Blog Entry: 3/25/2006 1:41:47 PM
do you want my help making the database with your import file ?, well, ultimately it comes down to this and this is stated in the footer of every page in the cjwsoft family of websites.
"In some cases in order to receive proper tech support your application will be need to be installed on a live professionaly setup server on the Internet. We simply cannot troubleshoot all issues when the application is only installed on your local machine."
and if you have some sort of weird timeout going on on your local machine and cant even give me a detailed error message there is just no way I can possibly troubleshoot it... I told you what to check and thats really all I can do... all my applications run on XP. As a matter of fact I do all my development on XP boxes.
It could be any numbers of things... odbc drivers, versions of vbscript... other software on the pc interfering such as antivirus script blockers like norton... all sorts of issues can pop up on personal machines running xp
If you put this up on a live professionally setup web server I can help you. On your local machine there is only so much I can suggest. ,
Just to let you know that i figured out my problem. I had to modify the connection in the email code and get the correct path from my provider.
I hope you enjoyed your vacation.
Thank you
Adam
, Things have now changed I found out godaddy has persitis aspUPload and aspjpeg as value added products, I have the aspjpeg working but have been unable to upload when using aspUPload, everything works fine with the vbscript method so I think my permissions are correct. Whenever you get a chance, any help would be appreciated.
Thanks
Mark
, Okay Chris, I wold like to get rid of the encryption then if it's not too much trouble.
I have no option of running the production server against an ms access db, since the db needs to be online and accessible from another system.
, That helped very much. Thank you. Hope you enjoyed your dinner., So do I just replace the four folders that came with aspprotect with the four (in my case domain directory) folders in the patch or just move the files?, did you fix it because I see all the pictures just fine ?
http://mcintoshcounty.org/real_estate/view_item.asp?Ad_ID=1
, (Password Expiration Mod) for ASPProtect Version 7.x
This Advanced Mod requires decent knowledge of Databases and working with ASP. I originally wrote something like this for a customer on a custom project. I then took the time to re-write all the code from scratch so it could easily be plugged in to the current version of ASPProtect as an option. All in all this mod took me over 15 hours of time to develop and will save you a ton of time & money if you were planning on writing something like this on your own. Some parts of this were so difficult to get working that I would never have written this code if I was not paid to do so. (The encrypted array that rotates through the last 12 passwords was quite frustrating to get working)
The price on this is 19.95. I am not incorporating this into the base product because it makes things more complicated and isn't for everyone.
Purchase Page
Security is a big concern and making your users change their password every so often is a good idea. Keeping track of previous passwords they used and making them choose something they haven't used before takes the concept even further.
This Mod will add a password expiration date to the application. When the password expiration date is hit the user must confirm their old password as well as pick a new one before they can log in again.
There is a new password expiration directory where they must choose a new password that has not been used before. The new password must be confirmed during this process. (It remembers 12 old passwords the way it is coded) The old passwords are stored in the database in an encrypted array.
Directions:
Back up your existing ASPProtect installation.
Add two new fields to the "ASPP_Users" table in your database.
For an MSAccess Database
Password_Expiration_Date (Date_Time Field)
PreviousPasswords (Memo Field)
For a MSSQL Database
Password_Expiration_Date (smalldatetime)
PreviousPasswords (nvarchar 160 characters)
once that is done
Copy all the new ".asp" pages into your site.
Edit the "PasswordExpirationURL" variable in the "check_user_inc.asp" file
It needs to be the full URL to to the "change_password/default.asp" file
Now edit the "change_password/processchange.asp" file
There are 3 variables you can edit.
PageSentToAfter = "http://localhost/aspprotectmods/password_admin/default.asp"
PassMinLength = 4
PassMaxLength = 8
The "PageSentToAfter" is where you want them sent to after they change the password. It can be whatever you like.
If it is a protected page they should automatically get logged in with the new password they just changed to which is nice.
The other two values should be obvious.
That's it...
Just remember the password change thing is not used in the admin area...
You could easily add code for that on your own though by looking at the the password expiration code I added to the publics "check_user_inc.asp" file
Also:
You will see a new field to edit on the user edit screen for the Password Expiration of course. , check the action for the button in the code... its probably not posting back the the right page which should the same page it is...
