Every application we sell that has a password on the database uses "temp"

Also, the password is in the connection string in the dataconn_inc.asp file.

After all, the ASP code needs to know the password just like anyone that wants to open the database would.

[/QUOTE]

That i have, my question revolves around the all the users and passwords that I in that database. I need to be able to export that list to word for a mail merge list, but when I do the passwords show up encrypted. I need to be able to get an unencypted list.

thanks

This is great documentaion for windows script 5.6
in windows chm file format for jscript and vbscript.

We use server side vbscript in all our our ASP 3.0 applications so this info can be a lot of help.

2005-02-18_150921_vbscript_docs.zip

You need to make sure you created the SQL database using the SQL scripts we provide and that no errors occur whatsoever. That is extremely important. You must use our SQL creation scripts.

Then, when you create the user you need to go back to that user and make sure you check the admin account and save that user again. (many times when setting up a system for someone I find myself forgetting that step and then I have to go back in and check the admin box for the user I created.)

And of course create the user from the ASPProtect admin area web interface. Do not add the user to the database manually because you will have no way to enter the password correct as it is encrypted. And do not change the encryption key after making the user/.

It would also be wise to check the SQL server database at every step to make sure the user info gets created and that all the field info looks correct for the most part.

You also want to be sure to specify SQL as the database type side the connection string info as the SQL directions go over

a remote sql server should not an issue.

thats really all I can think of right now

basically one at a time because of limitations of the file uploads that browsers can support 

more on that here
http://www.aspphotogallery.com/pro_add_ons.asp


An Admins can however ftp a bunch of pics to the import folder and import them into any album all at once pretty easily

It's custimization work. and just not something I can support.
Basically it is basic ASP/Database work.

Something you kind of need to figure out on your own. It's not difficult work for a good asp coder but there is no easy way and it is time comsuming.

I wouldn't use the custom fields though. I would make your own.
It's simpler that way.

UPDATE:  read whole thread..
Version has been delayed




These are my personal notes on the new version of ASP Photo Gallery that should be out sometime in May/June 2004. Please ingore any typos.

This version may be more expensive than the current pro version as this is a major re-write and there will be a ton of new features.

Regardless, special pricing will be offerered to existing users.

If you see any features not listed that you think would be nice please post them here. We will of course consider them.

ASP Photo Gallery Version 4

------------------------------------------------------------ --------------------------------------------

Finished Improvements:

new setup page makes setting up the data connection easier than ever
it attempts to determine the possible data paths and makes suggestions for what to try
when you finally get the data connection working it gives you a link to the admin area of the application
so you can get started using the application

all database table names can be specified in the config_inc.asp file for advanced users that they may need
to change the table names in the database.. helpful for sql installation where one sql database must be
shared by many applications

new data folder is the only folder that needs permissions set
before multiple folders needed permissions
now everything can be put in this folder... database,logfiles,configuration files,picture upload folders...
eventually all cjwsoft applications will do this allowing multiple cjwsoft applications to use that same folder
therefore making it easier than ever to setup more applications without asking your host to set more permissions

new text based config file makes it easier to add new options to the program without making changes to
the database structure... therefore the need for the configuration table in the database has been eliminated
this also reduces system resources needed to load the config data for each page because it eliminates calls to the
database for config data

added voice effects for data connection page, intro users page, and settings page

made it so ratings color was an option (red or blue)

fixed minor bug that wasn't showing fixed category heights when that was selected and am image wasn't originally sized that way during initial upload

changed logfiles dates so they always show up in the proper order 09 vs 9

added config option to change bit query value to 1 or -1
default it to 1.... this is a technical thing

added the extra options currently in the config file to the settings page so people do not have to manually edit that
file any longer...

added new persits email option and authentication options to the settings page

added new CDOSYS emailing option

added support for dundas emailer

added support for ASPSMARTMAIL

fixed word filter so if it is empty it doesn't mess up
also make editing it part of the main settings

made email functions include file and edited all page that email to use it

added css/style sheet support and removed a lot of the old font tags

seperated the settings page into sections because it was too big and confusing

added ability for text watermarking when using the ASPImage component

made the picture upload error message no longer mention browsers that do not support picture uploading
as that is confusing people... and the problem is never that anymore

Made the ASPImage test page delete the bar graph before creating it so if it is already there they will
not think it is working

added crystal ball feature to admin users screen... shows additional user info when you hold the mouse over it

Made search function highlight search word in results.
Made the search function search the image description text files as well

Eliminated the guestbook directory as there was no need for the guestbook to be in it's own directory. This also simplified the menu.asp file as the guestbook section could be removed.

