Where is the system getting the random user name and password, and why does it keep selecting the same user name and password every time?

The count is in the album area where the small pictures and description of album.   Viewed 1 time(s)  This count never changes.

Thanks

 John

yes, usernames and passwords are both case sensitive. It increases security.

The main root of your web site needs a "aspnet_client" folder for .NET apps like ASPProtect.NET to run.

If this isnt quite right one of two things can happen.

1.) You'll get a pop-up error like this.
'Unable to find script library WebUIValidation.js'

2.) The ASPProtect login screen will come up but just not let you log in.

This folder only goes in the root. Not in subfolders and subwebs.

If you dont have this folder in the root of your web.

Read this article to learn how to properly create the folder.
http://msdn.microsoft.com/library/default.asp?url=/library/e n-us/cpguide/html/cpconconfiguringaspnetapplicationforaspnet version.asp

If the app is installed on a hosted server you'll need to ask them to do that for you.

You can also try copying a the folder from your own machine after creating it the way the article above says.

or

here is a copy of my "aspnet_client" folder created under the latest framework at the time of this writing. v 1_1_4322

2004-11-03_134912_aspnet_client.zip

I am not sure if copying it in is as good as having created by the server as I haven't had time to really test all of that but it should work. Ultimately all this does is put some files .net needs in the web.

I am trying to set up ASP protect 6 and have a problem that when a new user registers their email is not transferred to the database.

I can see the rest of their entries both in the database and in the admin/edit form but not the email.

Any ideas?

Good Morning - I am receiving an Http 500 internal server error when I go to add a new user via the register.asp page.   the url when the error appears is: .../users/add_new_account.asp

I think the error has to do with my email component setting - becuase it works fine otherwise.

I have the email component setting set to CDOSYS (using remote server) with the mail.remote.server set to email.cidra.com - email address set to webmaster@cidra.com

Note: I receive the email notification and the user does get added.

Can you help please? Shirley

UPDATE...I just figured out that it only errors when the email address I use for the user is NOT from cidra.com -- Any idea why?

Glad it worked

I installed the ASPProtect.NET project no problem.  I am using VS.NET 2003 on Windows XP SP2 (and fully patched).  I am able to build the project successfully, however I cannot debug the project.  I get an error "Unable to start debugging on the web server. The project is not configured to be debugged."  The web app runs fine just browsing to it.

I know this is an isolated problem particular to this project.  I have MANY other .NET projects that I can debug without any problems.  I have tried going into IIS and turn on the debugging for server-side script debugging and making sure my IIS application setting were configured correctly.

Can anyone shed any light on this at all?  Christopher, is there any reason I should not be able to debug this?  (i.e. the aspprotectlicense.dll)

Thanks,

K

Chris: You are right about a little extra coding to make it work. I am still learning .ASP coding, so I did a little web searching and used IF THEN statments to confirm a member logged in with a valid Access Code. If valid, the protected page executes, with the Member's Name and Access Level on a single line at the top of that page. Looks sharp! If not logged in, or a non member (who found the page via Google), I used a Redirect to send s/he to a login page with optional links as you suggested (http://www.vspa.com/aspprotect/vspa-password-failed.asp) . I couldn't get it to work when using Group Access, but I am sure that is just because I am a novice at .ASP (I will post that example when I figure it out). Meanwhile, here's the code I used that works:

<%@ LANGUAGE="VBSCRIPT" %>
<!--#INCLUDE FILE="dataconn_inc.asp"-->
<!--#INCLUDE FILE="check_user_inc.asp"-->
<!--#INCLUDE FILE="config_inc.asp"-->
<% =Session("First_Name") %>&nbsp;<% =Session("Last_Name") %>:
<%
If Session("Access_Level") = "6"  Then
    Response.Write "VSPA Active Member Access Level 6"
 End If
If Session("Access_Level") = "7" Then
    Response.Write "VSPA Life Member Access Level 7"
 End If
If Session("Access_Level") = "8" Then
    Response.Write "VSPA Officer/Staff Access Level 8"
 End If
If Session("Access_Level") < "6" Then
    Response.Write "Access Level 1-6 NOT AUTHORIZED RESTRICTED AREA ACCESS"
    Response.Redirect("vspa-password-failed.asp")
End If
%><!-- http://www.vspa.com/aspprotect/vspa-password-enter.asp -->
<!-- *** End ASPProtect Code *** -->
<html>
<head>

it is an email server/setting issue most likely

your email server probably requires outgoing authentication or something like that and that is why internal emails can be sent to but nothing else

its something along those lines

this will help you see the real error instead of the generic 500
http://support.cjwsoft.com/code/moreinfo11-1.htm

