Blog Entry: 3/25/2006 1:47:47 PM
1) Does everything, i.e. every user, every category, every product, etc., get stored in just one single database, or are there multiple databases at work and are linked to one another? I am asking because there is only one table in the DB, and it is the "Users" table. So I am presuming that there must be other databases that are linked to the DB. Is this correct?
2) Are user-level security permissions utilized in the sample Access DB that is shipped with the software? I am asking because we cannot seem to remove the "temp" password no matter what we try, and this is the only reason I can think of. , Your assumption was incorrect.... the login count has nothing to do with that. The login count only has one purpose and that is to limit the amount of times a user can log in if you want to do that.
Logging in for the 1st time means the time at which they 1st login and their session at the site is created... If there session ends and they come back and login they will get redirected because it will be the 1st time again.
Forms Based Authentication is all about sessions and session variables.
If you only want them redirected somewhere based on the login count that is something you have to work out and check on your own. It's very doable.
Seems like now I should have explained that better but I never thought anyone would think it meant what you thought.,
http://gibsoncity.info/guestbook/default.asp
Reports 65-messages, however after the first 10 are displayed and you click on the More Messages button, I get the Page cannot be found error. , I had a question about user registration and how it works, mainly because I am having a problem.
When a user registers, with the email verification setting, I am assuming that there is supposed to be a new record created in the USERS table in the database. What could cause this not to happen?
Actually, in testing further I found that with the setting at Auto, Manual, or email, the record is not added to the table. And, if I am logged in as admin, the Add User button does not do anything.
I can however edit and delete user records...
Hmmm, adding a Category yields the same thing. And loggin in as a non-admin user still displays some of the menu items for admin, but then gives a page can not be found error if you click on one (ie, approve).
This looks like a db issue to me, I will have to try this with access and on a test server...
Any thoughts?
- Jason
cwilliams38303.8507291667, 
Yes.
Now its OK
Thanks Christopher
, Editing using Visual Studio.NET
Here are directions for editing the application using Visual Studio.NET
2002 or 2003 version.. either should work
Some of you are wondering why I didnt just give you the project files.
It is best you go through this process and really understand what is going on.
Also, I dont use VS 2002 so I wouldnt be able to give you project files that would work with that. Not to mention there is 100% chance my prject files wouldn't work for you anyway because of path differences and other things.
Anyway.. on with the instructions...
1st.. make sure IIS, ASP.NET, .NET Framework, and Visual Studio.NET are all installed correctly and up to date.
Open Visual Studio.NET
File - New Project
Select a New Visual Basic ASP.NET web application.
give the new web to be created a name.. I called mine "aspprotectdotnet"
Hit Ok..
Now. once the project opens up we need to delete a few things in the solution explorer window.
So delete "webform1.aspx" , "deletestyles.css", "Global.asax", "AssemblyInfo.vb", and "web.config"
Basically all the files under the project...
Now... you should have the aspprotect.net files unzipped somewhere on you hard drive...
open that folder and select all the files and folders like so
Now drag those selected files and folders to the solution explorer window of Visual Studio.NET right on to the name of the web. In my case "aspprotectdotnet"
It might say this folder already contains a folder names Bins.. just tell it to copy over and continue on any prompts like that.
You'll notice your project is now populated.
Open up the references tab in the solution explorer window as we need to add some references to the dlls in the bin folder of this project. This is needed so the compile process and function correctly.
Right click on references.. click add reference
Then browse....browse on your hard drive to the location of the new web and the bin folder within it.
In my case... "C:\Inetpub\wwwroot\aspprotectnet\bin"
Choose "aspprotectlicense.dll"
Hit open...
Now do the same thing again until you have added all the dlls in that bin folder to the references..
Now.. click add-references again and this time choose
"system.management" from the choices in the .NET tab
Once all of that is done your references should look like this
Now in the Visual Studio.NET menu system up top..
Choose Build - Build Solution
If you did everything right you will see something like this in the build window
------ Build started: Project: aspprotectdotnet, Configuration: Debug .NET ------
Preparing resources...
Updating references...
Performing main compilation...
Building satellite assemblies...
---------------------- Done ----------------------
Build: 1 succeeded, 0 failed, 0 skipped
You now have the visual studio side of things all set up.
To make the project actually run we now have to set some permissions and edit the web.config file.
