Blog Entry: 3/25/2006 1:49:35 PM
SQL Database Creation (NEW INSTALL)
If you are creating a new database do so using SQL enterprise manager.
Create a new database called whatever you like and keep all the default settings. If using an existing sql database skip that step.
Now open up SQL Query Analyzer
unzip the following sql script and open it in query analyser.
2005-02-20_132116_aspprotect_v7_sql_script.zip
VERY IMPORTANT
On the drop down box at the top right make sure your intended database is selected. Otherwise your changes may effect the wrong database in your SQL server.
Then load the script into the Query Analyzer. Click the green play button at the top. If everything goes well the response should read something like this.
******************************************************
(1 row(s) affected)
******************************************************
If so the tables have been created in your existing database.
Now make sure an existing or new SQL user has (public / datareader / datawriter) permissions for the new tables. You will be referencing this user in the asp code connection string so this user must be set up correctly. You may need your SQL server admins or hosting company to help you on this step as you may not have access to do this. You may not need to create a user and set permissions as the sql user you were logged in as to use query analyzer may by default get the correct permissions on anything you create.
Regardless, as you can see from this screenshot I made a SQL user called "aspprotectuser" and proceeded to set the permissions for that user. Under database access giving him (public,datareader, and datewriter permissions).
Now, in the ASP files provided with ASPProtect edit "dataconn_inc.asp" with a text editor and modify the connection string info. Be sure to change the info to match your server,username, and password.
Below is an example of valid connection string.
ConnectionString = "Provider=sqloledb;Data Source=poseidon;Initial Catalog=aspprotect;User Id=aspprotectuser;Password=temp;"
The "Data Source" setting is either the Network Name for the SQL Server or the IP Address. For local servers you can sometimes use an IP of "127.0.0.1" or the name of the local server.
"Initial Catalog" is the name of your database.
Now, in the ASP files provided with ASPProtect edit "dataconn_inc.asp" with a text editor and set the DatabaseType variable to SQL like so.
DatabaseType = "SQL"
cwilliams38403.6834953704, I have one file called asplistings.sql but I have license for ASPListings_auto and ASPListings_real_estate. I really want to use the SQL server for both. Please advise how?
Thank you.
Lance
,
We can't seem to find the purchase emails for this install of ASPProtect.
It would have been in May 2004 for NetOptions LLC or CareerMatrix.com
We noticed it should have been v6 of ASPProtect.
Can you resend the download links?
, well, assuming that function works and is vbscript not vb
(if it is vb code it may need some conversion work)
anyway
in "users/add_new_account.asp"
you would put the code for that function anywhere in the page.. it does not matter where as long as it is in code tags <% %>
then.. right under this part of the same page
If Zipcode_Postal_Code_Required = True Then
If Zipcode_Postal_Code = "" Then
ErrorMessage = ErrorMessage & Server.URLEncode("You need to enter a Zipcode_Postal_Code.\n\n")
End IF
End If
add this
If Check_Postcode(Zipcode_Postal_Code) <> True Then
ErrorMessage = ErrorMessage & Server.URLEncode("You need to enter a Valid Zipcode_Postal_Code.\n\n")
End If
No guarantees but that is the gist of it
cwilliams38381.6456828704, The ASP error on the home page has been solved -There was aproblem with the path that was including the home page file and we fixed it.
However the error on the member page remains - any ideas/suggestions would be appreciated. This is the error:
Microsoft OLE DB Provider for ODBC Drivers error '80004005'
[Microsoft][ODBC Microsoft Access Driver]General error Unable to open registry key 'Temporary (volatile) Jet DSN for
process 0x748 Thread 0xad8 DBC 0x214734c Jet'.
/aspboard/forum/global.asp, line 15
, The count is in the album area where the small pictures and description of album. Viewed 1 time(s) This count never changes.
Thanks
John
, thats intertesting.. I have never heard of the concept until now..
I did a search for ASP examples or ASP components that can help with the process and just couldn't find anything about it., yes, any page you want protected needs to be edited..
You can probably have a login box on a non protected page. Just copy the generated source html form code for the login box of a protected page. Then put it on your non-protected page, but change the action to the page you want them to log in to.
In other words go to a protected page. See the login box, view the html browser source and use that to make your login form on the main page.
