Please Note : Users with the option pack a new feature called groups that is much more powerful than access levels.


More On Access Levels

Again, Examples of managing Access Levels are provided in the "multiple_access_levels" folder included in the root of the Password System. Look at the source code of the ASP pages in that folder with a text editor to see the working code.

Access Levels and how they work can be re-coded to work in many different ways. However, you have to be a good ASP developer to make changes to it. Here is some information on how they work by default and also info on an alternate scenario we have provided.

In the "check_user_inc.asp" that comes in the root of this system Access Levels works as follows.

Level 1 has Access to - Level 1
Level 2 has Access to - Level 1,2
Level 3 has Access to - Level 1,2,3
Level 4 has Access to - Level 1,2,3,4
Level 5 has Access to - Level 1,2,3,4,5
Level 6 has Access to - Level 1,2,3,4,5,6
Level 7 has Access to - Level 1,2,3,4,5,6,7
Level 8 has Access to - Level 1,2,3,4,5,6,7,8
ADMIN has Access to - Level 1,2,3,4,5,6,7,8,ADMIN

The "check_user_inc.asp" included in the "extras" directory is an example of changing the access level checking code
to work differently. In that "check_user_inc.asp" Access Levels works as follows.

Level 1 has Access to - Level 1
Level 2 has Access to - Level 2
Level 3 has Access to - Level 3
Level 4 has Access to - Level 4
Level 5 has Access to - Level 5
Level 6 has Access to - Level 6
Level 7 has Access to - Level 7
Level 8 has Access to - Level 8
ADMIN has Access to - Level 1,2,3,4,5,6,7,8,ADMIN

If you get creative you can create some interesting access level checking scenarios.

Here is some additional info..

If the access levels are too restrictive you can ignore them all together and create your own totally custom solutions.
Here is a quick rundown of some of the things you can do.

Ok... so if you want to be really specific about what each user can see and
can't .. here's an example of what you can do

Don't use the access levels before the include file..
Don't worry about what you set a user to in the admin area since the access levels won't be used.

Do something like this..

Every time a user logs in session variables are set that you can access at
any time.. thus allowing you to know who they are.

So you could do something like this...


<%@ LANGUAGE="VBSCRIPT" %>

<!--#INCLUDE FILE="check_user_inc.asp"-->

<%
If Session("USERNAME") = "bob1267" or Session("USERNAME") = "carl45" or Session("ADMIN") = "True" Then
Session("PASSWORDACCESS") = "Yes"
Else
Session("PASSWORDACCESS") = "No"
Response.Redirect(Request.ServerVariables("script_name"))
End If
%>

The following URL explains what Redirects are.
http://www.powerasp.com/content/code-snippets/redirects.asp

That would in effect create totally custom access levels.. but you would
have to do it manually for each user.

You can also do things like this after a person logs in

Show custom html to any specific user based on either their username or
access level ... like so

say there was a menu and a certain link should only show up to username
"paully67"

you could do something like this


<HTML>
<HEAD>
<TITLE></TITLE>
</HEAD>
<BODY>


<br>
<a href="main.asp">Home Page</a>
<%
If Session("USERNAME") = "paully67" Then
%>
<br>
<a href="paullys_page.asp">Pauls Stats Page</a>
<%
End If
%>
<br>
<a href="links.asp">Links Page</a>

</BODY>
</HTML>

Or you can show custom HTML or links based on Access Levels or any other info.

You can do just about anything with if-then statements and
using the built in vbscript functions..

Hopefully this info will help to give you some ideas...

Bottom line is you have to do some work within your site to make the Access Level system really come alive.

Is there a possibility to build in a option that the administrator will be notifed when a banner expired.

