Blog Entry: 3/25/2006 1:35:58 PM
Chris, and all who read this post.
Don't run away!
I believe that perhaps I gave Chris good cause for this post to be created
. But dont fear
.
When it comes to most languages I am a newbie, let alone ASP.NET. I did not choose to have an application for my site to be built in ASP.NET. However it was and I had paid for that program and it needed protecting!
Now I did have a few problems, however NONE were with ASPProtect.NET. It is brilliant. NONE were with Chris and the support he provides. I believe he must work 24/7 judging by the speed of replies and the timezone differences.
In the end all the problems were down to MY typos and a web host who insisted that any problem was a conflict and not their server set-up.(which it was!)
Having eliminated the typo and changed web provider to a less arrogant company. ASPProtect.NET installed and ran out of the box. Truely impressive.
As a newbie it is not something I would like to do again. But with help from Chris and from a friend with ASP.NET knowledge any issues were very quickly resolved.
An A+ recommendation for CJWSoft. I love it!
, No luck...this is the message
Return To Import / Export Screen.
Active Server Pages
error 'ASP 0113'
Script timed out
/members/aspprotect/password_admin/upload_post.asp
The maximum amount of time for a script to execute was exceeded. You can change this limit by specifying a new value for the property Server.ScriptTimeout or by changing the value in the IIS administration tools.
,
Chris, if there is no way to change this, I understand. I just though maybe it might be possible and I can't find out if i don't ask.
Thanks Chris.
Let me know.
-john
, Banners no longer show up on my site ?
If banners were working fine and now they are just not showing up.
1st check to see that you are calling a valid zone with live banners in it.
If you are then most likely this it what hapened.
The web server must have crashed or lost power and now the application variables are in limbo/not working.
I have seen this happen a few times.
Basically the application variable system gets messed up because it was not shut down properlly.
The way to cure it are as follows.
Edit and save a banner in the system. Hopefully that gets things going again.
, aspprotect does not use a global.asa file
I would start by looking there and seeing what is going on ... with line 33
I dont see how it could be related to aspprotect in any way
Global.asa files fire on their own and what they do depends on what code is put in them, Gotcha.
Can you set an expiration date on a subscription?
Thanks,
Jess
, Good Morning - I am receiving an Http 500 internal server error when I go to add a new user via the register.asp page. the url when the error appears is: .../users/add_new_account.asp
I think the error has to do with my email component setting - becuase it works fine otherwise.
I have the email component setting set to CDOSYS (using remote server) with the mail.remote.server set to email.cidra.com - email address set to webmaster@cidra.com
Note: I receive the email notification and the user does get added.
Can you help please? Shirley
UPDATE...I just figured out that it only errors when the email address I use for the user is NOT from cidra.com -- Any idea why?
, Ok, so I checked to see if ASP is running on the server and it is. then I added code to the top of a page and this is what i can see when 'view Source' on the web browser:
<%@ LANGUAGE="VBSCRIPT" %>
<!-- Begin ASPProtect Code -->
<!-- Groups with access to this page. ( * Admins * ) -->
<% GROUPACCESS = "4" %>
<! #INCLUDE FILE="check_user_inc.asp">
<!-- End ASPProtect Code -->
<html>
<head>
<title>TeamManagers</title>
Yet I get no challenage for a password and no error message!
,
- What kind of encryption do you use with version 7?
- If I purchase version 7 and use it on my site with a new SQL database then migrate the old records from version 6 so I can by-pass the issue with my home-grown Base 64 encryption, do you forsee other issues with the upgrade?
, Thankyou, that was very helpful, here is a thread that may help you if this is what you were getting at
http://support.cjwsoft.com/code/moreinfo389-1.htm
, Hello,
It is very possible, however there may be some issues such as the session variables specific to a particular user would not be able to be created because there would not be a specific user.
I can't tell you exactly how to do it as it would probably take a few hours of messing around with the code to sort it out. Bascially, it's not something I could tell you how to do real quick and I do not support custimizations to the code.
But, it is very possible. You want to check the server variable for the IP address. The tricky part would be where and how this all just integrated into the "check_user_inc.asp" file
, If you can would you do it for a price as a mod or will this be added to the new version.
, do you want my help making the database with your import file ?, ok
thanks
, This relates to a part of the new documentation that wasn't ready yet.
I just made a thread about it though.
Here you go.
http://support.cjwsoft.com/forum/forum_posts.asp?TID=198& ; ;PN=1&TPN=1 cwilliams38419.5353587963, Got any info for me on this ?
