Need to know more about ASP ?
Check out these links.

	PowerASP This site was started on October 8th, 1998 and is a great resource.
	ASP101 This site has been around a long time.
	ASPSchools Intro to ASP Good intro to asp

15 Seconds Free resource for developers working with Microsoft Internet Solutions. 15 Seconds is the biggest IIS and ASP development resource in the world.

ASP FAQ Have a question about ASP? Check the ASP FAQ site. They've probably got the answer.

ASP Free Your 1st source for free ASP and ASP.NET live demos, downloads and more!!!

ASP Connections ASP Connections Conference for the ASP Developer features sessions on ASP Performance, IIS 5.0, ASP 3.0, XML, ADO, E-Commerce, VID, COM, COM+, MTS, DHTML, load balancing, and more. Speakers include Mike Amundsen, Wayne Berry, Charles Carroll, Michael Corning, Jeff Niblack, & Ken Spencer.

4GuysFromRolla 4GuysFromRolla: Web Technology, Programming, Humor... All this and it counts as work!

CoverYourASP.com A great new site. It's got some great stuff and is using JScript! A must see!

askASP Promising new site! Check out the question archives!

CodeHound CodeHound ASP - The ASP Developer's Search Engine!

CodeAve.com A neat ASP reference with some interesting features. Check out their "Script Writers"

ASPZone The website for advanced ASP developers.

Programmer's Resource This site is geared towards Activer Server Pages and Access developers.

Planet Source Code Search over half a million lines of free code!

DevASP A relatively new ASP site. Straight forward and informative.

www.LearnASP.com This in another site maintained by Charles Carroll, and it specializes in Active Server Pages programming issues. Contains links to a wide range of resources and articles.

ASPin.com The ASP Resource Index. Here you will find the stuff you need to take advantage of ASP and make your website an interactive mecca.

411ASP.NET The ASP.NET Resource Directory

ASP Sites A great place to go to find ASP resources fast!

Haneng.com A different ASP site.

Macromedia - DevNet While much of the content is Dreamweaver MX-centric, they also have a fair amount of plain vanilla ASP.NET content as well.

The Web Developer's Virtual Library The WDVL is part encyclopedia and part e-zine dedicated to covering all sorts of information about developing web sites... including ASP.

 

it is by design actually and something that can be improved
(I just never thought of it when I 1st designed the system and it is actually planned to be added in Version 8)

The trick would be to reset those session variables anytime someone edits and saves their information... not very hard at all

you would do it on the save code page for when a user edits themself.
you want to grab the info posted from the form and  reset each session variable at the same time everything is re-saved to the database

example

Session("Company_Name") = Request("Company_Name")

ACCESS DENIED

INVALID Username & Password

Username HAS EXPIRED

it has been 3 days since I logged myself in under Admin, and all the user information on the User Activiy screen seemed to be gone.

is there any specific length of period it refreshes its user information??

5300 users honetly wouldn't even phase the database or the code... even with MSAccess...you got other problems and I can say that with 150% certainty

my guess is permissions on the database folder are not quite right or the odbc drivers have issues.. something along those lines..

access databases act up when full modify permissions are not given to the folder they are in.... they can also act up if the odbc drivers are very new and you are not using a newer version of the access database such as 2002 version as opposed to a 97 or 2000 version

using a system dsn as opposed to a dsn-less connection can also cause BIG issues. always use a DSN-LESS connection

you can also have big problems if just the database file is given permissions instead of the whole directory it is in

also, the script timeout has nothing to do with it.. if that is happening something is wrong with the data connection like I said... no amount of changing timeouts is going to cure it...

how permissions are correctly set
http://www.powerasp.com/content/new/windows_2003_server_and_ permissions.asp

why system dsn's with access databases are bad news
http://support.cjwsoft.com/code/moreinfo9-1.htm

I know it worked at 1st but it can still be related to all of this because when permissions are not perfect databases will work ok for a while and then act up. it all has to do with the temporay lock files that access creates and deletes on a regualr basis

no, there is not not.

