Blog Entry: 3/25/2006 1:51:06 PM
Thanks very much for the tip. I'm a beginner with all this stuff so forgive me for the inate stupidity!
By the way, I think the system is great and I am very pleased my purchase. cwilliams38317.5552662037, I have just started to move my sites to a new dedicated Windows 2003 box. I have parent paths enabled, SSI turned on but I still can't get ../ to work with server side includes. Everything I read online says that I need to turn on parent paths but again, they are already turned on.
The hosting company where the server is located can't tell me anything, they just say that that is the way it is with Windows 2003. I don't buy it!
Can anyone tell me anything on this issue to help enable the ../ for serverside includes? ,
Christopher,
Thanks for the reply. I think I've found my problem, but can't test until later in the evening as it is on a live site.
Darrell , Can I suggest you have changed a code to stop this or you have a privacy software stopping your visits to add 1 to the counter. Has anyone tried to visit the album or just you. If you send me the link I can sus it out for you, I wasnt talking about the date for a banner ad.. I was talking about the date field in the database for a USER if there is one (I dont remember if that app had date fields for user or not and I am not at a computer to take a look)
If you do not know how to directly open up and edit the database then yes you should just make a new user, Running in parallel for testing is actually a smart way to do it, but the truth is you don't use anything from version 6 except the upgraded database (we have a tutorial on how to upgrade the database)
Version 7 was a drastic change /rewrite to all of the asp files that come with the application. So you will be starting out with fresh version 7 ".asp" files and folders... You will also find that once you get version 7 running that editing certain things like the look of the users area and the login screens is much easier to do.
That being said any of your own ".asp" pages that you protect use the same protection code they always did, so there will be no drastic changes needed there when you do finalize the upgrade.
If using MSACCESS as the database I suggest installing the application somewhere in your web and using a fresh ASPProtect 7 database. Once you are familiar with the setup and everything is working fine. Attempt the database conversion and when your done stick your converted database in there and see if everything is ok.
Also, if you already purchased the application download the latest version before doing the install. It's the same download URL. If you don't have it email me and I can hook you up. I have added some new features and fixed a couple minor things since it's release.
So far the feedback on version 7 has been awesome.. cwilliams38414.0133680556, Actually quite well. I have this problem worked out and it
actually isn't to bad. But now I am getting some strange
error messages. I will start another post.
Cheers
Roy
, now, even though it should work with two slashes or not... here is an updated file that will clear that issue up.
You can try it but I think you have other issues like I said above.
just replace this file in the "scripts" folder
2005-12-16_141245_populate_config_variables_inc.zip , <%@ LANGUAGE="VBSCRIPT" %>
<!--#INCLUDE FILE="check_user_inc.asp"-->
<%
Response.Write(Session("Groups"))
%> , thats actually just the xml parser component barfing out on you.. it can't handle the load of being called so much on that server
you might want to try some of the other methods of calling banners, I'm using version 6 upgrade and recently some of the users complained that their passwords are no longer working. I was able to replicate the problem as I also experienced the same thing with my account.
Once I reset the password thru e-mail (Forgotten your password?), I am able to login but it fails later. This is weird as I have an identical copy of the code running flawlessly  on my test server.
The only change which I made to the original downloadable code is by adding password encryption using Base 64 encryption.
Any ideas what might be the problem  , to finalize this thread.... turns out I was correct and this person was not unzipping the zip file correctly. , I have found the alternate databases and they do not work either. I then went back and changed the database path in the asptest page to connect to the 2000 and 2002 test databases and it connected successfully to both of those databases, just as it had successfully connected to the asptest.mdb., So do I just replace the four folders that came with aspprotect with the four (in my case domain directory) folders in the patch or just move the files?, Hello,
You are correct regarding what you noticed.. ASPBanner only allows one person to administrate. If if did what you are asking about it would probably cost more.
(you get the ASP source so if you really wanted that you could always add it on your own fairly easily, but it all depends on your skills)
AS for keyword advertising and different ads based on certain pages ASPBanner does not get into that. The main reason being performance as I built ASPBanner primarily as a performance banner rotation solution.
http://support.cjwsoft.com/forum/forum_posts.asp?TID=144& ; ; ; ; ;PN=1
Like that thread says, you could make different zones for different conditions.. then surround the banner calling code with if else logic so a different banner zone was called under certain conditions.
