whether you use SSL or not really does not effect aspprotect in any way

I say, the smart thing to do there is too not start them off at a http:// url

one way to do it is put a simple ASP redirect on that default page and send them to an SSL version of the page instead...

http://www.powerasp.com/content/code-snippets/redirects.asp

another way would be not start them off on a protected page right off the bat and offer links to the the protected area...

in my opinion thats pretty odd to be starting them off on a protected page anyway
SLL maybe, but protected right from the time they hit the default page of the site.. thats just odd.. usually you want o say a little something about the site your at and then link people to protected areas or give them a login form which posts to a protected area.


Regardless if you always want users at your site under https:// you should have code on every single page in your site checking the url info at every page load. Then if someone ever hits a page and is not using the https://  you can do something about it like redirect them to the SSL home poge or redirect to that same page but with the https:// in the url..

Alternate Method to call banners from non ".asp" pages.

<iframe src ="http://localhost/aspbanner/aspbanner/aspbanner_inc.asp?Ban nerZone=4" width="468" height="60" frameborder="0" marginwidth="0" marginheight="0" scrolling="no"></iframe>

Be sure to delete the space in the BannerZone variable above. I am not sure why it is doing that in this post.

You can try calling the banners in an simple iframe like so.
This method should work much better than the javascript method because users with javascript turned off will still see the banners. You also will not have any of the limitations the javascript method has. Iframe is now supported by most recent browsers so it is now a good solution. Here is a chart that shows which browser versions support iframe.

Be sure however to edit the height and width values accordingly as that is very important.

I used Dreamweaver4 to make my site is there anything I can do to make it work?

UPDATE..

Installed a new rack mount 1u server this week.

3.2 ghz hyperthreading 1 mb l2 cache prescott cpu
2 gb pf pc3200 kingston memory
SATA Raid.. (2) 120 gb drives running hardware raid 1

It is a supermicro 1u server case and server motherboard.
The hard drives are SATA 150 120 gb 7200 rpm Diamondmax Maxtors

All high end server type stuff... It's a very powerful server and has been running great all week. 500+ hours uptime so far.

Running Windows 2003 Server Enterprise
SQL 2000 Enterprise SP3
SmarterMail
SmarterStats
Windows DNS
ZipEnable (which I am reviewing for them)
ServerMask (which I am reviewing for them)
A ton of ASP Components which I have purchased over the years.

So that means I can now focus my attention on creating software again instead of being a system admin. (Due to these server issues over the past few months I am now back to godly status as far as windows system administration goes.. not to mention I am now back up to speed on the latest processors and hardware)

So, getting back to ASP Photo Gallery...

I spent about 20 more hours this week on the new version of ASP Photo Gallery Pro.. I have another 40 or more to put into it as I have a lot I want to do.

I think it will be ready within the next three weeks. I know a lot of you have been waiting for something.

this could go on forever...

if you want PM "private message" me info to log into your site.. show me the pages we are dealing with...

and I will take a look at it all...

CJW

Tell tell me some info about your install?

How am I supposed to know what is going on when you are not showing me what you have in your web config file and also the directory structure of the install or what you are putting in a page you are trying to protect ? It almost sounds like you are not editing the paths correctly in the various places.  I mean yes you told me something about the "map" folder but what I saying is tell me more detail.

BTW: this is a very important setting in the web.config file and must be edited accordingly so the path is right.

<forms name=".aspprotect~net" loginUrl="/aspprotectlogin.aspx" protection="All" timeout="60" path="/" />

Basically your showing me random errors and posts left and right and I honestly have no idea what your doing ?

Ulitmately though I am trying to help you in this situation like the web site says.

We offer tech support for installation of the base application purchased in it's native form. In some cases in order to receive proper tech support your application will be need to be installed on a live server on the Internet. We simply cannot troubleshoot all issues when the application is only installed on your local machine.

Meaning I am not going to keep this up if you keep asking question after question after question regardign your local XP Pro installation. There is only so much I can assume or guess when you are running this on a local development server. I know you got all sorts of problems getting a decent live server to run this on but that just isn't my problem. Get this up and running on a professionaly and correctly setup live server and when these random configuration errors pop up atl least I can go run the pages and look at them. Right now I am just confused by nearly everything you have posted today. Half of looks like basic ASP.NET path issues that you need to sort of on your own based on where you installed the application on the machine and what you have in the web.config file.. etc etc etc

It is sounding more and more like ASP.NET is way over your head. If you want a copy of the classic ASP version of ASPProtect you are welcome to it. I think you will be a lotter better off sticking to classic ASP unless you really start reading up on ASP.NET and learning more about how forms based authentication and the web.config file work.

well, you should probably be backing up the SQL database on a regular basis. That is between you and hosting company. If they let you connect via SQL Enterprise Manager you can do backups on your own.