If you wanted to to that you would have to add some code to check their album count in the database and not allow them to make a new album if they were at the limit.

Well I have the web hosting tech looking into the memory issues at this point.  Unfortunately I don't have another machine to be able to run the asp on that would run it correctly so that I can just publish it over.

The ASPProtect v7.x Documentation is now available as a download in windows ".chm" format. (needs to be viewed on a windows based machine that can read it) If you are using XP with Service Pack 2 follow the instructions below or you will not be able to view the help file.

Download Documentation

You should save this file and then open it.
Just opening it from download may not work and you will not be able to read it correctly.

Please continue to check the support forum threads for the most up to date documentation.


IMPORTANT
If your are using xp with service pack 2 there are some new security features that can block the access of help files you download. So as far as the ".chm" file goes.. you have to download it... right click on it...go to properties... then  choose unblock down in the lower right corner ...then you can open and view the file correctly

((TITLE EDITED BY ADMIN))


it would be nice if there was an option for login abuse, where a login account would be flagged if it logged in from x number of different IPs over a period of time. I know many have dynamic IPs, but there's got to be a balance between legitimate logins and logins that are 'shared' for the sake of saving money (I sell subscriptions), in the end costing me.

Maybe searching the first two number groups in the IP (example, 209.168.*.*), and if finding more than an admin specified number of logins per week from IPs with different first two groups, the record would be flagged or locked...

Hello,

I need to see if this is possible. I want to create a browsing system such that, the user selects a Province from a drop down list on the main page. Based the selection, the username of all the users in that province will be shown. Then the user can click on a specific username and his/her portfolio (photo album) will be displayed.

is this possible? If so, How can I do this, please help.

Thanks

Sean

SQL Server Datareader Datawriter Permissions..

here is a screenshot that shows how to set datareader and datawriter permissions on a database using "SQL Enterprise Manager"

In this example we are making sure the aspbanneruser has those permissions on the aspbanner database in the SQL Server

After I approve someone's username and password, then go to send them the default e mail telling them of the approval, the e mail never goes through.  The e mailing used to work well for many months, but it stopped working.  Any thoughts?

Spider

The random password is generated during signup and the function that creates it is located on this page of code.

users/register.asp

it looks like this

Function RndStr(Length, UseChrs)
 If IsNull(UseChrs) OR (UseChrs = "") Then UseChrs = "0123456789abcdefghijklmnopqrstuvwxyz!@#$%^&*()_+=-"
 NewStr = ""
 Randomize(CByte(Left(Right(Time(),5),2)))
 For gpIndex = 1 To Length
  NewStr = NewStr & Mid(UseChrs, Int((Len(UseChrs)) * Rnd + 1), 1)
 Next
 RndStr = NewStr
End Function

For example go to this page and hit refresh and watch the password change.

http://www.aspprotect.com/demo2/users/register.asp

Yes, sometimes if you hit refresh quickly over and over you'll get the same password, but not generally. Also that is not something that would happen normally as a user isnt going to sit at that screen and hit refresh over and over.

Anyway... when signing up the new user of course has the option to change that password to something they would like better...

As far as... "selecting the same user name and password every time"

I need more information. That does not make sense for a lot of reasons.

Most importantly because usernames are not generated. The are inputed by the user during signup. They are then checked to ensure they do not already exist before the user is allowed to complete their signup.

So under normal circumstances there can never be duplicate usernames in the system or even users with duplicate emails as that is checked as well.

Now of course if you edited the code in any way it is possible all this is not working correctly ?

Can you incorporate a secure log in within the scripting.  I would like the account information to be secure without having to have the whole site using running through a secure (https://) path.  If this is possible, the scripting is perfect!

Sorry, should have added,  if i change the connection string, i can also get this...

[Microsoft][ODBC Driver Manager] Data source name not found and no default driver specified

Anyway,

How busy your site is actually won't be the only factor. Really the application should not restart unless something happens. If the IIS application is reseting alot it could very well be the ISP restarting the server or doing IISRESETS as well or other sites on the server causing the application pools to restart.. etc etc etc  Quality ASP hosting is important. Regardless your hosting company most likely will not admit to anything be out of the ordinary.

