Now that I really think about it.. instead of logging that info to a text file and worrying about folder permissions you could probably just save the post info into an application variable during the paypal ipn.asp post like so

For Each Item In Request.Form
formdata = formdata & vbCrLf & Item & "=" & Request.Form(Item) & vbCrLf
Next

Application("PayPalPost") = formdata & " - " & NOW


then anytime you wanted to see if that info was there or when it happened you could make a simple asp page in your site to display the results like so

<%
Response.Write "(" & Application("PayPalPost") & ")"
%>

sorry,

there is not.. it gets really complicated
its practically a miracle it does what it does due to the nature of the web

perhaps with some modications it could do mroe but the current version pretty much does what it does

humm

expiration dates in the aspprotect system are not used at all when using paypal subscriptions.. all date handling is done on their end actually

and they of course send notices from their system to the user regarding their subscription and when it renews,cancels, etc etc

so I am pretty sure any errors with that would have more to do with the info you used for the subscription setup and possibly any paypal settings associated with it

its hard to say at this point

The smart thing to do I think.. would be to sign up someone using another PayPal account (your allowed 2)... and while doing it be very careful about the subscription setup data.. and then as soon as the subscription is created review all the info in the paypal system and see if the length of the subscription / expiration.. etc etc in the paypal system info looks right..

at least then you can begin to troubleshoot what is going on...

I uploaded the files designed for an aspprotect folder at the root of my site (mysite.com/aspprotect) and went to mysite.com/password_admin/get_me_in.asp and receive this error:

Microsoft OLE DB Provider for ODBC Drivers error '80004005'

[Microsoft][ODBC Microsoft Access Driver]General error Unable to open registry key 'Temporary (volatile) Jet DSN for process 0xf54 Thread 0x908 DBC 0x90c41dc Jet'.

/aspprotect/scripts/populate_config_variables_inc.asp, line 11

I am assuming my host has still not set rights properly and that is why I receive this error. Am I correct?

 I will definitely recommend hosting company you suggested for our businees site.

ok,

IE and firefox do some things differently.

It could very well have to do with MIME types set on the server for your website. pdf probably isnt set as a mime type which can cause issues with file streaming situations.

Mime types are either set in the IIS console for your web site under the http headers tab or you can try setting the content-type header to 'application/pdf' right on the asp page the does the streaming

see this article which shows how to do that
http://psacake.com/web/gj.asp

'Specify a MIME type such as "text/html", "image/gif" or "application/pdf"
Response.contenttype = "application/pdf"
'Useful in cases for unknown file types

You would want to put the code that sets the contentype as close to the top of the asp page doing the streaming as possible.

i will probably end up doing this myself, but dropping all the log data in a sql table would be nice as it offers much more flexibility on how an admin can keep track and use the data. Browsing through each log file is very inconvenient. I can search for text in the files (server-side, others with a shared server would probably have to separately download all log files first), but with the current method I don't have the following important options:

• cannot sort by any criteria
• quickly see a list of all login attempts by a specific user (i need to search each log file individually for this info)

if you had an option during setup perhaps (or elsewhere) in a future version that allowed an admin to specify the preferred logging method (separate files or a table in sql) i'm sure many admins would find it very useful to have a database alternative of keeping track of users becuase it would offer the two benefits listed above, plus more.

Hi Chris,

Thank you for your prompt response.

Our current project requires alot of customization.

Yes, the error is probably a data problem and not due to your code, because we needed to make modifications to the database.  But that's why debugging would be helpful.

Basically our intent to modify the asp protect code stems from the fact that our client doesn’t want certain fields to be recorded or to appear: address, city, state, zip etc…

We are happy to be able to modify the HTML, but we also want to modify some other default behavior, such as which page opens when the "cancel" button is hit in the editaccountinfo.aspx page.

I really do not know.. maybe it is a conflict with something else..

I run many instances of aspbanner on my servers and I have every item to log enabled for my iis log files... my stats server software which reads those log files (livestats and smarterstats) have never reported any 404 errors related to (aspbanner/those images)...

I do not know what is happening in your situation..

sorry.

Humm, Did you change something in a bad way? Thats my guess.

I need more information on what is going on because by default it does not do that ?

The only possible way I can think of that could cause that is if you changed things around too much and the config_inc.asp file is getting run/included twice on that page your logging in to.

Also, when you sign in "where" ? What page ?

Some of our users complained that their users id and passwords are sent in the clear. So we decided to invest in an SSL certificate from Verisign. It has been tested fine with all forms and pages in ASPProtect version 6. The only remaining page which I am not sure how to protect is the home page. Let's say my home page is http://www.MyDomain.com/index.asp. When the user goes to this link he/she will be presented with the check_user_inc.asp page so he/she can enter their ID and PW. So how to make the login information send from this page thru HTTPS?