As far as the aspprotect files and folders go back them up somewhere, and then only worry about backing them up again if you change some of the files.

That's really all there is to it. None of the ASPProtect files change on their own except the generated log files that you may or may not care about backing up.

I mean the important thing is the Database, and then of course any your own .asp pages that you protected as well as any custimizations you made to the users area or your site...

Ohhh...

I was thinking it worked like this; A user goes to that page and logs in.. and from there they can then browse the site and do what they want..

So in order for it to work i need to edit a page say... members.aspx (i assume it needs to be an asp.net page) and in the header put that protect code and when a user accesses it, it will prompt them for their un and pw and then if correct will allow them to view the page... and likewise if they are still logged in will be able to use the page?

If that is how to works as i mentioned above thats great...

I understand the redirect principle...but say i have a log in box on the main page... you know like most pages have a user log in on the left hand side... i wanted to do that. But i cant obviously protect the main home page or else normal users will not be able to view it without logging in or registering

You should read my article on server side includes… the path to the include file must of course be adjusted depending on where in your web you are.
http://www.powerasp.com/content/code-snippets/includes.asp

You will also notice if you look at the provided example pages that the include paths have been adjusted to make sense.

If it is 2 directories down it should probably look different..

example:)   "../../checkuser_inc.asp"

It’s weird that if you are not getting an error because if the path to the server side include is wrong you should get a nasty server error.

Also..

The ASPProtect system and any pages it protects must also be part of the same Application in IIS. It’s the nature of forms based authentication. Do a google search if you are not sure what an application is in IIS.

Lasty…. If you are logged in at the time

Whether your current session at the site is still active… or you have the cookie set to remember you.

Well, nothing will happen… cause your already logged in and you will just see the page as normal.

Perhaps things are working and you just don’t understand that part ?

You need to go to the log off page.. log off… then close all instances of the web browser windows..

Then come back to the site… then see if it prompts you to log in.

Change the action of the form to the page you want them to log into.
Make sure the page you send them to is protected by the "check_user_inc.asp" file.

<center>
  <table border="0" width="400" height="200" bgcolor="#000000">
    <tr>
      <td bgcolor="#F4F4F4">
        <form method="POST" action="memberarea.asp">
          <input type="hidden" name="Status" value="Checkem">
          <p align="center"><font face="Arial">ASPProtect Login</font></p>
          <div align="center">
             <center>
             <table border="0" bgcolor="#C0C0C0">
               <tr>
                 <td bgcolor="#EBEBEB"><strong><small><font face="Arial">Username</font></small></stro ng></td>
                 <td><input type="text" name="Username" size="10"></td>
               </tr>
               <tr>
                 <td bgcolor="#EBEBEB"><strong><small><font face="Arial">Password</font></small></stro ng></td>
                 <td><input type="Password" name="Password" size="10"></td>
               </tr>
               <tr>
                 <td bgcolor="#EBEBEB" colspan="2"><font face="Verdana, Arial, Helvetica" size="-1"><input type="checkbox" name="KEEPMESIGNEDIN" value="True">Keep
                   me signed in on this computer unless I log off.</font></td>
               </tr>
             </table>
             </center>
          </div>
          <div align="center">
             <center>
             <p>&nbsp;<input type="submit" value="Login"></p>
             </center>
          </div>
       
        </form>
      </td>
    </tr>
  </table>
  </center>

Flash Code Generator

Until I have time to make one I suggest using the one on the banmanpro support site as it is pretty nice.

http://www.banmanpro.com/support/flashgenerator.asp

I set the max image width to 1000; previously it was null. Now I'm getting server errors:

page not found, then, service unavailable (the page is there). But in a new album, the images imported fine and it seems to be working now, despite the IIS issues.

I think my host restricted the amount of memory and resources my site is allowed to use.

sorry your having so much trouble. A good host is a must.

