Blog Entry: 3/25/2006 1:41:44 PM
Hello,
Sorry
No, there is not.
not the way the code ships.. The program keeps tracks of everything by the way it ranames files. The system has been tested to work well with as many as 10,000 images files. Any more than that and you need something a little more serious meant for that amount of images.
You could certainly modify it do work that way if you are good with source code. There are actually as many drawbacks as doing doing it that way as there are advantages.
Take Care
, Connecting user is dbo of database.
User_ID is primary key with auto increment identity.
SQL Script of current table:
CREATE TABLE [dbo].[Security_Users] (
[User_ID] [int] IDENTITY (1, 1) NOT NULL ,
[First_Name] [nvarchar] (100) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Last_Name] [nvarchar] (100) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Company_Name] [nvarchar] (100) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Username] [nvarchar] (75) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Password] [nvarchar] (15) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Access_Level] [nvarchar] (30) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Notes] [nvarchar] (1000) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Admin] [bit] NOT NULL ,
[Active] [bit] NOT NULL ,
[Expiration_Date] [smalldatetime] NULL ,
[Email] [nvarchar] (100) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Address] [nvarchar] (100) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[City] [nvarchar] (100) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[State_Province] [nvarchar] (100) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Zipcode_Postal_Code] [nvarchar] (20) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Phone] [nvarchar] (20) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Counter] [int] NULL ,
[Last_Access] [smalldatetime] NULL ,
[Login_Limit] [int] NULL ,
[Custom1] [nvarchar] (255) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Custom2] [nvarchar] (255) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Custom3] [nvarchar] (255) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Custom4] [nvarchar] (255) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Custom5] [nvarchar] (255) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Custom6] [nvarchar] (255) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[ValidateEmailCode] [nvarchar] (50) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Date_Created] [datetime] NULL ,
[Validated] [bit] NOT NULL
) ON [PRIMARY]
GO
ALTER TABLE [dbo].[Security_Users] WITH NOCHECK ADD
CONSTRAINT [PK_Security_Users] PRIMARY KEY CLUSTERED
(
[User_ID]
) ON [PRIMARY]
GO ,
(customer replied aug-sep 2005)
OK, you have old code then... I will send you some updated files that you can try.. let me know here if it solves the problem. , Ok, have contacted the web hosts. Thank you for your help so far
Regards
Andy
, I'm getting errors when clicking the Update Config Button in the System Info page and when clicking the log files button.
I'm not sure if it's a permission thing or not. ASPNET and IUSR both have modify access to the _database folder and childs, yet I'm still getting the error:
Access to the path "D:\Inetpub\wwwroot\aspprotectnet\_database\xsd\aspprotectne t_config.xml" is denied.
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.
Exception Details: System.UnauthorizedAccessException: Access to the path "D:\Inetpub\wwwroot\_database\xsd\aspprotectnet_config.xml" is denied.
ASP.NET is not authorized to access the requested resource. Consider granting access rights to the resource to the ASP.NET request identity. ASP.NET has a base process identity (typically {MACHINE}\ASPNET on IIS 5 or Network Service on IIS 6) that is used if the application is not impersonating. If the application is impersonating via <identity impersonate="true"/>, the identity will be the anonymous user (typically IUSR_MACHINENAME) or the authenticated request user.
To grant ASP.NET write access to a file, right-click the file in Explorer, choose "Properties" and select the Security tab. Click "Add" to add the appropriate user or group. Highlight the ASP.NET account, and check the boxes for the desired access.
Any ideas?
Thanks
 , how's it going ?, well, ultimately it comes down to this and this is stated in the footer of every page in the cjwsoft family of websites.
"In some cases in order to receive proper tech support your application will be need to be installed on a live professionaly setup server on the Internet. We simply cannot troubleshoot all issues when the application is only installed on your local machine."
and if you have some sort of weird timeout going on on your local machine and cant even give me a detailed error message there is just no way I can possibly troubleshoot it... I told you what to check and thats really all I can do... all my applications run on XP. As a matter of fact I do all my development on XP boxes.
It could be any numbers of things... odbc drivers, versions of vbscript... other software on the pc interfering such as antivirus script blockers like norton... all sorts of issues can pop up on personal machines running xp
If you put this up on a live professionally setup web server I can help you. On your local machine there is only so much I can suggest. , well, I need more details..
you got SQL server or data connection issues is pretty much the bottom line
If I remember right we went down this road with a SQL setup quite a while back (auguest 2005) and that never really got resolved
here it is
http://support.cjwsoft.com/code/code_info.asp?TID=321&KW =yiak
, We do not have plans to support recurring payments via 2checkout because their system is not flexible enough to allow it to function correctly. Basically their system will not send notifications to our system when a recurring payment fails and therefore there is no way to automatically disable a user that cancels or does not pay. etc etc.. , btw: who is this hosting company anyway ?
and did they give you access to a control panel that lets you manage your site ? sometimes that is where you manage those permissions if their interface supports it
lastly, are frontpage extensions installed in your web so it can be connected to via frontpage ?