I have not tried it with .NET but I am pretty sure you can do it since it pretty much works the same as the classic asp version of ASPProtect.
try it.. see if it works.. If I have time tommoro I will test it out., Chris -
Sorry, I am looking at your code on view_item.asp and I have noticed that you are calling 3 variable; start_date, end_date, and image_url that do not exist in the databases that you provided. Do I have the updated package for ASPVendor?
, I am sure its permissions as well, but I don't have that much access to the hosted server...lol.
I will use access for now, since it works fine, and try to talk with the hosting people later.
Thanks!
, 1st. Please understand you have to purchase two licenses to do such a thing as each installation will need a valid license purchased.
Moving on:
ASPProtect using a industry standard concept called "Forms Based Authentication"
This primarily relies on session variables keeping track of login status.
Each installation must be in it's own unique "IIS Application" so it will have it's own set of application and session variables.
That is often not possible with shared hosting plans as the server admins may not be willing to set a folder in your web as a separate IIS application. You would need to ask. It is going to depend on the quality of your hosting plan whether they do it or not.
technically it takes about 1 minute to open up the "IIS Console" and set up a folder in your web as a separate "application"
Based on what you are telling me that you want to do I think it would make a lot more sense to have one installation and one user database and customize your sites so ASPProtect users that are part of certain "groups" have access to things others do not or see things on pages other users would not. That is after all the entire point of Dynamic web sites and also why ASPProtect has "groups".
Then as far as the registration differences go you would make a copy of the users area folder area and manual customize it to register users in an alternate fashion than the main "users" folder. And then send people there if that is how you want them to register.
I don't support customizations but that is the gist of it. It's really not difficult work, but you have to be good with ASP., Hi Chris
I've just recently purchased ASPBanner and have been testing out serving multiple Tradedoubler code using the IFRAME method. I have four types of banner on the same page refreshing every 15 seconds. (this will change on the live site)
I've been leaving the IE page up for x hours and coming back to find between 1-3 of the banners has stopped and in place is an "internal error".
BannerZone=3&Refresh=15|40|800a0046|Permission_denied 80
I thought it may have been the SQL permissions from one of your other messages so I gave the banner user the DataReader and DataWriter permissions.
Its still happening and around the same time in the logs theres a couple of file not found errors.
BannerZone=2&Refresh=15|23|800a0035|File_not_found 80 - 80.65.240.159
BannerZone=4&Refresh=15|25|800a0035|File_not_found 80 - 80.65.240.159
BannerZone=1&Refresh=15|25|800a0035|File_not_found 80 - 80.65.240.159
Any ideas? I'm hoping its not the server as there is currently only 2 sites on it and this is pretty much the only traffic.
Thanks
Colin
, I really do not know for sure, but I imagine there are customers using their windows hosting. Usually I do not know what hosting company a customer uses and I am usualy the only one that responds to forum questions.
Why not download the current Free lite version and try it out ?
CJW
, Now I am having trouble using the log function.
I have checked the box in administration area for UseLogFiles. I have put the expected path for the LogFileDirectory in the box. I have modified the permissions for the anonymous web site user to modify this directory. However the log file does not get updated and there is nothing when I go to view the logs.
thx
, well, I was curious myself so I just tried it.
Good news is it worked just as I thought.
Only problem is your changing things to allow authentication info to be passed over the net in a url. If you can live with the security implications then it will work. I mean a sniffer could see that and end up knowing the username and password.. not likely but just putting that out there.
Of course now that I think about it unless you are running under SSL (https://) when you log in normally that info is in the post info anyway and possible to get at.. course not right out in the open like when you put it in the url and less likely to be noticed.
As long as your not doing it to access critical areas like the admin pages... and you monitor the log files once in a while it's probably nothing to worry about.
, I have been working on this all night long. I have been reading every possible article. I have created an ODBC connection on the server.. which i have never done before? Still nothing. I looked at the machine.config file... i read about impersonating whatever the hell that is... I am really stressed out. I have the 1.1 framework installed.
I read about dsn and dsn-less connections. Is there another way i can connect to the database? Without using a username and pw maybe?
, its a text file you just edit it with notepad.. if ya mess it up ya put an original copy back in
no biggie either way
jump in there..
I just showed ya exactly what to change.. its a no brainer man
This is simple source code. It's meant to be edited and hacked.
The only reason I warn you is so you can't blame me later on if it effects something
I am just trying to help
If ya dont like that solution why not just use periods for the first name field.. or a dash or something... then nobody will really see it
or maybe store the company name in the first_name field
seems like clever things to try without changing the code..
good luck...
cwilliams38326.870474537, Thanks Chris.