Chris
, I guess i am not being clear as to what i am trying to do. As far as the event thing... lets hold off on that for now. It seems Chris has answered my question and i am on my own for that one...
As far as the log in goes: I went to that site you mentioned;www.CafePress.com to see if they had what i was talking about. and they do. Notice on the bottom of the page it says "sign in to your account"
I want that option on my home page where users can sign in to go to their account. It will either take them to a page where they can update their info, or it will take them to a protected page. Pretty much instead of posting a link on the site to say... click here to go to members.aspx and have it return an "access denied" the user can enter their info from the main page and be automatically re-directed to that members.aspx page.
I know how the viewstate works and i also know what that returnURL thing does..pretty self-explanitory.
Hopefully that makes things easier. I just want a user to log in from the homepage and be redirected to either a protected page or their account page...
(as does that cafepress website)
, Did you do what that thread said so you see a more detailed error ?
Can I see the site and look around.. ?
I just am not sure what is going on from what you are explaining ?
If so private message me with the admin account details and tell me what to do to reproduce the error. , Using just ASP (Form Based Authentication) you can only protect the actual content of the ".asp" files.
You can however use some ASP tricks to stream other types of files to the users.
That way the actual file locations are never known and they can only get them/see these files when they are logged in as you would be streaming files to them after they logged in.
Below are informative links I have collected on the subject in an email I sent to another customer a while back.
Using Active Server Pages you can only protect ".asp" pages.
You can however password protect ".asp" pages that stream files to the user using code like in these examples therefore keeping the actual file name a secret.
And from another email I sent...
ASPProtect only protects the content of ".asp" pages. Directory protection is not possible using just ASP.
Other file extensions can not be protected using just ASP.
There are ways to get around this.
You'd want to do a technique like this to stream non ".asp" files to the users.
The safileup component from softartisans can actually do something similar as far as streaming the files go.
Then use something like ASPProtect to protect the ASP files that streams the files.
The actual location of the files is never known to the users and of they don't have access to the asp pages they can not see or get those other types of files.
Very doable, but nothing ASPProtect takes care of automatically.
This info above should get ya on track.
cwilliams38344.8751736111, I dont know about the unspecified errors. I really need more detailed information. (Since it has been working fine for quite a long time you might want to consider installaing the application from scracth again and see if you still get errors)
As for the log in not persiting. Did you by chance turn off cookies in your browser ? They are required for forms based authentication to function. Otherwise, yes you would need to log in to each and every page as you moved around.
cwilliams38414.6054166667,
Flash files cannot track clicks unless you edit the original flash file to link to the aspbanner system redirect URL.. feeding it the correct ID of the banner.
When that link is clicked on it will then track the click and redirect the user to the “link url” specified for that banner.
The system actually generates the necessary ASPBanner URL for you. That link is shown on the banner edit screen.(you must save the banner at least once and come back to that screen to see the link though)
Really the best way to show it is with an example as seen below.
Basically the flash banner file "powerasp.swf" highlighted in green needs to be edited to link to the banner redirect url which is highlighted in red.... the banner redirect url will then track the click and ultimately send the user to the Link_URL highligthed in blue.
All banners systems work this way when it comes to flash files.
It’s the nature of flash and the web browser,
The flash source code must be edited to link to the redirect url in the ASPBanner system. There is no possible way any banner system can track a flash click unless the flash file links to the banner system 1st.... because that click is handled by Flash and the web browser.
In some cases if you do have the original source file for the flash banner then you are out of luck as far as tracking clicks goes.
On a side note... if you create flash banners the way this article says you can actually feed a .swf flash file a link for it to click to. Instead of it being hardcoded.
http://www.macromedia.com/resources/richmedia/tracking/desig ners_guide/index.html
This is really the way everyone should design their flash banners from now on because the url it links to can be easily changed at any time without editing the flash file source code.
cwilliams38085.095150463, the reason being is because when I do installs I do not touch any of your existing content. I only install the base application and make sure everything in it working correctly and also that the example protected pages are working. I do not integrate it with your existing site or edit any of your existing web content. That is up to you
sorry about that, but it would be way too time consuming and editing people's existing pages is a good way to cause a lot of headaches for me and the customer if something goes wrong. Not only that but everyone uses the system differently and it wouldnt make sense for me to be the one doing that based on access levels, groups.. etc etc which will all be custom to how you want things set up.
more on installation policies here.
http://www.cjwsoft.com/installation_service.asp
, If you are using an ACCESS Database try to avoid using a system DSN. They are much slower because they go through ODBC which then uses the Jet Drivers to access the database. They also have to do a registry lookup.
ttp://www.4guysfromrolla.com/webtech/070399-1.shtml
http://www.powerasp.com/content/database/dsn_vs_dnsless.asp
It's funny because in the 4guys article they ask the question..