It does not matter what directory name the ASPProtect files and folders are in but you cant go moving around critical file and folders like it appears you did nor is there any reason to.

All that is is saying is that the users folder, the password_admin folder, the scripts folder, the check_user_inc.asp file, and all the other files and folders that come with the system can be in any directory name as a whole.... but that doesn't mean you can go messing around with the files and folders in that directory.

I assure you 100's of users do not use "aspprotect" as the main folder name and they have no issues doing so.

Regardless, you need to explain in much clearer detail exactly what you did and what paths you used and what is where.  At this point I really do not know what is you did as your post was not clear to me.

You should also check that you have entered correct path info in the admin settings page area. The register page is one of the paths that geths set there.

Yea.. that error is totally because the asp pages are looking for fields in the database that are not there.. and causing a nasty loop.

if using the option pack you must go over the directions very carefully...
Make sure everything works step by step..

After upgrading to option pack code you either need to upgrade the database from the base system or use the newer database provided with the option pack.

Then.. you want to test every function of the groups.. if pages act slow and seem odd... especially the groups page and edit users page..
Then your not using a valid database. Either you didnt upgrade the old one, are not using the new one, or your connecting to an older verison by accident and not realizing it.

That's pretty much it...

If you still cant see the upload buttons after checking the settings send me a PM with the info and I will take a look at your installation. It will have to be up on a live server of course.

I have ASPProtect up and running and I was able to log in with little to now problem after following all of the directions. 

I imported my data base of users (approx 5300) into the access db, and now it times out just letting me log in.

I've got full access to the web server to make any changes on that end that I need.

any ideas?

1st: try it with a normal dsn-less connection like we show in the example.. dont use that OLEDB.4.0 connection string.. connecting like that can cause a lot of problems and is not as great as everyone thinks it is and it can sometimes be difficult to get it working when the database has a password set on it

For the sake of troubleshooting just connect like so: (fixing the path of course)

ConnectionString = "DBQ=C:\Inetpub\wwwroot\aspprotect\data\database\ASPProtect_ access2002.mdb;Driver={Microsoft Access Driver (*.mdb)};UID=Admin;Password=temp"

ASPProtect will generate the actual connection string you should use when you run this page

http://www.mysite.com/data/setup_info.asp

Replacing the part in blue with your website info.


2nd: any IIS server setup to have the access database over the network path like that has a poor setup... and that can cause all sorts of problems as well, access is not designed to run over the network like that.. for more on that read this thread -  Start 5 posts down
http://support.cjwsoft.com/code/code_info.asp?TID=479&KW =OLEDB%2E4%2E0

3rd: If the app does not run using the connection string like I say to use then the problem is 100% on their end and is either related to permissions or the fact they are keeping the access database on a network path which is BAD BAD BAD... no quality host that knew what they are doing would set it up that way.. ultimately you don't want to host asp with a place that has a setup like that

4th: If you want to try some other stuff out we have a free guestbook, asptest, and a free version of aspbanner you can try out as well... www.cjwsoft.com

5th: If you need a quality asp host that knows what they are doing and offers great asp support www.alentus.com is the place

6th: Your right, it is not the code, its the data connection

Great suggestion, routing the banner click through an intermediate page before the destination.  We use Deepmetrix LiveSTATS.xsp V7 and I should be able to configure a filter to capture the stats of the intermediate page.

Thanks for the help!
Lance

Larry,

I have a new computer up and running and am back on the Internet full time. I am here to help when you are ready to continue with this.

