Good Morning, any suggestions on how to best "fake out the system" -- I would like to try to keep this clean so I can see the real errors?

My thought was to try to just move those .gif files to the directory that it thinks it should be in -- do you have any better suggestions? Or reasons why I really wouldnt want to do that?

I'll try to help when I get back tues night,, see the contact page for info on where I am .
http://www.cjwsoft.com/contact/default.asp?Subject=CJWSoft+G eneral+Inquiry

Hello-

I'd like to set up the system to redirect to a landing page (say home1) after the user logs in.

I have looked at all the documentation and can't find something that explains how to do this. I am thinking that I can set up a log in as the default in my root directory that will have a form with an action=check_user_inc.asp. I have looked at the code there but cannot find a place where I would place a redirect to home1.

Help please

Thanks

Hi Chris

Unfortunately the bl**dy server was down and unavailable for 17 hrs so I couldnt even get to see what the settings were!

It is on, the relevant users appear to have all rights for the data/tempstats folder.

I'm guessing you're going to suggest turning it off and see if the problem still appears.

Colin

I set the max image width to 1000; previously it was null. Now I'm getting server errors:

page not found, then, service unavailable (the page is there). But in a new album, the images imported fine and it seems to be working now, despite the IIS issues.

I think my host restricted the amount of memory and resources my site is allowed to use.

Additional Information.

A set of these variables get created for every user that logs in to your site.
For performance and memory conservation reasons some of them can be turned off and are optional.

If you look in the "check_user_inc.asp" file or the "check_admin_inc.asp" file you will see a section of code like this


   ' Start of optional session variables to be set
   ' Recommended that you remark out any of the session variables below that you don't really need to use
   ' This will save a lot of server resource because every user logged in has a set of these
   
   ' I added some code here to not create these if they are empty
   If CmdCheckUser("First_Name") <> "" Then Session("First_Name") = CmdCheckUser("First_Name")
   If CmdCheckUser("Last_Name") <> "" Then Session("Last_Name") = CmdCheckUser("Last_Name")
   If CmdCheckUser("Company_Name") <> "" Then Session("Company_Name") = CmdCheckUser("Company_Name")
   If CmdCheckUser("Email") <> "" Then Session("Email") = CmdCheckUser("Email")
   If CmdCheckUser("Address") <> "" Then Session("Address") = CmdCheckUser("Address")
   If CmdCheckUser("City") <> "" Then Session("City") = CmdCheckUser("City")
   If CmdCheckUser("State_Province") <> "" Then Session("State_Province") = CmdCheckUser("State_Province")
   If CmdCheckUser("Zipcode_Postal_Code") <> "" Then Session("Zipcode_Postal_Code") = CmdCheckUser("Zipcode_Postal_Code")
   If CmdCheckUser("Phone") <> "" Then Session("Phone") = CmdCheckUser("Phone")
   If CmdCheckUser("Custom1") <> "" Then Session("Custom1") = CmdCheckUser("Custom1")
   If CmdCheckUser("Custom2") <> "" Then Session("Custom2") = CmdCheckUser("Custom2")
   If CmdCheckUser("Custom3") <> "" Then Session("Custom3") = CmdCheckUser("Custom3")
   If CmdCheckUser("Custom4") <> "" Then Session("Custom4") = CmdCheckUser("Custom4")
   If CmdCheckUser("Custom5") <> "" Then Session("Custom5") = CmdCheckUser("Custom5")
   If CmdCheckUser("Custom6") <> "" Then Session("Custom6") = CmdCheckUser("Custom6")
   
   ' End of optional session variables to be set

If you do not need a particular variable to be set as a session variable simply comment that line out with single quote.

If you have an extremely busy site with a lot of users this is a good idea. If not, you probably don't need to bother doing this. I added some code in there so they will not be created if they are empty and that alone helps out a lot.

Hello,

Thank you for the feedback.

I would like to point out the requirements of the application however as this is something I am aware of and do address.

http://support.cjwsoft.com/code/moreinfo165-1.htm

These requirments are directly linked to from the ASPProtect v7 web page, so its not like I dont try to tell people the deal regarding SQL server.

Basically I only have the resources to provide scipts and instructions for using SQL Enterprise Manager and that is all I officially support. I also personally think anyone using a SQL Server should be using SQL Enterprise Manager because later on down the road there are things you may want to do such as backups/etc etc

Take Care,

Chris Williams
www.CJWSoft.com

ASPProtect v7.x has a new feature called groups.

Groups are meant as a replacement for using the access levels as they are much more powerful. Support for pages protected using access levels is left in tact for backward compatiability for a customer that was using them.

A customer recently told me groups could not be used like access levels and that 8 access levels was not enough. This is how I explained that groups can do everything access levels can do.



