Blog Entry: 3/25/2006 1:37:09 PM
well, assuming that function works and is vbscript not vb
(if it is vb code it may need some conversion work)
anyway
in "users/add_new_account.asp"
you would put the code for that function anywhere in the page.. it does not matter where as long as it is in code tags <% %>
then.. right under this part of the same page
If Zipcode_Postal_Code_Required = True Then
If Zipcode_Postal_Code = "" Then
ErrorMessage = ErrorMessage & Server.URLEncode("You need to enter a Zipcode_Postal_Code.\n\n")
End IF
End If
add this
If Check_Postcode(Zipcode_Postal_Code) <> True Then
ErrorMessage = ErrorMessage & Server.URLEncode("You need to enter a Valid Zipcode_Postal_Code.\n\n")
End If
No guarantees but that is the gist of it cwilliams38381.6456828704, I am using ASPProtect's password program, which has been very successful, for managing over 1,500 military veterans' memberships at http://www.vspa.com. What I am trying to do now is utilize the "Groups" code, as generated by the Admin page, to prevent members with expired accounts (and non-members) from accessing restricted "members only" .ASP pages they may have bookmarked, or found via web search. The code generated and used is as follows:
<%@ LANGUAGE="VBSCRIPT" %>
<!-- Begin ASPProtect Code -->
<!-- Groups with access to this page. ( * ADMIN * Member Current * Member Life * Officer/Staff * ) -->
<% GROUPACCESS = "10,12,14,19" %>
<!--#INCLUDE FILE="check_user_inc.asp"-->
<!-- End ASPProtect Code -->
The above is placed over the <html><head> statements on the page.
When I am logged in the code works perfectly! When I log off and try the URL again, the page appears in its entirety but with a Login box for Username and Login Password at the top of the page. You may view the problem at: http://www.vspa.com/aspprotect/vspa-password-enter.asp .
What I would like to have happen is expired members and non-members would be sent (or Redirected) to a Login page. I do not want the Login password box to merely be inserted above the page that I am trying to keep them from visiting.
Don Poss,
VSPA Webmaster ,
I'm using ASPimage and have the maximum width set to 320 in the settings. Also using SAFileUP ver. 4.0.
Files upload okay, and the script displays a confirmation that the image was resized to 320, but the actual image uploaded is displaying full size rather than reduced to 320.
Also, the thumbnails are not displayed in the Picture Manager. Would indicated ASPImage is not working or the script is not communicating with it.
Suggestions? lancem38326.9070486111, You not getting a blank page.. you getting an error. You just can't see it because it appears you edited the page background to black.
error '80040211'
/aspprotect/scripts/emailing_subs_inc.asp, line 174 , Why all the pages at the directory .../password_admin/ are very slow to open online? vaghelis38300.5280208333, yea.. it sounds like aspimage is not working right.
You wont get any errors..
I would suggest using some of aspimage's sample asp pages in your web and see if they do their thing. You need to be sure aspimage is working correctly under the ,ost simple of circumstances
Though ASPImage is the standard in ASP image resizing and has been around forever and it works very well. Their support is almost non-existant.. in 6 years they have never answered any email I have sent them. I have sent them 6 or so over the years and then just stopped trying. I bought a server bundle too way back then for like 300.00 or so when we had a company called gisco. You would think they could answer my emails. I think that guy just made a ton of asp components back in the day and then just took a seriously long vacation. Updated them a few times in between when he felt like it and making good money the whole time.. More power too him I guess. I'd love to be in his shoes when he sells an enterprise license for 3000.00. Maybe he isn't even around anymore and the someone he knows just kept the sales going. Who knows..
Anyway... it does a great job when ya get it working.
Personally this is how I install it and it works every time.
I like to put their dll in the system32 folder.
Register it.
Run their licensing prog to make it a full version if you paid for it yet.
Right click on the dll and give the "everyone" account modify permissions
Right click on the "windows/temp" folder and give it the same permissions , check the action for the button in the code... its probably not posting back the the right page which should the same page it is...
I bet ya it is posting to guestbook2 which is the wrong directory... an old mistake I forgot to correct... cwilliams38310.6540046296, Christopher,
I have a follow-up to this question.
Is there a way to get the photo descriptions to save with actual spaces instead of the HTML space code all of the time?
I know that is does this if you hit Enter while typing a description, because it creates a 'br' tag. The main reason I am asking is because if the user does not enter a line break, the description is saved a single long string and the pic_window.asp page is generated with one long description which makes the page very wide.
