highly unlikely that they would all try at the same time (unless there were several hundred people who had access). Having an enhanced login abuse would be nice.

this could go on forever...

if you want PM "private message" me info to log into your site.. show me the pages we are dealing with...

and I will take a look at it all...

CJW

You are not supposed to use "../" with a virtual include

Thats goes against what a virtual include is and makes no sense.
When using a virtual include you give the path as if accessing from the root of the main web / virtual directory

I find it very hard to believe it ever worked like that and if it ever did it was wrong.

Good Morning - I getting errors in my system log that says "404 file not found" for a number of files - Here are a few examples:

/aspprotect/password_admin/ drop1.gif http://cidra.easycgi.com/ aspprotect/password_admin/edit.asp? User_ID=181	4	0.28%
/aspprotect/password_admin/ drop2.gif http://cidra.easycgi.com/ aspprotect/password_admin/edit.asp? User_ID=181	4	0.28%
/aspprotect/password_admin/ left1.gif http://cidra.easycgi.com/ aspprotect/password_admin/edit.asp? User_ID=181

I ideas on how to fix this?  Note: The system seems to be working fine, but I want my log files as clean as possible. 

Thanks.  shirley

Weird things happening, when I upload using the vb method the image fails and error is that the image was empty.

Utilizing ASPUpload and after clicking upload file I get a blank screen, no preview, no nothing (it loads with the proper header/footer) but a completely blank body.

Any hints?

Thanks.

Nick

I do not think it it anything to do with the Application.

You most likely have some sort of ad blocking software that is doing it.

It is seeing the word "banner" or "ad" and blocking the images in your browser.

I doubt it is anything built into xp doing it. XP with SP2 has built in pop-up blockers but no ad blockers like that really. It is norton ad blocker or something of that nature.

Hello

I have a strange problem with the thumbnails in the ASPClassifieds.
If i upload some pictures in an ad, the 2nd picture always shows with an x, as the picture doesn´t exists. But if i click on the 2nd thumbnail, the picture shows okay. I haven´t changed enything from the original code.
Does anyone have any idea, where it goes wrong ?

With best regards, Erling Larsen

you basically have to edit the html in the links in the various pages and remove them... some are in includes files

use a text editor and be causious / back things up before you remove links so you can revert back

More Info in Case Anyone is Interested:

This bug was mentioned by a couple people. The cause of it was never really understood until I recently re-wrote some of the banner code for an upcoming version.

The fix for this bug was very simple. It was just one of those weird situations where code should have worked but did not. I added some code to do it a bit differently and it worked as it should have..

It really still makes no sense to me why it didnt work the way it was, but at least there is a fix.

ok... glad ya figured it out.

Yes.. for ASP server side code to run the page extension must be ".asp". I was gonna mention that but I guess I just didnt think anyone would do that.

no offense.. not everyone works with this stuff every day..

This is what it says in that thread I pointed you to

This zip file contains 3 sets of alternate files depending on your situation. You simply replace your existing aspprotect v7.x files with these new ones.

I really dont see what is confusing about it. I think I explained it all in detail in that thread.

any asp code that accesses an access database, writes to text files, or allows for picture uploading will need permissions set on certain directories

every application out there is going to need permissions set at some point

its just a fact.. and if your hosting company does not give you a way to manage permissions or have it done when you ask they do not know what they are doing and they are not supporting your asp hosting needs

see my article for more info on the whole process
http://support.cjwsoft.com/code/moreinfo136-1.htm
the part newar the bottom talks about hosting companies

Flash Code Generator

Until I have time to make one I suggest using the one on the banmanpro support site as it is pretty nice.

http://www.banmanpro.com/support/flashgenerator.asp

I have a customer who is asking the following:

... could you make a link from it to our website and is there a way to see what traffic goes from us to them.  They are going to pay a commission on sales, however I need to be able to track who views their site...

Wishful thinking or could you add code to track their IP address and display in the report section?  Not sure that would be enough to satisfy this request.   Suggestions?

Thanks, Lance

Help!.. I need to export the username and password fields to a mail merged letter so everyone knows their username and passwords. However whenever i access the database or do an export. The passwords showup as encrypted. Is there a way to access the list, un encrypted?

thanks

Sounds great, Sold!

Thanks Christopher!

I have tried everything to get your CJWSoft code working..I purchased the auto listings software and I am stumped, and actually you stumped my hosting provider, my database is stored in the database directory on the root.