"Hmmmm... so who was right, Microsoft or Wrox?"
I'll tell you who was right and who said it 1st. It was me and I said it on my old powerasp.com site before anyone else ever did.
I found it out on my own by experimenting when I was the Systems Analyst for an large ISP. We we had web servers that were not running well. I didn't read about this solution anywhere because no one was talking about it at the time. Microsoft said use System DSN's so everyone just took their word for it.
I took a lot of heat for saying that back in the day but over time everyone started saying it.
, its in this thread.. you use the InStr function
http://support.cjwsoft.com/code/code_info.asp?TID=17&KW= instr
Please use a little bit more descriptive subject the next time you post. "question" does not tell much to someone looking through threads.. and I like to keep things clean and organized in the forums
I edited it for you this time..
thx , ok, I moved this thread..
The code in the ASP application handles all encryption and un-encrpytion of passwords in the database. I uses the vbscript RC4 function and the password encryption key specific to your installation to do this.
The whole idea is that if someone gets your database and opens it up that they will not get the passwords (utilitiies to crack access databases are common and work well so they can easily get by the main password)
That being said when you open the database manually your not supposed to see clear text passwords. Your also not supposed to have an easy way to make them clear text. It's a security thing.
Though I am not officially supporting it I will tell you what I think would be the easisest way to make an export file with clear text passwords in it.
Use the export fire creator in the admin area of aspprotect.
Mosdify "export.asp"
change
Password = CmdDataExport("Password")
to
Password = RC4(CmdDataExport("Password"), PasswordEncryptionKey)
Then make an export file and see if that worked.
you can then import the export file into and access database or do whatever you like with it.
, how di I change the currency dollar sign to gdp pound sign ?
I need all my tranactions in gdp puund sterling to use on paypal
regards
simon
, Most likely it is no longer supported on the web server. The web host probably moved you site to a windows 2003 server which does not support cdonts or they stopped running the IIS SMTP server.
You usualy wont get an error..
it is also possible that cdonts is boned up as it is pretty flaky and that tends to happen. For example sometimes the emails it is suppost to send get caught up in the smtp pickup directory and never get sent out until the server is rebooted.
You should really ask the hosting company why cdonts has stopped working. It definetly has nothing to do with the code if it has been working all that time. If CDONTS still is supportd tell them you emails are in limbo. Ask them to look and see if a bunch of ".eml" files are stuck in the stmp pickup directly and if so to please reboot the server.
lastly:
cdonts has been deprecated and now everyone uses cdosys.
see my article
http://www.powerasp.com/content/new/sending_email_cdosys.asp
, Personally, I think that is something you should work into your existing site code or something you should handle on your own.
It's basic site maintenance issues.. and something every webmaster must deal with on an individual basis. If you are going to upload a new version of some large file of course you should go disable wherever people are dloading it from and then wait/re upload/turn things back on.. etc etc
It is not going to be a feature of ASPProtect and I don't see why it should be. If you want to have some sort of global site is temporaily down thing you should have a common server side include on all your pages right after the password protection include file. In that include file you could easily stop site access with a response.end and also show a message.
Or you should disable a file download page manually on a file to file basis.
Really, big busy sites that have their sh*t together use versions of files for a reason. Every new upload is a slightly new version revision and has a slightly different file name They do this partially to eliminate the problem your talking about and also because that is the way it should be done. Nothing gets uploaded over itself ever. Even if there is a mistake in a file they upload a new revision and document it in the revision/changes file. And of course they dont show users a link to a new file revisions until it is uploaded.
, question 2 is answered best here
http://support.cjwsoft.com/code/code_info.asp?TID=319&KW =paypal
I should also mention that the paypal scenarios used in ASPProtect can not be tested using PayPal's sandbox. Also test using two real PayPal accounts and on a live setup. (You'll allowed two paypal accounts)
then you can log into the other and refund the transctions and of course it makes sense to use low amount like 1 cent and what not.
Also, I'd love to see what you came up with with the integration. I have been working on it here as well and took it in a different direction as I plan to sell directions for it as an add-on for aspprotect. I have it all working here but so far I dont see an easy way to let other people do it as I had to change things in both systems in a lot of places. Utimately if done under a SQL environment triggers should be used at the database level and that is another consideration.