Using windows explorer browse to the web the app is in. Right click on the "_database" folder and give that folder and all the child folders within it. Modify permissions for both the Anonymous webserver account and the ASPNET account. These accounts might not show up until you dig into the advanced tab and click find now to show all the accounts on the machine.
Permissions screen looks like this...
Once that is done go back the solution explorer window in visual studio.
Open the docs folder.. right click on "sysdiag.aspx" and choose view in browser.
It should complie the project again.. and then run that page in either the internal or external browser depending on how you have that set up.
That page will report back path information.
"BTW.. for security reasons this page should be removed from any production server after installation is complete.. this is very important"
In my case it looks like this.
Probabale AppRootPhysicalPath
c:\inetpub\wwwroot\aspprotectdotnet
Probabale AppRootUrlPath
http://localhost/aspprotectdotnet
Probabale Path to Access Database
c:\inetpub\wwwroot\aspprotectdotnet\_database\aspprotectnet2 002.mdb
Now we need to edit the web.config file... your going to need to know some of the path information above.
In solution explorer double click on web.config.
Now edit the AppRootPhysicalPath, AppRootUrlPath, and CN keys accordingly.
In my case they will look like this.
<!-- PATHS USED BY THE SYSTEM -->
<add key="AppRootPhysicalPath" value="c:\inetpub\wwwroot\aspprotectdotnet" />
<add key="AppRootUrlPath" value="http://localhost/aspprotectdotnet" />
<!-- MICROSOFT ACCESS KEY -->
<add key="Cn" value="Driver={Microsoft Access Driver (*.mdb)};Dbq= c:\inetpub\wwwroot\aspprotectdotnet\_database\aspprotectnet2 002.mdb;Uid=admin;Pwd=" />
Now.. because our web is really not in the root of our virtual directory which starts at "inetpub/wwwroot" we need to edit another tag in this file.
Find the forms tag near the bottom.
<forms name=".aspprotect~net" loginUrl="/aspprotectlogin.aspx" protection="All" timeout="60" path="/" />
Change it to say this
<forms name=".aspprotect~net" loginUrl="/aspprotectdotnet/aspprotectlogin.aspx" protection="All" timeout="60" path="/" />
Notice tha part in bold that we added.
Now, you may also want to check the temp license key info while you are in that file and make sure it is not expired but I am not going to get into that here.
Now save and close that file and do a compile again.
In solution explorer open up the "aspprotectadmin" folder.
Right click on default.aspx and click browse
You should see the login prompt in your web browser..
Log in with
admin
temp
all lower case
You should see the users screen of the application,
Click on the system info tab up in the top left... make sure all those paths are correct and save it.
Go to the settings page of the admin area. Make sure all those paths/settings are correct and save it.
Congratulations... you just set up a visual studio web project from scratch and our now ready to edit and compile an advanced web application.
From here on your on your own, but feel free to ask questions in the forums as you will probably get help from myself or others who own the software.
One last thing... because we are not in the true root of the web on the development machine the examples in the example folder will need the reference to the "protectpage.ascx" file modified before they will work
It will need to go from
Src="/protectpage.ascx"
to
Src="/aspprotectdotnet/protectpage.ascx"
If this app was installed in the true root of a domain on a real webserver.. you would not have to edit the forms tag in the web config file or change the paths in the examples as they would be correct the way they came , also.. you could try chaning your connection string to set the current language to english like in this example..
BannerConnectionString = "Provider=sqloledb;Data Source=127.0.0.1;Initial Catalog=aspbanner;User Id=aspbanneruser;Password=temp;Current
Language=English;"
I do not know if that actually works but from what I have been researching it looks valid and it may solve your problem.
Also: The value may need to be Current Language=us_english
You'll have to try them, Weird things happening, when I upload using the vb method the image fails and error is that the image was empty.
Utilizing ASPUpload and after clicking upload file I get a blank screen, no preview, no nothing (it loads with the proper header/footer) but a completely blank body.
Any hints? , Redirecting is not something ASPProtect does because you can
do that sort of thing using simple ASP redirects.
In all of these examples you are going to want to protect the pages you send these users to accordingly.
So that if they know the url they just cant go their directly without loging in.
Redirecting example..
This page will redirect admins or level 4 users to a certain page and anyone else to
another page.