I went to your site to look around and "try it" like you mentioned but I can not really try anything as the admin username/password seems to be something other than the default

You really can not do something like that. You can not use client side code to change a server side session variable.

To make changes server side a form must be submitted or a link clicked on to another page. Then you can do whatever you like but you cant have an onlci event update a session variable like that.

Though I am not sure of exactly what you are trying to do I think you'll need to go about things a little differently.

New Power Supply and a new (CPU Fan/Heat Sink) seemed to do the the trick. She's running like a champ now...

Hopefully it keeps doing so. Only time will tell.

It she's stable I can get back to designing some new software.

thats because you can not have exchange server running at the same time as the windows IIS virtual smtp server..

they clash with one another... and thats why the emails never get picked up by the iis stmp server

you have to send the emails another way like using a true remote mail server..  I am not sure but if your exchange server can do pop 3 you can probably use that that way

you may be able to change the pickup directory that cdosys uses under the virtual SMTP scenario, but I am not sure if that will work with exchange picking it up, but maybe it will work ok because you said it does when you paste them in there manually.. I do not really know.. you'd have to try it and edit the email sub routine to use that pickup path

"scripts/emailing_subs_inc.asp" is where you could try editing that path

ERROR [HY000] [Microsoft][ODBC Microsoft Access Driver] Operation must use an updateable query.

Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

Exception Details: Microsoft.Data.Odbc.OdbcException: ERROR [HY000] [Microsoft][ODBC Microsoft Access Driver] Operation must use an updateable query.

Source Error:

An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.

Stack Trace:

[OdbcException: ERROR [HY000] [Microsoft][ODBC Microsoft Access Driver] Operation must use an updateable query.] Microsoft.Data.Odbc.OdbcConnection.HandleError(IntPtr hHandle, SQL_HANDLE hType, RETCODE retcode) +27 Microsoft.Data.Odbc.OdbcCommand.ExecuteReaderObject(CommandB ehavior behavior, String method) +838 Microsoft.Data.Odbc.OdbcCommand.ExecuteNonQuery() +80 aspprotectnet.aspprotectlogin.Login_Click(Object sender, EventArgs e) +2284 System.Web.UI.WebControls.Button.OnClick(EventArgs e) +108 System.Web.UI.WebControls.Button.System.Web.UI.IPostBackEven tHandler.RaisePostBackEvent(String eventArgument) +57 System.Web.UI.Page.RaisePostBackEvent(IPostBackEventHandler sourceControl, String eventArgument) +18 System.Web.UI.Page.RaisePostBackEvent(NameValueCollection postData) +33 System.Web.UI.Page.ProcessRequestMain() +1292

Version Information: Microsoft .NET Framework Version:1.1.4322.2300; ASP.NET Version:1.1.4322.2300

I am getting this error message when trying to log in as admin or registering a new user. I am using Windows Server 2003 and it is a DOMAIN CONTROLLER.

I have read that there is NO ASPNET account for a domain controller. In its place is the IIS_WPG account. I have given this account and the IUSR account FULL CONTROL.

STILL GETTING AN ERROR. ANY SUGGESTIONS???

recent activity infomation is temporary and mantains itself per application start up.. when the web application restarts for whatever reason the info is reset

a reboot, an iisreset on the server, application pool restarts, etc etc
this is done because if that info was saved in the database your database would get huge real quick

logfiles however do not do that and are permanent

I am having problems with a password a user wants to use.  He wants HANNAH.  When he (or I) try to log in with his username and password, I get a syntax error  -

Syntax error in string in query expression '(Username = 'changedforsecurity') AND (Password = ' éG'.
pathOnComputer../1protect/check_user_inc.asp, line 114

I've obviously changed the username and the server path in the info above for security. 

I have not messed with the encryption.   

What is it that the system doesn't like in the word HANNAH as a password?  I would just change his password for him but this guy has enough trouble just turning the computer on!  Confusing him with a new password would take weeks to set him straight. 

Thanks,
Mick

it has been 3 days since I logged myself in under Admin, and all the user information on the User Activiy screen seemed to be gone.

is there any specific length of period it refreshes its user information??