I am in process of upgrading from v6 to v7.  I have made database changes, can connect to database and get in to Administration area just fine.  However when I go to create a new user I get the following error

ADODB.Recordset error '800a0cc1'

Item cannot be found in the collection corresponding to the requested name or ordinal.

/password_admin/save.asp, line 227

Thanks

What am i supposed to do now... i do have another member server that is not a domain controller-

However, i have like 5 websites running on this domain controller already. I have thought about this before how its a HUGE security risk but it will take too long to configure everything on the other computer :(

Chris: You are right about a little extra coding to make it work. I am still learning .ASP coding, so I did a little web searching and used IF THEN statments to confirm a member logged in with a valid Access Code. If valid, the protected page executes, with the Member's Name and Access Level on a single line at the top of that page. Looks sharp! If not logged in, or a non member (who found the page via Google), I used a Redirect to send s/he to a login page with optional links as you suggested (http://www.vspa.com/aspprotect/vspa-password-failed.asp) . I couldn't get it to work when using Group Access, but I am sure that is just because I am a novice at .ASP (I will post that example when I figure it out). Meanwhile, here's the code I used that works:

<%@ LANGUAGE="VBSCRIPT" %>
<!--#INCLUDE FILE="dataconn_inc.asp"-->
<!--#INCLUDE FILE="check_user_inc.asp"-->
<!--#INCLUDE FILE="config_inc.asp"-->
<% =Session("First_Name") %>&nbsp;<% =Session("Last_Name") %>:
<%
If Session("Access_Level") = "6"  Then
    Response.Write "VSPA Active Member Access Level 6"
 End If
If Session("Access_Level") = "7" Then
    Response.Write "VSPA Life Member Access Level 7"
 End If
If Session("Access_Level") = "8" Then
    Response.Write "VSPA Officer/Staff Access Level 8"
 End If
If Session("Access_Level") < "6" Then
    Response.Write "Access Level 1-6 NOT AUTHORIZED RESTRICTED AREA ACCESS"
    Response.Redirect("vspa-password-failed.asp")
End If
%><!-- http://www.vspa.com/aspprotect/vspa-password-enter.asp -->
<!-- *** End ASPProtect Code *** -->
<html>
<head>

I am getting the same error looking at the previous post, I looked in settings and my Registration-URL is pointing at the correct location.

Is there any other thoughts on this issue

Thank you!

Matt2112

Hello- I am trying to install the ASPPROTECT product and tried to read all the docs but still am getting the following error:

[Microsoft][ODBC Microsoft Access Driver]General error Unable to open registry key 'Temporary (volatile) Jet DSN for process 0x1980 Thread 0x1458 DBC 0x223c374 Jet'.

I understand about the physical path for the DSN-less connection and followed the example given. I got in touch with tech support for the host of my site and the give me the following as a physical path:

c:\sites\Single20\laptv1\database

Some observations:

1.- The database directory is outside the root dir but I think I am accounting for it with the path

2.- The permissions are ok

Any ideas?

Thanks

FP

maybe this is the issue...

do you realize that the descriptive name you give a group is not always going to be the same ID in the database ? The two are not related.

Perhaps what you named Group 1 is really group ID 3

You can tell for sure by generating protection code for group 1 and see what ID it tells you to use..



You also need to remember that you are testing this with different users and it is really easy to get confused so you need specifically log off using the log off page to ensure session info from the previous login doesn't show up and cause confusion when you log in with a different user... etc etc

in addition to logging off that way you may also want clear the session and application info via the code at the bottom of my article
http://www.powerasp.com/content/new/displaying-session-and-a pplication-variables.asp

and do that in between any user you log in as

Hi Chris

I've just recently purchased ASPBanner and have been testing out serving multiple Tradedoubler code using the IFRAME method. I have four types of banner on the same page refreshing every 15 seconds. (this will change on the live site) 

I've been leaving the IE page up for x hours and coming back to find between 1-3 of the banners has stopped and in place is an "internal error".

BannerZone=3&Refresh=15|40|800a0046|Permission_denied 80

I thought it may have been the SQL permissions from one of your other messages so I gave the banner user the DataReader and DataWriter permissions.

Its still happening and around the same time in the logs theres a couple of file not found errors.

BannerZone=2&Refresh=15|23|800a0035|File_not_found 80 - 80.65.240.159

BannerZone=4&Refresh=15|25|800a0035|File_not_found 80 - 80.65.240.159

BannerZone=1&Refresh=15|25|800a0035|File_not_found 80 - 80.65.240.159

Any ideas? I'm hoping its not the server as there is currently only 2 sites on it and this is pretty much the only traffic.

Thanks

Colin

I'm trying to use CDOSYS.

It seems to work fine on the web page, however the mail never gets
delivered.

