Blog Entry: 3/25/2006 1:36:23 PM
Hi,
I don't see any good reason to rename any of those files.
Changing them though may involve changes to the code recompiling, etc etc... it is not something I support.
, It's real easy actually if ya sniff around the source code.
ASP is so easy to (work with/edit) even if you dont know any code.
edit "save.asp" with a text editor
change
If Request("First_Name") = "" Then
ErrorMessage = ErrorMessage & Server.URLEncode("You must enter a First Name.\n\n")
End If
to
If Request("Company_Name") = "" Then
ErrorMessage = ErrorMessage & Server.URLEncode("You must enter a Company Name.\n\n")
End If
From looking at that save code I dont see where Last_Name was required. The only name I saw required was a 1st name.
Also.. making the First_Name not required may break something somwhere else. I dont think it will but it might. You are warned.
cwilliams38326.5102662037,
like I said... you would have to modify the code
(and really I dont think it is possible, how could it be when images uploaded are of all shapes and sizes)
How are pictures of various shapes and size going to resized to a fixed width and height without distortion on either a horizontal or vertical level ? Uness the image uploaded matches the fixed thumbnail ratio you have set there is going to be distortion.
There is no component that is going to make it any easier. You are already using an image resizing component.
I give you two options the way the code ships.
fixed width and height for thumbnails
or
fixed width / dynamic height for thumbnails
The only other possible option would be
fixed height / dynamic width for thumbnails
and that you would have to code on your own because that option is not there
The last thing I will say is this. Sorry, but I do not support custimizations to the code. It's just not easy to explain. Its a lot of code work. Its a lot of time.
, Weird things happening, when I upload using the vb method the image fails and error is that the image was empty.
Utilizing ASPUpload and after clicking upload file I get a blank screen, no preview, no nothing (it loads with the proper header/footer) but a completely blank body.
Any hints?
, I dont know about your error on line 6 when uploading..
as far as the manaully edited import file not working I would really need to see it. There has to be somethin wrong with it's format.
I really need more information and possibly acess to the system to do some troubleshooting...
This is anot a feature anyone has ever had an issue like this with.
, Can I have the logon be in a top frame while having the protected pages displayed in a main frame?
Using frames with forms based authentication is not the best thing to be doing. Your much better off not using frames and using includes files to do a virtual frames sort of thing (search google) but if you are going to use frames I would suggest password protecting the frameset page as well as any pages it contains.
If you want to have a login form in a non protected top frame all the time.. that posts to a lower frame that is password protected.. you would do this
http://support.cjwsoft.com/code/moreinfo169-1.htm
but change the target of the form to one of your frames
personally though I think that would be a somewhat goofy setup to have going on
Also, how will it behave if a user moves in between a protected page to a public page and back to the protected page again?
As long as they have cookies enabled which is required for session variables to work... then you will have no issues because once they come back to a page they have permission to they will just be allowed in without login.. at least while that session is still active.. or for a longer time if they choose the remeber me option which keeps track of them with a cookie .
Really, the best thing to do is expirment and see how things behave.
, I am testing this now and there is something wrong.
PayPal is hitting the ipn.asp but the database is not being updated.
I will figure it out shortly though and post the anwer here.
, Chris:
I just got done trying it myself and it worked great for me too. I was aware of the security issue, but I'd already planned on using SSL for this particular call, as well as for the secured pages accessed through the normal process, so the bad guys will be kept at bay.
Thanks for the help.
, now, even though it should work with two slashes or not... here is an updated file that will clear that issue up.
You can try it but I think you have other issues like I said above.
just replace this file in the "scripts" folder
2005-12-16_141245_populate_config_variables_inc.zip , Login failed for user 'aspgallery'.
Okay, shouldn't this be trying to use aspgalleryuser?
