Blog Entry: 3/25/2006 1:42:15 PM
Christopher,
I can empathize. It can be a real pain to stablize a server and fend off hack attacks.
As for beta testing, I was referring to once you get to the point where you're ready to release it to the public whether it's this month, next month, etc.
Good Luck!
Al
, Have tried doing that but same error...
,
Chris:
I just got done trying it myself and it worked great for me too. I was aware of the security issue, but I'd already planned on using SSL for this particular call, as well as for the secured pages accessed through the normal process, so the bad guys will be kept at bay.
Thanks for the help.
, that wont work the way you did it because groups are not stored like like.
groups are stored "*1*"
or "*1*,*9,*"
so if you test for them you must do so using the InStr function of vbscript
example:
If InStr(Session("Groups"),"*1*") Then
' do whatever
End If
also.. as for the session variable
it should be Session("Groups")
And in Version 6.... (its all ready to go in version 7) that session variable must be saved in the check_user_inc.asp file near where all the others are saved. If it is not there by default "I dont remember if it is or not" you have to add it like so near where all the others are saved
Session("Groups") = CmdCheckUser("Groups")
If you are wondering if it is being saved correctly you can always response.write out the Session("Groups") to see if it holds a value
, huh? I think I just covered that as that is the way it must be done., thanks thats what i was guessing.
, Hi there,
Well, that is why we added the PayPal subscription pack where all of that is taken care of and customers get put under a recurring billing cycle.
The more people you get to pay that way the less you have to do.
We also have routines for the two other supported payment methods so people can look up their account and add time to it whether it is active/expired or not.
Other than that, yes it is something you need to sort out on your own based on how you want to run your system. You have the source code and the sky is the limit on how you want handle all of that. You send out an email to users about to expire. Whether they come back to the site/look up their account and add more time to it is up to them. I really just do not see any way ASPProtect could handle that whole process automatically.
As for batch changing to users in the database. We give you the source code and we also use an open database structure. You can run any query you want on the database whether with ASP code or directly in your database using the tools that come with it, You can write any code you like to do whatever you like to the database. You can even tie other systems and code into the database via OBDC and manipulate data. The sky is the limit like I said. I also don't really see how batch changes to the database relates to individual users paying again for access or not especially since we include payment pages were a users can look up their accounts and pay for and add more time to it automatically ? At least not regarding the payment routine we provide support for.
ASPProtect can not handle everything every person would need to do. It is meant as a solid starting point for any project, but there are going to be times when more functionality will need to be added by the customer based on their specific needs.
, Is the user ID case sensetive? In my case I use the user email as the login ID., sorry for delay responding,
I got bombarded with support inquiries while I was gone and I missed this one since I been home.
Does the server_info.asp page I provide say that aspupload is indeed installed. Let's start there. , You not getting a blank page.. you getting an error. You just can't see it because it appears you edited the page background to black.
error '80040211'
/aspprotect/scripts/emailing_subs_inc.asp, line 174
, I installed the ASPProtect.NET project no problem. I am using VS.NET 2003 on Windows XP SP2 (and fully patched). I am able to build the project successfully, however I cannot debug the project. I get an error "Unable to start debugging on the web server. The project is not configured to be debugged." The web app runs fine just browsing to it.
I know this is an isolated problem particular to this project. I have MANY other .NET projects that I can debug without any problems. I have tried going into IIS and turn on the debugging for server-side script debugging and making sure my IIS application setting were configured correctly.
Can anyone shed any light on this at all? Christopher, is there any reason I should not be able to debug this? (i.e. the aspprotectlicense.dll)
Thanks,
K
, noted.
1.) this has been explored and because of the way groups works is not feasable. Because us this I wrote code to allow you to view and sort all users for any group on the actual groups page. You pick a groups and then click the "Show Users" button
2.) noted
, Its not a known issue.. I would try the original code before you made any changes and see if it still happens to you.
It seems to be working fine here for me in amy test web.
I am going to look into some more in the meantime.cwilliams38341.7166782407, I dont know about the unspecified errors. I really need more detailed information. (Since it has been working fine for quite a long time you might want to consider installaing the application from scracth again and see if you still get errors)
As for the log in not persiting. Did you by chance turn off cookies in your browser ? They are required for forms based authentication to function. Otherwise, yes you would need to log in to each and every page as you moved around.
cwilliams38414.6054166667, I'm all set - after thinking about your replies - i checked a bit more and changed the email component type -- thanks again for all your help.
