yes, How can I have fixed size height and width image without distortion. Is there a component that I can use or how can I change the existing code.

yes, unless its ratio matches

how could it not be ?

Please keep questions like this in the forums... thx.
there is no need for this to be a private message

-- Previous Private Message --
Sent by : eeye
Sent : April/29/2005 at 2:19pm


If I choose fixed width and height is the thumbnail image going to be distorted?

-- Previous Private Message --
Sent by : cwilliams
Sent : April/29/2005 at 1:17pm

that is not possible unless you rewrite the code.

You onlyahve the two options we give in the config file for thumbnails

fixed width and height all the time

or

fixed width / dynamic height



-- Previous Private Message --
Sent by : eeye
Sent : April/29/2005 at 1:07pm

Hi William

One more questions for you. is there a way to make sure that all the thumbnails are the same size without distorting the images (in the thumbnails). Or if a picture's height is bigger than its width is there to create the thumbnail such that the height of the orginal becomes the width of the thumbnails and vice versa.

Basically I just want the thumbnail pictures to be in a perfect row with all the picture heights the same and all the pic width the same.

Thanks

Sean

Can you do a better price deal for that version in place of the one I've just purchased ie for a single licence rather than unlimited Christopher?

Or failing that can you give me an idea of how many changes you had to make to convert 7.3 to work with Mysql?

Regards,

Dave

Looks great. I can't wait until this will be released. Will there also be an easy way to migrate my current version ?

Hans

thats because you can not have exchange server running at the same time as the windows IIS virtual smtp server..

they clash with one another... and thats why the emails never get picked up by the iis stmp server

you have to send the emails another way like using a true remote mail server..  I am not sure but if your exchange server can do pop 3 you can probably use that that way

you may be able to change the pickup directory that cdosys uses under the virtual SMTP scenario, but I am not sure if that will work with exchange picking it up, but maybe it will work ok because you said it does when you paste them in there manually.. I do not really know.. you'd have to try it and edit the email sub routine to use that pickup path

"scripts/emailing_subs_inc.asp" is where you could try editing that path

Disallowed Parent Path

The Include file '../dataconn_inc.asp' cannot contain '..' to indicate the parent directory. 

When you get an error like this it is because parent paths are disabled on the web server. This is a setting in the IIS console for your website.

If it is not enabled on you server you will have to ask your host to enable parent paths for your website.

This is what the settings screen looks like on an XP Machine

Additional Information:

It is enabled by default on IIS4-IIS5 but in IIS6 it is disabled by default.
It is a minor security risk to have enabled and some hosts can be difficult about setting it.

Truth is, if your hosting ASP for customers you need to enable this setting if the customer requests it. Especially since 90% of the ASP applications out there require the setting.

Hosting companies should if they are serious about hosting ASP.


If they won't your only option is to go through all the code and convert the file includes to virtual includes.

http://www.powerasp.com/content/code-snippets/includes.asp

The trouble with virtual includes is they are different depending on the layout of your website. (that's why web application developers generally don't use them)

Basically if you are in a sub domain the path for the virtual include is going to be different then if you were in the root.. etc etc

Also.. someone developing on a local machine would need totally different virtual includes on the development server than they would on the live server. Server Side includes are processed before ASP so there is no way to make them SMART, so to speak. Server Side includes are hardcoded and that's that.

In my opinion virtual includes are pretty useless for commercial web based applications...  Since you don't know where the customers plan to install the apps.
And YES there are some tricks when designing the applications that make it less of an issue but they are not perfect solutions.

For example...

The virtual include below would work if the application or code was installed in the root
<!--#include virtual = /somefile.asp"-->

But if the application or code was installed in a directory called "somedirectory" the virtual include directive would need to look like this

<!--#include virtual = "/somedirectory/somefile.asp"-->

question 2 is answered best here

http://support.cjwsoft.com/code/code_info.asp?TID=319&KW =paypal

I should also mention that the paypal scenarios used in ASPProtect can not be tested using PayPal's sandbox. Also test using two real PayPal accounts and on a live setup. (You'll allowed two paypal accounts)

then you can log into the other and refund the transctions and of course it makes sense to use low amount like 1 cent and what not.