, Thanks Chris.
Yes i never actually considered that they should log in twice.
The site uses two main url and the cookie was being stored for only one
of them. I have fixed the double login issue by making changes to
menu to ensure that they are always logging only via the url stored in
the cookie.
Thanks for your hep,
Stuart
, [QUOTE=cwilliams]
It should be released sometime late May 2004 or early June 2004 but no gurantees as I am pretty busy right now with some projects.
There will be upgrade instructions and it should be a fairly easy upgrade.
[/QUOTE]
Like I said no guarantee... I have a lot of things going on... it might not even be finished till the end of July... customers will always be able to get it for the difference in price
You have the version listed on the site when you purchassed it.
Version 3.0 cwilliams38167.6469328704,
If you want to have a login form on a non protected page that posts
to a protected ".asp" page use code like this.
Change the action of the form to the page you want them to log into.
Make sure to page you send them to is protected by the "check_user_inc.asp" file.
<center>
<table border="0" width="400" height="200" bgcolor="#000000">
<tr>
<td bgcolor="#F4F4F4">
<form method="POST" action="memberarea.asp">
<input type="hidden" name="Status" value="Checkem">
<p align="center"><font face="Arial">ASPProtect Login</font></p>
<div align="center">
<center>
<table border="0" bgcolor="#C0C0C0">
<tr>
<td bgcolor="#EBEBEB"><strong><small><font face="Arial">Username</font></small></stro ng></td>
<td><input type="text" name="Username" size="10"></td>
</tr>
<tr>
<td bgcolor="#EBEBEB"><strong><small><font face="Arial">Password</font></small></stro ng></td>
<td><input type="Password" name="Password" size="10"></td>
</tr>
<tr>
<td bgcolor="#EBEBEB" colspan="2"><font face="Verdana, Arial, Helvetica" size="-1"><input type="checkbox" name="KEEPMESIGNEDIN" value="True">Keep
me signed in on this computer unless I log off.</font></td>
</tr>
</table>
</center>
</div>
<div align="center">
<center>
<p> <input type="submit" value="Login"></p>
</center>
</div>
</form>
</td>
</tr>
</table>
</center>
, all I can say is try other things... like
mail.yoursite.com
or
smtp.yoursite.com
etc etc etc
replacing yoursite with the name of your domain of course
the settings for sending email via ASP are no different then the settings you would use in outlook or something... except sometimes on the server level localhost works as the email server because they set it up to allow that
and of course those 3rd party emailing components need to actually be installed on the server , Hi,
We use ASP Protect to password protect the pages in the member area ( http://www.pti.org/members.asp )
Of late Once or twice every month our whole site goes down and it gives us a "Microsoft VBScript runtime error 800a006 Overflow: Clnt //global.asa line 33 " error message (with the friendly message turned off). When we reboot the web server things are up as normal.
But this is happening too frequently and creates a bad impression.
Any suggestions on how we could prevent this would be greatly appreciated. , Does ASPprotect support Paypal's Website Payments Pro option, where a user can use a credit card directly on a web site, without passing to paypal.com?
Nick , no, its part the concurrent login checking system.
currently when that is on logging off does not come into play..
(pretty much because it is such a complex system I wasnt able to make it quite that intelligent this time around)
when concurrent login checking is enabled the only way to log in again at another system with the same username and with a different IP is to wait till that time period is over
sorry
as you may recall it was rush feature at the last moment before I got version 7 finished. Hopefully I can improve on the feature in the next version but I dont really see it as being a big issue at the moment. Sometimes when you want maximum security you have to make some tradeoffs and that is why the feature is optional. , I Dont know... it shouldnt do anything like that.
if it ever asks to download a aspx or asp page its generally a server configuration issue not related to the actual code
provided you arent trying to grab the injectbanner page through an iframe call which is only for use with the javascript method of calling banners , noted.
1.) this has been explored and because of the way groups works is not feasable. Because us this I wrote code to allow you to view and sort all users for any group on the actual groups page. You pick a groups and then click the "Show Users" button
2.) noted , Some users have reported an error during the registration process.
Here is what I believe is happening.
When you register you get sent a validation email that has a link in it that looks something like this.
http://support.cjwsoft.com/forum//activate.asp?ID=testAD3AD2 97BC
That link can only be clicked on once which will activate your account.
If you somehow run that link more than once you will get a message telling you there was an error.
I think some people are double clicking on the link they get sent and running it more than once.... or clicking on it again after registration is complete. It probably happens very fast so they never see the success screen.