Yes, that is most likely permissions related.
http://support.cjwsoft.com/code/moreinfo27-1.htm

You may want to read over my article on how permissions are set. It will give you a very good understanding of the process and may help yo when dealing with your hosting company.

http://www.powerasp.com/content/new/windows_2003_server_and_ permissions.asp

there is also an xp pro version of the article for people doing locl development and running iis on their xp box
http://www.powerasp.com/content/new/windows_xp_pro_and_permi ssions.asp

Hello -

Believe it or not I finally can access the photogallery. You were right Chris regarding the unzipping of the files.

Now onto the next challenge! I have set up three categories and proceeded to create a test album. I uploaded a couple of pictures (yeah that worked!!!) but the album does not show up on the default.asp page under the category.

Please advise -
Rhona (rookie)

Hello,

I really need more infomation..

for starters

what is the server ? iis4,5, or 6 ?

what is the version of aspbanner.. aspbanner standard or aspbanner unlimited ?

what was the error message before you removed the "on error resume next"

was the sql database created using the sql creation scripts we provide as that is VERY important.

and lastly what are the the regional settings of the server ?
what is the date format ?

as far as permissions are concerned I wrote two large articles about permissions that cover everything in detail on how to properly set them

http://support.cjwsoft.com/code/info11.htm

see the windows 2003 and windows xp permission threads

From things you are saying I assume this is your server. My comments about the path looking funny are because very few commercial hosts would use the "c:\inetpub\wwwroot\" directory. If you are using that and that is correct info then that is fine.

as for knowing whether or not the filesystem object is working the best thing to do is to try to write  a text file somewhere in your web and see if it works. Testing something under the most basic scenario is the key to troubleshooting asp issues.

http://www.devasp.com/samples/writetofile.asp

What am i supposed to do now... i do have another member server that is not a domain controller-

However, i have like 5 websites running on this domain controller already. I have thought about this before how its a HUGE security risk but it will take too long to configure everything on the other computer :(

What other information do you have ?

Details are very important.

Info on situations where it works... like OS, browser version.. etc etc

Info on situations where it does not work... same stuff

size of the PDF files ?

server info ?

Maybe protect a page and offer a PDF file so myself and some of the forum users can try it and report back what happens.

Also, Many people zip up PDF files when letting people download them as browsers can act pretty odd at times with them. Perhaps that is an option.

I did not make a mistake.. what I typed is what I meant to say. I think maybe you are taking it the opposite way as I explained it.

Regardless,

What you want to do... logging them in under https and then having them continue though the site under http is not possible.

It doesn't work that. way. As far as the webserver is concerned https is a totally different site than http and each have their own unique set of application and session variables.

In a sense no different than www.somesite.com is different then somesite.com (each has their own unique set of application and session variables as well).

Now, because of the nature of Forms Based Authentication session varibles created under one will not carry over to the over and thus no password access if you switch over from a secure url to a non secure url.

If you want them logging in under SSL you need to keep them under SSL.

That is not to say there is some ultra complex scenario to mimic the session variables on the non secure side of things (possible with a complex http post to a non secure page from the scure page telling it what variables to create and set), but doing so means a ton of work and also has security concerns of its own.

If you would like me to, I also have no problem going into your machine real quick via remote access and setting permissions / putting the right connecting string in there for you.

I need to go in as an administator though to set the permissions.

Hi,

Actually that is not a feature at this time. Only the admin can add an image for user. If you look at the code for that you could adapt it for individual user use fairly easily provided you are decent with ASP.

That feature will probably be added some day, but there was no time to add it to into the current version and I can not give you a time on when it will be added. The complicated part is making some sort of approval process in case a user adds something undesirable and also limited file sizes which is hard to do without somesort of 3rd party uplaod component being involved.

New Power Supply and a new (CPU Fan/Heat Sink) seemed to do the the trick. She's running like a champ now...

Hopefully it keeps doing so. Only time will tell.

It she's stable I can get back to designing some new software.

Advertising ?? oh really.

It was named that because that way if you already have a login.aspx file for whatever reason it does not interfere which is a good thing. It has nothing to do with advertising.

Next off you never mentioned having an issue with it saying aspprotect in it. I am EXTREMELY clear about what I support and do not regarding ASPProtect.NET. If you are upset because I didn't tell you exactly what to edit and change in visual studio.net and hold your hand you are out of line. My god, I sent you to like the best and most detailed tutorial on how to setup and use the application with VS.NET that could ever exist. That took forever to put together. I even responded to your post on Christmas on a Sunday. I doubt too many companies would have responded on Christmas.