Regardless, if you really need something that has every bell and whistle. BanManPro is where it is at. cwilliams38434.7100578704, Really awesome, thanks..
If possible please be sure to respond to the email they send so the review ends up authenticated
, not really, aside from looking in paypal and manually adding each one for each user...
how many users are we talking about anyway ?
and were any of the users new sign ups from scratch because if they were and that field didnt get populated that is weird?
ultimately aspprotect does not use that field. I was just storing it for the sake of storing it... so its not a big deal but I would still like to figure out what is going on
removing the expiration dates from paypal subscripbers will be enough to fix the issue your having about them getting the expiration notifications , how's it going ?, I am having severe trouble with the SQL database connection for ASPlisting (generic version).
I have used all of the suggested connection strings but still get error messages such as:
[DBNETLIB][ConnectionOpen (Connect()).]Specified SQL server not found.
I have set up the tables in the database, although the database existed already with many other tables in it as it costs me per database per month so one has to suffice with many tables in it.
I use SQL a fair amount on my site but have not suffered any probs like this yet.
Any advise or help would be useful. , The path is correct for the logfile directory. This is still not working.
, "get_me_in.asp" just hangs during a new install. Nothing happens no matter how long you wait and IIS may temporarily hang up as well.
You may very well be running something like norton antivirus with norton script blocker on your server? Or something similar?
It can cause issues when ASP uses the filesystem object and cause never ending page hangs like you are having.
Read this..
http://www.aspfaq.com/show.asp?id=2180, When using the ASPProtect admin panel. My firewall software is going crazy or Blocking it on the Mass E-Mail, Newsletter, and other pages.
Here are some of the messages:
[Unauthorized Access Attempt] This signatures detects an attempt by a web server to deliver a malicious HTML page to a browser client, in an
[Suspicious Activity] This signature detects HTML documents attempting to spoof a link destination in the browser's status bar.
I am using Black Ice...
Will users also get this kind of activity from the pages ??? Or is it only because of using the Admin Interface of the software ???
Thanks
, Okay, this also shows at the bottom of the import/export page
I've got the IUSR account with modify permissions on this data folder as well. Is the "this directory needs change permission" line just a general reminder?
Files are being stored in "D:\missourirealtor.org\members\aspprotect\data\export\\"
This directory needs change permissions for the anonymouse webserver account.
Those permissions can only be set by your hosting company.
These features will not work without those permissions being set.
, recently i've been getting a lot of unspecified errors. i've been running aspbanner for about a year and a half now. i don't know what would have caused all these problems. also, for some reason it won't maintain my log-in, ever time i got from page to page or try to submit a form it asks me log-in again.
Jason S.
cwilliams38389.8791550926, Christopher,
I can empathize. It can be a real pain to stablize a server and fend off hack attacks.
As for beta testing, I was referring to once you get to the point where you're ready to release it to the public whether it's this month, next month, etc.
Good Luck!
Al , Ya, you must have tried to upgrade from a really really old version like you said which wouldnt really work out because those instructions are specifically for upgrading a version 6 database to version 7.
That line error you had was looking for the User_ID field and I bet the version you had was so old that you didnt have a field named that as a few years ago the field "ID" got renamed to "User_ID"
As for all the cool stuff... yup there is a lot of cool stuff in this version... glad ya like it so far cwilliams38418.8164930556, ok,
IE and firefox do some things differently.
It could very well have to do with MIME types set on the server for your website. pdf probably isnt set as a mime type which can cause issues with file streaming situations.
Mime types are either set in the IIS console for your web site under the http headers tab or you can try setting the content-type header to 'application/pdf' right on the asp page the does the streaming
see this article which shows how to do that
http://psacake.com/web/gj.asp
'Specify a MIME type such as "text/html", "image/gif" or "application/pdf"
Response.contenttype = "application/pdf"
'Useful in cases for unknown file types
You would want to put the code that sets the contentype as close to the top of the asp page doing the streaming as possible. , Well my hosting company has finally gotten back with me, so I'm having them troubleshoot the webserver to see what might be eating up those resources. So I'm in a holding pattern on this for right now., Upgrade from V6 to v7.x with an MSACCESS DATABASE
1st of all, backup your existing ASPProtect files and database before performing this upgrade. Please be really careful while performing this upgrade. Version 7.x is a highly advanced application compared to any previous versions. CJWSoft under no circumstances is responsible if you lose information or have website downtime.