I tried to get around this by changing the description style in pic_window.asp to reflect a value like 50% or 200 pixels, and I have tried putting it into a table with a fixed width, but there is no effect.
Thanks!
- Jason , Personally, I think that is something you should work into your existing site code or something you should handle on your own.
It's basic site maintenance issues.. and something every webmaster must deal with on an individual basis. If you are going to upload a new version of some large file of course you should go disable wherever people are dloading it from and then wait/re upload/turn things back on.. etc etc
It is not going to be a feature of ASPProtect and I don't see why it should be. If you want to have some sort of global site is temporaily down thing you should have a common server side include on all your pages right after the password protection include file. In that include file you could easily stop site access with a response.end and also show a message.
Or you should disable a file download page manually on a file to file basis.
Really, big busy sites that have their sh*t together use versions of files for a reason. Every new upload is a slightly new version revision and has a slightly different file name They do this partially to eliminate the problem your talking about and also because that is the way it should be done. Nothing gets uploaded over itself ever. Even if there is a mistake in a file they upload a new revision and document it in the revision/changes file. And of course they dont show users a link to a new file revisions until it is uploaded.
, Hello- I am trying to install the ASPPROTECT product and tried to read all the docs but still am getting the following error:
[Microsoft][ODBC Microsoft Access Driver]General error Unable to open registry key 'Temporary (volatile) Jet DSN for process 0x1980 Thread 0x1458 DBC 0x223c374 Jet'.
I understand about the physical path for the DSN-less connection and followed the example given. I got in touch with tech support for the host of my site and the give me the following as a physical path:
c:\sites\Single20\laptv1\database
Some observations:
1.- The database directory is outside the root dir but I think I am accounting for it with the path
2.- The permissions are ok
Any ideas?
Thanks
FP
, Now, we can connect to the MySQL database with ASPBanner using the following connection string if we like.
"driver={MySQL ODBC 3.51 Driver};server=localhost;port=3306;uid=root;pwd=temp;databas e=aspbanner;option=16386"
But we really do not want to connect to the aspbanner MySQL database using the "root" account
So, lets make an account to use..
In MySQL Administrator select "User Administration"
Down below you will see the user "root"
Right click on "root" and select "Add new user"
Type in a New MySQL Username and Password
I am going to call my new user "aspbanneruser"
Hit the Schema Privileges" tab
In this case since I am using the root account to manage my MySQL system I am just going to give this new user account what it needs to use the aspbanner database.. you may want to apply more permissions to the new account, that is up to you.. I am giving the new user (select, insert, update, delete, execute) So I right click on the aspbanner and then bring over the permissions I need for it.. and hit apply changes down in the bottom right.
We can now connect to the aspbanner MySQL database using this new account like so.
"driver={MySQL ODBC 3.51 Driver};server=localhost;port=3306;uid=aspbanneruser;pwd=tem p;databas e=aspbanner;option=16386"
------------------------------------------------------------ -----
article still in the process of being written (3/14/06)
, This is what it says in that thread I pointed you to
This zip file contains 3 sets of alternate files depending on your situation. You simply replace your existing aspprotect v7.x files with these new ones.
I really dont see what is confusing about it. I think I explained it all in detail in that thread. , I am having an issue with the Thumbnailing process. My host does not support ASPImage so I have to use something called asp thumbnailer which is similar to ASPImage. I am trying to modify the Dundas upload to automatically reduce the images to create thumbnails. I ripped out the asp image code and replaced with the bottom. The main issue I believe is grabbing the image files. I am not sure how to name the actual image file that is already uploaded by the dundas upload. the code is below:
The peices in red are where the issue is I believe. What you see below is my attempt to identify the exact image and then rename it tthumbnail. My optimal solution would be to take the picture, resize it and rename it exactly what it was named before.
Any ideas
Thanks
<% Else %>
<%
Dim thumbObj
Set thumbObj = Server.CreateObject("ASPThumbnailer2.Thumbnail")
If thumbObj.LoadFromWeb("../pictures/" & Filename) Then
thumbObj.ThumbMaxDimension = 140
If thumbObj.CreateThumbnailToWeb("../pictures/Thumbnail.jpg") Then
Response.Write("Thumbnail successfully created.")
Else
Response.Write("There was an error creating the thumbnail.")