More importantly than that when you purchase code from CJWSoft you are purchasing digital source code and there are no refunds. Every single page in the CJWSoft family states that very cleary in the footer. I do not appretiate it when someone threatens a chargeback and as far as I am concerned anyone that does that is commiting a crime of theft. I also do not appretiate smart comments saying it's "obvious" etc etc

If you wanted to strike a nerve with me you did. If you want to commit a crime and be a thief that is your business as well. Obviously I can not stop that and the credit card company will take your side. I work very hard on the source code I sell and my policies on everything are VERY clear.

Advertising ??
Calling the credit card company ??
Obvious ??

nice, real nice

If you want to have a login form on a non protected page that posts
to a protected ".asp" page use code like this.

Change the action of the form to the page you want them to log into.
Make sure to page you send them to is protected by the "check_user_inc.asp" file.

<center>
  <table border="0" width="400" height="200" bgcolor="#000000">
    <tr>
      <td bgcolor="#F4F4F4">
        <form method="POST" action="memberarea.asp">
          <input type="hidden" name="Status" value="Checkem">
          <p align="center"><font face="Arial">ASPProtect Login</font></p>
          <div align="center">
             <center>
             <table border="0" bgcolor="#C0C0C0">
               <tr>
                 <td bgcolor="#EBEBEB"><strong><small><font face="Arial">Username</font></small></stro ng></td>
                 <td><input type="text" name="Username" size="10"></td>
               </tr>
               <tr>
                 <td bgcolor="#EBEBEB"><strong><small><font face="Arial">Password</font></small></stro ng></td>
                 <td><input type="Password" name="Password" size="10"></td>
               </tr>
               <tr>
                 <td bgcolor="#EBEBEB" colspan="2"><font face="Verdana, Arial, Helvetica" size="-1"><input type="checkbox" name="KEEPMESIGNEDIN" value="True">Keep
                   me signed in on this computer unless I log off.</font></td>
               </tr>
             </table>
             </center>
          </div>
          <div align="center">
             <center>
             <p>&nbsp;<input type="submit" value="Login"></p>
             </center>
          </div>
       
        </form>
      </td>
    </tr>
  </table>
  </center>

is that lindsey lohan and her fake boobs as ur avatar?

I am installing IIS and all of its glory on the other computer now... gotta love remote desktop (the pc is at work  )

I guess i am not being clear as to what i am trying to do. As far as the event thing... lets hold off on that for now. It seems Chris has answered my question and i am on my own for that one...

As far as the log in goes: I went to that site you mentioned;www.CafePress.com to see if they had what i was talking about. and they do. Notice on the bottom of the page it says "sign in to your account"

I want that option on my home page where users can sign in to go to their account. It will either take them to a page where they can update their info, or it will take them to a protected page. Pretty much instead of posting a link on the site to say... click here to go to members.aspx and have it return an "access denied" the user can enter their info from the main page and be automatically re-directed to that members.aspx page.

I know how the viewstate works and i also know what that returnURL thing does..pretty self-explanitory.

Hopefully that makes things easier. I just want a user to log in from the homepage and be redirected to either a protected page or their account page...

(as does that cafepress website)

Microsoft VBScript compilation error '800a03f9'

Expected 'Then'

/aspprotect/password_admin/upload_post.asp, line 6

If Session("Admin") <> "True"



If I upload the text file by FTP and then try to import it it only tends to import the first two existing rows.

All collumns match but not sure if I need to add "User_ID". I have added it and created consequecutive numbers.

Any assistance would be appreciated.

Thanks

Just to let you know that i figured out my problem. I had to modify the connection in the email code and get the correct path from my provider.

I hope you enjoyed your vacation.

Thank you
Adam

I would say that it isn't all that difficult using mySQL for the backend....the main thing is to make sure you set the primary keys for auto-incrementing in your database.  Alos need to make sure that any DELETE SQL statements are formatted like this

DELETE FROM tblName WHERE tblField=SomeValue

and not

DELETE * FROM tblName WHERE tblField=SomeValue

The same holds true for using MSSQL

I have narrowed it down.  The ../ for includes will not work with .asp files but will work in .shtml files.

any ideas?