When I add a user, I can not activat it.

What do you have the registration type set to in the settings ?
They wont be activated automatically unless you have "automatically" selected ?

It sends me back to log on and will now allow me to log in as admin???

I am not quite sure I understand ? Seems to me like that would be normal because you can always log in as the admin at any time. If you cant log in as the user you just signed up as that could be for a couple reasons relating to the registration type you have slected in the settings. There are 3 types all epxlained in the settings screen. Some require manual activation byt the admin, some involve a registration email.. etc etc

I can restart the APP and log in as Admin, but the user I added
is still not activated??

How and why are you restarting the applicaton ? Please explain what your doing there.

My system will also not allow me to set the Stay Loged in FLag.
It just ignores it....

As I told you in an email earlier cookies must be enabled for authentication to work. You mentioned now you can not log off ? I am not sure I know what you mean by that. I assume you know to close all browser windows when testing things like this and I assume you know you have specifically log off and confim it in order to remove the remember me cookie and have to log in again when you return to the site.

Is there any way to extend the limit multiple login feature to a certain number instead all or none?  In other words, i need to have a user be able to use the same login for x number of people.  My customers are institutions and want to be able to have a single login for however many users they purchase for.

not really, aside from looking in paypal and manually adding each one for each user...

how many users are we talking about anyway ?

and were any of the users new sign ups from scratch because if they were and that field didnt get populated that is weird?

ultimately aspprotect does not use that field. I was just storing it for the sake of storing it... so its not a big deal but I would still like to figure out what is going on

removing the expiration dates from paypal subscripbers will be enough to fix the issue your having about them getting the expiration notifications

Regarding hosting companies..

Now.. obviously if you are hosting on someone elses server you may not be able to set permissions like this.

Ultimately, if you are hosting somewhere and ASP and Database connectivity is part of your hosting plan. It is the hosting company's responsibility to set these permissions for you when asked or to give you a special interface to do so on your own. If they are not helping you do this then maybe it is time to get a hosting company that is serious about your ASP Hosting Needs.

Also... JUST TO BE PERFECTLY CLEAR

The permissions we are talking about cannot be set via FTP or Frontpage access to your web site. They must be set like shown above or via a special interface meant to set the permissions correctly. For all you people out there messing with the permissions you see in FTP and Frontpage.. you are wasting your time and possibly creating problems in your web.

All ASP scripts that communicate with an Access Database, Upload Pictures, Modify Text files.... are going to need these permissions set in some way or another. We have no control over that fact.

Nobody ever asked me, so i guess npegley sorted it.

The solution is indeed a single line added to your button form code ..

eg :

<input type='hidden' name='return' value='http://www.your-return-url/here.asp'>

This will overwrite any settings you have in your paypal preferences.

I posted this reply for anyone stumbling on here with the same problem. Hope it helps. :)

Dave.

Hi there, I am not exactly what you mean when you say "moved some of the include files to user"

are you saying you are moving files around ? I am not sure what you mean there.

but.. the parent path issue is described in detail here

http://support.cjwsoft.com/code/moreinfo5-1.htm


Having is enabled is actually a requirment of the photo gallery application as stated on the web site
http://www.aspphotogallery.com/aspgallery_pro.asp

You can certainly still use the apllication but as that article says you will need to change any file includes to virtual includes so they will work with parent paths disabled

Sounds great, Sold!

Thanks Christopher!

I have connected to countless DB's using my own applications written in dreamweaver and have tested them on my own server and also my web facing one.  BUT this seems to be different.  no matter what I try I still get this error.

[Microsoft][ODBC Microsoft Access Driver]General error Unable to open registry key 'Temporary (volatile) Jet DSN for process 0x440 Thread 0x6b0 DBC 0x1f995bc Jet'.

On both a windows 2000 server and also a windows 2003 server. Also using both DSN and DSN less connection and oledb.

Any help would be greatly apprectiated.

Thanks

Login failed for user 'aspgallery'.

Okay, shouldn't this be trying to use aspgalleryuser?

Lance

at this point I would say install a fresh untouched copy in the web in a different directory and lets see if it acts weird from scratch.. the we can go from there.. I dont know what is going on

check the action for the button in the code... its probably not posting back the the right page which should the same page it is...

I bet ya it is posting to guestbook2 which is the wrong directory... an old mistake I forgot to correct...

Hi all,

I have the photo gallery set up at www.kashabowieoutposts.com/gallery

It's great - love to work with it.