Your solution worked!
, I purchased and installed the full version ASPProtect 6.0 in Feb 05 (must have been just before 7.0 came out) and have been using CDONTS for email authorization during the registration process.
It was working fine for about three months. Now, after registering, the email authorization is NOT delivered to the new registrant. There are no error messages.It just doesn't arrive.
Any thoughts on the subject would be appreciated.
, Ok, have contacted the web hosts. Thank you for your help so far
Regards
Andy
, the no concurrent login feature is based on IP addresses.. if you logged in again using the same IP address it would let you in regardless. So for example if you were behind a rhome router and logged in to a site on the internet it would nt matter if you had multiple computers at home because they would all have the same external IP address... etc etc
In other words it is tricky to correctly test..
I really need more detailed info on everything going on. I real world scenarios there are no issues with that feature that I know of. At least according to customers so far. , Here is what I have in settings.
| ServerSoftware |
Microsoft-IIS/6.0 |
| ServerName |
www.107threnegades.com |
| ServerProtocol |
HTTP/1.1 |
| PathInfo |
/gallery/gallery_admin |
| PathTranslated |
d:\hosting\arisky1\gallery\gallery_admin |
|
|
| FILE SYSTEM OBJECT |
Installed |
| ADODB (ActiveX Data Object) |
Version: 1.2 Installed |
| CDONTS |
Version: 2.80 Installed |
| SMTPMail |
Not Installed |
| JMail |
Not Installed |
| AspEmail |
Not Installed |
| AspMail |
Not Installed |
| SAFILEUP |
Not Installed |
| Dundas Upload |
Not Installed |
| ASPImage |
Not Installed |
| AspJpeg |
Version: 1.4.0.1 Installed |
| ImgWriter |
Not Installed |
|
|
| Script Engine |
|
| Type |
VBScript |
| Version |
5.6 |
| Build |
8515 |
I do not even see ASPUpload listed but when I run the test_asp_components.asp from the extras/more_component_info folder, it shows that it is installed.
, Christopher,
When viewing a list of albums with the navigation option 1, is there a way to get the Time Created sort to list Newest to Oldest, instead of Oldest to Newest.
Looking at the code in albums_navigation1_inc.asp, I can not determine how this works.
Thanks for your help!
- Jason
p.s. I always forget how addicting this stuff can be...lol.
, i will probably end up doing this myself, but dropping all the log data in a sql table would be nice as it offers much more flexibility on how an admin can keep track and use the data. Browsing through each log file is very inconvenient. I can search for text in the files (server-side, others with a shared server would probably have to separately download all log files first), but with the current method I don't have the following important options:
- cannot sort by any criteria
- quickly see a list of all login attempts by a specific user (i need to search each log file individually for this info)
if you had an option during setup perhaps (or elsewhere) in a future version that allowed an admin to specify the preferred logging method (separate files or a table in sql) i'm sure many admins would find it very useful to have a database alternative of keeping track of users becuase it would offer the two benefits listed above, plus more.
, Has anyone used the aspmail function to send and recieve emails from within your forms? If so what string did you use in the aspmail_host field in the connections database.
thank you
adam
, LOL
, You can not edit that code with dreamweaver. It will re-arrange the asp and kill it.
If you want to change the look of the login html you have to edit the html by hand in a text editor.
Or create what you want on a blank page using your editor of choice and carefully use parts of that in the ASPProtect code.
In version 7 the login screen is one asp page by itself and is much easier to edit with just about any editor. In version 6 you have to know your html and be careful.
Either way I am not sure templates are a good idea for something like that. That sort of thing tends to cause problems with dynamic code that executes under different directory levels. You want to stick to regular html techniques. , Actually, your whole site is like that.
http://www.bones.myftpsite.net/rfamilystuff/
You should definetly fix that..
I can't help ya with it though. You'll have to figure it out.
I know ya can do it...
later
cwilliams38394.7738657407, Our knowledge base which is hosted at a remote location is protected by ASPProtect Full Version 6. I would like to allow our employee to access the knowledge base from within our internal network unchallenged. Is there a way which I can modify the code "check_user_inc.asp" to allow any one coming from say 10.1.X.X to access the site unchallenged?
Thanks,
Mo
, Along with being able to set an expiry date or number of impressions, is it possible to add another option for a banner to be "non-expiring"?