Also, I'd love to see what you came up with with the integration. I have been working on it here as well and took it in a different direction as I plan to sell directions for it as an add-on for aspprotect. I have it all working here but so far I dont see an easy way to let other people do it as I had to change things in both systems in a lot of places. Utimately if done under a SQL environment triggers should be used at the database level and that is another consideration.

I am still a little confused... one thing I would like to mention is that the passwords in the aspprotect database are encrypted... meaning you cant just add a password to the user database by hand because it wont be the encrypted value and wont work.

It is something the application takes care of when you add a user via the web based interface.

You can however still add users manaully or with careful import/exporting... but you will have to use the existing password conversion technique which is covered at the end of our upgrade instructions in these forums.
http://support.cjwsoft.com/code/moreinfo174-1.htm

Basically you want to add a field to the "ASPP_Users" table called "Old_Password" and that is where you enter the password in plain text. Then after you are finished adding users to the database manually you do this.

You want to run a special page via the browser.

http://www.mysite.com/password_admin/convert_to_encrypted.asp

Which will convert the passwords to the encrypted value for you.
See the bottom of this thread for all the info on that.
http://support.cjwsoft.com/code/moreinfo174-1.htm

I think you may be using old code where that was an issue... I am going to PM you the latest version..

to be safe upgrade all the ASP files except the dataconn_inc.asp files and your config_inc.asp files

"be real careful not to lose your current encryption keys in the "config_inc.asp" file or you will be in real trouble

You can use your existing database

When I add a user, I can not activat it.

What do you have the registration type set to in the settings ?
They wont be activated automatically unless you have "automatically" selected ?

It sends me back to log on and will now allow me to log in as admin???

I am not quite sure I understand ? Seems to me like that would be normal because you can always log in as the admin at any time. If you cant log in as the user you just signed up as that could be for a couple reasons relating to the registration type you have slected in the settings. There are 3 types all epxlained in the settings screen. Some require manual activation byt the admin, some involve a registration email.. etc etc

I can restart the APP and log in as Admin, but the user I added
is still not activated??

How and why are you restarting the applicaton ? Please explain what your doing there.

My system will also not allow me to set the Stay Loged in FLag.
It just ignores it....

As I told you in an email earlier cookies must be enabled for authentication to work. You mentioned now you can not log off ? I am not sure I know what you mean by that. I assume you know to close all browser windows when testing things like this and I assume you know you have specifically log off and confim it in order to remove the remember me cookie and have to log in again when you return to the site.

(Password Expiration Mod) for ASPProtect Version 7.x

This Advanced Mod requires decent knowledge of Databases and working with ASP. I originally wrote something like this for a customer on a custom project. I then took the time to re-write all the code from scratch so it could easily be plugged in to the current version of ASPProtect as an option. All in all this mod took me over 15 hours of time to develop and will save you a ton of time & money if you were planning on writing something like this on your own. Some parts of this were so difficult to get working that I would never have written this code if I was not paid to do so. (The encrypted array that rotates through the last 12 passwords was quite frustrating to get working)


 
The price on this is 19.95. I am not incorporating this into the base product because it makes things more complicated and isn't for everyone.

Purchase Page

Security is a big concern and making your users change their password every so often is a good idea. Keeping track of previous passwords they used and making them choose something they haven't used before takes the concept even further.

This Mod will add a password expiration date to the application. When the password expiration date is hit the user must confirm their old password as well as pick a new one before they can log in again.

There is a new password expiration directory where they must choose a new password that has not been used before. The new password must be confirmed during this process. (It remembers 12 old passwords the way it is coded) The old passwords are stored in the database in an encrypted array.


Directions:
Back up your existing ASPProtect installation.

Add two new fields to the "ASPP_Users" table in your database.

For an MSAccess Database

Password_Expiration_Date (Date_Time Field)
PreviousPasswords (Memo Field)

For a MSSQL Database

Password_Expiration_Date (smalldatetime)
PreviousPasswords (nvarchar 160 characters)

once that is done

Copy all the new ".asp" pages into your site.