But I've never been able to get those with just User permissions to be able to upload... Only an administrator is successful in uploading.  This was no problem in the past, but now this client would like to give their guests a means to share their pictures on their site - so now I have to figure out the bug...

... this is the error I keep getting...

Your upload did not succeed, most likely because your browser does not support Upload via this mechanism.

Your browser must support a standard called RFC 1867. Please check with your browser vendor for support of this standard.

------- anyone else experienced this?

Many thanks all!!

Doug

Honestly cannot comment much about v7 since it was just installed on a new server.  We have been running 5.03 for years so I'm looking forward to the new features in v7.

Lance

Below is the email I received when testing the self-registration. Does anyone know what setting I configured incorrectly?

I received the email to confirm the registration but the link to activate is invalied.

Thanks!

Your registration still has to be validated.
Go to
?u=bubbaj&v=4579
to verify your registration.

ok, then I need more information.

Was the code changed ? Thats the big one. If it worked and now it doesn't something must have changed. Things just don't stop working on their own. I would try putting the original files back in there for everything but the config and dataconn files just to make sure and see and if it works with the original files. (back up your old ones 1st so you can copy them back of course)

Also, perhaps PM me the site info so I can go look as well.

5 Computers in an office, random hardware and operating systems.  Some wireless some wired - all the same ISP connection.

Some users do not see the PLACE A NEW AD hyperlink.  How can this be hidden?  There is no conditional statement yet some see it and others don't.

To make this problem even more confusing if I take an image and put the place_new_ad.asp hyperlink on that image the users don't even see that image any longer.

How can this be resolved?

Is it actually possible, with your product, to password-protect the folder that has the actual database without having to require customers browsing the listings to enter a password, or will password-protecting the database folder prevent customers from browsing the classifeds listings?

yeah.. I cant say for sure.. as I have never really tried to get it working in xp pro.

Last time I actually used cdonts locally was on a 2000 box

I would do a google search on xp pro, smtp service, and cdonts and let us know what you find out.

All of our apps can use free 3rd part emailing components as well so maybe try some of those. Course you need a valid email server to connect to.

enjoy the bar.. drink one for me.. cause that was the problem..

Chris:

The string is being saved and I get a .wav ring sound to confirm.  I have tried editing in "notepad" and then running the "data/show_path_info.asp" file after with the same results.

Ken

I am trying to find out where I can enter the ttle for the application.

There is a variableor field called App_Name into which it would be good to insert a generic name. Can this be edited?

I have searched high and low but cannot find anything to do with it.

Hi Chris,

Alright.  We figured out how to work with both C# and VB, by creating a separate VB web project in VStudio, and then passing the aspprotectnet.dll to the C# project.

Ok.  I have another question:

How can our code determine the identity and user_id of the currently logged in user:

Is it Session["User_ID"].ToString() and Session["Username"].ToString()?

thank you

I do not think it it anything to do with the Application.

You most likely have some sort of ad blocking software that is doing it.

It is seeing the word "banner" or "ad" and blocking the images in your browser.

I doubt it is anything built into xp doing it. XP with SP2 has built in pop-up blockers but no ad blockers like that really. It is norton ad blocker or something of that nature.

I did the initial steps of downloading the sql scripts and running it in Query Analyser, tables created fine.

I can login for the first time. I exit from the browser and then I cannot login again. This happens for every user and admin.
I noticed that the values in the fields "Login_limit" and "Active" in the ASPP_Users table in the SQL changed to NULL and 0 when login and remained in those values after close the browser.

So iam just struck not able to log in. Pls advice.

Both the NET and Classic ASP versions of this application are designed for fine granularity protection of individual apsx extension files. ASPProtect.NET is not designed or intended to protect sub directories, or non aspx content such as Adobe Acrobat .pdf files etc etc.

I completely disagree with your statement that “most sites” have a login box on the left hand side of the page. I suspect you thinking of the ever popular php based forums and “Nuke” type CMS systems which are set up that way but if you look at any site written entirely using .NET that’s rarely if ever the case. (Granted I cant say for sure because I personally haven’t looked at >50% of the estimated 18 billion +  web pages on the internet) Just off the top of my head www.CafePress.com come to mind as a pure .NET site. If you take a look the login button it takes you to its own login page there is not global login form used throughout the site. Reason being that .NET introduced this thing called a “view state” which is used to store things like your session ID (and way more) and must be posted back to the server in order to keep track of visitors. This technology comes in especially handy when you have a web farm in place and your content is being spit out out by more than one server at the same time

I can think of loads of scenarios where the web servers need to know who you are even though you are never directly contacting them via http. This approach is a very smooth and actually very clever solution for enterprise level websites that simply can’t be handled with a single web server.