End If
Else
Response.Write("<p><hr><b>Unable to load the original image.</b><hr>")
End If
Set ConnClassified = Server.CreateObject("ADODB.Connection")
ConnClassified.Open ConnectionString
Set cmdTemp = Server.CreateObject("ADODB.Command")
Set CmdSetImageInfo = Server.CreateObject("ADODB.Recordset")
cmdTemp.CommandText = "UPDATE Ads SET Image" & PicNumber & "_Uploaded = 1, Image" & PicNumber & "_FileExtension = '" & FileExtension & "' WHERE (Ad_ID = " & Ad_ID & ")"
cmdTemp.CommandType = 1
Set cmdTemp.ActiveConnection = ConnClassified
CmdSetImageInfo.Open cmdTemp, , 1, 3
%> , But can you guess as to why the following might be happening:
1) The password is still "temp", and we verified that by checking dataconn_inc.asp ; 2) People are able to place new ads, etc. ; 3) We then download the DB. Sometimes we are able to open up the DB just downloaded with the password "temp", but only see the USERS table. At other times, we cannot open the same DB with any password, and get a "password not valid" message even when using the password "temp".
So what can the problem be? , when I go to that url is seems fairly fast and somewhat normal.. even when I try to log in it pops right back up asking for login info again..
I would check to make sure you are not running anything that might be effecting your web browsing.. software firewalls.. ad blockers.. script blockers... norton internet security.. zone alarm... anything like that
they can all effect a lot of things regarding how web browsers act. , also.. every once in a while I get some nervous person concerned about security... and the pros and cons of having parent paths enabled.
etc etc etc
so let me add this bit of info..
I don’t know what your hosting company will say because it is an iffy topic and those that understand it have a hard time explaining it to someone who doesn't. Also usually the hosting company doesn't have a clue except they heard it was a security risk.
Here is the low down from someone that really understands it...
(well, at least I think I do)
The only real security risks are from YOU and possibly other people hosting on the same server if they have parent paths enabled that is.
Meaning your site visitors can't possibly do anything with it unless of course you let them upload and run their own asp files to the server.
Anyway.. if YOU run malicious asp scripts you could potentially attack other sites on the server and look at things you shouldn't. As could other sites on the same server do to you I suppose.
So, unless you plan on doing that or some other site admin on the server does it to you its not really a concern. Just an advantage in coding abilities.
If you attack someone elses site on the server or lurk where you shouldnt then you are probably violating your hosting agreement.
99% of the time everyone gets all nervous over nothing.. half the people nervous about this have sites nobody would ever want to hack anyway.
Many people with a really important/busy sites are going to have a dedicated server somewhere so the setting is not relevant..
The hosting companies of course have to warn you.
This setting was enabled by default for years on IIS4-IIS5. I never once heard one single real story about anyone attacking anything because of this setting. That doesn't mean it doesn't happen but I am just telling you what I know.
This is all my opinion so take it for what it is...
If you are a Hosting Company your better off turning it on at the customers request, giving them a warning about it, and in turn having happy customers.
The big hosting companies like Alentus and MaximumASP do it...
There are far worse things than this to let people do after all.
Beleive it or not I have actually been in servers where they gave the anonymous webserver acount modify permissions EVERYWHERE yet they disabled parent paths ???? cwilliams38391.6024189815, Good Evening,
I have been trying to log into my site using the protected pages comments you have in support. I have copied the code in the ASPprotect 7 guide.
<%@ LANGUAGE="VBSCRIPT" %>
<!--#INCLUDE FILE="check_user_inc.asp"-->
and pasted it in my page, set the the IIS to open this page and the page will not open it and the page will not open and the error is
Error Type:
Active Server Pages, ASP 0126 (0x80004005)
The include file 'check_user_inc.asp' was not found.
/olem/reldt/introduction.asp, line 3
When I remove the two lines of code everything goes normally.
I have aspprotect in its own directory in the website. I have read the installation several times and I am afraid I am missing something blatently obvious so I really appreciate you thoughts.
I am presently using redirects. I like not haveing to use them as your comments have suggested. I have pulled all that code from the pages I desire to protect during this test.
I have three test users in my database - 1 administrator
Any suggestions?
Thanks and best regards
, The login page sends the user to redirect.asp (which is as follows)
<%@ LANGUAGE="VBSCRIPT" %>
<!--#INCLUDE FILE="check_user_inc.asp"-->
<%
If InStr(Session("Groups"),"*1*") Then
Response.Redirect("gp01.asp")
End If
%>
<%
If InStr(Session("Groups"),"*2*") Then
Response.Redirect("gp02.asp")
End If
%>
I am not being redirected to gp02.asp if I am a member of group2. Also, we wish users who are part of group 2 and 3 to go to a different page (ie. gp2-3.asp)
Thanks in advance.