With our current ad software (which we are transferring all data from to ASPBanner), we run banners for both paid advertisers, and for our own services. The banners relating to our own services, we would like to set to "non-expiring" so they appear all the time. , perhaps the filesystem object is disabled on the server ?
or some sort of script blocking is running and causing a problem ?
other than that I can take a look if you put it up on a live server.
, Things have now changed I found out godaddy has persitis aspUPload and aspjpeg as value added products, I have the aspjpeg working but have been unable to upload when using aspUPload, everything works fine with the vbscript method so I think my permissions are correct. Whenever you get a chance, any help would be appreciated.
Thanks
Mark
, Can you do a better price deal for that version in place of the one I've just purchased ie for a single licence rather than unlimited Christopher?
Or failing that can you give me an idea of how many changes you had to make to convert 7.3 to work with Mysql?
Regards,
Dave
, lmao ... ya that has never happend to me before....
,
I am successfully using ASP protect on our site. I have one question:
The file Check_user_inc.asp looks a bit bland as I can't seem to use the sites Dreamweaver template. If I apply a template to this page, it is duplicated on other pages with this template.
How can I apply a template to this page?
Thanks
Clark
, When adding a new user I am taken to a form.
There are several "required fields".
First and last names are 2 of them.
This is not needed by me and I need the company name as a required field instead. I work and deal with company names, not individuals.
So, i am unable to add any users due to this.
How can I either do away with the names as a required field or swap the individual names with the company name as a required field?
I have customers wanting to be able to view their own stats, but I need to do away with the required fields to work with my customer base.
-john
, Hey CJWSoft,
We're helping out some clients of ours in a server transfer and we
really need some assistance from you guys. We've got everything
transfered and running, except for the ASP.NET banner. Do you
have any directions on how to go about moving the install from one
server to another? We've sent a couple emails through the site
but haven't gotten any responses back.
Please help.
-Tony Valenti
, If I also password protect the pricelist pages then someone will have to login twice.
nobody should have to log in twice... ?
session variables keep track of access... once your in - your in and you can browse to and from any password protected pages you like
If it is making you log in each time then cookies are most likely disabled.. session variables requires cookies being on to work.. cookies being on is a requirement of aspprotect and is how Formed Based Authentication works..
let me know if that is the issue there...
you shouldnt have to be logging in more than once per session
Thats the whole point of the application...
, It a generic error that means something is wrong with your data connection.
http://support.cjwsoft.com/code/moreinfo27-1.htm
http://support.cjwsoft.com/code/moreinfo136-1.htm
, In a way your questions are confusing to me, but here is some information regardless.
Using Active Sever pages you can not protect entire folders. It is simply not possible. ASPProtect is Active Server Pages scripts so it can only protect individual ".asp" files.
If you are concerned about customers downloading the access database..
best practive is to store it in different folder name than it came in
best practive is to give the database .mdb file itself a different name
best practive is to change the password on the access database
best practice is to store it in a directory that is not part of your web if possible.. many of the better hosting companies have it set up so you actually can do that
the more of these things you can do the better..
And if you are really worried about security you should use a SQL Server database which nobody can download from your website under any conditions because your data lives in the sql server and unless they get the username/password to it they can not access it.
cwilliams38306.6367708333,
Timecard Entry: 3/25/2006 1:49:35 PM
backup, timecard, filing, cleaned the office removed the trash, timecards into spreadsheet, setup penguin computer, still trying to get beths computer set up to access quickbooks. also getting imail templates for christopher to put on the imail web interface, general matainance of switching area. Moving of offices to new building, to Clayton, worked on bringing up my second noc2 server to offload emonitor onto it, mess around some more with new windows 2000 features and services., morning meeting, CREG transaction, Posted accounts and did a detail of check and cash for a bank deposit. Credit card authorization, coupon referrals, ans. phone, and customer inquries., filled out timecards, dial up issues, radlog, Answered the one online issue from this morning that was left, handled a few email problems, Ordered water cooler, TICC stamp & started inventory of Herald Building Furniture., Assisting Creg systems, email / vboice mail, Steady, but not overly busy, Finished up the overview of the UML Model of Soft MLS, Organizing client info. Adding two more clients to engineering notebook., work on plan for order tracking system, Start instructions for Patty Bishop, two phone calls, radlog, dial up , Same as before... napped the last hour... just kidding, wouldnt think of doing that., meet in watertown office, TICC PO's & WO's, web billings, Discussing , general billing,etc., lunch,