New Features added to 7.x

1. Entire application gone through and updated.
2. New graphics, new look and feel
3. Passwords and Cookies are now encrypted using separate keys individual to each customer install.
4. Groups Feature... powerful way to protect pages based on group access
5. Ability to upload a picture for each user.
6. New printable profile user screen.
7. Supports 13 email components as well as outgoing authentication for a few of the email components
8. New Lockout option. "However many" try’s to login and you are locked out for a certain amount of time.
9. PayPal signup routines for both single payments and subscriptions integrated into the application. Everything is handled automatically. Charging for membership couldn't be easier. 
10. New Newsletter Feature allows you to send newsletters to those subscribed. 
11. New ability to Email users soon to expire
12. HTML emailing for people using CDOSYS. This includes an inline html editor so you can send out some really professional looking emails.
13. Ability to redirect a user anywhere on 1st login
14. Option to turn off Login Remember Me Feature
15. Login Form now very easy to edit
16. All paths for places that need permissions can be easily changed.
17. Works with Parent Paths Disabled on the web server.
18. Company Name is now an optional field
19. Handy javascript popup date selectors
20. All date functions now internationl date friendly
21. Password conversion routine to upgrade existing users to the password encryption
22. Import / Export of user database built in
23. Protection Code Generators
24. Notes Feature. Javascript Popup on users screen that allows you to quickly see information without going to their edit screen
25. Mass email users incuding ability to send them usernames and passwords all at one time.
26. Option to not allow concurrent logins by the same username
27. Optional feature to keep track of recent users that have logged in as well as allow you to view the information.
28. Optional feature to keep track of recent users that have logged in, what pages they accessed, and when, as well as allow you to view the information.
29. Ability to protect other files types other than just protecting the viewing of the ".asp" pages. We provide working example code showing you how to protect images and file downloads in your protected ".asp" pages. You can protect nearly any type of file from downloading and viewing. (gif, bmp, jpg, zip, exe, pdf, rar, mp3,etc..)

Suprising I started this tread off on ASPImage, but I resolved my issue and forgot to change the thread topic.  I will try your suggestion.

Two things you can do to test..

make sure there is at least one ".log" file in that directory.. then if you go to the log file screen and it does not show up in the list the physical path you are using is just not correct

remember the physcial path must contain a drive letter (sometimes a network path starting with // is ok if they have it setup as a network drive)

the other thing you can do is use this script to try and write a simple text file in the directory

http://www.devasp.com/samples/writetofile.asp

That will show you if permissions are correct

trust me, they (serverobjects) do not check processors.. as a matter of fact they haven't answered support emails for about 3 years. All they do is sell those components like hotcakes and take in mad crazy cash. But I will say the stuff does work well and always has. (that guy probably took all the money he made/makes from those components and took off to Jamaica or something sitting on the beach drinking margaritas)

regardless,
ASP just cant resize pictures on it's own.
It' just not possible. You need a 3rd Party component.

There isn't much to say about the ASP.NET thing.

If your server has ASP.NET installed (meaning you can run aspx pages on your server and the ASP.NET framework is installed) and running you just pick that option in the config file and ASP Photo Gallery will use ASP.NET to make dynamic thumbnails for you.

To run ASP.NET it must be a 2000 or 2003 server.

I have ASPProtect up and running and I was able to log in with little to now problem after following all of the directions. 

I imported my data base of users (approx 5300) into the access db, and now it times out just letting me log in.

I've got full access to the web server to make any changes on that end that I need.

any ideas?

Hi,

I don't see any good reason to rename any of those files.

Changing them though may involve changes to the code recompiling, etc etc... it is not something I support.

Where is the system getting the random user name and password, and why does it keep selecting the same user name and password every time?

I have narrowed it down.  The ../ for includes will not work with .asp files but will work in .shtml files.

any ideas?

I just installed the software, but I can't find any place where I can see when users logged in, can someone please tell me where I can do this?

Thanks

it might also be a good idea for you to try a simple text file writing example like this on your server and see if it hangs as well

http://www.devasp.com/samples/writetofile.asp

for troubleshooting sake

this is sounding more and more like the filesystem object is blocked or disabled on your server

That’s about all I can tell you. It's just not something I support.

Hi, I am glad you like the system.
Thx for the comments..

The banner logic in aspbanner it tweaked for speed and performance.. that sort of thing really wouldn't fit into the current code structure very well. It would slow things down and be a nightmare to code because of the way aspbanner uses ultra fast application variables for the banner rotation. Basically its a feature I didnt incorporate for performance and pricing reasons.

I would suggest making different zones for different conditions.. then surrounding the banner calling code with if else logic so a different baner zone was called under certain conditions.

That way performance would not be effected and you could actually show a different group of banners based on certain conditions.

Sorry, but that is the best advice I can offer at this time.

I built ASPBanner for performance and at this time I refuse to sacrifice that for any feature that will slow it down and consume more resources.

