i downloaded the latest version. i also downloaded the sql script provided and ran in sql query analyser to create the tables.

After that i ran a special page to intially get into the system,

then setup a new user, then make them an admin,

and after that i logged out and again when i try to login iam not able to login.  When i check the ASpp_User table I noticed that the values in the fields "Login_limit" and "Active" in the ASPP_Users table in the SQL changed to NULL and 0. But if the value are Nulls or 0 it means it's not active and it's not allowing me to login.

Pls advice

Our webhost changed converted all sites from c: to d:, and without us doing anything else, our customers now get the following error message when trying to access our Classifieds site:

***********

Microsoft][ODBC Microsoft Access Driver] Not a valid password.

This means there is most likely a problem with the "ConnectionString" info that you specified.

If you are using a DSN-Less Connection with MSACCESS.

Check that the physical path to the database has been specified correctly.
It has to be perfect and correct. It cannot be specified using "http://" or by using "server.mappath".
It has to be specified like the following example.

ConnectionString = "DBQ=D:\Inetpub\wwwroot\advpass_pro\_database\passwords.mdb;Driver={Microsoft Access Driver (*.mdb)};UID=admin;PASSWORD=Xpass"

If this is running on an NT server or Win2000 Server make sure that permissions have been set on the database.
Only the server admins can do this. If you are not the admin you will have to ask for this to be done.

If you are using a System DSN

It is not set up correctly. Again, make sure the permissions have been set for the database and that the system DSN has been set up correctly by the server admins.

************************************************************ *********************

We did everything the web host asked us to do, that is, changed all references to the C drive to new references to the D drive, but the error is still there.  We also never changed any passwords (as far as we can remember).  Can someone please tell us where to look (also which file might tell us what the correct password is in case it has in fact been changed.

After I approve someone's username and password, then go to send them the default e mail telling them of the approval, the e mail never goes through.  The e mailing used to work well for many months, but it stopped working.  Any thoughts?

Spider

I believe what happened is we received the older copy of ASP Banner iwht our purchase of ASP Protect and were notified of a free update to download aspbanner_unlimited_v8.2_feb_26_2005.zip which we did, and that's the one i recently put on our site.

  Sounds from your reply that something technical is going on to the point where I will have to hire one of our Web consutants to dissect for us.  We'll try again and track our issues and send another request for information when we can show you a specific example of what is happening.  I'll be in touch.

i took another look at the file, and realized that when i was looking at the data structure i had confused "banner_image_URL" with "banner_link_URL". i lengthened the latter, and now all is good.

sorry for the false alarm, and thanks for a very-to-work-with product.

Ok, so I checked to see if ASP is running on the server and it is.  then I added code to the top of a page and this is what i can see when 'view Source' on the web browser:

<%@ LANGUAGE="VBSCRIPT" %>

<!-- Begin ASPProtect Code -->
<!-- Groups with access to this page. ( * Admins * ) -->
<% GROUPACCESS = "4" %>
<! #INCLUDE FILE="check_user_inc.asp">
<!-- End ASPProtect Code -->

<html>
<head>
<title>TeamManagers</title>

Yet I get no challenage for a password and no error message!

There is nothing built in to the system but it is very doable.
However, you need to be a decent asp coder because your going to have to write some code.

Basically you would want to do a check on the screen where a user uploads to count how many pictures they have uploaded.

Then act accordinly and either let them or dont let them proceed.

On a side note the overall filesize limit of the total of all pictures a user can upload can be set when you edit a user.

yes. what you are talking about has to do with norton ad blocking software.. it blocks images or paths that have the word "ad" in them.. and you see red x's where images should be on web sites.. usually

it is different then what this thread initially mentions which has to do with a code/server issue with the application variables.

where is your site ? I'll taka a look

It's probably something I could do for you as a custom project if you are interesting in paying to have that work done, but it is probably not something that will be added to this version of aspbanner as it is in my opinion a feature more suited for a more expensive software package.

It is also difficult to get ASP code to do things on it's own. Scheduling something to run on the server or some other clever scenario is necessary and that usually means it would be unique to each persons setup.

http://www.cjwsoft.com/custom_work.asp

The count is in the album area where the small pictures and description of album.   Viewed 1 time(s)  This count never changes.

Thanks

 John

the menu file.. "menu.asp" or something... just follow the logic of the code to find things like that. Look for server side include files and what not in the source code.

This is a good article on figuring out what pages to edit as well as other things.
http://www.powerasp.com/content/hintstips/common_sense.asp

If it was working and you changed code you could have possible messed up how all of that works... you may need to revert back and be really careful as you make changes testing every step of the way.

just leave the databse where it is, use the connection string generated for you and most importantly... put in a request with alentus for permissions to be set

tell them "D:\Websites\www.mysite.com\aspprotect\data" and all of its child folders need change permissions (r,w,x,d) set so aspprotect can do its thing

until the permissions are set that connection string can not work

this is all noted in the installation docs...

I encountered a problem that I haven't been able to solve. I'm trying to get .pdf files to byte serve (page-by-page load in the browser) but unable to do so. I've narrowed it down to stream download file where it creates the header object. I haven't made any success with the changes I've tried. Any help would be very nice.