, I will give you permission to move it since you asked., Just wanted to say how much I like the program! I hunted for days and finally purchased a Perl based product. After several days of goofing with it I gave up. ASPPhoto worked right on first install!!!!
Way to go! , There is nothing built in to the system but it is very doable.
However, you need to be a decent asp coder because your going to have to write some code.
Basically you would want to do a check on the screen where a user uploads to count how many pictures they have uploaded.
Then act accordinly and either let them or dont let them proceed.
On a side note the overall filesize limit of the total of all pictures a user can upload can be set when you edit a user.
, Hi,
I am investigating the possibility of purchasing above script having spent some hours trying to integrate various free banner rotators into my Invision portal.
What attracts me to your script is that it has 6 ways to call banners. I am an inexperienced webmaster with only a smatterring of knowledge about ASP. Will ASP Banner be able to integrate with my portal?
Many thanks
David van der Want , thanks!, thats a new one... I need some sort of error to go on..
No error ever ? It must eventually show something ? , I have a customer who is asking the following:
... could you make a link from it to our website and is there a way to see what traffic goes from us to them. They are going to pay a commission on sales, however I need to be able to track who views their site...
Wishful thinking or could you add code to track their IP address and display in the report section? Not sure that would be enough to satisfy this request. Suggestions?
Thanks, Lance , still.. its got to be somthing along those lines.. I have seen times when even dbo didnt have full rights to a particular database so permissions should always be manually checked..
The import data routine is most likely the source of the trouble
For troubleshooting sake I would create a fresh installation from scratch using the sql script we provide and a new SQL user. Then see if that works. If it does then try to import your data into that.
There are no other things I can think of doing. Sometimes you just have to start with a clean slate. , If you bought ASPBanner Unlimited Version 7.3 Before August/01/2004 this file needs to be updated.
It fixes a bug where CODE type banners do not work correctly with a weight higher than 1.
Basically, blank banners will rotate and you will see nothing sometimes.
Copy this file into your ASPBanner folder over the existing file of the same name.
2004-08-03_045728_appinfo_inc.zip cwilliams38209.5383680556, I dont know. Perhaps a fresh installation in a new folder would be a good idea as well if possible..
for troubleshooting sake.. , This article from my old powerasp.com site explains what Server.MapPath is and also why you can't use it to specify the data connection in any of the CJWSoft applications.
Use ASP to determine the Physical Path Of Your Virtual Website
As this article mentions you can still use it to determine the path, but you can't use it in our data connection strings because the data connection page is an include file and server.mappath will report back different paths for the different directories....... meaning it will work in one directory level but not another as the path will be different.
cwilliams38084.7454282407, Update..
I have support for the ibulc image uploading client working.
http://www.ibulc.com/
There is also an option in asp photo gallery pro to store the images original filename in the description field which is pretty cool.
Ibulc client bulk upload support currently only works with the pure vbscript upload or the safileup component. (I may support the other two components asp photo gallery can use but it really depends on time) The pure vbscript upload code I am using for this is much better than the code I was using before so that method should be offer decent performance for anyone though using a component is always better.
I still have to add the ibulc feature to the users side. It currently all only works for an admin user.
The whole process is very cool. You install the ibulc client on you computer. It's tiny, and free for uploading up to 10 (100kb) pictures at once. You have to by a domain license from them to do more than 10. Anyway.. it lets you select multiple pictures off your hard drive and it then uploads them all at once with individual progress info for each picture. Its really cool and since it really treats each picture as an individual upload it doesn't hammer the server with one big upload at once.
I also made it so you can start the picture uploads at any picture number.
So if you already have pictures in an album you can add more without losing what is already there.
This was one of the main features of the new version and now that it is working hopefully I can tie up any loose ends and get the new version out soon. cwilliams38327.5488541667, And here is an even simpler version where the database name is hardcoded and the User_ID is set ahead of time from wherever you are getting it from
'User_ID = CmdListUsers("User_ID") ' getting it from another database query
User_ID = Request("User_ID") ' getting it from the page post
SELECT COUNT(Album_ID) AS Alb_Count FROM Albums WHERE User_ID = " & User_ID & " AND Album_Active = 1" cwilliams38433.0595949074, I would like to change this file name to the typical Login.aspx, how to do this? I have a VS 2003 but need instrutions if that's the route to go., Chris,
I have had a couple of users log out of the system as they are supposed to, move to another computer and not be allowed to login because of "they are currently logged in using another IP address" when in fact they logged off properly. Is there anything that they should be doing differently?