, On second thought guys, it would must easier to change the code using modulus as follows:
<% If PicIndex mod 6 = 0 THEN %>
</tr>
<tr>
<% End If %>
This will end each row and create a new row after each 6th picture. It'll be must easier code to work with and change. This code must be placed in the PicIndex For Loop.
If you have any questions, JPortnoy@Checkernet.com
, You might just learn something and actually get your project finished before 2010 
your over there hacking away on your virus infested WaReZ machine
LOL thanks for the good laugh-- i guess its time to do some reading and making my own mods to the program..
btw i never insulted cafrepress.. not sure where you got that from- just advised that what they have is exactly what i want to have done. How much for your service?
, I guess i am not being clear as to what i am trying to do. As far as the event thing... lets hold off on that for now. It seems Chris has answered my question and i am on my own for that one...
As far as the log in goes: I went to that site you mentioned;www.CafePress.com to see if they had what i was talking about. and they do. Notice on the bottom of the page it says "sign in to your account"
I want that option on my home page where users can sign in to go to their account. It will either take them to a page where they can update their info, or it will take them to a protected page. Pretty much instead of posting a link on the site to say... click here to go to members.aspx and have it return an "access denied" the user can enter their info from the main page and be automatically re-directed to that members.aspx page.
I know how the viewstate works and i also know what that returnURL thing does..pretty self-explanitory.
Hopefully that makes things easier. I just want a user to log in from the homepage and be redirected to either a protected page or their account page...
(as does that cafepress website)
, I didn't know about it. I will try to check it out some more this week.
, Using "Email Authentication" as a registration option you cannot do that. There is no possible way I know of to have a delay on the authentication email like that. Also that method is not intended to involve any sort of manual registration like what you are doing.
Because you want to review people manually you need to change to registration process to "manual" and then send the email out manually from the users screen after making a user active.
, Great suggestion, routing the banner click through an intermediate page before the destination. We use Deepmetrix LiveSTATS.xsp V7 and I should be able to configure a filter to capture the stats of the intermediate page.
Thanks for the help!
Lance
, Ok, I started the database tables from scratch. I did everything using sql enterprise manager and query analizer..
Same thing happens... certain passwords just do not work.
So I did a lot of testing and I have come to the conclusion that this has something to do with the regional settings of that SQL server.
Here is an example.. see the screenshot below.
Username "admin" password "petepetepete"
The top query done in Enterprise Manager is valid and shows the user.
The bottom query is also valid but it does not show the user.
And that is exactly what is happening from the ASP codes point of view.
Now, this means that even though that encrypted password is getting saved to the databse correctly this particular SQL server just cant deal with it from a QUERY.
It works fine on two different SQL servers that I have. It's just got to be something regional related like unicode characters not being dealt with correctly or something odd like that.
I tried changing the collation data for the "Password" field type on that SQL server and it looks right. I don't know what else to do but it is something about that SQL server. There may be a way to change the regional setting through the connection string but I cant find any articles on that right now.
One solution I have for you to get this working there is to eliminate the encryption factor then I dont think you will have these issues.
It's either that or find another SQL server with US type settings or use MSAccess. ASPProtect runs nearly as fast on Access as long as you do not have over 10,000 users or whatever. The system hardly ever accesses the database so it performance under MSAccess is always good.
Let me know what you want to do. I can shows you how to eliminate the encrypytion factor if you want to try that. I think if I make you a custom version of the RC4 function you can just replace that and then the system will use plain passwords.
Your call..
, did you fix it because I see all the pictures just fine ?
http://mcintoshcounty.org/real_estate/view_item.asp?Ad_ID=1
, Hi
I would like to ensure the the user uses a UK style postcode not a clue how to ensure this as I am new to asp. Any ideas?
regards
John
, Your customer should set up a special page that you send banner clicks to. That page is the page that should record the ip and whatever other info needed.
I suppose you could make a page on your end that records that info and finally redirects them to the intended url as well.
All using simple asp. It's really not that dificult to do, but it is a loit easier if you do it this way and keep it seperate from the banner system.