<%@ LANGUAGE="VBSCRIPT" %>
<!--#INCLUDE FILE="check_user_inc.asp"-->
<%
If Session("Admin") = "True" or Session("Access_Level") = "4" Then
Response.Redirect("sompage.asp")
Else
Response.Redirect("someotherpage.asp")
End If
%>
Redirecting example..
This page will redirect level 1 users to a certain page. level 2 users to certain page, and anyone else to
another page.
<%@ LANGUAGE="VBSCRIPT" %>
<!--#INCLUDE FILE="check_user_inc.asp"-->
<%
If Session("Access_Level") = "1" Then
Response.Redirect("level1.asp")
ElseIf Session("Access_Level") = "2" Then
Response.Redirect("level2.asp")
Else
Response.Redirect("allothers.asp")
End If
%>
Redirecting example..
This page will redirect user "PistolPete" to a certain page.
<%@ LANGUAGE="VBSCRIPT" %>
<!--#INCLUDE FILE="check_user_inc.asp"-->
<%
If Session("Username") = "PistolPete" Then
Response.Redirect("somedirectory/somepage.asp")
End If
%>
then just make sure the page you send the user to to also checks to see if the user is the right user.... to make sure others users can't access each others pages
<%
If Session("Username") <> "PistolPete" Then
Response.Write("You do not have access to this page.")
Response.End
End If
%>
etc etc etc.... these code snippets should point you in the right direction...
, Is there a limit to how many access levels the program has? We were thinking of having a different access level for each client that logs on our site so we can customize their web experience. We see 6 in one place of the program, 8 in another, but is there any reason why we couldn't make 100 more?
Thanks again for the help! , The company is called Eschelon - there customer service leaves a lot to be desired. I have contacted them again and they said that they require the account holder to manage permissions, they won't make changes. I wish they would have told me that a week ago when I asked them about changing the permissions. They haven't responded to me yet how I am to do that though.
Frontpage ext. are not installed.
Once I hear back from them about how I connect to manage rights I should be all set.
Thanks again for all your help! , we ended up resolving it...
the physical path being used was invalid, Parent Paths ?
http://support.cjwsoft.com/forum/forum_posts.asp?TID=5&P N=1
, Done!
I was able to put my experience was based on *40 months* of usage! I
think I bought a version way back in 2001, IIRC, so it's been a long,
happy trip with ASPProtect for me!
, humm
expiration dates in the aspprotect system are not used at all when using paypal subscriptions.. all date handling is done on their end actually
and they of course send notices from their system to the user regarding their subscription and when it renews,cancels, etc etc
so I am pretty sure any errors with that would have more to do with the info you used for the subscription setup and possibly any paypal settings associated with it
its hard to say at this point
The smart thing to do I think.. would be to sign up someone using another PayPal account (your allowed 2)... and while doing it be very careful about the subscription setup data.. and then as soon as the subscription is created review all the info in the paypal system and see if the length of the subscription / expiration.. etc etc in the paypal system info looks right..
at least then you can begin to troubleshoot what is going on... , Chris -
Long time no talk, which is a good thing. I have purchased another product from you, ASPVendor. I am running into an issues.
When I try and remove the image through the image manager, it does not remove it. Screen shot attached.
2005-10-19_194248_image_upload.zip
Thanks , The file check_user_inc.asp as the lines: (which include Session("groups")
Here we set some valus about the user into session variables
Session("PasswordAccess") = "Yes"
Session("Access_Level") = CmdCheckUser("Access_Level")
Session("Admin") = CmdCheckUser("Admin")
Session("Active") = CmdCheckUser("Active")
Session("Expiration_Date") = Expiration_Date
Session("User_ID") = CmdCheckUser("User_ID")
Session("Groups") = CmdCheckUser("Groups")
Session("Redirection_URL") = CmdCheckUser("Redirection_URL")
Session("Password") = RC4(CmdCheckUser("Password"), PasswordEncryptionKey)
Session("Username") = CmdCheckUser("Username") , Hi - I am a recent user of your software. I administer it for the owner. I probably missed something in your forums somewhere - but I'd like to know how to stop the software from sending an "accept registration" e-mail (after they fill out the registration page) from going out so fast - usually within minutes. I'd like to know how to defer the message for 24 hours, more or less, so that our company can go over the registration details and decide whether to allow the person registering to actually have access to our protected website pages. The program is working very well and we are excited about it. So far, no problems (knock on wood!).