------------------------------------------------------------ --------------------------------------------

Possible Improvements:

eventually make new and much better directions/documentation... html based for multiple reasons

Eliminate the need for parent paths to be enabled on the web server.
(THIS MAY NOT BE POSSIBLE)
Many hosting companies disabled parent paths and will not enable them for their users.
On Windows 2003 Server Parent Paths are disabled by default.

make it so users ability to upload pics can be optionally disabled

possibly make some of the special functions in the extras folder built in to the admin area

Make the category picture uploader smarter because of the jpg gif issue when reuploading cat icons
A jpg loaded over a gif.. doesn't delete the old gif graphic and vice versa

Reduce number of ".asp" pages in general.

Use more functions for redundant tasks.

Optimize all instances of the old filefound function which is using more resources than are necessary

option.explicit the entire application and get all the variables dimmed once and for all

possibly incorporate the new category system I am working on which allows for unlimited categories and levels
also simplifies the heck out of the pages that call the categories

possibly add some cool image manipulation functions such as rotation for the various image components supported

possibly add the ability to move pictures around in an album. and maybe between albums
I must also remember to move the ratings and desc as well for that image.

possibly add the ability to make individual pictures require approval

possibly add the streaming image ability (asp page called from image tag) I came up with as an option for
people that can use it. this will better secure images in password protected albums and also possibly make
it so images can only be viewed from certain urls.. and maybe make an interface for a list of allowed urls

improve the .net support to also resize the larger images.. currently it does not

possibly add a feature to store 3 versions of images uploaded
thumbnail, medium res, and high res/original
this will appeal to professionals or people that may want to sell prints
storing a large version will be optional

possible support for multimedia content other than gif and jpg images

fix... url to link to..   problem on control pics page when both a jpg and a gif are present... which also relates to a another slight
bug that needs to be taken care of

make interface in admin to listen to installed midi files
and also to upload / delete them

possibly make per album guestbook... or call it something else like disussion or comments

add option to store the images orginal name in the images description area during upload
may be helpful to people that name their images in a somewhat descriptive way

change approval settings so they work on a per user basis
eliminate access levels from edit user screen and get rid of the level 4 stuff mentioned
possibly add a per user option for individual pic approval as well if I get that feature implemented

add support for the ibulc bulk upload client that I recently discovered
it is very cool

Line 409:
Line 410:
Line 411:		<authentication mode="Forms">
Line 412:			
Line 413:			<!-- DO NOT CHANGE UNLESS INSTRUCTED TO DO SO -->

I am still a little confused... one thing I would like to mention is that the passwords in the aspprotect database are encrypted... meaning you cant just add a password to the user database by hand because it wont be the encrypted value and wont work.

It is something the application takes care of when you add a user via the web based interface.

You can however still add users manaully or with careful import/exporting... but you will have to use the existing password conversion technique which is covered at the end of our upgrade instructions in these forums.
http://support.cjwsoft.com/code/moreinfo174-1.htm

Basically you want to add a field to the "ASPP_Users" table called "Old_Password" and that is where you enter the password in plain text. Then after you are finished adding users to the database manually you do this.

You want to run a special page via the browser.

http://www.mysite.com/password_admin/convert_to_encrypted.asp

Which will convert the passwords to the encrypted value for you.
See the bottom of this thread for all the info on that.
http://support.cjwsoft.com/code/moreinfo174-1.htm

Probably not... javascript calling complex javascript is not a good thing and is often a problem.

I would try one of the other methods such as the xml parser if possible.

Well. fontpage publishing is evil. That you have found out.

Do not use it. It usually wont work right when running asp code locally and also at the server because of differences with the paths and virtual directory structure. etc etc etc

You can definetly use frontpage to connect to the web site live and drag and drop files into it/edit them... but the sooner you stop using the publishing feature the better off you will be.

• What kind of encryption do you use with version 7?
• If I purchase version 7 and use it on my site with a new SQL database then migrate the old records from version 6 so I can by-pass the issue with my home-grown Base 64 encryption, do you forsee other issues with the upgrade?