Edit the "PasswordExpirationURL" variable in the "check_user_inc.asp" file

It needs to be the full URL to to the "change_password/default.asp" file


Now edit the "change_password/processchange.asp" file

There are 3 variables you can edit.

PageSentToAfter = "http://localhost/aspprotectmods/password_admin/default.asp"
PassMinLength = 4
PassMaxLength = 8

The "PageSentToAfter" is where you want them sent to after they change the password. It can be whatever you like.
If it is a protected page they should automatically get logged in with the new password they just changed to which is nice.

The other two values should be obvious.

That's it...

Just remember the password change thing is not used in the admin area...
You could easily add code for that on your own though by looking at the the password expiration code I added to the publics "check_user_inc.asp" file

Also:
You will see a new field to edit on the user edit screen for the Password Expiration of course. 

yes, like macnap says.... you have to protect your ".asp" pages the way the directions tell you to...

and like in the "example" protected pages we provide

or they will not be protected and nothing will happen as far as ASPProtect goes

I guess I just didnt understand what you were talking about

I am not sure totally understand your question.
I need you to explain it differently.

Any ".asp" page that is protected is going to automatically prompt them for a login box or log them in automatically depending on if they set that option.. In the end returning them to that same page.

So, it really all takes care of itself for the most part.. It doesn't even matter if the bookmark a protected page deep in your site. The system is smart enough to keep them at that page as well as handle their access.

Now of course if they are at an unprotected page of your site and navigate to a protected page they get a loin prompt or are allowed in if they already logged in...

Also.. when you say unprotected page ? do you mean ".htm" or ".asp"

It's custimization work. and just not something I can support.
Basically it is basic ASP/Database work.

Something you kind of need to figure out on your own. It's not difficult work for a good asp coder but there is no easy way and it is time comsuming.

I wouldn't use the custom fields though. I would make your own.
It's simpler that way.

Chris,

I understand.  I set it to a lower number that will hopefully be a good balance for the user.  I am simply AMAZED at what your software does and I thank you for all you have done.

Jess

Actually, your whole site is like that.

http://www.bones.myftpsite.net/rfamilystuff/

You should definetly fix that..
I can't help ya with it though. You'll have to figure it out.

I know ya can do it...

later

I just installed ASPProtect on my site. The instructions were definately on the target. Very very good instructions.

But... Isn't there always a but ???

I needed to setup my site with MS SQL and it is hosted so I don't have Enterprise Manager. I tried the web based Enterprise Manager and any other one I could find. But, I kept getting errors when trying to use the SQL Script.

I finally had to go back to my work where we do have the licenses and get an SQL Admin to use Enterprise Manager to run the script and it worked finally.

I don't know if this is a common problem ??? But, maybe you would want to look at the SQL Server script or make a different version that would work with the Web Based SQL manager.

Thanks

ASPProtect protects ".asp" pages only.

That is your problem.

Just having the database with members does not protect the page.  You need to add the appropriate code to every page you want to restrict access to.

You need to click on the Groups tab in Admin. 
Click on Generate PW protection code. 
Click on the basic button if you don't want to include levels or groups or choose a level or group(s) and click the appropriate button. 
Paste the code that's generated  into the top of an ASP page in code view.

Is that what you're looking for? 

Michelle

I need to use SQL for other reasons than efficiency.  If I create 2-seperate databases, would there be a lot of code to edit?

Thank you.
Lance

This is a great article from my old powerasp.com site.
Connections And Server Database Permissions

Hello,

My guess your having trouble setting up a system dsn because the database has a password set on it. Your hosting company most likely sets up DSNs without using the advanced tab which is where the authentication information goes. Or they have some sort of web interface for the customers to use that doesn’t allow setting up that information.System DSN’s are actually difficult to set up correctly when the database has a password on it. There is of course a password on the database for security reasons so if someone ever downloads it somehow they will not get your information.

