(FREE) Nov 23 2005 Update Files

If you purchased ASPProtect Version 7.x before Nov 23 2005 then you can download these Update Files.

(These are non-critical updates.. only update if you want the described changes below)

These updates do the following..

• Make the Tabs in the Admin area move up and down as you navigate around so they look more like tabs used in a file cabinet.
  
• Updates the import/export process so the tab delimited text files created now store the passwords in plain text instead of encrypted. I have been thinking about this one for a while now and I think it is better this way as it was confusing a lot of people. If can also kill the whole process if by chance the encrypted output of a password contains a line break of sorts. There is no way to deal with that scenario so this is way the import/export process is going to work from now on. This also means you should be VERY carfeful about leaving export files lying around as they will have the passwords in them.
  
• Updates the "expected_paths.asp" in the data folder because the paths it was generating had an extra "data/" in it.
  
• Updates the users page so it will not show the import/export link if you have not entered a path for the export files in the settings.
  
• Adds an Activity Tab if using the Activity Tracking features instead of the links it used to put on the users page that most people didn't see.

To install these just copy them in over the old files.

Now of course back up your existing files so can revert back if there is a problem or you do not like the changes. If you made any custom changes to any of your pages use your head and realize that copying these in over your existing files will overide any custom changes you made. (that is your business, I am just warning you)

2005-11-23_163025_ASPProtect_v7_11-23-2005_update.zip

While attempting the database connection test, I receive the following error:

Server Error in '/' Application.

---

Security Exception

Description: The application attempted to perform an operation not allowed by the security policy. To grant this application the required permission please contact your system administrator or change the application's trust level in the configuration file.

Exception Details: System.Security.SecurityException: Security error.

Source Error:

An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.

Stack Trace:

[SecurityException: Security error.] aspprotectnet.DBConnectTest.Page_Load(Object sender, EventArgs e) +0 System.Web.UI.Control.OnLoad(EventArgs e) +67 System.Web.UI.Control.LoadRecursive() +35 System.Web.UI.Page.ProcessRequestMain() +2112 System.Web.UI.Page.ProcessRequest() +218 System.Web.UI.Page.ProcessRequest(HttpContext context) +18 System.Web.CallHandlerExecutionStep.System.Web.HttpApplicati on+IExecutionStep.Execute() +179 System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +87

There was nothing wrong with the server configuration. It turned out that the problem was that I disabled the email notification of new user registrations that I continually receive. That appears to disable the authorization email to new users as well.

One other issue. It appears that AOL email addressee's are not getting the authorization email. Does AOL have any blocks to CDONT generated emails?

also.. the log out page shouldnt really need this
but you can try adding this to it where all the other ones are set to nothing..

<% Session("Groups") = "" %>

ok, I just sent you a private message with download information.

replace you existing

"check_user_inc.asp"

"admin/check_admin_inc.asp"

"admin/email_user.asp"

with the new versions in the download

Do some testing to make sure that HANNAH password works ok for you.

Hopefully this cures the issue...
If it works ok for you for a while I will offer the fixes to everyone and start using this code from now on

BTW:
"admin/email_user.asp" had an unrelated bug in it that only happened if its error handling got triggered... it was posting back to the wrong page when that happened and causing an error

humm

expiration dates in the aspprotect system are not used at all when using paypal subscriptions.. all date handling is done on their end actually

and they of course send notices from their system to the user regarding their subscription and when it renews,cancels, etc etc

so I am pretty sure any errors with that would have more to do with the info you used for the subscription setup and possibly any paypal settings associated with it

its hard to say at this point

The smart thing to do I think.. would be to sign up someone using another PayPal account (your allowed 2)... and while doing it be very careful about the subscription setup data.. and then as soon as the subscription is created review all the info in the paypal system and see if the length of the subscription / expiration.. etc etc in the paypal system info looks right..

at least then you can begin to troubleshoot what is going on...

nope ,sql server has nothing to do with this

I am talking about the folder pictures are stored in.. it needs modify permissions set for the internet guest account like those articles talk about

IMPORTANT UPDATE - READ THIS
http://support.cjwsoft.com/forum/forum_posts.asp?TID=205& ; ; ; ; ; ; ; ; ; ; ;PN=1

The 2Checkout Support Pack which is built in to ASPProtect 7 contains all the pre-built scripts you need to implement 2Checkout Payments with ASPProtect. You must be using version 2 of the 2checkout system. They are phasing out version 1 regardless so everyone will be using version 2 very soon if they are not already.