Greetings:

I am doing the initial set-up and have run into a problem. Everything has gone smoothly up to and including pulling up the get_me_in.asp page. When I enter the "PasswordEncryptionKey", nothing happens. The page just sits there without doing anything and the browser says it's opening the page, but never does. I have tried entering the value with and without the double-quotes. The value is the correct one from the config_inc.asp file. I did a copy paste from the file twice to insure I transferred it correctly.

I am running Windows 2000 server.

What now?

Warren

Hi,

I basically explained how I thought that might work here where I went over everything I could think of and suggested you download the free version and see if you could get it working
http://support.cjwsoft.com/code/moreinfo488-1.htm

The part about using the alternate scenario involving querystring info from a url.

I have never done anything like that and that is why I told you what I knew and suggested you try it with the free version...

I really do not know to tell you the truth. I'll do some research.

The script only allows .jpg, .jpeg, and .gif extensions.

If someone uploads a file called... "filename.vbs.jpeg" with bad vbscript in it I seriously doubt anything can happen because of it because of the extension.

But I really do not know.

It has never happened to any sites I have or know of.

so you are using the subscriptions signup directory right ?
"paypal_signup2" ?

1st.. I would check that the xml parser is working.

It is required for making the post back to paypal.
It is installed on windows 2000 and 2003 and XP by default.

http://support.cjwsoft.com/forum/forum_posts.asp?TID=134& ; ; ; ; ; ;PN=1


Then I would check the actual form page to paypal to make sure it is generating a valid IPN url as a hidden form value.  It's the payment page you actually click on that actually takes you to paypal. For the subscription signup system that page is called "paypal1.asp"


You'll want to go through the process starting with the default.asp of the signup folder untill you get to that page. Then you want to look at the html source of that page in Internet Explorer. Your looking for something like this in the source code and you want to make sure it is valid.

<input type="hidden" name="notify_url" value=http://www.mysite.com/aspprotect/paypal_sub_signup/ipn.asp>

It also has to a url on the internet that paypals server can see. It can not be a local url for your machine. Also: If it is not valid we can try hard coding it.


If all of these things are good I'll have to take a look. I have some text file logging I can do when paypal hits your IPN url that can tell us if it is actually hitting that page like it is supposed to. And I can test the system for you by making some 1 cent payments using my own paypal account until we find out what is going wrong.

Alternate Method to call banners from non ".asp" pages.

<iframe src ="http://localhost/aspbanner/aspbanner/aspbanner_inc.asp?Ban nerZone=4" width="468" height="60" frameborder="0" marginwidth="0" marginheight="0" scrolling="no"></iframe>

Be sure to delete the space in the BannerZone variable above. I am not sure why it is doing that in this post.

You can try calling the banners in an simple iframe like so.
This method should work much better than the javascript method because users with javascript turned off will still see the banners. You also will not have any of the limitations the javascript method has. Iframe is now supported by most recent browsers so it is now a good solution. Here is a chart that shows which browser versions support iframe.

Be sure however to edit the height and width values accordingly as that is very important.

The ASPProtect v7.x Documentation is now available as a download in windows ".chm" format. (needs to be viewed on a windows based machine that can read it) If you are using XP with Service Pack 2 follow the instructions below or you will not be able to view the help file.

Download Documentation

You should save this file and then open it.
Just opening it from download may not work and you will not be able to read it correctly.

Please continue to check the support forum threads for the most up to date documentation.


IMPORTANT
If your are using xp with service pack 2 there are some new security features that can block the access of help files you download. So as far as the ".chm" file goes.. you have to download it... right click on it...go to properties... then  choose unblock down in the lower right corner ...then you can open and view the file correctly

Hi all

User activity screen shows history of logged-in users.

Is it possible to view only those users that are currently logged in ? not the all users that have logged in previously

thanks in advance

I pull that crap on myself once and a while... or my favorite is leaving a bootable CD in the drive and then wondering why the heck the OS doesn’t come back up. I pretty much promised myself back in 2002 that I would never mess with anything minor after 10PM. For whatever reason I always start messing around trying to "fix" something and end up sorry... Granted if it’s an emergency I am all for it, but I get dresses in advance anticipating the practically inevitable drive down to the datacenter.

Good luck with that, I am sure you will be much better off in the long run.