Lance
cwilliams38325.8848263889, I think you may be using old code where that was an issue... I am going to PM you the latest version..
to be safe upgrade all the ASP files except the dataconn_inc.asp files and your config_inc.asp files
"be real careful not to lose your current encryption keys in the "config_inc.asp" file or you will be in real trouble
You can use your existing database
,
Error when click on banner. (I remove on error resume next in config_inc.asp)
The conversion of a char data type to a datetime data type resulted in an out-of-range datetime value.
banner_redirect.asp, line 36
Database - MS SQL Server.
Gignutyi38368.5403935185, Something very strange is happening. Some users can't see the classified ads in their browser. This is specific to the user's computer, and they can check other computers and see it fine.
In each case, the user is using windows explorer 6.0 browser with windows xp.
they can't see the ads listed on the ads page, but they can see the categories.
also, they can't see the place ad link on some pages.
Do you think that their browser is blocking the javascript for the mouseover message?
thanks.
, I have a customer who is asking the following:
... could you make a link from it to our website and is there a way to see what traffic goes from us to them. They are going to pay a commission on sales, however I need to be able to track who views their site...
Wishful thinking or could you add code to track their IP address and display in the report section? Not sure that would be enough to satisfy this request. Suggestions?
Thanks, Lance
, is that lindsey lohan and her fake boobs as ur avatar?
I am installing IIS and all of its glory on the other computer now... gotta love remote desktop (the pc is at work 
)
, All can say right now is take a break and get away from it for a bit. All your going to do is stress yourself out more if you keep working on it.
There is probably a way to make it work but it may require days of fiddling around and reading articles and trying things and even then you may not get it working AND THEN ITS JUST A BAD IDEA ANYWAY. Like John says you are better off running it on a server that is not a domain controller.
, How to set a new users expiration date.
You'll need to edit the "users/add_new_account.asp" with a text editor.
Find this section..
<%
CmdAddUser.Fields("ValidateEmailCode") = ValidateEmailCode
CmdAddUser.Fields("Access_Level") = ""
' PUT YOUR CODE HERE
CmdAdduser.Update
ID = CmdAdduser("ID")
CmdAdduser.Close
Set CmdAdduser = Nothing
ConnPasswords.Close
Set ConnPasswords = Nothing
%>
You'll want to add code like this right between the Acccess_Level and Updates section
CmdAddUser.Fields("Expiration_Date") = Date + 60
That will give take todays date and add 60 days to it.
You can of course do whatever you want here.
Actually, any database value for the user can be set during registration.
You can also change the default Access_Level to whatever you like.
cwilliams38403.6828587963, Yes, you are right. That was the problem. Sorry 
Cheers
Roy
, The ASP error on the home page has been solved -There was aproblem with the path that was including the home page file and we fixed it.
However the error on the member page remains - any ideas/suggestions would be appreciated. This is the error:
Microsoft OLE DB Provider for ODBC Drivers error '80004005'
[Microsoft][ODBC Microsoft Access Driver]General error Unable to open registry key 'Temporary (volatile) Jet DSN for
process 0x748 Thread 0xad8 DBC 0x214734c Jet'.
/aspboard/forum/global.asp, line 15
, ok, I moved this thread..
The code in the ASP application handles all encryption and un-encrpytion of passwords in the database. I uses the vbscript RC4 function and the password encryption key specific to your installation to do this.
The whole idea is that if someone gets your database and opens it up that they will not get the passwords (utilitiies to crack access databases are common and work well so they can easily get by the main password)
That being said when you open the database manually your not supposed to see clear text passwords. Your also not supposed to have an easy way to make them clear text. It's a security thing.
Though I am not officially supporting it I will tell you what I think would be the easisest way to make an export file with clear text passwords in it.
Use the export fire creator in the admin area of aspprotect.
Mosdify "export.asp"
change
Password = CmdDataExport("Password")
to
Password = RC4(CmdDataExport("Password"), PasswordEncryptionKey)
Then make an export file and see if that worked.
you can then import the export file into and access database or do whatever you like with it.