Either way, if you can login to the forum nothing is wrong and you are already activated. cwilliams38089.6248842593, the no concurrent login feature is based on IP addresses.. if you logged in again using the same IP address it would let you in regardless. So for example if you were behind a rhome router and logged in to a site on the internet it would nt matter if you had multiple computers at home because they would all have the same external IP address... etc etc
In other words it is tricky to correctly test..
I really need more detailed info on everything going on. I real world scenarios there are no issues with that feature that I know of. At least according to customers so far. , here is the next response to this which was emailed to me but should have been posted here
From: Mo Afifi
Sent: Sunday, October 23, 2005 4:47 PM
To: CJWSoft Support Info
Subject: Re: CJWSoft Support Info : SSL - Verisign Certifcates
Hello,
Thank you for responding to my posting. In the second line of your response you said “not start them off at an http:// url". I think what you meant is to "not start them off at an https:// url". If this is your intention then I agree with you 100%. I have revised my pages so the users will go first to a non-https page and then make a choice either to use secure or non-secure access. Please note that the site is not intended to be completely SSL protected but only the sign up pages. I have another problem though when I click on the "Secure Log In" and enter my log in information; the entire subsequent URLs will have https:// in them which I could not shake off. As I said the intention was to use the https for sign in only.
I realize that this issue does not have any thing to do with your product, but any input will be appreciated. Best,
, Hello,
While there is no option in the admin area / asp code we give you here is what I can tell you.
You have the source code and we also use an open database structure. (MSAccess or MSSQL) So that means you can really run any query you want on the database whether with ASP code or directly in your database. You can even tie other systems and code into the database via OBDC and manipulate data. The sky is the limit.
In MSSQL you can run queries in SQL enterprise manager or query analyzer. Using Access you can run queries in query view.
It's really not that hard if you do some research on SQL Statements and how to use them. You can do some very powerful queries and save yourself a lot of time. , Sounds great, Sold!
Thanks Christopher! , Just to let you know that i figured out my problem. I had to modify the connection in the email code and get the correct path from my provider.
I hope you enjoyed your vacation.
Thank you
Adam , look in the "check_user_inc.asp" file
Thank you that did it !! , Yes, I was referring to ASP Protect.
I had about a dozen people access the same account, but it is highly unlikely that they would all try at the same time (unless there were several hundred people who had access). Having an enhanced login abuse would be nice.
, Ok I used the following for the sql string.. is this correct?
SELECT COUNT(Album_ID) AS Alb_Count FROM " & tbl_label_albums & " WHERE (User_ID = " & CmdListUsers("User_ID") & " AND Album_Active = '-1'" & ")" , as far as sql goes if you follow the instructions with give for setting up a new database you shouldnt have any issues and permissions should be already set. because we handle that in the sql script we give you.. "its a good thing to look at and it is pretty easy to understand what is going on""
however using another account could cause permissions issues.."yes, even sa" basically the username your using needs datareader and datawriter permissions to all tables used by the photo gallery system and you probably have to go specifically set them usin ght e security tab for your database in enterprise manager. This is more of SQL server 101 than anything to do with the Photo Gallery Code so I am not going to get into it too deeply, but that is definetly the issue. Permissions...
cwilliams38303.6065740741, I understand the encryption for security, but I am using ASPP for a very low security function and don't want encryption.
Can't I simply delete the code that does encryption?
If not, how can I
take my ASPProtect_access2002.mdb that was opened on my local host, with my own users added with text passwords,
export to a delimited text file, import it into ASPP with my own passwords encrypted, the use that file instead of my old .mdb file? Thanks , Version 8.1 can work with MySQL
http://www.aspbanner.com/aspbanunlimited_v8.asp
It is just not supported at all.
The standard version can not work with MySQL.
There were a lot of changes to make the new version work with it and I really only did ift because I have a couple friends with busy sites that could only use MySQL.
It sounds like your site is way too busy for using an access database as you mentioned. , I would like to create a login form on the home page which will not be password protected to the site for members so that they can login right from the home page and not a password protected page like many sites have. And every portal I have seen.
Plus the login form looks really pretty and proffesional on the home page  ...
I can't find anything in the documentation that says how to do this or if it's even possible. Everything I have found says to password protect a page and then direct them there which isn't what I would like to do.