Here is some interesting information not totally related to answering your question.
The banner system does not track IPs on individual clicks because if it did.. 100 clicks on a paricular banner in one day would result in 100 rows in the stats database instead of just 1 row. That may not seem like a lot, but imagine 30 banners all doing the same thing mulipled by 30 days. Your talking 90000 rows in the database instead of 900. It all comes down to what ASPBanner was designed for which is performance and low resource use.
Some banner systems out there even keep track of individual IP's per banner display. Try to imagine how much that effects performance and how much extra space is used in the database for stats. It's crazy and also the reason that the more little features a banner system offers the slower and slower it begins to run.
I am sure I lose sales all the time because I offer less features, but the truth is I know those features will eventually defeat the purpose of why I created this banner system in the 1st place and that i just not something I want to do.
The banner systems with every little feature are just not well suited to very busy sites no matter how well they are designed.cwilliams38324.8386689815, you can not limit image size using the pure code upload method. Its not possible using a pure asp method that I know of.
You would have to be using one the supported commercial upload components and edit the upload code accordinly to limit upload sizes (you would do this by looking through their documentation and samples) I didnt include any support for upload file size limitations with the supported 3rd party upload components because in my testing I found it problematic with all but aspupload from persits software. (I have example coe for that component I can provide that limits the upload size and seems to do it well) I am sure it could work with safileup and dundas as well but I gave up trying.
As for image resizing..
Image resizing requires the use of one of the supported 3rd party image resizing components. You didnt mention if you are using one or not. If you dont have one available image resizing is just not possible as asp can not do that on its own.
, Well, I assumed I'd be able to tweak this thing but it is all so intertwined it doesn't pay to mess with any of the files. Hence, I'm going to have buy a different system only a week or two after buying the unlimited version here.
As I leave I want to give you some impressions here. While the system is low-cost, the 99 dollar version is missing a few pieces that I think would bring the value to 99. It is one thing to talk about the speed/performance, but to a degree that's hard to measure, and to anyone with web advertising on their site, performance will always run second to potential site income.
It definitely needs a user interface and registration for advertisers, and it definitely needs a single variables file for changing the hundreds of variables for which there is no control. I had to search on my own just to change the look and feel.
Lack of multi-zone support is a serious drawback. I would submit that anyone with a serious website needs it, and will gladly pay you 139 over 99 for just that one feature.
Take them or leave them, they are just suggestions.
, I am an experienced ASP developer. Can you tell me whether this would be a very involved process, or whether it is pretty straightforward? I don't yet have a merchant account, so I am not yet familiar with any aspect of accepting credit cards online.
Thanks.
, Well you can put a link on all your pages that links to the login page?
modify the code in the login page so the return page is members.aspx or
whatever you need and thats it?
I dont see your point? probably because I understand how the program works and your not 100% up to speed on how it works.
, Cool.
Well I'm in the middle of uploading the txt file and it's about half way done and sitting there...so I'm keeping my fingers crossed.
, If I also password protect the pricelist pages then someone will have to login twice.
nobody should have to log in twice... ?
session variables keep track of access... once your in - your in and you can browse to and from any password protected pages you like
If it is making you log in each time then cookies are most likely disabled.. session variables requires cookies being on to work.. cookies being on is a requirement of aspprotect and is how Formed Based Authentication works..
let me know if that is the issue there...
you shouldnt have to be logging in more than once per session
Thats the whole point of the application...
, While my host says the permissions are now correct....its still trying to download the setup ASP file instead of executing it.
I really need to get this application working asap too. I noticed the purchasing page said that install came free.....so any help would reaallly be great.
re
, Editing the look of the login page.
In this version editing the look of the login page is very easy.
You can make this login page look exactly like you web site if you like.
You want to edit the "scripts/login_form_inc.asp" file.
It can be edited with any editor as long as the existing bits of server side code in it and the login form remain in tact.
The best thing to do is back it up before you start editing it.
Then if you goof it up you can revert back to the original.
If you edit this page with FrontPage enable the "show all" feature.
Its the little PIE sign in your icons. It will show the server side code as yellow things on the screen so you know where they are and can be careful not to delete them.
see screenshot
cwilliams38448.8132638889, Hello,
Again, enspecified error are not very helpful.