, You would carefully use the built in features of access to import/export data.
The password for our databases is noted in the documentation. It's pretty hard to miss really. You can also see the database password by looking at the connection string info.
different versions may be different but it is usually "temp" minus the quotes
, I have been using this solution for over a year now and think its great, however I recently logged on to add a banner and when I clciked on the link that opens a window, displaying all the gifs in the directory../images/banners/, now images showed up, however they do exist in that directory.
I recently upgraded my computer and am now using windows XP...could that be the problem?
Thanks
, Yes, as long as each installation is in in it's own web site.
(or at least in it's own application in IIS)
Meaning you could have 5 directories in your site each with the app installed as long as each directory got set as an application in IIS.
Remember, a license must purchased for each running install except for development reasons on local machines.
cwilliams38400.5162384259, the no concurrent login feature is based on IP addresses.. if you logged in again using the same IP address it would let you in regardless. So for example if you were behind a rhome router and logged in to a site on the internet it would nt matter if you had multiple computers at home because they would all have the same external IP address... etc etc
In other words it is tricky to correctly test..
I really need more detailed info on everything going on. I real world scenarios there are no issues with that feature that I know of. At least according to customers so far. , [QUOTE=cwilliams]
Every application we sell that has a password on the database uses "temp"
Also, the password is in the connection string in the dataconn_inc.asp file.
After all, the ASP code needs to know the password just like anyone that wants to open the database would.
[/QUOTE]
That i have, my question revolves around the all the users and passwords that I in that database. I need to be able to export that list to word for a mail merge list, but when I do the passwords show up encrypted. I need to be able to get an unencypted list.
thanks
, Wonderful! Does it matter if I move the aspbanner logo, as long
as I keep it on the page? Or does it need to stay front and center?
Laura
, I am confused.
Humm, how did ASPBanner 8 come with your purchase of ASPProtect ? That is not something I am aware of or something I do. Please provide more information on how you obtained ASPBanner 8. If I gave yu a copy for some reason please refresh my memory so I can go look up th emails about it. I need to know you have a valid license.
Now, as for the two not working together and the login screens messing with each other. I am even more confused. Tell me more as I just do not understand what you did ? ASPBanner has it's own user database and login system so there is no reason you should be mixing the two together as far as logins go. The two applications can certainly be in the same web together and not bother each other. ASPBanner can certainly serve banners to any pages you protect with ASPProtect or don't protect, but you certainly should not be protecting any ASPBanner code with ASPProtect code. ASPBanner already has code in it to do that. If that is the case don't do that. ASPProtect is not meant to protect code that already has a login system. That should just be obvious as far as I am concerned and hopefully you dintn't try to do that.
(you said you just put the directory in there but there must be more too this than that)
But again, tell me more. I can't really know everything ??
I just dont see how your ASPProtect pages could be effected by ASPBanner unless you really did something wacky like included the ASPBanner "check_user_inc.asp" instead of the one that comes with ASPProtect or overwrote it... etc ect
If in the same web aspprotect can be wherever and aspbanner needs to be in a folder called "aspbanner". There should be no conflicts under normal use and the two will essentially run seperate of one another.
, on that particular page check the session variables manually (not using the include)
that way you are keeping the login access checking to an absolute minimum, elminating any form processing from the login procedure, and keeping the upload script happy
like so
<%
If Not InStr(Session("Groups"),"*1*") Then
' do whatever
End If
%>
you could response.write something followed by a response.end
or you might even want to response.redirect them to some other page that using the "check_user_inc.asp" where they can log in
And if you are going to be using a free asp upload script use this one as it is probably the best pure code upload solution available as far as performance goes.