BOTTOM LINE: (PERFORM THIS UPGRADE AT YOUR OWN RISK)
To do this upgrade you're going to need to have the Microsoft Access Application.
To work with an Access .mdb file it can not be newer than the version of Microsoft Access you are running.
That being said, on with the upgrade..
Open you're existing Acccess Database up in Microsoft Access..
You should see this something like this.
By right clicking on then choosing rename
Rename "Users" to "ASPP_Users"
Rename "Groups" to "ASPP_Groups"
If you do not have a "Groups" table do not worry about it right now.
Now right click and DELETE the Config Table.
Yes, delete it..
You should now see this. (with or without the "Groups" table)
Now, right click on "ASPP_Users" and go into design view.
It should look like this.
Rename the "Password" field to "Old_Password"
Be sure to spell it perfectly using the Underscore
It will look like this.
Now scroll down to the bottom a bit It should look like this.
Now..
If you have a "Groups" Field... leave it alone
If you do not have a "Groups" Field add one and make it a memo field.
Now, we are going to add a few more new fields.
Add a field called "Redirection_URL" make it a "text" field with 150 field size
Add a field called "PayPal_Subscriber_ID" make it a "text" field with 100 field size
Add a field called "Newsletter" and make it a yes/no field
Add a field called "Password" and make it a "text" field with 100 field size
It should now look like this.
(you do not need to worry about the field descriptions.. that part is optional and only seen when working on the database)
Now close that window and save the changes..
Your now going to open up another Access Database while still leaving the one you have on your screen open. You going to open up one of the new databases that came with v7.x. This database has some info we are simply going to copy and paste.
You'll want to open it and put it side by side on your desktop like so.
(the old database is on the left.. the new one is on the right)
Now, for the fun part.
On the new database to the right.. right click on the "ASPP_Config" table and pick "Copy"
Then move your mouse over to the old database on the left. Right click in the open white area and click "paste"
It will ask you for a database name. Type in "ASPP_Config"
Leave "Structure and Data" checked and hit OK
Your old database on the left should now have a nice new "ASPP_Config" table.
OK, now for the "ASPP_Groups" table
If you already have a "ASPP_Groups" table in your old database you are done.
If you do not have one your going to copy and paste the table from the New Database to your old database just like we just did with the "ASPP_config" table.
Your old database should now look like this.
Now, you are done upgrading your database from within Microsoft Access.
The existing passwords still have to be encrytped and moved from the "Old_Password" to the "Password" field
To that we have a special page we run in the application that will take care of that.
So, for now... go install the application, but using the database we just created.
Follow these instructions for the most part...
http://support.cjwsoft.com/forum/forum_posts.asp?TID=181& ; ;PN=1
When you get to the part where you finally get into the admin area and need to make an admin account you will notice that your existing user database is there but none of the users have passwords if you look at them in the edit screen.
That is normal. Simply do what the instructions say and create and admin account using a username that does not exist..
Then log off... then back in as that new admin account. If that works you are ready to convert the passwords.
This part is very easy.
You want to run a special page via the browser.
http://www.mysite.com/password_admin/convert_to_encrypted.asp
Replacing the part in blue with your website info.
Once you get the page running you will see a login prompt and one form field just like before with the "get_me_in.asp" page
You will need to paste the "PasswordEncryptionKey" value that you used in the "config_inc.asp" file in the form field and hit enter.
If all goes well you will see a page telling you to click here to encrypt the passwords and copy them over.
So do what it says... dont click more than once and wait.
Eventually it should say it is finished. So go log in to the admin area of the system using the new admin account.
Now edit some users but dont save... you want to see if the passwords are showing up. If they are the conversion worked. If you see nothing or a garbled mess it did not work and you made a mistake during this whole process.
If things went well backup and delete the conversion file below.
http://www.mysite.com/password_admin/convert_to_encrypted.asp
You do not need it anymore.
Once you are positive every thing is running smoothly and everyone's passwords are ok you can go in and delete the "Old_Password" field as well.
If things didnt go well.. try again from scratch and go slowly.