An error usually tells you at least a line number and page or something.
Please read this as it might help do tell me more.
http://support.cjwsoft.com/forum/forum_posts.asp?TID=11& PN=1
As for only happening once in a while. It could be a lot of things.
Version being used (when did you purchase.. what name/email was it under and I can look) ?
What banner method being used?
Access or MSSQL ?
How busy the site is ?
Server Resources ?
cwilliams38414.6114930556, I will give you permission to move it since you asked., I do not what is going on at this time. It is not a known issue.
If is is not working it would seem to be a problem with the application variables on the server possibly and your web.
Perhaps try installing it on a local machine and see if it works for testing sake.
Also.. if your stuck with the black skin you could always just edit the information in the that skins folder to get the app looking the way you want.
That and the header and footer files that comes with the app are what control the look of the system.
cwilliams38294.5880208333, I think I've got it to work somewhat. I modified the 2checkout1 & 2 asp file to use and pass Product_id. It now identifies the product correctly. I'm good fo now. Thanks for the info though.
-Jason
, far as I can tell it does... that session abandon thing called in the logoff page should be enough to cover everything
once thing to be careful about
If you log in.. then log off... then go back to a page and do a refresh... you may in fact be reposting the username and password from before.. thus logging yourself right back in
Perhaps not.. all depends on what your doing... but it is something to be careful of when testing
cwilliams38341.7390509259, When using the paypal subscription feature with ASPProtect for a new user the expiration in ASPProtect is actually not used. It is set to Null. This is because the PayPal system takes care of everything on their end.
So I can't see this happening because that field is not supposed to be used and the default PayPal subscription code we provide with the system does not populate that field.
Unless you populated the expiration date field on your own ?
Now that I re-read your post. The ASPProtect 6 reference was confusing me.
Now, if you have users that were never on a PayPal subscription that then sign up via PayPal subscriptiion that may indeed be a different story.
Is that what you are saying? I am looking at the code right now and it seems to me like it sets the expration date field to null on any new subscription activity regardless.
Let's forget about ASPProtect 6 as I don't think that matters. Please explain exactly when this happens and does not happen and exactly what sort of user we are talking and what their expiration dates are set at before they sign up for a paypal subscription.
Please be as detailed as possible so I really know what is going on ?, Christopher,
Thanks for the reply. I think I've found my problem, but can't test until later in the evening as it is on a live site.
Darrell
,
Timecard Entry: 3/25/2006 1:42:15 PM
worked on setting up and importing outlook and exchange, Reviewed softMLS and realtor.com sites. Talked with BC briefly on Orlando trip-printing to be done for mailing Friday. Called Robert from Lightening Electronics-LMOM. Authorized pc list faxed to banks and techs for this week., Work Order, tech support supervisor duties, voicemail, radlog, dial up issues, ask us a question, callbacks, follow ups, emails, q-light, helping techs with issues, did dsl sign up as well as the print outs., quality checked signups, cancellation, reports, callbacks from voicemail, checked emails, taking singups, answering phone, cancellation of invoices. , lunch, cleaned up the techroom... emptied trash cans and just tidied up the place, RANDY TOOK POSSESION OF MY COMPUTER TO DO SOME REMOTE WORK ON THE SERVERS, tech calls mostly some radlogs and new user callbacks, wayne matthews: link to gisco/1000 islands sie $100.00 per wayne will contact us., home work!, check e-mail, reviewed bills and statements, travel time to watertown, meeting with burrville cider mill, read and sent emails, St Law Radiology, Note to Dave Storandt about 1000islandsfishing.com, NC NOW - create new heads for each page.., Answered a few customer's email. , QB research into work orders, meeting with gary deyoung, quality check sign ups, cancellations, reports, callbacks from vicemail, checked emails, taking sign ups, answering phone. invoice cancellations. , Helping Al diagnose a problem with a website on King Kong. Monitoring servers. , *TaskForce - Exchange Installation Research; Configure New Exchange Server, Excel spreadsheet for Walker PO, switchboard, billing calls, trained by alan, trained by ben, did rad logs, Reading and responding to emails and voice mails, rad log, on line, trash , straighten up
, Traffic reports,