I bet ya it is posting to guestbook2 which is the wrong directory... an old mistake I forgot to correct...
cwilliams38310.6540046296, I would like to change this file name to the typical Login.aspx, how to do this? I have a VS 2003 but need instrutions if that's the route to go., you basically have to edit the html in the links in the various pages and remove them... some are in includes files
use a text editor and be causious / back things up before you remove links so you can revert back
, Is it possible to set the user account time limits when they register? I am using email verification and am trying to have their accout expire 32 days after their initial login.
Also I have an issue with the email notification not notifying me when a new user logs in. It does a beautiful job notifying the new user. I do not understand why my server will send to one and not the other, I ahve searched the links but none seem to answer this.
Thank you for your help and insight
, humm.. their FAQ is interesting...it looks like some sort of .NET configuration issue regarding security policies like you mentioned
Thats one of the big problems with hosting .NET. Some hosting companies just do do some oddball things. ASPProtect.NET works under default conditions but when hosts go around locking things down to the max there is bound to be trouble. This is the 1st I have heard of this.
Now, ASPProtect.NET does use the "System.Data.OleDb" and "System.Data.Odbc" which your host says they block because they require full trust.
All I can really say at the moment is go with a hosting company like www.alentus.com or www.maximumasp.com that does not restrict your .NET abilities so much.
In the meantime I am going to ask John Evans what he thinks about this.
, Here is an example of a query I made in MSACCESS that deletes all users that belong to Group ID of 3. I used the graphical query designer in MSACCESS to do this. Took a few minutes.
DELETE
FROM ASPP_Users
WHERE (((InStr([ASPP_Users]![Groups],"*3*"))>"0"));
Because of the way groups are stored in the Groups fields you have to use the InStr function to determine if the user is part of a particular group
We are deleting all users that of Group ID of 1 so we look for *3* in this example
The SQL statement for a MSSQL database may be slightly different but the general Idea is the same
The SQL statment used in an ".asp" page will be very similar as well.
SQL Statements are the TRUE POWER of working with databases. They are something everyone should learn to work with because they allow you to do some very powerful things., Hi,
I did some layout customizing on the register page on my site. ( http://www.lonestaricon.com/aspprotect/paypal_sub_signup/reg ister.asp)
Now when I tried to register, it seems like it goes to the next page, but it is blank.
( http://www.lonestaricon.com/aspprotect/paypal_sub_signup/add _new_account.asp)
If I log in under administration, it shows that I have registered. I can't seem to figure out what part of the code is wrong, so that the new account page will not load.
I'd would greatly appreciate any help with this.
Thanks,
Allison
, Thank you! I thought that is what had to be done, just didn't want to miss out on a short cut if there was one. Thanks again, now. I just went to that url and this is the error I see which shows me there is a character in the source code that shouldnt be there which is causing the page to halt.
Looks like a "carrot".
Microsoft VBScript compilation error '800a0400'
Expected statement
D:\CLIENTS\RKLARMAN\DRSWEISBERG\PASSWORD_ADMIN\../dataconn_i nc.asp, line 18
<%
^
, The folder named Pictures permissions are set to your specs. It has jpg's that were uploaded per the aspphotogal instructions. But, the error message still appears and I am unable to access using aspphotogal., Christopher,
When viewing a list of albums with the navigation option 1, is there a way to get the Time Created sort to list Newest to Oldest, instead of Oldest to Newest.
Looking at the code in albums_navigation1_inc.asp, I can not determine how this works.
Thanks for your help!
- Jason
p.s. I always forget how addicting this stuff can be...lol.
, You know what, you really are frigin goofy to say you might think we
didn't write the software. I got source code to the license dll as well
as about 12 revisions of the application sitting on my development
server as well as about 1200 emails between John & Myself as we
worked on it. Not to mention all those .vb files that come with the
application. What do you think those are ? I bet you don't even really
know based on something you said in one of your earlier forum posts.
Did you even read this cause this is YOU... !!!
http://support.cjwsoft.com/code/moreinfo234-1.htm
And we say right on the ASPProtect.NET product page to read that article before making a purchase.