I have even tried your ASPtest and still cannot connect.  My have connected other databases without an issue on this same host, I have named a DNS Auto for my database and ponted to that in my code  but get the following error you see at http://www.burkesauto.com and even when i try you test script found here at http://www.burkesauto.com/asptest.asp .

I installed the ASPProtect.NET project no problem.  I am using VS.NET 2003 on Windows XP SP2 (and fully patched).  I am able to build the project successfully, however I cannot debug the project.  I get an error "Unable to start debugging on the web server. The project is not configured to be debugged."  The web app runs fine just browsing to it.

I know this is an isolated problem particular to this project.  I have MANY other .NET projects that I can debug without any problems.  I have tried going into IIS and turn on the debugging for server-side script debugging and making sure my IIS application setting were configured correctly.

Can anyone shed any light on this at all?  Christopher, is there any reason I should not be able to debug this?  (i.e. the aspprotectlicense.dll)

Thanks,

K

The file check_user_inc.asp as the lines: (which include Session("groups")

 Here we set some valus about the user into session variables
   Session("PasswordAccess") = "Yes"
   Session("Access_Level") = CmdCheckUser("Access_Level")
   Session("Admin") = CmdCheckUser("Admin")
   Session("Active") = CmdCheckUser("Active")
   Session("Expiration_Date") = Expiration_Date
   Session("User_ID") = CmdCheckUser("User_ID")
   Session("Groups") = CmdCheckUser("Groups")
   Session("Redirection_URL") = CmdCheckUser("Redirection_URL")
   Session("Password") = RC4(CmdCheckUser("Password"), PasswordEncryptionKey)
   Session("Username") = CmdCheckUser("Username")

The conversion of a char data type to a datetime data type resulted in an out-of-range datetime value.

banner_redirect.asp, line 36

Database - MS SQL Server.

I have an asp page that includes other asp pages via an include.  for example:

snippet code: file name: collaboration.asp

 <table bgcolor="#bed1e4" border="0" cellspacing="0" cellpadding="10" marginwidth="0" marginheight="0" leftmargin="0" topmargin="0"> 
    <tr>
    <td>     
     <!--#include file="../../../filetransfer/directory_listing2.asp" -->
    <BR><BR>
     <!--#include file="../../../filetransfer/upload.asp" -->
    </td></tr>
   </table>

I can add the code below to collaboration.asp and it seems to work,but I cant seem to figure out how to protect the other files such as upload.asp at the same time. -- can you help?  - Note: as soon as I add the code below (and adjust the path) - I cant bring up the page.

This is the protection code I am using.

<!--#INCLUDE FILE="../../../../aspprotect/check_user_inc.asp"-->

Shirely

Please forgive any ignorance on my part.

Using the live demo, it seems that with the banner software my advertisers would only have access to reports, but no ability to upload banners, specify keyword triggers or zones, what have you. Is this correct?

The other thing I couldn't quite figure out, assuming I had a categorized directory on my site, is this system configurable to display different banners based on category? Perhaps through keyword triggers?

Thank you in advance for any assistance.

People who have the option pack have a new feature called groups.

Groups are meant as a replacement for using the access levels as they are much more powerful. Support for pages protected using access levels is left in tact for backward compatiability for a customers older protection code.

A customer recently told me groups could not be used like access levels and that 8 access levels was not enough. This is how I explained that groups can do everything access levels can do.



Groups can honestly do everything access levels can do if you really think about it.
Using groups and protecting pages accordingly you could actually create a system that basically worked identically to the way the access levels works.

For example..

You make 8 groups and assign users to them accordingly

Protection code on page allows access to groups 1-8
The aspprotect system generates this code for you…

<% GROUPACCESS = "1,2,3,4,5,6,7,8" %>
<!--#INCLUDE FILE="check_user_inc.asp"-->

In this case a user assigned to any one of those groups would have access..

Protection code on page allows access to groups 2-8
The aspprotect system generates this code for you…

<% GROUPACCESS = "2,3,4,5,6,7,8" %>
<!--#INCLUDE FILE="check_user_inc.asp"-->

In this case a user assigned to any group between  2-8 would have access..

Protection code on page allows access to groups 3-8
The aspprotect system generates this code for you…

<% GROUPACCESS = "3,4,5,6,7,8" %>
<!--#INCLUDE FILE="check_user_inc.asp"-->

In this case a user assigned to any group between  3-8 would have access..

Our home page is not showing up gives this error:

Active Server Pages error 'ASP 0126'

Include file not found

/Default.asp, line 246

The include file 'elib/articles/home_feature1.asp' was not found.