 On a practical level I know what you are saying but that application sets up all sorts of things when a protected page is accessed and the user is not yet authenticated. That’s the entire reason you need to put that snippet of code at the top of a page you want to protect. That code snippet calls the ASPProtect.NET class and runs through all the logic to see if you are able to access the page. If you are the subroutine exits and the server continues to process the remaining logic on the page. AKA you are able to access its content. If you are NOT authenticated ASPProtect will setup all the proper session and viewstate info and redirect you to the login page for authentication. You may have also noticed a parameter on the login page called ReturnURL. The application looks for that info and if you do have a user ID and password the application automatically redirects you to the page you were trying to access in the first place.

Really I have no idea what you are trying to do, but there is a world of difference in how something looks verses how it works. Lets just say there was a simple way to do what your thinking, what are you going to do with that login form after the person logs in? Just keep displaying it on the entire site so people get confused and don’t know if they are logged in or not? Just that little part of the equation will require making some changes to either ASPProtect.NET or your application will have to have some logic built into it to stop displaying the login forum.

It sounds to me like your basically looking for a super simple 101 type deal that allows people to sign up for an event and you the admin can see that information? I’m guessing they can also log in again and check out their details and see what event they signed up for?

If that’s the case you’re trying to take a very sophisticated protection application and downgrade it into something that would be one heck of a lot easier to write all from scratch in about an hour.

Your not going to be able to “plug and play” a simple form into a page and turn that application as a magic universal login solution for a website, while its 100% possible to use the application that way if you choose, you need to check out the source code and plan your custom integration accordingly.

Sorry, there is no option for that.

I'll take it into consideration, but the way the banner rotation logic works would make adding such an option very complicated.

Just give it  an expiration date way into the future if you do not want an ad to expire anytime soon.

I usually just make all my ads expire in like 2020 or something like that since I don't want them to stop running either on some of my sites.

how di I change the currency dollar sign to gdp pound sign ?

I need all my tranactions in gdp puund sterling to use on paypal

regards

simon

As an update to this thread I fixed the "upload_post.asp" page quite some time ago but forgot to post the updated file here.

So here it is.

2005-09-16_165913_upload_post.zip

SQL Database Creation (NEW INSTALL)

If you are creating a new database do so using SQL enterprise manager.
Create a new database called whatever you like and keep all the default settings. If using an existing sql database skip that step.

Now open up SQL Query Analyzer

unzip the following sql script and open it in query analyser.
2005-02-20_132116_aspprotect_v7_sql_script.zip

VERY IMPORTANT
On the drop down box at the top right make sure your intended database is selected. Otherwise your changes may effect the wrong database in your SQL server.

Then load the script  into the Query Analyzer.  Click the green play button at the top. If everything goes well the response should read something like this.

******************************************************
(1 row(s) affected)
******************************************************

If so the tables have been created in your existing database.

Now make sure an existing or new SQL user has (public / datareader / datawriter) permissions for the new tables. You will be referencing this user in the asp code connection string so this user must be set up correctly. You may need your SQL server admins or hosting company to help you on this step as you may not have access to do this. You may not need to create a user and set permissions as the sql user you were logged in as to use query analyzer may by default get the correct permissions on anything you create.

Regardless, as you can see from this screenshot I made a SQL user called "aspprotectuser" and proceeded to set the permissions for that user. Under database access giving him (public,datareader, and datewriter permissions).


Now, in the ASP files provided with ASPProtect edit "dataconn_inc.asp" with a text editor and modify the connection string info. Be sure to change the info to match your server,username, and password.

Below is an example of valid connection string.

ConnectionString = "Provider=sqloledb;Data Source=poseidon;Initial Catalog=aspprotect;User Id=aspprotectuser;Password=temp;"

The  "Data Source" setting is either the Network Name for the SQL Server or the IP Address. For local servers you can sometimes use an IP of "127.0.0.1" or the name of the local server.

"Initial Catalog" is the name of your database.

Now, in the ASP files provided with ASPProtect edit "dataconn_inc.asp" with a text editor and set the DatabaseType variable to SQL like so.

DatabaseType = "SQL"

Chris,

Yesterday when I would access the get_me_in page with the password key, I was then taken to the default login page.  It did not give me the option to create a user. 

Today, when I entered the password key into the get_me_in page, I was taken right to the create user page.  So, yes the problem has been resolved.  I have no idea why though.