Moving
on... it basically says on the site ASPProtect.NET works the way
it is shown to work. You can use it that way or you can further edit
the code with Visual Studio.NET. If you are so good with asp.net then
you should be editing the code to work differently or writing your own
authentication that works exactly how you want it to. End of story. You
keep arguing about things your done... you are so done !!! I won't keep
putting up with you., rrabago
I have been looking over the code and also doing some tests.
So far everything in the code looks correct and everything I have tried has worked correctly. If I select an access level and active users it is not sending emails to inactive users as you stated.
Are you using the option pack ?
cwilliams38103.9618402778, The redirection at 1st login feature is supposed to work like I explain in this thread.
http://support.cjwsoft.com/code/moreinfo385-1.htm
Though what you just said is a bit confusing it sounds like you have some sort of browser problem and it is doing the redirect every single time. ?
I would suggest reseting all your browser settings to normal and making sure cookies are enabled because forms based authentication uses session variables and cookies must be enabled for session variables to work correctly. If not something like this could happen as the redirection at 1st login would happen over and over every time.
So try it on other computers and try with firefox as well as IE. Many people go nuts with their browser settings and way too much stuff blocked which can cuse all sorts of issues. Also some script blocking and firewall software can cause problems so disable all of that when testing.
You may also have created some sort of endless loop. (I really need to know way more information on what you did to know that for sure)
You may also want to consider doing your redirects manually meaning you protect a a page and right after the protection you use regular ASP redirect statements to redirect the user whevever you like based on their session info which is available to easily check immediatly after someone gets through the authentication.
I still stand behind my statements that redirection is not good site design. You really really need to understand and plan your ASP pages as well as have a very good understanding of the session and how all of that works if you use redirection with a password authentication scenario. You should never be redirecting someone to an ".htm" pages except during testing because you wont be able to stop users who are not supposed to go there from going there directly.
, It is refered to as the internet guest account but that isn't the actual username. The username is different for every machine. It usually starts off with "IUSR_" and then your machine name. "Internet Guest Account" is always the account's full name as labeled by IIS when it is installed.
Regardless,
If an account isn't listed you have to add it.
Click (add-advanced-find now) and it will list off all the user accounts on the machine
You can also click (add-advanced) and simply type in the account name or part of it.
Some more tips:
If on a local machine you always just give the "everyone" account full control which is pretty much going to make anything work.
You can also go to computer management in your server's administrative tools and view all of the accounts and groups there under "Local Users and Groups".
cwilliams38417.7186689815, I checked the option pack code as well and it looks correct.
I tested it and it acted as it should.
You can see it in active at the live demo
http://www.aspprotect.com/demo3/demo.asp
admin
test
go the the admin area.. you will notice 3 users with level 4 access
1 of them is inactive
then go to the mass email area and pick active and level 4
it will say it is sending email to 2 users which is correct
then go to mass email again and pick level 4 and inactive
it will say it is sending email to 1 user which is correct
choose any status and access level 4 and it will send email to 3 users which is correct
When you do this please realize you can not choose a group as well.
That will cause a problem because you can not choose a group and an access level at the same time.
Anyway... perhaps you can private message or use the contact us form and and let me take a look at your system. Since I can't reproduce the behavior that is the only way we might figure this out.
cwilliams38104.690787037, I just finished implementing the V7 product on our site and someone made mention that on the profile form where you are asked all your personal and user information there are 2 fields for passwords. The first field uses masking to hide the password as you type it, where the second shows it in clear text.
Now we know that the only people able to see the password are the user and the administrator, but it is playing mind games with my users as they think there is a problem with the application. I am not a programmer (however, learning ASP slowly now!) and am not sure if you did this on purpose or if it is a bug?
If it was done on purpose, can you advise how I can make the confirm password field masked as well to eliminate the unfounded questions!
Thanks
, You need to make sure you created the SQL database using the SQL scripts we provide and that no errors occur whatsoever. That is extremely important. You must use our SQL creation scripts.
Then, when you create the user you need to go back to that user and make sure you check the admin account and save that user again. (many times when setting up a system for someone I find myself forgetting that step and then I have to go back in and check the admin box for the user I created.)