Here is the code of the login page which is an asp include file on the main page:
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1252">
</head>
<body>
<td><img src="images/a026.jpg" alt="" width="187" height="21"></td>
</tr>
<tr>
<td bgcolor="#EBEBEB"><table width="100%" border="0" cellspacing="0" cellpadding="3">
<tr>
<td><table width="180" border="0" cellpadding="0" cellspacing="0" bgcolor="#AAAAAA">
<tr>
<td><img src="images/spacer.gif" alt="" width="1" height="1"></td>
<td><img src="images/spacer.gif" alt="" width="178" height="1"></td>
<td><img src="images/spacer.gif" alt="" width="1" height="1"></td>
</tr>
<tr>
<td><img src="images/spacer.gif" alt="" width="1" height="1"></td>
<td bgcolor="#FFFFFF"><form name="form_login" method="post" action="">
<table width="100%" border="0" cellspacing="5" cellpadding="0">
<tr>
<td width="53%"><input name="textfield" type="text" class="style-01" value="username"></td>
<td width="47%"><a href="#" class="link-02">Forgot pass?</a> </td>
</tr>
<tr>
<td><input name="textfield2" type="text" class="style-01" value="password"></td>
<td><a href="#" class="link-02">Not registered?</a> </td>
</tr>
</table>
</form></td>
<td><img src="images/spacer.gif" alt="" width="1" height="1"></td>
</tr>
<tr>
<td colspan="3"><a href="#"><img src="images/a027.jpg" alt="" width="180" height="15" border="0"></a></td>
</tr>
</table></td>
</tr>
</table></td>
</body>
</html>
Does anybody know what values I would put in the form to send the correct login to AspProtect. And, if I would have to add any extra includes or code to it.
TIA  , yea that info gets updated once an hour, in the version you have changing it is not something we covered
I believe you will find it the "config_inc.asp" file in the root though... be careful with naming it though because if you use any spaces or weird characters it might cause issues with various functions in the application like emailing.. I recommend just using letter, numbers, and maybe dashes
, ahhh ok.. I was going to wait till morning to answer this one..
glad ya figured it out
, I wouldn't bother doing that. If pic uplading doesn't work it is most likely permissions to the directory pictures are uploaded to. If they are not set correctly it will not work. That dir needs the same permissions the database folder needs. , Okay Chris, I wold like to get rid of the encryption then if it's not too much trouble.
I have no option of running the production server against an ms access db, since the db needs to be online and accessible from another system. , I just finished implementing the V7 product on our site and someone made mention that on the profile form where you are asked all your personal and user information there are 2 fields for passwords. The first field uses masking to hide the password as you type it, where the second shows it in clear text.
Now we know that the only people able to see the password are the user and the administrator, but it is playing mind games with my users as they think there is a problem with the application. I am not a programmer (however, learning ASP slowly now!) and am not sure if you did this on purpose or if it is a bug?
If it was done on purpose, can you advise how I can make the confirm password field masked as well to eliminate the unfounded questions!
Thanks , yes. what you are talking about has to do with norton ad blocking software.. it blocks images or paths that have the word "ad" in them.. and you see red x's where images should be on web sites.. usually
it is different then what this thread initially mentions which has to do with a code/server issue with the application variables. , Hi Chris,
I've got a page with a form that includes an input field with
'type="file"' for uploading an image. The page posts back to
itself to save the info to the database and run the code necessary to
upload and resize the image.
I need to limit this page to a group. So like usual, at the top of the page I put:
<% GROUPACCESS = "1" %>
<!--#INCLUDE FILE="../check_user_inc.asp"-->
This gives me the error: "Cannot call BinaryRead after using Request.Form collection"
I have used ASPUpload and SA-FileUP before and know that this is caused
by the components having their own .form collection. This script
is using "Pure ASP File Upload" from DMXZone for the upload which I'm
not familiar with.
So...my question is, do you know a way around the BinaryRead problem wtih ASPProtect?
Thanks,
Michelle
P.S. PLEASE don't send me to DMXZone for help....they've got notoriously bad support!
,
Timecard Entry: 3/25/2006 1:41:44 PM
Employee Handbook design and Integratoin, prep for the meeting- agenda and redid the updates to follow the agenda , printed a calendar of events, nc this week ad, email, mediation software research, Finished the emonitor page for Ron, same as above, PO for Jeff, incomed executions and checks -Carol gave me the info, wrote out thank you''s from the opening, Times - Basketball input forms (starting checkboxes not working), NEW FX banner ad, Driving down to Syracuse. 70 miles., email to sbrowning to set up costguard demo (list mailed to hb and dc for attendees). s/w jw on notes for lesson plan (glossary). continued reading on sonet w/notes. began outline for nortel lesson plan, s/w ct on flow chart for billing system - to set up time., Checking e-mail. Watching network a little., E-MAIL, ETC., short break, Lafargeville Central - Adding new parent accounts to database., Reset microcom modems., phones, invoices, etc., dial up issues, radlog, training in Victor-Costguard, Drove to Clayton., tarrif, meeting with board, checked and reset idle microcoms in o'burg and watertown..also showed shane some stuff dealing with the internet in general, such as ip addresses, the modem system, ect...he seems pretty new to the whole thing, so i dont think he got much out of it...., *EveryDayDad, On the phone with Verizon calling in a ticket, Evening Team Meet, tech support supv. duties. radlog, voice mail , auq, qlight, dsl, dial up issues, good night , busy teching calls, read and sent emails,
|