I have imported like 50,000 users into an access database when testing... it took like 4-5 minutes but worked..

course it really all depends on the setup how many you can get away with

something must still be wrong

have you tried just importing 1 or 2 users for troubleshooting sake ?

I would also recommend that after any timeout you reboot the server or at the very least do an "iisreset" to get things back to normal

Ok, I started the database tables from scratch. I did everything using sql enterprise manager and query analizer..

Same thing happens... certain passwords just do not work.

So I did a lot of testing and I have come to the conclusion that this has something to do with the regional settings of that SQL server.

Here is an example.. see the screenshot below.

Username "admin" password "petepetepete"

The top query done in Enterprise Manager is valid and shows the user.

The bottom query is also valid but it does not show the user.

And that is exactly what is happening from the ASP codes point of view.

Now, this means that even though that encrypted password is getting saved to the databse correctly this particular SQL server just cant deal with it from a QUERY.

It works fine on two different SQL servers that I have. It's just got to be something regional related like unicode characters not being dealt with correctly or something odd like that.

I tried changing the collation data for the "Password" field type on that SQL server and it looks right. I don't know what else to do but it is something about that SQL server. There may be a way to change the regional setting through the connection string but I cant find any articles on that right now.

One solution I have for you to get this working there is to eliminate the encryption factor then I dont think you will have these issues.

It's either that or find another SQL server with US type settings or use MSAccess. ASPProtect runs nearly as fast on Access as long as you do not have over 10,000 users or whatever. The system hardly ever accesses the database so it performance under MSAccess is always good.

Let me know what you want to do. I can shows you how to eliminate the encrypytion factor if you want to try that. I think if I make you a custom version of the RC4 function you can just replace that and then the system will use plain passwords.

Your call..

[QUOTE=cwilliams]Humm, Did you make any changes to the code ?
Solid Black is not the default so it must have changed at least once.[/quote]

I did change the top_logo.gif and the associated link. That was on the default page not the Solid Black skin which is unchanged. After downloading/uploading the skins I tried changing it to one of the Beach skins and that's when it changed to Solid Black and has been stuck there ever since.

[quote]Otherwise it might be some sort of application variable problem.
I would make sure the web is and "application" in the IIS console.[/quote]I don't have access to the Microsoft IIS console as this is a host site. I can access the site's "control panel" but it does allow for those type of settings. Mostly just permissions, DSN entries, etc.

Thanks.
Al

The company that hosts our business web site has been impossible to deal with in assisting me in getting asp protect to work. Getting the rights set correctly took 6 days and then getting parent paths enabled has been impossible. There last response was simply this:

The includes were changed so that if your server does not support "parent paths"
' and the "../" that you could easily change a few files like this and make the
' includes virtual includes instead of file includes. We didnt make them virtual
' includes by default because depending on where in your site you put the application
' the virtual include path would be different. They are also much different on a local
' development server than they would be on your real server
'
' Here are some examples of what you might change these includes to
'
' If you put the aspprotect folder in the root of your domain at your server
' example: www.mydomain.com/aspprotect
' then you would probably use
'
' #INCLUDE VIRTUAL="/aspprotect/dataconn_inc.asp"
' #INCLUDE VIRTUAL="/aspprotect/config_inc.asp"
' #INCLUDE VIRTUAL="/aspprotect/scripts/emailing_subs_inc.asp"
'
' Or if you didnt use the aspprotect folder and just put the contents of it in the root
' of your domain
' then you would probably use
'
' #INCLUDE VIRTUAL="/dataconn_inc.asp"
' #INCLUDE VIRTUAL="/config_inc.asp"
' #INCLUDE VIRTUAL="/scripts/emailing_subs_inc.asp"
'
' It really all depends on what works for your situation
' If you want more information on server side includes read this article at PowerASP
'
' http://www.powerasp.com/content/code-snippets/includes.asp

I am assuming that they will not enable parent paths and I need to modify some code. I do not know asp. WHere do I modify the code for a server that will not enable parent paths?

Thanks,

D