If they still dont go well get ahold of us for help.
We are here to help, but if you really want us to we can be hired to do the conversion. , Please try this URL www.telepedia.net/pages/chem_periex.asp
It is protected by GROUPACCESS "6" and the username:dimitris and password:tele
In the administration area, I have arranged this username as member of the group 6.
Thank you in advance for your help
, also.. every once in a while I get some nervous person concerned about security... and the pros and cons of having parent paths enabled.
etc etc etc
so let me add this bit of info..
I don’t know what your hosting company will say because it is an iffy topic and those that understand it have a hard time explaining it to someone who doesn't. Also usually the hosting company doesn't have a clue except they heard it was a security risk.
Here is the low down from someone that really understands it...
(well, at least I think I do)
The only real security risks are from YOU and possibly other people hosting on the same server if they have parent paths enabled that is.
Meaning your site visitors can't possibly do anything with it unless of course you let them upload and run their own asp files to the server.
Anyway.. if YOU run malicious asp scripts you could potentially attack other sites on the server and look at things you shouldn't. As could other sites on the same server do to you I suppose.
So, unless you plan on doing that or some other site admin on the server does it to you its not really a concern. Just an advantage in coding abilities.
If you attack someone elses site on the server or lurk where you shouldnt then you are probably violating your hosting agreement.
99% of the time everyone gets all nervous over nothing.. half the people nervous about this have sites nobody would ever want to hack anyway.
Many people with a really important/busy sites are going to have a dedicated server somewhere so the setting is not relevant..
The hosting companies of course have to warn you.
This setting was enabled by default for years on IIS4-IIS5. I never once heard one single real story about anyone attacking anything because of this setting. That doesn't mean it doesn't happen but I am just telling you what I know.
This is all my opinion so take it for what it is...
If you are a Hosting Company your better off turning it on at the customers request, giving them a warning about it, and in turn having happy customers.
The big hosting companies like Alentus and MaximumASP do it...
There are far worse things than this to let people do after all.
Beleive it or not I have actually been in servers where they gave the anonymous webserver acount modify permissions EVERYWHERE yet they disabled parent paths ???? cwilliams38391.6024189815, gotcha...thanks. , still.. its got to be somthing along those lines.. I have seen times when even dbo didnt have full rights to a particular database so permissions should always be manually checked..
The import data routine is most likely the source of the trouble
For troubleshooting sake I would create a fresh installation from scratch using the sql script we provide and a new SQL user. Then see if that works. If it does then try to import your data into that.
There are no other things I can think of doing. Sometimes you just have to start with a clean slate. , I am not sure. I can tell you that I run windows 2003 server and I have never had any issues setting permissions for ASP.NET files and folders. This very server is 2003 and the ASPProtect.NET demo runs on this server as well.
Course, I can't say that I have specifically tried to remove ASP.NET READ permissions on the database folder as it's just not something I would not have a reason to do. Why are you trying to do that? The ASP.NET account needs that permission. If you are trying to stop file browsing and downloading in that folder that is not how you do that. The best way to do that is by keeping the database somewhere else on the server that is not part of the http web. , Thank you so so much! I went to the admin area and changed the email component from CDOSYS (using remote server) to CDOSYS (using port 25 forwarding) and all is working great now!
Again, thanks! , really all depends on the sql connection string you are using and the names of your sql user you are using...
you really havent described very much..
I'd double check all of it.. something is wrong cwilliams38325.8892824074, The ASPProtect v7.x Documentation is now available as a download in windows ".chm" format. (needs to be viewed on a windows based machine that can read it) If you are using XP with Service Pack 2 follow the instructions below or you will not be able to view the help file.
Download Documentation
You should save this file and then open it.
Just opening it from download may not work and you will not be able to read it correctly.
Please continue to check the support forum threads for the most up to date documentation.
IMPORTANT
If your are using xp with service pack 2 there are some new security features that can block the access of help files you download. So as far as the ".chm" file goes.. you have to download it... right click on it...go to properties... then choose unblock down in the lower right corner ...then you can open and view the file correctly , I do not have any programming knowledge and have what might be a simple question.
I am having a hard time getting my hosting company to modify the rights on the data folder. They state they support ASP and access databases however this is the response I got when I requested the modify permissions set for the internet guest account:
Were the rights changed on the data folder? No, we do not manage rights to folders.