And of course create the user from the ASPProtect admin area web interface. Do not add the user to the database manually because you will have no way to enter the password correct as it is encrypted. And do not change the encryption key after making the user/.
It would also be wise to check the SQL server database at every step to make sure the user info gets created and that all the field info looks correct for the most part.
You also want to be sure to specify SQL as the database type side the connection string info as the SQL directions go over
a remote sql server should not an issue.
thats really all I can think of right now
, I'll try to help when I get back tues night,, see the contact page for info on where I am .
http://www.cjwsoft.com/contact/default.asp?Subject=CJWSoft+G eneral+Inquiry
, I had a question about user registration and how it works, mainly because I am having a problem.
When a user registers, with the email verification setting, I am assuming that there is supposed to be a new record created in the USERS table in the database. What could cause this not to happen?
Actually, in testing further I found that with the setting at Auto, Manual, or email, the record is not added to the table. And, if I am logged in as admin, the Add User button does not do anything.
I can however edit and delete user records...
Hmmm, adding a Category yields the same thing. And loggin in as a non-admin user still displays some of the menu items for admin, but then gives a page can not be found error if you click on one (ie, approve).
This looks like a db issue to me, I will have to try this with access and on a test server...
Any thoughts?
- Jason
cwilliams38303.8507291667, [QUOTE=cwilliams]I would like to delete the SQL tables and set them up from scratch using enterprise manager and sql query manager and see what happens
If that is ok with you let me know.
Something is wrong like I said... almost seems like the database is caching old password info from the field.[/QUOTE]
Sure go ahead
, Yeah, its working great witht he Access database. Now I just need to get it all set up. I like how the config file is set up with all the comments, it really helped allieviate the 40k thumbnails,
.
One quick question though, and I haven't looked through all the code yet... Is there a quick way to have pic_window.asp open full screen by default? I just want to minimize having to either scroll through, or maximize, the screen
Thanks!!!
- Jason
, If you have an album with more than 96 pictures, the spacing in the tables can become incorrect, with pictures touching each other. (This program is not designed to handle more than 96 pictures due to server speed, but it can handle more than 96 with minor changes to the code.) Also, after 96 pictures, the pictures will not have 6 on a line, but rather 6 on a line up to 96 pictures and then the rest of the pictures on one line next to each other extending to the right of the screen endlessly. To fix this, I simply edited the ASP code using the following loop. It can be a perminent fix, because I used the maxpicsperalbum variable to define the spacing.
<%
Dim SixInterval
For SixInterval = 2 to maxpicsperalbum
SixInterval = SixInterval + 5
%>
<% If PicIndex = SixInterval THEN %>
</tr>
<tr>
<% End If %>
<% Next %>
Then, the following code must be commented out:
<% If PicIndex = 6 or PicIndex = 12 or PicIndex = 18 or PicIndex = 24 or PicIndex = 30 or PicIndex = 36 or PicIndex = 42 or PicIndex = 48 or PicIndex = 54 or PicIndex = 60 or PicIndex = 66 or PicIndex = 72 or PicIndex = 78 or PicIndex = 84 or PicIndex = 90 or PicIndex = 96 Then %>
</tr>
<tr>
<% End If %>
This code can be found in scripts/view_album_style*STYLE NUMBER*_inc.asp . (STYLE NUMBER depending on which style you are using (found in config file))
This change in code will enter a new table row after each 6th picture. You can have more or less than 6 pictures per line depending on the width of your files and preference by changing changing the number 5 in this line of code: SixInterval = SixInterval + 5
If you have any questions, JPortnoy@Checkernet.com
jamapor38210.5987384259, Your assumption was incorrect.... the login count has nothing to do with that. The login count only has one purpose and that is to limit the amount of times a user can log in if you want to do that.
Logging in for the 1st time means the time at which they 1st login and their session at the site is created... If there session ends and they come back and login they will get redirected because it will be the 1st time again.
Forms Based Authentication is all about sessions and session variables.
If you only want them redirected somewhere based on the login count that is something you have to work out and check on your own. It's very doable.