The company is called Eschelon - there customer service leaves a lot to be desired. I have contacted them again and they said that they require the account holder to manage permissions, they won't make changes. I wish they would have told me that a week ago when I asked them about changing the permissions. They haven't responded to me yet how I am to do that though.

Frontpage ext. are not installed.

Once I hear back from them about how I connect to manage rights I should be all set.

Thanks again for all your help!

enjoy the bar.. drink one for me.. cause that was the problem..

I'll try to help when I get back tues night,, see the contact page for info on where I am .
http://www.cjwsoft.com/contact/default.asp?Subject=CJWSoft+G eneral+Inquiry

I would kile to see more support for the groups function:

1. on the password_admin/default.asp page have a coulmn listing groups

2. ability to change groups in bulk eg change the expiry date for all group x members

Cheers

Is it possible to set the user account time limits when they register? I am using email verification and am trying to have their accout expire 32 days after their initial login.

Also I have an issue with the email notification not notifying me when a new user logs in. It does a beautiful job notifying the new user.  I do not understand why my server will send to one and not the other, I ahve searched the links but none seem to answer this.

Thank you for your help and insight

Most likely it is no longer supported on the web server. The web host probably moved you site to a windows 2003 server which does not support cdonts or they stopped running the IIS SMTP server.

You usualy wont get an error..

it is also possible that cdonts is boned up as it is pretty flaky and that tends to happen. For example sometimes the emails it is suppost to send get caught up in the smtp pickup directory and never get sent out until the server is rebooted.

You should really ask the hosting company why cdonts has stopped working. It definetly has nothing to do with the code if it has been working all that time.  If CDONTS still is supportd tell them you emails are in limbo. Ask them to look and see if a bunch of ".eml" files are stuck in the stmp pickup directly and if so to please reboot the server.

lastly:
cdonts has been deprecated and now everyone uses cdosys.
see my article
http://www.powerasp.com/content/new/sending_email_cdosys.asp

Three questions here:

1. I am having a problem with characters being displayed properly when viewing listings. Some alphabet characters and punctuation characters do not display properly when viewing the pages.

Sample here:

http://www.hibari2.com/lanoitanretni/kokusai_profiles/view_i tem.asp?Ad_ID=102&CatLevel=2&Cat1_ID=3&Cat2_ID=& amp; amp; amp; amp;Cat3_ID=&Cat4_ID=&FromSearch=True&SearchPage =%2Flanoitanretni%2Fkokusai%5Fprofiles%2Fdefault%2Easp%3FCat Level%3D2%26Cat1%5FID%3D3

In the access database I was looking at the properties for the ‘Ad_Custom’ fields. Unicode Compression is 'Yes' but IME Mode is set to 'No Control'. I wonder by changing this to ‘Hiragana’ if will solve the issue.

Note: the essays are typed in English on computer with Japanese OS, and then pasted up. Even though they are typed in English, there are several setting that may affect the output.

2. I want to reverse sort order for listings instead of listing 4, 5, 6, 7, I’d like to sort 7, 6, 5, 4… Could you tell me which page has to be edited, and in simplest terms what has to be changed?

3. Also, I’d like to increase the default display of ‘items per page’ from 25 to 100. Could you tell me which page has to be edited, and in simplest terms what has to be changed?

Thanks

You should read my article on server side includes… the path to the include file must of course be adjusted depending on where in your web you are.
http://www.powerasp.com/content/code-snippets/includes.asp

You will also notice if you look at the provided example pages that the include paths have been adjusted to make sense.

If it is 2 directories down it should probably look different..

example:)   "../../checkuser_inc.asp"

It’s weird that if you are not getting an error because if the path to the server side include is wrong you should get a nasty server error.

Also..

The ASPProtect system and any pages it protects must also be part of the same Application in IIS. It’s the nature of forms based authentication. Do a google search if you are not sure what an application is in IIS.

Lasty…. If you are logged in at the time

Whether your current session at the site is still active… or you have the cookie set to remember you.

Well, nothing will happen… cause your already logged in and you will just see the page as normal.

Perhaps things are working and you just don’t understand that part ?

You need to go to the log off page.. log off… then close all instances of the web browser windows..

Then come back to the site… then see if it prompts you to log in.