, Did you see this thread. It shows how to set up the project in Visual Studio in detail.
http://support.cjwsoft.com/code/moreinfo85-1.htm
, ok, that is what you are suppose to do... not having that path info set can cause all sorts of trouble., Hello- I am trying to install the ASPPROTECT product and tried to read all the docs but still am getting the following error:
[Microsoft][ODBC Microsoft Access Driver]General error Unable to open registry key 'Temporary (volatile) Jet DSN for process 0x1980 Thread 0x1458 DBC 0x223c374 Jet'.
I understand about the physical path for the DSN-less connection and followed the example given. I got in touch with tech support for the host of my site and the give me the following as a physical path:
c:\sites\Single20\laptv1\database
Some observations:
1.- The database directory is outside the root dir but I think I am accounting for it with the path
2.- The permissions are ok
Any ideas?
Thanks
FP
, that erorr in no way means what it says.. it is just a generic error because something failed.
if you want to PM me info on how to get into your site and I will take a look.. I don't think it is something that can be figured out otherwise especially when you are not telling much about what is going on. There are a lot of factors and settings that are relevant. , Hello,
I have ASPprotect 7 installed on my remote server. I am able to go to the examples/default.asp page and login in without any difficulties. If I copy the code from that page and paste it in a new page called the same thing but in a different folder, I get this error; (Keep in mind that this is essentially the same exact page in a different location of the website)
Error Type:
Active Server Pages, ASP 0126 (0x80004005)
The include file '../../check_user_inc.asp' was not found.
/aspprotect/Pages/default.asp, line 3
I get the same error if I paste the "protection code" I have generated into the top of a current (.asp) page in my site.
Basically, the only pages that work are the ones that came with the program as examples. Thats great, but now I need to make it work for my pages. Any thoughts?
, Your assumption was incorrect.... the login count has nothing to do with that. The login count only has one purpose and that is to limit the amount of times a user can log in if you want to do that.
Logging in for the 1st time means the time at which they 1st login and their session at the site is created... If there session ends and they come back and login they will get redirected because it will be the 1st time again.
Forms Based Authentication is all about sessions and session variables.
If you only want them redirected somewhere based on the login count that is something you have to work out and check on your own. It's very doable.
Seems like now I should have explained that better but I never thought anyone would think it meant what you thought., I purchased and installed the full version ASPProtect 6.0 in Feb 05 (must have been just before 7.0 came out) and have been using CDONTS for email authorization during the registration process.
It was working fine for about three months. Now, after registering, the email authorization is NOT delivered to the new registrant. There are no error messages.It just doesn't arrive.
Any thoughts on the subject would be appreciated.
,
I pull that crap on myself once and a while... or my
favorite is leaving a bootable CD in the drive and then wondering why the heck
the OS doesn’t come back up. I pretty much promised myself back in 2002 that I
would never mess with anything minor after 10PM. For whatever reason I always
start messing around trying to "fix" something and end up sorry...
Granted if it’s an emergency I am all for it, but I get dresses in advance
anticipating the practically inevitable drive down to the datacenter.
Good luck with that, I am sure you will be much better off
in the long run.
, Well at least now the import/export link shows up now! lol, A nice addition for the listing script would be if the script would allow a "featured ad" or ads that would appear on the default page. ,
Timecard Entry: 3/25/2006 1:35:58 PM
worked on changes to Hackett's site (hackettsonline.com, billable), Mailing, cancelations,went over incident report with Jodi, trying to fix a couple of network problems need to goto syracuse, mailer, Working on Jackie's computer. Trying to get both Emerald and Outlook working on it at the same time., Morning company meeting, picked up mail and opened. posted accts and customer inquiries. ans phone., Training for Greystone Realty, SunandShield.Com - Online mall & Bookshelf admin interface. Category and listings manager., Susan Stine (SIIE), Team Meeting., Checking Email, Voice Mail, Phone calls, time sheets. Reviewed & printed schedules, Printed Daily report., CJW sent me ASP packages that GiSCO bought for us. Checking them out (Mail, image size, TCP, & other components, etc.)., help troubleshoot printmgr, Cleaning out/answering all mail in preparation for long weekend, Madison,WI - Eng Telco, Web billing and a trip to the post office, Travel to Geneseo, general mgmt, 27 miles from watertown to lowville., Email and VM catch up, Spoke to Jason about script problem, said he had the same, gave me directions as to how he overcame it., Getting/Copying new Photoshop 5.5 package., Phone calls from Clayton office., Checked modems also., gisco.net/watnshcools - starting district events calendars, Picked up mail and opened. Posted accounts, ans. phone, credit card authorizations, coupon referrals, and customer inquiries., Resetting modems on some numbers. , Contact Fletchers, contact ChrisCross,
answer mail, email
, Intern here, showing him what I'm working on.,