I can see my messages sitting in c:\inetpub\mailroot\pickup but they never leave it.

I found another folder after doing a search for "pickup".... it is:
d:\program files\Exchsrvr\Mailroot\vsi 1\PickUp     If I paste the files
into there, they get delivered.

How can I get the email to be delivered without doing the cut and paste?

I've tried it both with and without authorization.

I am running a Windows 2000 server with Exchange 2000.

Thanks.

I am getting closer.

This error actually does not have anything to do with the forgotten password feature or your database.

It has to do with the settings you chose for emailing.

it relates to aspmail and it not liking the remotehost you used, or something like that.... etc etc

When using this code:

<!------- ASPBanner Ad code ------------->
<script language="JavaScript"> var code = '';
var now = new Date();
var nIndex = now.getTime();
document.write('<s' + 'cript src=" http://www.poconocommuter.com/aspbanner/injectbanner.asp?Ban nerZone=6&nocache=' + nIndex + '">');
document.write('</' + 's' + 'cript>');
</script>
<script language="JavaScript">document.write(jscode);</script& gt;
<!--------- End ASPBanner Ad code --------------->

I receive an error that jscode is undefined. The banner will not display.

Any ideas how to fix this?

This is what "John Evans" of CJWSoft has to say on the matter...

"I think that’s pretty much impossible. If the server sees a .JPG or .JPEG extension why in the world would it go and try to read it or do anything with it.

I believe there may have been some issues with Outlook and Outlook express that made it look like a vbs script sent as an attachment was actually a JPG because someone found an exploit in those programs and it would appear as if double extension files were one thing when in fact they were not.

Having a real time virus scanner on the server (which any good host will) should also catch anything infected being built on the server drives as the file uploads. Always worked for me and I had a lot of people uploading ZIP files on winxptheme.com at one point. Many had viruses in them although I suspect it was totally innocent on the end users part. Some people didn’t even know they had a virus on their rig. 

Fact is anything is possible but I think chances of getting a virus or being hacked in some way from this sort of upload are really slim."

all that docmunetation is online as well right here so you dont really need the chm file
http://support.cjwsoft.com/code/info24.htm

the chm format is a windows format that can only be viewed on windows pcs. I do not know why you can not see it. I would do reseach on viewing CHM files on whatever operating system and version you are running because perhaps you are using a mac or linux operating system which can not natively view chm files ?

Sorry, there is no option for that.

I'll take it into consideration, but the way the banner rotation logic works would make adding such an option very complicated.

Just give it  an expiration date way into the future if you do not want an ad to expire anytime soon.

I usually just make all my ads expire in like 2020 or something like that since I don't want them to stop running either on some of my sites.

If I would like a link on my web page that will take someone to the login page (I would also like this page to contain forgot passord? and register)   I am not entirely clear what file to link to to do this.  Would it be check_user_inc.asp?

Thanks in advance?

1) Does everything, i.e. every user, every category, every product, etc., get stored in just one single database, or are there multiple databases at work and are linked to one another?  I am asking because there is only one table in the DB, and it is the "Users" table.  So I am presuming that there must be other databases that are linked to the DB.  Is this correct? 

2) Are user-level security permissions utilized in the sample Access DB that is shipped with the software?  I am asking because we cannot seem to remove the "temp" password no matter what we try, and this is the only reason I can think of. 

OK.. I went with using ASPEMAIL.  The above did not seem to work.  No worries though, where there is a will (with options) there is a way.

You have old code I think.

It's probably because his password used with your encryption key by chance creates a single quote and messes up the database query

A notice went out about this. I will PM you the latest download with the updated files.

check the action for the button in the code... its probably not posting back the the right page which should the same page it is...

I bet ya it is posting to guestbook2 which is the wrong directory... an old mistake I forgot to correct...

[QUOTE=cwilliams]I would like to delete the SQL tables and set them up from scratch using enterprise manager and sql query manager and see what happens

If that is ok with you let me know.

Something is wrong like I said...  almost seems like the database is caching old password info from the field.[/QUOTE]

Sure go ahead

Chris,

I've given the IUSR account modify access for the aspprotect folder.

In the ODBC manager module on the webserver I've taken out the aspprotect access driver option.

The dataconn_inc.asp line reads as

ConnectionString = "DBQ=D:\missourirealtor.org\members\aspprotect\data\database \ASPProtect_access2002.mdb;Driver={Microsoft Access Driver (*.mdb)};UID=Admin;Password=temp"

Now this should make it DNS-less correct? with the permissions set properly?

I've also taken out the password on the access database.

The original database of users I had was an access database from a different program called spooky login.  I exported them into a tab delimited file and changed the column headings to match those in aspprotect exactly.  Actually access would not let me import them in the databases without them being exact.

I imported that information directly using access's import options.  I tried the import/export manager in aspprotect but kept timing out as well.