Thanks so much for your help! , Is there a way to set various members to upload a limit of photos. So, one member can only upload 5 photos in 1 album and another can upload 30 photos in 2 albums. Even if you just set a permission for the number of uploads for each member.
Thank you , You shouldn't be renaming or moving anything... unless you really really understand what you are doing and are at an expert level expert as far as ASP coding goes.
like I said earlier..
http://support.cjwsoft.com/code/code_info.asp?TID=354&ge t=last#1130
redirecting with version 6 is not supported but this thread tells you exactly how to set it up (I showed you this thread in an that earlier post)
http://support.cjwsoft.com/code/code_info.asp?TID=17&KW= redirect
This thread below may also help in case the page you want to start on with a login form should not be password protected..
http://support.cjwsoft.com/code/moreinfo18-2.htm , Well, hold everything.
Looks like I did it right. The latest user showed up in the correct group.
I guess the ASP pages had to refresh at the server or something...
It's still a great product, BTW. Almost five years for my enjoyable ride with ASPProtect!
, here is the answer
http://www.iisanswers.com/IIS51.htm
CDONTS
CDONTS (Colloaborative Data Objects for NT Server) is a feature of NT and W2K that allows you to easily send mail from a web page using the SMTP server. The simplicity of the code and widespread availability of free scripts employing CDONTS has resulted in CDONTS being widely adopted.
Quite a surprise to many administrators to discover that IIS 5.1 does not support CDONTS as do IIS 4.0 and IIS 5.0. This has been replaced by CDOSYS which appears to have more capability, but it is not quite as simple to use. See: http://support.microsoft.com/default.aspx?scid=kb;EN-US;q195 683 for more details.
You can enable CDONTS on XP by copying CDONTS.DLL from a Windows 2000 installation to your XP system’s Windows\System32 folder (default name). Then at command prompt Windows\System32 run REGSRV32 CDONTS.DLL. The extent of my testing on this was to deliver one piece of mail, so this should not be construed as a complete analysis of the effectiveness of this technique. cwilliams38392.8260300926, OK, thanks.
Nick , We do not have plans to support recurring payments via 2checkout because their system is not flexible enough to allow it to function correctly. Basically their system will not send notifications to our system when a recurring payment fails and therefore there is no way to automatically disable a user that cancels or does not pay. etc etc.. , Chris:
The string is being saved and I get a .wav ring sound to confirm. I have tried editing in "notepad" and then running the "data/show_path_info.asp" file after with the same results.
Ken
, actually, passwords can be up to 75 characters long in ASPProtect.
the only requirement when entered from a non admin user is that they are at least 4 characters long.
what does MSAccess have to do with this ? Are you trying to convert and old system or something? I noticed you created and "old password" field in there ? Is there something I do not know about as far as what you are trying to do?
Passwords in version 7 are encrypted so I hope you understand all of that and realize you can not enter or change passwords right from SQL server. Also if you import info you must handle that accordingly and convert the passwords to encrypted format for the new version., Different Versions of the Access Database
Below is a zip file with many alternate versions of the Access Database provided to help with installation and general usage.
2005-02-20_155310_ASPProtect_Database_Versions.zip
ASPProtect.mdb is saved as an Access97 database (password "temp")
ASPProtect_access2000.mdb is saved as and Access 2000 database (password "temp")
ASPProtect_access2000.mdb is saved as and Access 2002-2003 database (password "temp")
ASPProtect_access2002_no_password.mdb is saved as and Access 2002-2003 database with no password set on it
Try to use the newest version as server odbc drivers sometimes have to use the newest version for everything to work correctly. No password version is provided because sometimes there are issues connecting to a database with a password set on it.
Default username for access databases is of course "admin" but you really dont use that except in the data connection information. cwilliams38403.6840277778, lmao ... ya that has never happend to me before.... ,
I can no longer send e-mails to my configured accounts through aspbanner. It was working for over a year and now it stopped.
At one point I was using CDONTS_Installed but since I moved to a new Windows 2003 server I was told by my ISP that either one of these will work
but neither one works. Can some one assist?