As far as that directory deleting itself on you.. I doubt they will have an answer for that one. All I can tell for sure is I didn't put any code to delete it in there.

UPDATE:  read whole thread..
Version has been delayed




These are my personal notes on the new version of ASP Photo Gallery that should be out sometime in May/June 2004. Please ingore any typos.

This version may be more expensive than the current pro version as this is a major re-write and there will be a ton of new features.

Regardless, special pricing will be offerered to existing users.

If you see any features not listed that you think would be nice please post them here. We will of course consider them.

ASP Photo Gallery Version 4

------------------------------------------------------------ --------------------------------------------

Finished Improvements:

new setup page makes setting up the data connection easier than ever
it attempts to determine the possible data paths and makes suggestions for what to try
when you finally get the data connection working it gives you a link to the admin area of the application
so you can get started using the application

all database table names can be specified in the config_inc.asp file for advanced users that they may need
to change the table names in the database.. helpful for sql installation where one sql database must be
shared by many applications

new data folder is the only folder that needs permissions set
before multiple folders needed permissions
now everything can be put in this folder... database,logfiles,configuration files,picture upload folders...
eventually all cjwsoft applications will do this allowing multiple cjwsoft applications to use that same folder
therefore making it easier than ever to setup more applications without asking your host to set more permissions

new text based config file makes it easier to add new options to the program without making changes to
the database structure... therefore the need for the configuration table in the database has been eliminated
this also reduces system resources needed to load the config data for each page because it eliminates calls to the
database for config data

added voice effects for data connection page, intro users page, and settings page

made it so ratings color was an option (red or blue)

fixed minor bug that wasn't showing fixed category heights when that was selected and am image wasn't originally sized that way during initial upload

changed logfiles dates so they always show up in the proper order 09 vs 9

added config option to change bit query value to 1 or -1
default it to 1.... this is a technical thing

added the extra options currently in the config file to the settings page so people do not have to manually edit that
file any longer...

added new persits email option and authentication options to the settings page

added new CDOSYS emailing option

added support for dundas emailer

added support for ASPSMARTMAIL

fixed word filter so if it is empty it doesn't mess up
also make editing it part of the main settings

made email functions include file and edited all page that email to use it

added css/style sheet support and removed a lot of the old font tags

seperated the settings page into sections because it was too big and confusing

added ability for text watermarking when using the ASPImage component

made the picture upload error message no longer mention browsers that do not support picture uploading
as that is confusing people... and the problem is never that anymore

Made the ASPImage test page delete the bar graph before creating it so if it is already there they will
not think it is working

added crystal ball feature to admin users screen... shows additional user info when you hold the mouse over it

Made search function highlight search word in results.
Made the search function search the image description text files as well

Eliminated the guestbook directory as there was no need for the guestbook to be in it's own directory. This also simplified the menu.asp file as the guestbook section could be removed.

------------------------------------------------------------ --------------------------------------------

Possible Improvements:

eventually make new and much better directions/documentation... html based for multiple reasons

Eliminate the need for parent paths to be enabled on the web server.
(THIS MAY NOT BE POSSIBLE)
Many hosting companies disabled parent paths and will not enable them for their users.
On Windows 2003 Server Parent Paths are disabled by default.

make it so users ability to upload pics can be optionally disabled

possibly make some of the special functions in the extras folder built in to the admin area

Make the category picture uploader smarter because of the jpg gif issue when reuploading cat icons
A jpg loaded over a gif.. doesn't delete the old gif graphic and vice versa

Reduce number of ".asp" pages in general.

Use more functions for redundant tasks.