THIS IS NOT INTENDED OR DESIGNED TO USE 2CHECKOUT SUBSCRIPTIONS. (see bottom of this thread for more info on that)

This Support Pack basically gives you an additional signup and registration directory "2checkout_signup" and it should not interfere with any changes or customizations you have made to your ASPProtect setup in general. New users can register in this directory and pay for membership at the same time. Existing users whether active or expired can be sent to this directory where they can lookup their account and buy additional membership time online. You can also assign various Access and Group Levels during signup and you can set up various prices for various amounts of time as well. This is a real-time setup for the most part. As soon as a user pays via 2Checkout your system is updated and they will have access.

The 2checkout pack is NEW.. and was released on March 19, 2005. If you don't have it and would like it please just ask.

To start using this edit the "2checkout_signup/2checkout_config_inc.asp" file

You will be entering your 2Checkout Account number in that file as well as the URL you want a user to go to after payment. It is all commented in that file. (There is also a testing variable you can set to True if you want to do testing without real charges being applied)

After editing that file run this page.

http://www.mysite.com/2checkout_signup/show_postback_path.asp

Replacing the part in blue with your website info.

It will report back that postback url you need to use in the 2checkout system.

Log into your 2checkout version 2 account and under the "look & feel section" enter that postback url for both the "Approved URL" and the  "Pending URL"

Trust me: You want the URL there for a pending URL because the 2Checkout system is quite random and 95% of the payments that come in go to the pending URL and end up being legitimate sales. (at least for me they do)

Now make sure the Direct Return option on that page is on as well. 

If set to Yes buyers will be immediately directed to your URLs below once they click the Complete Order button. If set to No the buyers will have to click a button to return to your URLs below.

Save that page... and leave 2checkout.

Now, delete this page from your ASPProtect setup.
http://www.mysite.com/2checkout_signup/show_postback_path.asp

It's a minor security risk and is no longer needed needed.

The basic setup is finished. All you have to now is set up payments options the way you want them.


Changing Payment Options

In the "2checkout1.asp" file there are form options set up.

They look like this and you can have as many as you like.

<option selected value="30,9.95,3,">30 Days, 9.95</option>

In this option... A user has the option to purchase 30 days for $9.95 and he will be set to Access Level 3 when payment in completed.

Here is how it works.

The value setting (red) is essentially and array that can be made up 4 elements separated by comma's
They must be separated by a comma and there can be no spaces. In this example the 4th value was not used but the last comma must still be there. If you didn't want to set an access level and left out the "3" there would 2 commas at the end.  etc etc
Basically there must always be 3 commas but you only have to set the 1st 2 values which are days and price.

days,price,access level,groups

The 1st value is the amount of days.
The 2nd value is the price for the amount of days.
The 3rd value is the access level you want to user assigned to.
The 4th option is the groups you want the user assigned to. (see PayPal subscription thread for examples of specifying group info)

Now, the label for the option in (blue) can say whatever you like.

Making progress. I have made the appropriate settings and now I have the option to upload.  When I upload, I get the following message:

 "Your upload did not succeed, most likely because your browser does not support Upload via this mechanism.

Your browser must support a standard called RFC 1867. Please check with your browser vendor for support of this standard"

I am using IE6 XP SP2.  I also am using DUNDAS UPLOAD, ASPIMAGE.

I think I set permissions correctly bot not positive.  I have given all auth to everyone for the database etc.

Umm, if your using MSACCESS your using MSACCESS

SQL server has nothing to do with it.

A correctly configured Microsoft SQL Database is critical to the correct operation of the ASPBanner system.

Table & Field settings must be exactly the way we set them in the database creation scripts provided with the ASPBanner system.

Below are screenshots of the design view settings for all the tables used in the ASPBanner system in case you want to double check them

In addition to the settings above each table has one field that is a primary key with an auto increment of one

In the screenshots above each of those fields has a yellow key next to it.
If the field does not have yellow primary key icon on you just right click and the option to make it one appears.