JMAIL_Installed
ASPEMAIL_Installed , This is what "John Evans" of CJWSoft has to say on the matter...
"I think that’s pretty much impossible. If the server sees a .JPG or .JPEG extension why in the world would it go and try to read it or do anything with it.
I believe there may have been some issues with Outlook and Outlook express that made it look like a vbs script sent as an attachment was actually a JPG because someone found an exploit in those programs and it would appear as if double extension files were one thing when in fact they were not.
Having a real time virus scanner on the server (which any good host will) should also catch anything infected being built on the server drives as the file uploads. Always worked for me and I had a lot of people uploading ZIP files on winxptheme.com at one point. Many had viruses in them although I suspect it was totally innocent on the end users part. Some people didn’t even know they had a virus on their rig.
Fact is anything is possible but I think chances of getting a virus or being hacked in some way from this sort of upload are really slim."
cwilliams38447.0602083333, Hi, Its just a generic error that really doesn't mean much of anything except that something wrong with your data connection.
http://support.cjwsoft.com/code/moreinfo27-1.htm
could be invalid permissions on the database folder... could be any number of things
when setting up your connection I suggest going dsn-less.
http://support.cjwsoft.com/code/moreinfo9-1.htm
It is better/faster and also a lot easier to set up. , If it stopped working it has nothing to do with the ASP code. YIf could have stopped for any number of reasons as hosts often change email server requirements and info. You need to go over the email settings. Of course make sure you and the person you are sending to have valid email addresses and try different methods/settings until you get emailing to work again.
Testing it by sending emails off from the users screen.. in each email type in what you are trying at that time so you know what worked if emails make it through. Also, be sure to check junk filters when testing to make sure the emails are not being put in any of those.
That's what I would do. CDOSYS is always your best bet for sending emails as it has so many options and all new server support it. , Or at least I think so. I have been trying to get this software to work so I can see if it meets our needs for an upgrade purchare. Here is my error.
Microsoft JET Database Engine error '80040e10'
No value given for one or more required parameters.
/aspprotect/scripts/populate_config_variables_inc.asp, line 15
My provider says that the problem is NOT on there end, that it is a problem with the code. I think that it is a database connection problem. Can you please help. Below is my connection string based on what the setup page directed me to do:
ConnectionString = "data source=\\NAWINFS03\home\users\web\b1347\rh.957theride\asppro tect\data\database\ASPProtect_access2002.mdb; Provider=Microsoft.Jet.OLEDB.4.0;Jet OLEDB:Database Password=temp"
When I first set up the program I got this error:
Provider error '8000ffff'
Catastrophic failure
/aspprotect/scripts/populate_config_variables_inc.asp, line 11
Once again, the looked into it and said the permissions were fine and that the code was most likely bad. But then the errror changed to the one that I first listed. Which is the one I am currently getting.
BTW here is the page address
http://www.957theride.com/aspprotect/password_admin/get_me_i n.asp
Thank you! , Update..
I have support for the ibulc image uploading client working.
http://www.ibulc.com/
There is also an option in asp photo gallery pro to store the images original filename in the description field which is pretty cool.
Ibulc client bulk upload support currently only works with the pure vbscript upload or the safileup component. (I may support the other two components asp photo gallery can use but it really depends on time) The pure vbscript upload code I am using for this is much better than the code I was using before so that method should be offer decent performance for anyone though using a component is always better.
I still have to add the ibulc feature to the users side. It currently all only works for an admin user.
The whole process is very cool. You install the ibulc client on you computer. It's tiny, and free for uploading up to 10 (100kb) pictures at once. You have to by a domain license from them to do more than 10. Anyway.. it lets you select multiple pictures off your hard drive and it then uploads them all at once with individual progress info for each picture. Its really cool and since it really treats each picture as an individual upload it doesn't hammer the server with one big upload at once.
I also made it so you can start the picture uploads at any picture number.
So if you already have pictures in an album you can add more without losing what is already there.
This was one of the main features of the new version and now that it is working hopefully I can tie up any loose ends and get the new version out soon. cwilliams38327.5488541667, You edit the web.config file that came with ASPProtect.NET.
You find this tag
<customErrors mode="RemoteOnly" />
you change it to this
<customErrors mode="Off" />
If you have a different web.config file in your root I suggest you make sure the tag is set to off there as well for troubleshooting sake
If done correctly you will get a detailed error
It's basic low level ASP.NET stuff really and does not have anything specific to do with ASPProtect.NET.