Optimize all instances of the old filefound function which is using more resources than are necessary

option.explicit the entire application and get all the variables dimmed once and for all

possibly incorporate the new category system I am working on which allows for unlimited categories and levels
also simplifies the heck out of the pages that call the categories

possibly add some cool image manipulation functions such as rotation for the various image components supported

possibly add the ability to move pictures around in an album. and maybe between albums
I must also remember to move the ratings and desc as well for that image.

possibly add the ability to make individual pictures require approval

possibly add the streaming image ability (asp page called from image tag) I came up with as an option for
people that can use it. this will better secure images in password protected albums and also possibly make
it so images can only be viewed from certain urls.. and maybe make an interface for a list of allowed urls

improve the .net support to also resize the larger images.. currently it does not

possibly add a feature to store 3 versions of images uploaded
thumbnail, medium res, and high res/original
this will appeal to professionals or people that may want to sell prints
storing a large version will be optional

possible support for multimedia content other than gif and jpg images

fix... url to link to..   problem on control pics page when both a jpg and a gif are present... which also relates to a another slight
bug that needs to be taken care of

make interface in admin to listen to installed midi files
and also to upload / delete them

possibly make per album guestbook... or call it something else like disussion or comments

add option to store the images orginal name in the images description area during upload
may be helpful to people that name their images in a somewhat descriptive way

change approval settings so they work on a per user basis
eliminate access levels from edit user screen and get rid of the level 4 stuff mentioned
possibly add a per user option for individual pic approval as well if I get that feature implemented

add support for the ibulc bulk upload client that I recently discovered
it is very cool

I want to try this on the machine im using now; which is windows XP.

Is this possible? I don't think i can set folder permissions on XP... there is no option to do so...

Is there a way to do it?

Hi Chris,

I tried changing using Notepad in the config_inc.asp

from:

If  Application("SERVER_SOFTWARE") = "" Then
 Application("SERVER_SOFTWARE") = Request.ServerVariables("SERVER_SOFTWARE")
End If

To

Application("SERVER_SOFTWARE") = "iis/6"

and the albums still do not show up under the categories

Rhona (rookie)

That did the trick. Once again a quick very helpfull reply.

Thanks.

Of course ASP.NET is and HAS been installed. I have been running asp.net scripts for years on it. I am not new to asp.net nor setting up the server or anything. ASP.NET is properly installed and works perfectly.

You are missing the fact i mentioned it is a DOMAIN CONTROLLER.

I have come across MANY articles ONLINE via GOOGLE that mention if it is a domain controller, for some reason the aspnet account is not there or gets deleted.

IN ITS PLACE GOES THE IIS_WPG ACCOUNT. IS YOUR SOFTWARE NOT COMPATIBLE WITH THIS ACCOUNT?

Is it possible to run ASP.NET scripts without ASP.NET not being installed? Because I have been running asp.net pages without any problem.

Hi Chris,

The password is HANNAH.  If you're into trouble shooting mode and would like the key, I can send it to you.  If not, no big deal, I've email the guy a new password.  We'll see how many rounds it takes him to get it right. 

Thanks,
Mick

ok, here is what is going on

you are password protecting an ".asp" page that requires querystring info to run correctly   (example - "somepage.asp?ID=3"")

that is something I never intended anyone to do.. while it does handle and repass the querystring info along during successful login it does not re-pass that info during a failed login as you have found out

this is all by design.. the only reason the system re-passes the querystring info at all is because I wanted to make it smart for the sake of the remember me/cookie feature.. so if someone was using that and bookmarked a page deep in your site with querstring info...then when they went back to that bookmark they would get authenticated and still see the page as intended with the querystring info in tact

it was a nice feature never intended to handle any situations other than what I just described...

now...
notice the url in the browser after failing a login.. then logging in successfully.. it is missing the querystring info

that more than anything is what is going on..  browser caching can cause some confusion when dealing with this because the browser likes to return you to the page minus the querstring info... when that happens a simple browser refresh at that time may very well solve the problem and then you see the page you are supposed to see...

To avoid all of this...

One solution to this is to always start people logging in to an ".asp" page that has no querystring info. That way this won't happen. Once they are logged in you can then offer them links to the pages they need to go to. (you of course still want to password protect those pages)

Another solution is to log them into a page with no querystring info and then do a response.redirect to the page with quersytring info.. thus accomplishing the same thing but without the possibility of the issue because of a failed login.