Just an update,,,

the permission were all correct.... i left it and tried from my pc at work and it works fine... so i dont know what hahhpened.... thansk for your quick response

regards

Domenic

Sydney, Australia

Your going to have a lot of problems and a lot of the code will have to be re-written.

There are a lot of things in the the code that the MYSQL database system does not support or has issues with . I know because I once made a version of ASPBanner work with MYSQL and it took weeks of work to get it stable.

Null field types can cause problems... but mostly ADO updates which I don't think MYSQL supports at all. All of the ADO stuff would have have to be rewritten.. etc etc

That's probably why you cant get much of the code to write to the database.


Here is a generic example.

An update to an existing record using ADO
http://www.powerasp.com/content/database/ado_update.asp

And update to an existing record using an update query.
http://www.powerasp.com/content/database/using_update.asp

All through the the code the ADO updates would have to converted to update queries which means a lot of work.

I used ADO a lot because I like it and it is little easier to validate data before it is written to the database.

It is also a little easier for customers to understand when they look at the code.

Anyway....

The app just was not designed to work with MYSQL.
It was specifically designed to work with MSSQL and MSACCESS only.

This holds true for all of our applications.

Your running off an IIS 5 Server so I would suggest just using MSACCESS as the database. The Photo Gallery app will run very well using MSACCESS. 

OK.  If no return page is set, do they end up on a PayPal confirmation page and have to navigate back to my site by going Back or typing the web address?

Nick

the following error message appears, but only when attempting to log off. all other parts of the program seem to be working.

[Microsoft][ODBC Microsoft Access Driver]General error Unable to open registry key 'Temporary (volatile) Jet DSN for process 0xa04 Thread 0xa38 DBC 0x21ff024 Jet'.

I run F-secure on my laptop which has the anti-virus and firewall modules, and the servers aren't running anything like that.

ConnectionString = "DBQ=C:\TradersReportsCom\aspprotect\data\database\ASPProtec t_access2002.mdb;Driver={Microsoft Access Driver (*.mdb)};UID=Admin;Password=temp"

I have already set the folder permissions as indicated in the documentation.

Disallowed Parent Path

The Include file '../dataconn_inc.asp' cannot contain '..' to indicate the parent directory. 

When you get an error like this it is because parent paths are disabled on the web server. This is a setting in the IIS console for your website.

If it is not enabled on you server you will have to ask your host to enable parent paths for your website.

This is what the settings screen looks like on an XP Machine

Additional Information:

It is enabled by default on IIS4-IIS5 but in IIS6 it is disabled by default.
It is a minor security risk to have enabled and some hosts can be difficult about setting it.

Truth is, if your hosting ASP for customers you need to enable this setting if the customer requests it. Especially since 90% of the ASP applications out there require the setting.

Hosting companies should if they are serious about hosting ASP.


If they won't your only option is to go through all the code and convert the file includes to virtual includes.

http://www.powerasp.com/content/code-snippets/includes.asp

The trouble with virtual includes is they are different depending on the layout of your website. (that's why web application developers generally don't use them)

Basically if you are in a sub domain the path for the virtual include is going to be different then if you were in the root.. etc etc

Also.. someone developing on a local machine would need totally different virtual includes on the development server than they would on the live server. Server Side includes are processed before ASP so there is no way to make them SMART, so to speak. Server Side includes are hardcoded and that's that.

In my opinion virtual includes are pretty useless for commercial web based applications...  Since you don't know where the customers plan to install the apps.
And YES there are some tricks when designing the applications that make it less of an issue but they are not perfect solutions.

For example...

The virtual include below would work if the application or code was installed in the root
<!--#include virtual = /somefile.asp"-->

But if the application or code was installed in a directory called "somedirectory" the virtual include directive would need to look like this

<!--#include virtual = "/somedirectory/somefile.asp"-->

Version 7 uses.. RC4

The upgrade process is described here in detail including a procedure to convert existing clear text passwords to the encrypted versions. (Your passwords will need to be clear text as the system shipped of course for the conversion to do its thing)

http://support.cjwsoft.com/code/info24.htm

It is also covered in the downloadbale docs
http://support.cjwsoft.com/code/moreinfo221-1.htm

Many people have done the upgrade without any issues and Version 7 is getting great feedback.

Should you decide to go with it there is upgrade pricing.
http://www.aspprotect.com/purchase_v7_upgrade_pricing.asp