I pull that crap on myself once and a while... or my favorite is leaving a bootable CD in the drive and then wondering why the heck the OS doesn’t come back up. I pretty much promised myself back in 2002 that I would never mess with anything minor after 10PM. For whatever reason I always start messing around trying to "fix" something and end up sorry... Granted if it’s an emergency I am all for it, but I get dresses in advance anticipating the practically inevitable drive down to the datacenter.

Good luck with that, I am sure you will be much better off in the long run.

ok, well if you want to test on your own....  in the ipn.asp file for the subscription folder you will see this area of code used for testing

' Un-comment this section and give this directory proper permissions to enable logging to a text file
' Very helpful for troubleshooting
'   Set ObjMyFile = CreateObject("Scripting.FileSystemObject")
'   LogFileName = ("paypal.txt")
'   'Open Text File.. If doesn't exist create it and append to it .. If exists just append to it
'   Set WriteMyData = ObjMyFile.OpenTextFile(Server.MapPath("paypal.txt"),8,True)
'   RowHeaderString =  ""
'   RowHeaderString =  RowHeaderString & OrderID & vbTab
'   RowHeaderString =  RowHeaderString & Custom & vbTab
'   RowHeaderString =  RowHeaderString & User_ID & vbTab
'   RowHeaderString =  RowHeaderString & subscr_id & vbTab
'   RowHeaderString =  RowHeaderString & txn_type & vbTab
'   RowHeaderString =  RowHeaderString & subscr_date & vbTab
'   RowHeaderString =  RowHeaderString & Access_level & vbTab
'   RowHeaderString =  RowHeaderString & Groups
'   WriteMyData.WriteLine(RowHeaderString)
'   WriteMyData.Close

now that folder will need modify permissions for the text file to be written to but this is a good way to test if the ipn.asp page ever gets hit by paypal.

ITS REAL IMPORTANT THAT THE TEST FILE CAN BE WRITTEN TO OR DOING THIS WILL JUST CAUSE MORE ISSUES

To ensure the text file can be written to and permissions are correct for that folder you can make a new .asp in there and run this to see if the text file writing works

   Set ObjMyFile = CreateObject("Scripting.FileSystemObject")
   LogFileName = ("paypal.txt")
   'Open Text File.. If doesn't exist create it and append to it .. If exists just append to it
   Set WriteMyData = ObjMyFile.OpenTextFile(Server.MapPath("paypal.txt"),8,True)
   WriteMyData.WriteLine("the file was written to")
   WriteMyData.Close

Now, you can even change the location of the text file to place that does have permissions if you like.

This is what I would do if I was in there... then I would make some test payments using 1 cent and another paypal account (your allowed 2)

and see what happens

it is always possible the subscription code may have a bug in it. The last time I tested I only tested the single payment folder which worked perfectly. If I have time in the next couple days I am going to test the subscription stuff again. If there is something wrong I can cure it quickly.

The two routines share a lot of code in common.

Christopher

Found this but I dont really know what to do with it or even if its the right thing.

<%
'=========================================================== ==================='

' Application:     Utiity Function
' Author:          ; John Gardner
' Date:         & nbsp;  20th December 2004
' Description:     Used to check the validity of a postcode
' QueryString:     None
' Version:         V1.0

' Required routines:        &nb sp; None
                    
'----------------------------------------------------------- -------------------'

function Check_Postcode (byRef strPostcode)

' This routine checks the value of the form element specified by the parameter
' for a valid postcode.

' The definition of a valid postcode has been taken from:
' http:'www.royalmail.com/docContent/other/Downloadable_Files/ PAF_Digest_Issue_5_0.pdf

' If the element is a valid postcode, the function value is returned as TRUE
' and the postcode is returned in uppercase with the separating space in the
' right place.

  Dim strPostcodeRegExp(2)   ' holds the regular expressions for valid postcodes
  Dim intCount        &nbs p;      ' For loop counter
  Dim strPostcodeCopy        ' Copy of postcode
 
  ' Variables used to hold regular expression object  
  Dim objRegExp, objMatches, objMatch
 
  ' Expression for postcodes: AN NAA, ANN NAA, AAN NAA, and AANN NAA
  strPostcodeRegExp(0) = "^([a-z]{1,2}[0-9]{1,2})([0-9]{1}[abdefghjlnpqrstuwxyz]{2})$"