Another solutions is to do checks in your asp page for missing querstring info.. and if it isn't there do something about it like send them somewhere else.. or display a message about there being an error... etc etc

So,basically you don't want to tell people to login into such and such page with querstring info... and providing a username and password..... You can do it but like you found out it can cause an error if they mess up logging in the 1st time. The system just was not designed to handle that. There are complex reasons for that involving security that would just take me too long to explain.

I hope this makes some sense to you.. it is very hard to try and explain

Ok i am having an issue with my other comp. I have spent ANOTHER 3 hours researching this one.... it WONT START THE IIS SERVICE!!!

I get this error:

The service did not respond to the start or control request in a timely fashion

ANYWAY---

I decided to use one of my client's hosts; which happens to be Network Solutions.

ANYWAY again-

I uploaded the whole thing there and they advised me they cannot do the explicit permissions on that _database folder. This is what they said: I would also would like to point out that ASP.NET applications and permissions do not extend to any other folder, other than the root, (/htdocs/), and the bin, (/htdocs/bin/) folders.  Sub-directories and folder after bin and htdocs will not have ASP.NET permission (read or write).

If you could move or reconfigure your application to save all your code behind, include and dll files onto the root or bin folder, your application could work or possibly run as you would expect.  Please have this done and retest your application. If and when you get a different problem or another error after doing so, please let us know, and we shall be happy to help you troubleshoot any problems that you may have.

There is a 'create database option'  where i can create a database..create a dsnname, user name, password and have to specify the database file name. Once i do this i need to place the database file (aspprotectnet2002.mdb) in the /db folder within the root. I also tried this and made the appropriate change in the web.config but it STILL DOES NOT WORK. I AM PULLING MY HAIROUT WHY WONT ANYTHING WORK.

ALL THE FILES ON ON THE ROOT OF THE WEB HOST. I PULLED THE FILES OUT OF THE _DATABASE FOLDER AND DUMPED THEM ON THE ROOT. I CHANGED THAT ON THE WEB.CONFIG BUT ITS STILL LOOKING FOR SOME .XML FILE IN THAT _DATABASE FOLDER.

I'VE BEEN TRYING EVERYTHING AND IT SEEMS THAT I CANT USE THIS SOFTWARE FOR THE LIFE OF ME

pretty clever...

If anyone is interested in what the Mod function actually does this article explains it nicely. They even use it for the same purpose in the examples.

http://www.asp101.com/articles/steven/mod/default.asp

it is an email server/setting issue most likely

your email server probably requires outgoing authentication or something like that and that is why internal emails can be sent to but nothing else

its something along those lines

this will help you see the real error instead of the generic 500
http://support.cjwsoft.com/code/moreinfo11-1.htm

sure, there are reasons AOL would block the email.. it might think it is spam or it might not like the fact that fact that a cdonts generated email has no MX records because it can not..

for more on MX records read my CDOSYS article
http://www.powerasp.com/content/new/sending_email_cdosys.asp


as far as the emails not being sent because notifications are off. I was not aware of that and will try to look into it.. Version 6 is no longer worked on but if I can find the time I will check that out

I know what is happening.. its the old single quote thing messing up the query string..
but it shouldnt be happening with the newer code as I fixed it.

If you like I can go in and reproduce/fix the issue. I can not think of any other way I can help you as other users have not reported the issue.

Chances are if it is happening in one situation it will happen again in the future.. it really all depends on the passwords being used and your encyrption key... other passwords may produce the issue even if the password is correct

basically once the password gets encrypted it by chance has a single quote in it... then it messes up the query

I take care of the situation by replacing the single quote with a double quote but it looks like you found a situation where that didn't work out

I've encountered another problem.  When i edit the link for existing banners and save it, the banner reverts to the old link instead of the new one.

The directory where the the database is located to rwed so the permissions is not a problem.

Any advice?

Thanks