You also need to make sure your web is set up correctly for ASP.NET and that the correct web.config's are firing..etc etc
cwilliams38454.4368055556, I am not sure totally understand your question.
I need you to explain it differently.
Any ".asp" page that is protected is going to automatically prompt them for a login box or log them in automatically depending on if they set that option.. In the end returning them to that same page.
So, it really all takes care of itself for the most part.. It doesn't even matter if the bookmark a protected page deep in your site. The system is smart enough to keep them at that page as well as handle their access.
Now of course if they are at an unprotected page of your site and navigate to a protected page they get a loin prompt or are allowed in if they already logged in...
Also.. when you say unprotected page ? do you mean ".htm" or ".asp" cwilliams38298.6571759259, I am trying to set up ASP protect 6 and have a problem that when a new user registers their email is not transferred to the database.
I can see the rest of their entries both in the database and in the admin/edit form but not the email.
Any ideas?
, Ok, I tried what you suggested but the program won't let me leave the
date area on the banner ad blank. I reset it to a date in 2010.
I deleted the Level 1 Access note in the notes area.
I then attempted to access the banner stats using the correct info and
the right link. Again, got this message:
ACCESS DENIED
INVALID Username & Password
Username HAS EXPIRED
Any ideas? Should I just delete the whole account and start fresh?
TIA,
Laura
, the reason being is because when I do installs I do not touch any of your existing content. I only install the base application and make sure everything in it working correctly and also that the example protected pages are working. I do not integrate it with your existing site or edit any of your existing web content. That is up to you
sorry about that, but it would be way too time consuming and editing people's existing pages is a good way to cause a lot of headaches for me and the customer if something goes wrong. Not only that but everyone uses the system differently and it wouldnt make sense for me to be the one doing that based on access levels, groups.. etc etc which will all be custom to how you want things set up.
more on installation policies here.
http://www.cjwsoft.com/installation_service.asp
, it probably means the page you are trying to protect is (not in an iis application or not in the same iis application) which it needs to be
for a situation like using ASPProtect you really want your root of your virtual directory set up as one big application in IIS. (after you inquired about it your hosting company probably went and set the ASPProtect folder as an application in IIS which means any pages you protect need to be in there as well. (truth is they should have had your entire web starting from the root set as one in the 1st place..... its standard practice for any experienced hosting company) cwilliams38456.9306828704,
Timecard Entry: 3/25/2006 1:47:47 PM
worked on web page project for Beth for forum at JCC, NORTHERNGLASS.COM MEET WITH CLIENT ABOUT ADDITIONS TO WEBSITE...., Fixing Netserver's who's configuration was very messed up., Reviewed Kelly's press release about the phone company called steve to get into Tara's computer and lget letter out to channel partners , 0100 lines were unable to surf., Liverpool Chamber- information about next meeting/customer satisfaction, carl - accountant left message
work on work orders and checl voice mail/email
, excel report for coupons redeemed and also for comp tracking updated gisco forms, general site design and research, Marketing meeting, more billing issues, The phones were pretty busy during this time, Reading, knowlton brothers mtg - canceled, Yellow pages ads, emails and voicemail, Got all site files from 1000islandsfishing.com on a zip disk for the site owner, then mailed to him. Long story, but he's not able to access his site any more (FTP problems), Working with visual basic trying to create com components I can use with the realtor.com export files, *global student services: meeting with Adam and Mike Nelson re: Open SRS and Bram developments, Meeting on progress and upcoming events for softmls, Sat down in NOC., updated IGCC's members listing web pages, TIIC Chamber Access, Optimize Beth's workstation, po finished for tech data with darrell. po for white's. expense report for joe to clayton. nortel info printed on spm. ci signed by howard and randy and faxed to richard. copies of verizon acceptance to clayton and chr., WAN/LAN, Baldwinsville Chamber - Adding admin for new membership directory and combining old events admin with new (so customer doesn't have to login in two seperate places)., posted acct and did a detail of checks for a deposit. Customer inquiries.Ans phones, *TaskForce: Staff Meeting, Calling people back on voice mail, responding to e-mails. Starting backup of servers.,
| 