Seems like now I should have explained that better but I never thought anyone would think it meant what you thought., its in this thread.. you use the InStr function
http://support.cjwsoft.com/code/code_info.asp?TID=17&KW= instr
Please use a little bit more descriptive subject the next time you post. "question" does not tell much to someone looking through threads.. and I like to keep things clean and organized in the forums
I edited it for you this time..
thx , You would set the groups during users signup the same way you would do the expiration in the following example.
http://support.cjwsoft.com/code/moreinfo170-1.htm
The groups field need to be set the exact same way it would look like in the database of course
So, if a user was part of groups 1, and 2
You would look in the database and see this in the groups fields for that user
*1*,*2*
so in the signup code you set that like so
CmdAddUser.Fields("Groups") = "*1*,*2*"
This info only applies to resgitrations and signups using the "users" folder.
if you wanted to make different sceanrios you would need to carefully make a copy of the users folder and adjust it accordingly
, Thanks dude, I'll figure it out. I've been ripping apart pieces
of the code to get it. I'm in the process of pulling some things
out to make functions that do specific tasks based on your code.
I actually had a lot of luck yesterday with it.
, Hey, I thought I'd share this tip with the ASPProtect community...
If you'd like to remove, modify, or add fields to the "Users" view in
the password_admin default.asp page, it's really easy to do. Well, at
least it was for me. I'm using an MS Access database, by the way.
For me, I don't need "Company" info, but I do need last access and # of
times accessed displayed. Therefore, I had to change the default page
in three areas:
In /password_admin/default.asp, go to about line 185 or so, where you see stuff like:
[code]<td valign="bottom"><font face="Arial" color="#000000"
size
="2"><b>First Name& lt;/b> </font></td> [/code]
OK, those are the column headings. Each one corresponds to a column
from your USERS table in your database. There are two more areas to
consider, both of which appear immediately after this section.
The next section has statements that look like this:
[code]<td valign="bottom"><a href="<% =THISPAGE
%>?SORTBY=First_Name+ASC&MyPageSize=<% =MyPageSize
%>&Keyword=<% =Server.URLEncode(Keyword)%>"><img
border="0" src="../images/sort_ascending.gif" Alt="Sort
Ascending"></a><a href="<% =THISPAGE
%>?SORTBY=First_Name+DESC&MyPageSize=<% =MyPageSize
%>&Keyword=<% =Server.URLEncode(Keyword)%>"><img
border="0" src="../images/sort_descending.gif" Alt="Sort
Descending"></a></td>[/code]
See the "First_Name" items? The first is for an ascending sort, the
second for a descending. This particular line corresponds to the code
snippet immediately above it. But all this does is handle the sorting.
For the actual data, look lower for this stuff:
[code] <td bgcolor="<% = Cellbgcolor
%>"><font face="Arial" size="1"> <%=
CmdListUsers("First_Name")
%& gt; </font></td> [/code]
It's a good ways down, so don't be impatient if you don't see it in 10
lines from the end of the last mentioned section. This stuff handles
the display of the data from the database (where else ya gonna get
data, anyway?)...
Now, to remove a field, you need to find the three sets that go with
that data. The ascending/descending sort is potentially the trickiest,
because it's the longest set of data and can take a number of lines.
Just clear it from the start td to the end /td and you'll be fine.
To *add* a field, copy and paste the code from an existing field and
modify it. In the first one, the column title, you can type whatever
you want to describe your info. Nobody but you and your admins will see
it. For the next two sections, though, you need to get the correct
column heading from the USERS table and use that to correct the lines
in the copied code you pasted in.
For example, when I added a column to show the number of times a user
logged in, I copied the above snippets and pasted them in where I felt
the column I needed should be. Then, in the first one, I changed "First
Name" to "Logins". In the ascending/descending snippet, I changed
First_Name to Counter. Same for the last snippet.
The result? A new column, showing the number of logins my users were successful with.
Of course, before you experiment, back up your existing default.asp file, JUST IN CASE.
Have fun!
, The "forgot your password" feature is not sending passwords to users when they put in their emails.
Any suggestions?
Thanks
, ERROR [HY000] [Microsoft][ODBC Microsoft Access Driver] Operation must use an updateable query.
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.