This maybe useful:
http://msdn.microsoft.com/library/default.asp?url=/library/e n-us/act/htm/actml_ref_href.asp

ok,

IE and firefox do some things differently.

It could very well have to do with MIME types set on the server for your website. pdf probably isnt set as a mime type which can cause issues with file streaming situations.

Mime types are either set in the IIS console for your web site under the http headers tab or you can try setting the content-type header to 'application/pdf' right on the asp page the does the streaming

see this article which shows how to do that
http://psacake.com/web/gj.asp

'Specify a MIME type such as "text/html", "image/gif" or "application/pdf"
Response.contenttype = "application/pdf"
'Useful in cases for unknown file types

You would want to put the code that sets the contentype as close to the top of the asp page doing the streaming as possible.

I'm all set - after thinking about your replies - i checked a bit more and changed the email component type -- thanks again for all your help.

That is by design, removing and deleting are two different things as far as the classifieds system goes.

A regular user can only remove an ad from the category index. (which makes the ad inactive)

An admin however can truly delete an ad from the system.

A mod like this would improve tracking by leaps and bounds.

Do you think this addon would be availalbe anytime in the near future? If/when this feature or mod becomes availalbe, it certainly would be ideal if some script was made to import all the log file data.

You would carefully use the built in features of access to import/export data.

The password for our databases is noted in the documentation. It's pretty hard to miss really. You can also see the database password by looking at the connection string info.

different versions may be different but it is usually "temp" minus the quotes

I think I've got it to work somewhat.  I modified the 2checkout1 & 2 asp file to use and pass Product_id.  It now identifies the product correctly.  I'm good fo now. Thanks for the info though.

-Jason

What am i supposed to do now... i do have another member server that is not a domain controller-

However, i have like 5 websites running on this domain controller already. I have thought about this before how its a HUGE security risk but it will take too long to configure everything on the other computer :(

If we wanted to user groups, is the "Access Level" in the User setup the same ID as what the group access would be?  Ex. If John had Access Level 4 and the page specified <% GROUPACCESS = "4" %>
<!--#INCLUDE FILE="check_user_inc.asp"-->

I'm asking because there is no Group Access Level in the user setup.  Thanks

I am using v7 with other software written in ASP.NET. When I include the the "checkfor" and include file, I'm receiving a compliation error.

Here is the include I have on the .aspx file:
<% CHECKFOR = "4" %>
<!--#INCLUDE FILE="../../ASPProtect/check_user_inc.asp"-->

Here is the error:

no, its part the concurrent login checking system.

currently when that is on logging off does not come into play..
(pretty much because it is such a complex system I wasnt able to make it quite that intelligent this time around)

when concurrent login checking is enabled the only way to log in again at another system with the same username and with a different IP is to wait till that time period is over

sorry

as you may recall it was rush feature at the last moment before I got version 7 finished. Hopefully I can improve on the feature in the next version but I dont really see it as being a big issue at the moment. Sometimes when you want maximum security you have to make some tradeoffs and that is why the feature is optional.

it has been 3 days since I logged myself in under Admin, and all the user information on the User Activiy screen seemed to be gone.

is there any specific length of period it refreshes its user information??

I just finished implementing the V7 product on our site and someone made mention that on the profile form where you are asked all your personal and user information there are 2 fields for passwords.  The first field uses masking to hide the password as you type it, where the second shows it in clear text.

Now we know that the only people able to see the password are the user and the administrator, but it is playing mind games with my users as they think there is a problem with the application.  I am not a programmer (however, learning ASP slowly now!) and am not sure if you did this on purpose or if it is a bug?

If it was done on purpose, can you advise how I can make the confirm password field masked as well to eliminate the unfounded questions!

Thanks

I really do not know for sure, but I imagine there are customers using their windows hosting. Usually I do not know what hosting company a customer uses and I am usualy the only one that responds to forum questions.

Why not download the current Free lite version and try it out ?

CJW

This first one may be an obvious one, but is it only .asp files that I can protect as in no HTML files.

Can the program be set to protect my whole https directory contents (though the answer to the last question may have bearing here - there are html files as well as .asp in there) as in http://secure.mydomain.com

Thanks in advance

Running in parallel for testing is actually a smart way to do it, but the truth is you don't use anything from version 6 except the upgraded database (we have a tutorial on how to upgrade the database)

Version 7 was a drastic change /rewrite to all of the asp files that come with the application. So you will be starting out with fresh version 7 ".asp" files and folders... You will also find that once you get version 7 running that editing certain things like the look of the users area and the login screens is much easier to do.

That being said any of your own ".asp" pages that you protect use the same protection code they always did, so there will be no drastic changes needed there when you do finalize the upgrade.



If using MSACCESS as the database I suggest installing the application somewhere in your web and using a fresh ASPProtect 7 database. Once you are familiar with the setup and everything is working fine. Attempt the database conversion and when your done stick your converted database in there and see if everything is ok.

Also, if you already purchased the application download the latest version before doing the install. It's the same download URL. If you don't have it email me and I can hook you up. I have added some new features and fixed a couple minor things since it's release.

So far the feedback on version 7 has been awesome..