My question to you is: Doesn't supporting asp require those permissions be set on the database folder or can asp (not just aspprotect) work without those rights modified?
Thanks , Connecting user is dbo of database.
User_ID is primary key with auto increment identity.
SQL Script of current table:
CREATE TABLE [dbo].[Security_Users] (
[User_ID] [int] IDENTITY (1, 1) NOT NULL ,
[First_Name] [nvarchar] (100) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Last_Name] [nvarchar] (100) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Company_Name] [nvarchar] (100) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Username] [nvarchar] (75) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Password] [nvarchar] (15) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Access_Level] [nvarchar] (30) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Notes] [nvarchar] (1000) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Admin] [bit] NOT NULL ,
[Active] [bit] NOT NULL ,
[Expiration_Date] [smalldatetime] NULL ,
[Email] [nvarchar] (100) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Address] [nvarchar] (100) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[City] [nvarchar] (100) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[State_Province] [nvarchar] (100) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Zipcode_Postal_Code] [nvarchar] (20) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Phone] [nvarchar] (20) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Counter] [int] NULL ,
[Last_Access] [smalldatetime] NULL ,
[Login_Limit] [int] NULL ,
[Custom1] [nvarchar] (255) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Custom2] [nvarchar] (255) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Custom3] [nvarchar] (255) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Custom4] [nvarchar] (255) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Custom5] [nvarchar] (255) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Custom6] [nvarchar] (255) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[ValidateEmailCode] [nvarchar] (50) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Date_Created] [datetime] NULL ,
[Validated] [bit] NOT NULL
) ON [PRIMARY]
GO
ALTER TABLE [dbo].[Security_Users] WITH NOCHECK ADD
CONSTRAINT [PK_Security_Users] PRIMARY KEY CLUSTERED
(
[User_ID]
) ON [PRIMARY]
GO , sure, there are reasons AOL would block the email.. it might think it is spam or it might not like the fact that fact that a cdonts generated email has no MX records because it can not..
for more on MX records read my CDOSYS article
http://www.powerasp.com/content/new/sending_email_cdosys.asp
as far as the emails not being sent because notifications are off. I was not aware of that and will try to look into it.. Version 6 is no longer worked on but if I can find the time I will check that out
,
Timecard Entry: 3/25/2006 1:51:06 PM
Weekly cancels, Folding and mailing invoices, answering phones, callbacks from voice mail. , did a setup. had a question about a web page, ticc meeting, radlog, dial up issues, email, cleanup, Met with Tim to go over action items, Reading through my ASP book while it's quiet trying to get through the database chapter. , worked on time cards for next week - prepared for Gouverner meeting, minfelt- email problem on web site talk with tim-fix problem
Reed benoit- update for web site- check on monday
Sacred heart - changes o website
Channelsyde- info for web site
Carthage savings bank-left pat henry
Coleman- spoke ith stephanie- contact back for meeting with leo
heide- delete jingle for buisness
, tech support supervisor duties. helped techs maintained- emonitor, dial up issues, ask us a questions, callbacks, new users, radlog, qlight, , Watertown to Clayton, 24 miles, Meetings w/ Paul Barton, Vermont Internet, Ken Mills, Dave McBride, Fox 44, Checked online issues, worked on cobalt dns, locking down, changed default page to goto home.gisco.net, setup some cron tabs disable some services fix some things that i had in for testing purposes., trained with Cathy on applying customer payments, Vermont payroll, Steady day. quality checked sign ups, cancellations, reports,callbacks from voicemail, checked emils, taking sign ups, answering phone, cc report, cancellations of invoices, Davidson - new page for win a chevy...again, new/close out w/o, manual labor rmoving/installing dry ersae boards, working sked issues. revisiting sales issues, Working on Development of automatic purge routines for SoftMLS, Worked on expiring accounts, churn report, Finish Gisco payroll, Cont. and finished the weekly reports, Cleaning up desk some, getting my equipment at the desk, and organizing., Trunk Forecast, Tech Ad, send out press release on new hires and promotions, REDESIGNING THE INFO PAGE FOR JAMES "BONDs" , Vacation Day, working on outline for the internship program for system administration, travel to Wtn for meeting,
|