System DSN’s are not the way to go regardless as you will see mentioned at our support site.

http://support.cjwsoft.com/forum/forum_posts.asp?TID=9&P N=1

You really should try setting up a DSN-less connection. It is the best way to go. They are easier to set up, perform better, and are less load on the server. Any host that wants it customers to use system dsn’s is not on the ball as far as server performance and server resource conservation goes. They are really asking for trouble down the road.

All you need to do to make dsn-less connection is the following.

Get permissions set for the folder the database is in (by your host)… then figure out the physical path on the server to the database by using server.mappath or you simply ask your host for the info.

An article I wrote on using server.mappath

http://www.powerasp.com/content/hintstips/physical-path.asp

Then your connection string will look something like this.. (of course you edit the path to match what server.mappath tells you. And you make sure the database name is correct)

ListingsConnectionString = "DBQ=C:\Inetpub\wwwroot\asplistings\_database\asplistings_ac cess2000.mdb;Driver={Microsoft Access Driver (*.mdb)};UID=Admin;Password=temp"

Another option would be to simply remove the password from the database using MSACCESS.. then try to connect to it using a System DSN without the password. If your host is storing the databases outside of your web in the root of the server then removing the password on the database is not that bad of a thing to do as there is no way anyone will be able to dload it from your site. Of course there is a still a performace loss when using a system dsn with an Access Database

It probably is. You would have to look at the paypal documentation for IPN and see what needs to be changed in the form code.

You can get all that info from PayPal's website.

There are tons of variables and options you can use with all of their code.
They have detailed PDF files full of information on all of them.

To be honest I just can't remember what happens. It has been a long time since I did a real live test of that. I know it seemed like a pretty smooth process to me. Right now I can not test it out as I am on a road trip with my motorcycle and I am sending this email from my PDA.

I would ask Dave at this website.
http://www.davephoenix.com/

Or via this username in the forums
PhoenixUK

He can tell you what happens as he has been using the IPN stuff for about a month now.

Perhaps another user could chime in here as well and let us know. I know there are a lot of people using the IPN stuff.

I dont know about your error on line 6 when uploading..

as far as the manaully edited import file not working I would really need to see it. There has to be somethin wrong with it's format.

I really need more information and possibly acess to the system to do some troubleshooting...

This is anot a feature anyone has ever had an issue like this with.

[QUOTE=cwilliams]Humm, Did you make any changes to the code ?
Solid Black is not the default so it must have changed at least once.[/quote]

I did change the top_logo.gif and the associated link. That was on the default page not the Solid Black skin which is unchanged. After downloading/uploading the skins I tried changing it to one of the Beach skins and that's when it changed to Solid Black and has been stuck there ever since.

[quote]Otherwise it might be some sort of application variable problem.
I would make sure the web is and "application" in the IIS console.[/quote]I don't have access to the Microsoft IIS console as this is a host site. I can access the site's "control panel" but it does allow for those type of settings. Mostly just permissions, DSN entries, etc.

Thanks.
Al

also.. every once in a while I get some nervous person concerned about security... and the pros and cons of having parent paths enabled.

etc etc etc

so let me add this bit of info..

I don’t know what your hosting company will say because it is an iffy topic and those that understand it have a hard time explaining it to someone who doesn't. Also usually the hosting company doesn't have a clue except they heard it was a security risk.

ok.. the count your talking about wont increment until someone other than you views the page.

After that you can increment it one time...

It keeps track of the last IP that hit it.. if it is the same it doesn't increment

This is all by design...  so the same person doesn't increment the count over and over..

It's simplitist and it can be tricked... but it does what it needs to do 

check permissions for the user you are connecting to the SQL database.
http://support.cjwsoft.com/code/moreinfo122-1.htm

That user may not have permission to make new data

Also,  check all field and table settings manually by comparing them to the SQL creation script we provide. You may very well be missing auto increment and primary keys which would make adding new data not work.

It is most likely one of those two things.

Hi Chris,

We installed our key onto the live server.

However, since our temp key has expired, we can't access our application on our development machine because the login won't work anywhere except on the live server.

Of course we can access the application on dev, if we remove the aspprotect tags, but if we need to log in to do something unique to the user, then we have a problem.

Can we get another temp key from you? And would there be a better long term solution to this debug/maintanence issue?

--JP