Exception Details: Microsoft.Data.Odbc.OdbcException: ERROR [HY000] [Microsoft][ODBC Microsoft Access Driver] Operation must use an updateable query.
Source Error:
An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below. |
Stack Trace:
[OdbcException: ERROR [HY000] [Microsoft][ODBC Microsoft Access Driver] Operation must use an updateable query.]
Microsoft.Data.Odbc.OdbcConnection.HandleError(IntPtr hHandle, SQL_HANDLE hType, RETCODE retcode) +27
Microsoft.Data.Odbc.OdbcCommand.ExecuteReaderObject(CommandB ehavior behavior, String method) +838
Microsoft.Data.Odbc.OdbcCommand.ExecuteNonQuery() +80
aspprotectnet.aspprotectlogin.Login_Click(Object sender, EventArgs e) +2284
System.Web.UI.WebControls.Button.OnClick(EventArgs e) +108
System.Web.UI.WebControls.Button.System.Web.UI.IPostBackEven tHandler.RaisePostBackEvent(String eventArgument) +57
System.Web.UI.Page.RaisePostBackEvent(IPostBackEventHandler sourceControl, String eventArgument) +18
System.Web.UI.Page.RaisePostBackEvent(NameValueCollection postData) +33
System.Web.UI.Page.ProcessRequestMain() +1292
|
Version Information: Microsoft .NET Framework Version:1.1.4322.2300; ASP.NET Version:1.1.4322.2300
I am getting this error message when trying to log in as admin or registering a new user. I am using Windows Server 2003 and it is a DOMAIN CONTROLLER.
I have read that there is NO ASPNET account for a domain controller. In its place is the IIS_WPG account. I have given this account and the IUSR account FULL CONTROL.
STILL GETTING AN ERROR. ANY SUGGESTIONS???
, Actually, your whole site is like that.
http://www.bones.myftpsite.net/rfamilystuff/
You should definetly fix that..
I can't help ya with it though. You'll have to figure it out.
I know ya can do it...
later
cwilliams38394.7738657407,
Timecard Entry: 3/25/2006 1:41:47 PM
Registered for CT show and made reservations for Inman and CT shows. Reviewed exhibitor info for SF show, SCHOLASTIC STRUCTURES - rebuilding web site to fit on printed sheet of paper, Working Lunch - Pizza Hut, PO for Jeff and Jim, Not much cleaning had to be done. Called Ben again in regards to 2360 line. 2nd time during my shift, Entered more information into Bell Atlantic test site. Still more to enter. Almost done., 1 Meg Modem - Ottawa, Warren db conv., worked on newsletter, backed up important files, met with Jim and Beth on User Manual changes, started changing User Manual with Beth's changes, Building and sending out adult content filtering files. Explaining to customers how to use the files. Explaining to one of the techs how it works., jetstream training, steady, Call from Steve Rose -- angry about delay of Otsego- Delaware MLS database conversion., working on project to tallying customer feedback forms; meeting with Ron, Bill and Jim, callbacks on expired accounts, Posted accounts and did a detail of check and cash for a bank deposit. Credit card authorizations, ans. phone, customer inquiries, and worked on my porblem children., enter bills/pay bills/USA1net, team meeting, *BHCP - researched crystal reports (do not bill, fixed price for BHCP), cleaning up the moved domains off of NS2 and Kenny so we know what has been moved and what hasn't. Deleted the folders and took the entries out of the httpd.conf.....got a call from Beth must have over worked NS2 because radius stopped when I was deleting the folders off it.....restarted it since I was already in it for her., had a few billing questions. general conneciton problems, Still organizing for business fair. Probably will be until it is over. Spoke with CB about 1/2 hour presentations. HB to email notes for a hand out. Completed some missing info on tech's list. Waiting for chamber info now. , meet w/Jan re:24 dollar domains development, Called expiring users., Meeting at JCC., address the m2000.net expired domain registration with Lisa...she paid the bill now we wait., Post office and bulk mail also went to the Nutshell for party poinsetta spoke to Jodi at hte Riveredge , Not too busy I guess. Did my e-mail and periodically checked Dail-ups... Did some callbacks at 3pm, Reading about how some organizations are setting up wireless networks and what products they used, worked on work request system (internal, billable),