Groups can honestly do everything access levels can do if you really think about it.
Using groups and protecting pages accordingly you could actually create a system that basically worked identically to the way the access levels works.

For example..

You make 8 groups and assign users to them accordingly

Protection code on page allows access to groups 1-8
The aspprotect system generates this code for you…

<% GROUPACCESS = "1,2,3,4,5,6,7,8" %>
<!--#INCLUDE FILE="check_user_inc.asp"-->

In this case a user assigned to any one of those groups would have access..

Protection code on page allows access to groups 2-8
The aspprotect system generates this code for you…

<% GROUPACCESS = "2,3,4,5,6,7,8" %>
<!--#INCLUDE FILE="check_user_inc.asp"-->

In this case a user assigned to any group between  2-8 would have access..

Protection code on page allows access to groups 3-8
The aspprotect system generates this code for you…

<% GROUPACCESS = "3,4,5,6,7,8" %>
<!--#INCLUDE FILE="check_user_inc.asp"-->

In this case a user assigned to any group between  3-8 would have access..

and so on... I think you should get the picture by now

The protection code for my group3 is:

<!-- Begin ASPProtect Code -->
<!-- Groups with access to this page. ( * GP03 * ) -->
<% GROUPACCESS = "3" %>
<!--#INCLUDE FILE="check_user_inc.asp"-->
<!-- End ASPProtect Code -->

btw - sorry but I am using v7
and thanks for the assistance

I have never heard of such a thing...
If the settings are enabled for the web it should work.
That is, as long as your include file syntax is valid.

I run my own windows 2003 server (you are on it now) so I should know

for troubleshooting

try a very very simple example... like a file in a folder.. with a server side include to a file under it

and see if that works

use real simple asp files with nothing crazy in them... and an include like this

<!--#include file = "../myfile.asp"-->

I'm trying to use CDOSYS.

It seems to work fine on the web page, however the mail never gets
delivered.

I can see my messages sitting in c:\inetpub\mailroot\pickup but they never leave it.

I found another folder after doing a search for "pickup".... it is:
d:\program files\Exchsrvr\Mailroot\vsi 1\PickUp     If I paste the files
into there, they get delivered.

How can I get the email to be delivered without doing the cut and paste?

I've tried it both with and without authorization.

I am running a Windows 2000 server with Exchange 2000.

Thanks.

I am also getting the "Unspecified Error" message.  I just transferred my site to IIS 5.0 and I get that error now.  However it does not happen everytime.  I can click on a page and it opens fine and then I hit refresh in the browser and I get the "Unspecified Error" message.  What could be causing this?

Disallowed Parent Path

The Include file '../dataconn_inc.asp' cannot contain '..' to indicate the parent directory. 

When you get an error like this it is because parent paths are disabled on the web server. This is a setting in the IIS console for your website.

If it is not enabled on you server you will have to ask your host to enable parent paths for your website.

This is what the settings screen looks like on an XP Machine

Additional Information:

It is enabled by default on IIS4-IIS5 but in IIS6 it is disabled by default.
It is a minor security risk to have enabled and some hosts can be difficult about setting it.

Truth is, if your hosting ASP for customers you need to enable this setting if the customer requests it. Especially since 90% of the ASP applications out there require the setting.

Hosting companies should if they are serious about hosting ASP.


If they won't your only option is to go through all the code and convert the file includes to virtual includes.

http://www.powerasp.com/content/code-snippets/includes.asp

The trouble with virtual includes is they are different depending on the layout of your website. (that's why web application developers generally don't use them)

Basically if you are in a sub domain the path for the virtual include is going to be different then if you were in the root.. etc etc

Also.. someone developing on a local machine would need totally different virtual includes on the development server than they would on the live server. Server Side includes are processed before ASP so there is no way to make them SMART, so to speak. Server Side includes are hardcoded and that's that.

In my opinion virtual includes are pretty useless for commercial web based applications...  Since you don't know where the customers plan to install the apps.
And YES there are some tricks when designing the applications that make it less of an issue but they are not perfect solutions.

For example...

The virtual include below would work if the application or code was installed in the root
<!--#include virtual = /somefile.asp"-->

But if the application or code was installed in a directory called "somedirectory" the virtual include directive would need to look like this

<!--#include virtual = "/somedirectory/somefile.asp"-->

Still not ready... I have no time to finsih it at the moment..

release date is unknown...

You should not have single quotes around the "-1" because Album_Active is not a string field in the database. It's true/false or bit field in the database depending on the database you are using (MSSQL or ACCESS)

I'd do it a little more like this I think.