http://www.freeaspupload.net
, here is the next response to this which was emailed to me but should have been posted here
From: Mo Afifi
Sent: Sunday, October 23, 2005 4:47 PM
To: CJWSoft Support Info
Subject: Re: CJWSoft Support Info : SSL - Verisign Certifcates
Hello,
Thank you for responding to my posting. In the second line of your response you said “not start them off at an http:// url". I think what you meant is to "not start them off at an https:// url". If this is your intention then I agree with you 100%. I have revised my pages so the users will go first to a non-https page and then make a choice either to use secure or non-secure access. Please note that the site is not intended to be completely SSL protected but only the sign up pages. I have another problem though when I click on the "Secure Log In" and enter my log in information; the entire subsequent URLs will have https:// in them which I could not shake off. As I said the intention was to use the https for sign in only.
I realize that this issue does not have any thing to do with your product, but any input will be appreciated. Best,
, I just told you a lot of different things to try... and I doubt you have tried them in the time since I mentioned them
, Hello,
If you are using ASPProtect Version 7 it is possible because version 7 supports html emailing. In any other version it would require some custom coding to add html email support. You would have to sort it out by experimenting and editing the emailing code. All the email methods have documentation on the web in some form or another showing how to send html emails.
Also,
sometimes depending on the email component being used and the email client reading the email a link in a text based email will get hyperlinked automatically. For example outlook usually will do that, but it doesn't always in other situations.
Lastly, we have special upgrade pricing should anyone want to upgrade to ASPProtect Version 7. It really has a ton of great features.
Best Regards,
Chris Williams
www.CJWSoft.com
cwilliams38415.6414236111, ok thanks, in Control_pic.asp is there way to wrap the description field so that it doesn't go outside the table.
Thanks
, I wonder if this could this be a FrontPage problem. I deleted the skins folder and re-ftp'd the original one that only contains default and Solid Black. I logged in and tried to change it back to default but it won't. I'm going to try making this folder a Frontpage subweb to see if that makes a difference.
Al
, Disallowed Parent Path
The Include file '../dataconn_inc.asp' cannot contain '..' to indicate the parent directory.
When you get an error like this it is because parent paths are disabled on the web server. This is a setting in the IIS console for your website.
If it is not enabled on you server you will have to ask your host to enable parent paths for your website.
This is what the settings screen looks like on an XP Machine
Additional Information:
It is enabled by default on IIS4-IIS5 but in IIS6 it is disabled by default.
It is a minor security risk to have enabled and some hosts can be difficult about setting it.
Truth is, if your hosting ASP for customers you need to enable this setting if the customer requests it. Especially since 90% of the ASP applications out there require the setting.
Hosting companies should if they are serious about hosting ASP.
If they won't your only option is to go through all the code and convert the file includes to virtual includes.
http://www.powerasp.com/content/code-snippets/includes.asp
The trouble with virtual includes is they are different depending on the layout of your website. (that's why web application developers generally don't use them)
Basically if you are in a sub domain the path for the virtual include is going to be different then if you were in the root.. etc etc
Also.. someone developing on a local machine would need totally different virtual includes on the development server than they would on the live server. Server Side includes are processed before ASP so there is no way to make them SMART, so to speak. Server Side includes are hardcoded and that's that.
In my opinion virtual includes are pretty useless for commercial web based applications... Since you don't know where the customers plan to install the apps.
And YES there are some tricks when designing the applications that make it less of an issue but they are not perfect solutions.
For example...
The virtual include below would work if the application or code was installed in the root
<!--#include virtual = /somefile.asp"-->
But if the application or code was installed in a directory called "somedirectory" the virtual include directive would need to look like this
<!--#include virtual = "/somedirectory/somefile.asp"-->
I have sent an registration email (as test) to both a yahoo account and also my own email server and in both cases I get the same issue, all else is working great. I am sure its somthing simple, perhaps I am over looking somthing else. the site url is www.rochestertek.us/asp/users/register.asp if this helps
Again thanks.
, User activity screen shows history of logged-in users.
Is it possible to view only those users that are currently logged in ? not the all users that have logged in previously