Thanks,
Jess , Hi,
I can't seem to find the code where it limits the upload file size. I want to limit the upload size to 1.5 mg for all users. Also I've noticed that the 500 pix doesn't seem to work. As in if an image is bigger than 500 pix the script still uploads it. i am using Upload_post_VBSCRIPT.ASP.
Thanks , I did the initial steps of downloading the sql scripts and running it in Query Analyser, tables created fine.
I can login for the first time. I exit from the browser and then I cannot login again. This happens for every user and admin.
I noticed that the values in the fields "Login_limit" and "Active" in the ASPP_Users table in the SQL changed to NULL and 0 when login and remained in those values after close the browser.
So iam just struck not able to log in. Pls advice.
, There was nothing wrong with the server configuration. It turned out that the problem was that I disabled the email notification of new user registrations that I continually receive. That appears to disable the authorization email to new users as well.
One other issue. It appears that AOL email addressee's are not getting the authorization email. Does AOL have any blocks to CDONT generated emails?
, How to bring up Banner Calling Code Generators
Simply go to the zones screen.
Select a Zone from the list.
Check the "Show Banner Code" option.
Click on "Display Banners in Selected Zone" cwilliams38325.7399537037, Thanks very much for the tip. I'm a beginner with all this stuff so forgive me for the inate stupidity!
By the way, I think the system is great and I am very pleased my purchase. cwilliams38317.5552662037, well, thats a network drive path and in my opinion a very poor way for them to have set things up. It can work as long as permissions get set there and they have the anonymous webserver accounts set up correctly to handle that scenario, but performance isn't the best because your accessing the access database over the network. Access databases are not just not meant to be connected to over the network in a web based scenario. Quality ASP hosting companies do not set up their servers that way and it can often be difficult to get things running as it is a more complex setup on their end. Meaning if they dont synchronize the IUSR_machine accounts correctly you'll have permission issues.
http://www.aspfaq.com/show.asp?id=2168 , User Information
After a user logs in there are variables that you can always access.
They can be used to check various things or to display information
dynamically based on who has logged into the system.
Session("PasswordAccess")
Session("Access_Level")
Session("Admin")
Session("Active")
Session("Expiration_Date")
Session("User_ID")
Session("Groups")
Session("Redirection_URL")
Session("Password")
Session("Username")
Session("First_Name")
Session("Last_Name")
Session("Company_Name")
Session("Email")
Session("Address")
Session("City")
Session("State_Province")
Session("Zipcode_Postal_Code")
Session("Phone")
Session("Custom1")
Session("Custom2")
Session("Custom3")
Session("Custom4")
Session("Custom5")
Session("Custom6")
You can display them on a page at any time using Response.Write like so
<% Response.Write(Session("FIRST_NAME")) %>
or like this
<% = Session("LAST_NAME") %> cwilliams38419.533900463,
Timecard Entry: 3/25/2006 1:37:09 PM
meeting the Nortel Engineers and preparing for the Nortel meeting, 15 Miles: Evans Mills - Watertown, with Jeff, start developing 3rd quarter project worksheet, Circuits / Contracts / Tarrifs / Penalties research and stradegy w/ George and Paul., few calls, nothing big.. , downloaded all of my mail onto new computer, Prepare PC Bundle Packets, Using a coupon for MON & TUES since I had monday off originally and then came in anyway, Aligned the antenna and gathered up our equipment and set them up with DHCP., ST. LAWRENCE COUNTY STORYBOARD MORE IDEAS FOR LAYOUT, teched calls - steady, lunch with husband, CALLED ON MLS BOARDS AND FOLLOWED UP ON THE VERMONT BOARD, Picked up mail and opened. Posted accounts, credit card authorizations, coupon referrals, customer inquiries, and ans. phone., tech training
, maintainance of antennas for winter performance, mostly phone, lots down, To Chicago Driving, To Clayton, Timecards, etc, Floating Holiday, Ron Dillon, KVVI research existing system , Worked with Mary Wood Steady morning, Emails and call to Drew, online and rad log, dial up issues check, phones dead till like 7am,
trash out, straighten up, printed timecards to take to Jackie's while I batch, deleted some employees from the rooster., clean up desktop, organizing piles of work orders, making phone calls to Fort Drum regarding adevrtising, Working on updates for http://home.gisco.net/pcbundle, went to Clayton to assist Seth with TI Router....did memory upgrade but Installation did not occur due to missing power supply unit.,
| 