SELECT COUNT(Album_ID) AS Alb_Count FROM " & tbl_label_albums & " WHERE User_ID = " & CmdListUsers("User_ID") & " AND Album_Active = 1"

I took out the parentheses as well since I dont believe they are needed in a simple case like this

but is hard to say unless your the one testing it... my version might have a mistake as I am a little rusty with my SQL at the moment

also: in case your wondering...
depending on the situation and the odbc drivers the 1 and -1 should work either way but sometimes it's picky and you have to do it one way or the other

Cool.

Well I'm in the middle of uploading the txt file and it's about half way done and sitting there...so I'm keeping my fingers crossed.

I did a google search and it turns out that error very well might have to do with ASP trying to send an email and that process failing.

That tells me your emailing from the application is not working so it is probably not something you edited incorrectly.

see this article...

80040211
http://www.aspfaq.com/show.asp?id=2026

Emailing was working as when I did your installation (I think I did it months ago, didn't I) so it must be some incorrect changes to your email settings in the admin settings screen. Try sending an individual email to a user from the admin users screen and see if it works. My guess is you will get the same error and means your email sending options are no longer correct or valid.

If that is the case I would ask you if you changed them or possibly something changed as far as your email setup goes. Passwords ? EMail Server .. etc etc etc

humm.. can I possibly see this happening ?
any changes to that part of the code ?

How can i get to this to register someone in the database only after the Paypal payment has been accepted.  I was testing it out to see if it makes it to my Paypal account (which it did just fine) then I closed Paypal before paying.  I logged in as the administrator and looked at the member list and the account was created anyway.  How can I stop this from being created until "only" after the Paypal payment has been "approved"?

What if this person never comes back to "try again"? Now the username he used (and is inactive) is not available for anyone else to use.  And it takes up database space.

I am using the Paypal (non-subscription)

Thanks in advance,
scottyFlasher

Just wanted to say how much I like the program! I hunted for days and finally purchased a Perl based product. After several days of goofing with it I gave up. ASPPhoto worked right on first install!!!!

Way to go!

Nov 2005

It seems that if a user attempts to access a page that is not in their access level or they do not have the group permission they are redirected to the login page.  Re entering their ID generates an eror and they cannot go back to the pages they are alowed to access.  Is there a way for them to simply be blocked and return to the previous page or to a defined page so they can continue using the site?

thankyou 

When did you download the ASPProtect Version 7 zip file ?

what did you enter as a wrong password to make that happen ?

does it it do it when other wrong passwords are entered ?

Yeah sorry you are right. It works for me

http://www.rottys.net/gallery/default.asp?CatLevel=2&Cat 1_ID=5

Humm, I can see all those pages loading just fine at both domains so you got me pretty confused at this point as you just said they didnt load.

regardless, the data connection tests are failing with both of them.

so let me ask you again how are you setting permissions on the database folders?

I Dont know... it shouldnt do anything like that.

if it ever asks to download a aspx or asp page its generally a server configuration issue not related to the actual code

provided you arent trying to grab the injectbanner page through an iframe call which is only for use with the javascript method of calling banners

Thanks very much for the tip. I'm a beginner with all this stuff so forgive me for the inate stupidity!

By the way, I think the system is great and I am very pleased my purchase.

I am up to speed on how it works. My goal was to not have just a link to a protected page- so that when a user clicks it they get the "access denied" screen and then have to log in. My goal was to avoid that if possible by having them log in and then redirected to the protected page.

So this isnt possible? The only way for it to work is for a user to click a link to the protected page, get the denied screen, then login and be redirected?

Or is there another way..?

I made my point by rebuttling your "cafepress" with agreeing "YES" that is what i want... now you are changing this around on me. I dont think i can be ANY clearer in what i intend to do. It is extremely clear and i am not sure why its becoming more than it should be. I just want the user to be able to log in from ANY PAGE ON THE WEBSITE AND THEN BE REDIRECTED TO THE PROTECTED PAGE IF THE HAVE THE PROPER CREDENTIALS. It would be nice if this software gave an error message when an incorrect username/password was entered instead of simply refreshing the screen.

Every application we sell that has a password on the database uses "temp"

Also, the password is in the connection string in the dataconn_inc.asp file.

After all, the ASP code needs to know the password just like anyone that wants to open the database would.

[/QUOTE]

That i have, my question revolves around the all the users and passwords that I in that database. I need to be able to export that list to word for a mail merge list, but when I do the passwords show up encrypted. I need to be able to get an unencypted list.

thanks

I would check out this article for starters... aspprotect is very similar to asp photo gallery and so are a lot of the page names.

http://support.cjwsoft.com/forum/forum_posts.asp?TID=49& PN=1

Jeromy, You should have access to that page.

lmao ... ya that has never happend to me before....