  ' Expression for postcodes: ANA NAA, and AANA  NAA
  strPostcodeRegExp(1) = "^([a-z]{1,2}[0-9]{1}[a-z]{1})([0-9]{1}[abdefghjlnpqrstuwxyz]{2})$"
 
  ' Exception for the special postcode GIR 0AA
  strPostcodeRegExp(2) = "^(gir)(0aa)$"

  ' Copy the parameter and convert into lowercase
  strPostcodeCopy = Lcase(strPostCode)
 
  ' Assume we're not going to find a valid postcode
  Check_Postcode = false
 
  ' Strip out spaces
  strPostcodeCopy = Replace (strPostcodeCopy, " ", "")
  Check_Postcode = False
 
  Set objRegExp = New RegExp
 
  ' Check the string against valid types of post codes
  For intCount = 0 to Ubound(strPostCodeRegExp)
 
    ' Check next pattern in list
    objRegExp.Pattern =  strPostcodeRegExp(intCount)
    If objRegExp.Test (strPostcodeCopy) Then
   
      ' Post code found. Ensure input parameter is in correct format.
      Set objMatches = objRegExp.Execute (strPostcodeCopy)
      Set objMatch = objMatches(0)
      strPostcodeCopy = Ucase (objMatch.subMatches (0)) & " " &  Ucase (objMatch.subMatches (1))
     
      ' Show that we have found the postcode
      Check_Postcode = True
    End if
  Next
 
  ' Ensure that the uppercase postcode gets returned if valid
  If Check_Postcode Then strPostcode = strPostcodeCopy
 
End Function
%>

regards

John

ASPProtect v7 comes with working example code of protecting an image from being downloaded and also protects the true file location of the image on your server..

This comes with the system as an example folder with some files in it.

Basically we protect the image in 2 ways.

All in all this is should be very effective protection. Yes, there are still ways to get the images like doing screen captures, but this will ensure that people viewing images are logged in to your site. This will in most cases keep them from right clicking and saving the images. This will ensure that people can not tell other people the image's url location and it will ensure other sites can not leach your images and bandwidth.

For the image protection examples to work you may need to edit some values
in the stream_pic.asp file that are valid for your setup.

Look at the source. The values you can edit are commented.

Now, you also need to call a valid "image file name" from the call_pic.asp file which is an example of how you protect a page with javascript and call a streamed image using an image tag.

Lasty, here is a great article I found on image protection and some of the things you can do about it and some of things you cannot.

http://pubs.logicalexpressions.com/Pub0009/LPMArticle.asp?ID =41

ALL FIXED.. tested with real paypal accounts and a live system
works perfectly

THIS FIX IS ONLY FOR PAYPAL SUBSCRIPTIONS

Download this file "ipn.asp" and put it in the "paypal_sub_signup" folder
2005-03-10_164645_aspprotect_subscription_fix.zip

Basically somehow an older version of the this file was in the original download archive.

I am VERY SORRY

Anyone who purchased ASPProtect 7 before March 11, 2005 should download this fix.

(Password_Email_Confirmation_Mod) for ASPProtect Version 7.x

This will change the basic registration pages so that the email address and password entered must be confirmed when signing up. This eliminates the auto generated password during signup.

Some may prefer it working this way.

Directions:
Back up your existing ASPProtect installation.

Copy the two new files into your "users" folder

"register.asp"
"add_new_account.asp"

2005-12-01_182201_Password_Email_Confirmation_Mod.zip

OK, I updated the server with the SP 8 Jet updates and this had no effect.

Then I loaded the asptest file and put in the correct path. The results were:

Failed: Database could not be connected to....

Error reported from server:
Error source: Microsoft OLE DB Provider for ODBC Drivers
Error number: -2147467259
Error description: [Microsoft][ODBC Microsoft Access Driver]General error Unable to open registry key 'Temporary (volatile) Jet DSN for process 0x784 Thread 0x854 DBC 0x2101014 Jet'.

I believe what happened is we received the older copy of ASP Banner iwht our purchase of ASP Protect and were notified of a free update to download aspbanner_unlimited_v8.2_feb_26_2005.zip which we did, and that's the one i recently put on our site.

  Sounds from your reply that something technical is going on to the point where I will have to hire one of our Web consutants to dissect for us.  We'll try again and track our issues and send another request for information when we can show you a specific example of what is happening.  I'll be in touch.