Hi, we purched ASP Protect a few months back and had it installed on our hosting company under a "temporary" domain name -- cidrasensors.com

We are now about ready to switch this development site over to production and I need to change the domain from cidrasensors.com to cidra.com

My hosting company wants us to create a new accounting and re-set everyting up.

So...based on this, I have a few questions for you:

1. Do I need to re-install the software? or can I copy from one account to the other?

2. Assuming I can copy the software to the new account - are there changes that will need to be made to point to the new domain?

3. If I decide I wanted to keep the first account alive for development purposes (never turn on the website domain to the public) - would I need to have a seperate ASP Protect license? 

4. If I decided to ask you to do the transfer for us - is that covered in the $20 Installation fee I saw on the web?  

import/export feature WARNING !!

I just want to warn everyone that the built in import/export feature can be a little dangerous.
The reason being is when you import users they get new "Users_ID"s in the database.

The "User_ID" field is an autonumber field and that is why and there is nothing you can do about it.

So, if you are using a user's current "User_ID" to keep track up something important NEVER export the users and re-import them. Because their "User_ID" will change and you will be in trouble.

The PayPal signup features of ASPProtect actually use the "User_ID" like this and that is the main reason this warning is here.

now, that being said

If you are importing new users into ASPProtect

or

simply exporting existing users to another system

then this is nothing to worry about.


Basically, the moral of this story is dont think of the built in Import/Export feature as backup system because it is not. It is not a substistute for backing up your database.

It is a just a tool that can come in handy for various things.

Hello,

Yes, that is how it works. Unless you make modifications to the code there is no way to easily do what you are talking about.

If you design the site to be intelligent that scenario should never happen.

For example.. you should only be offering links to pages that the current logged in user has access to. You do this by checking the session variables and with simple if-else logic around your html links.

It requires some work but if you dont give them links to pages they dont have access to what you are talking about will not happen.

Here are some simple examples.

Here is an example using access levels.

<%
If Session("Access_Level") = "1"  Then
' show links to pages that allow access level 1
End If
%>

And one for groups..

<%
If Instr(Session("Groups"),"*6*") or Instr(Session("Groups"),"*7*") Then
' show links to pages that allow groups 6 and 7
End If
%>

I am up to speed on how it works. My goal was to not have just a link to a protected page- so that when a user clicks it they get the "access denied" screen and then have to log in. My goal was to avoid that if possible by having them log in and then redirected to the protected page.

So this isnt possible? The only way for it to work is for a user to click a link to the protected page, get the denied screen, then login and be redirected?

Or is there another way..?

I made my point by rebuttling your "cafepress" with agreeing "YES" that is what i want... now you are changing this around on me. I dont think i can be ANY clearer in what i intend to do. It is extremely clear and i am not sure why its becoming more than it should be. I just want the user to be able to log in from ANY PAGE ON THE WEBSITE AND THEN BE REDIRECTED TO THE PROTECTED PAGE IF THE HAVE THE PROPER CREDENTIALS. It would be nice if this software gave an error message when an incorrect username/password was entered instead of simply refreshing the screen.

in the version you have changing it is not something we covered

I believe you will find it the "config_inc.asp" file in the root though... be careful with naming it though because if you use any spaces or weird characters it might cause issues with various functions in the application like emailing.. I recommend just using letter, numbers, and maybe dashes

If you bought ASPBanner Unlimited Version 7.3 Before August/01/2004 this file needs to be updated.

It fixes a bug where CODE type banners do not work correctly with a weight higher than 1.

Basically, blank banners will rotate and you will see nothing sometimes.

Copy this file into your ASPBanner folder over the existing file of the same name.

2004-08-03_045728_appinfo_inc.zip

If you would like me to, I also have no problem going into your machine real quick via remote access and setting permissions / putting the right connecting string in there for you.

I need to go in as an administator though to set the permissions.

one last thing... if you did an upgrade from a previous version and didnt do the whole database field thing right during the upgrade process as stated here you could have trouble.
http://support.cjwsoft.com/code/moreinfo174-1.htm

Meaning you should check your new database with the field structure of an unmodified new database and make sure all field names match up perfectly.. especially paying attention to the username and password fields

One last thing..
If you did an import via text file and didn't import all the fields ASPProtect needs you could possibly have problems as well.. though I don't think this relates to the timeout so it probably is not the case

Triple check the upgrade instructions because I think you missed something important.

line 227 on "/password_admin/save.asp" refers to the "Password" field

the error your getting most likely means it is not there..

Pay close attention to the areas in the upgrade instructions regarding renaming your existing "Password" field to "Old_Password"

Then making a new "Password" field and carefully following the instructions needed to convert your old passwords for use with the new system.

If you don't everything carefully and perfectly this is the sort of error you will get.

You are right, there are NO entries in the "PayPal_Subscriber_ID" field at all. Any way of fixing this?

I did try to redit the banner and the old link was there, not the new one.  In addition I tried to ad a new banner to an account but it too was not saved.

Since I can see the banners from the aspbanner solution, does that not tell me that the solution is properly connected to the database?  The only thing is the solution only appears to be able to read the data and not write or delete it.

The settings for the directory are read write execute and delete so I am not sure what I need to do to get it working again

Sorry, I forgot about that when I got hung up on the install problem.

 I'll tackle your explanation now to see if I can get it working. Since I already bought the software I'll keep my fingers crossed.

Thanks

UPDATE... on very very busy sites these methods have been reported to fail once in a while..  meaning .NET gets overloaded and instead of a banner its shows some error code.

its not the banner system .. its the .net engine and the calling method

I did not make a mistake.. what I typed is what I meant to say. I think maybe you are taking it the opposite way as I explained it.

Regardless,

What you want to do... logging them in under https and then having them continue though the site under http is not possible.

It doesn't work that. way. As far as the webserver is concerned https is a totally different site than http and each have their own unique set of application and session variables.

In a sense no different than www.somesite.com is different then somesite.com (each has their own unique set of application and session variables as well).

Now, because of the nature of Forms Based Authentication session varibles created under one will not carry over to the over and thus no password access if you switch over from a secure url to a non secure url.

If you want them logging in under SSL you need to keep them under SSL.

That is not to say there is some ultra complex scenario to mimic the session variables on the non secure side of things (possible with a complex http post to a non secure page from the scure page telling it what variables to create and set), but doing so means a ton of work and also has security concerns of its own.

Hello Chris:

Let me run some more test if it's working on your end it should be on mine?  I have made some custom updates to the code but no in that area.

Thanks,
-Ricardo

Is it actually possible, with your product, to password-protect the folder that has the actual database without having to require customers browsing the listings to enter a password, or will password-protecting the database folder prevent customers from browsing the classifeds listings?

Really awesome, thanks..

If possible please be sure to respond to the email they send so the review ends up authenticated

Here is the complete page with the error message:

============================================================ ===

Unspecified error



This means there is most likely a problem with the "ConnectionString" info that you specified.

If you are using a DSN-Less Connection with MSACCESS.

Check that the physical path to the database has been specified correctly.
It has to be perfect and correct. It cannot be specified using "http://" or by using "server.mappath".
It has to be specified like the following example.

ConnectionString = "DBQ=C:\Inetpub\wwwroot\advpass_pro\_database\passwords.mdb;Driver={Microsoft Access Driver (*.mdb)};UID=admin;PASSWORD=Xpass"

If this is running on an NT server or Win2000 Server make sure that permissions have been set on the database.
Only the server admins can do this. If you are not the admin you will have to ask for this to be done.

My ISP uses ASPSmartMail. The email confirmation works except when I try to register an AOL user the server returns an error 500.