The SQL column settings for each one of the primary key fields must be set as follows




In addition to these settings the SQL scripts provided with the system auto populate the Banner_Users table with two users. This is very important because without the Admin user the scripts add you wont be able to log in to the ASPBanner system as an admin.

It should be released sometime late May 2004 or early June 2004 but no gurantees as I am pretty busy right now with some projects.

There will be upgrade instructions and it should be a fairly easy upgrade.

[/QUOTE]

Like I said no guarantee... I have a lot of things going on... it might not even be finished till the end of July... customers will always be able to get it for the difference in price

You have the version listed on the site when you purchassed it.
Version 3.0

Hi,

Actually that is not a feature at this time. Only the admin can add an image for user. If you look at the code for that you could adapt it for individual user use fairly easily provided you are decent with ASP.

That feature will probably be added some day, but there was no time to add it to into the current version and I can not give you a time on when it will be added. The complicated part is making some sort of approval process in case a user adds something undesirable and also limited file sizes which is hard to do without somesort of 3rd party uplaod component being involved.

I am successfully using ASP protect on our site. I have one question:

The file Check_user_inc.asp looks a bit bland as I can't seem to use the sites Dreamweaver template. If I apply a template to this page, it is duplicated on other pages with this template.

How can I apply a template to this page?

Thanks

Clark

I think I've found the problem..

The password "abcdefgh" works

The password "abcdefghi" does not

(username "ace45")

Passwords can obviously only contain up to and including 8 characters... By some coincidence I only used short passwords with MS Access.

ok, 1st we need to rule out the #1 reason people sometimes think that is not working.

Is is set up never to allow the same IP to increment the count more than once in a row so when testing it is real easy to think the count isn't working because unless you can change your ip you can not increment the count more than once per album

It's a poor mans spam abuse type of deal..
For the most part it will keep some Joker from hitting refresh 100 times and inflating the count of an album.

Do you think that is possible what is happening ?

Also, here is an older thread about the same issue?
http://support.cjwsoft.com/code/moreinfo54-2.htm

grrrrrr

As far as the users thing... my fault that was setup wrong in the settings of the admin login page.

but still dont have a solution for what im trying to do

Humm, Did you change something in a bad way? Thats my guess.

I need more information on what is going on because by default it does not do that ?

The only possible way I can think of that could cause that is if you changed things around too much and the config_inc.asp file is getting run/included twice on that page your logging in to.

Also, when you sign in "where" ? What page ?

These are 4 valid examples of calling a flash movie.

The more simple examples may cause problems for people that don't have the flash plugin installed. I really do not know as I am no flash expert. All these work fine for me. Of course I have the latest flash plugin installed. Perhaps some of you can shed some light in this. The 3rd and 4rth examples are obviously only slightly different and mention different versions of flash as far as downloading the plugin goes.

<EMBED src=" http://www.aspbanner.com/test/aspbanner/images/banners/power asp.swf" WIDTH="468" HEIGHT="60">

<object width="120" height="22">
<param name="movie" value=" http://www.aspbanner.com/test/aspbanner/images/banners/power asp.swf">
<embed src=" http://www.aspbanner.com/test/aspbanner/images/banners/power asp.swf" width="468" height="60">
</embed>
</object>

<OBJECT classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase=" http://download.macromedia.com/pub/shockwave/cabs/flash/swfl ash.cab#version=6,0,40,0"WIDTH="468 " HEIGHT="60" id="myMovieName">
<PARAM NAME=movie VALUE=" http://www.aspbanner.com/test/aspbanner/images/banners/power asp.swf">
<PARAM NAME=quality VALUE=high>
<PARAM NAME=bgcolor VALUE=#FFFFFF>
<EMBED src=" http://www.aspbanner.com/test/aspbanner/images/banners/power asp.swf" quality=high bgcolor=#FFFFFF WIDTH="468" HEIGHT="60" NAME="mybannername" ALIGN="" TYPE="application/x-shockwave-flash" PLUGINSPAGE="http://www.macromedia.com/go/getflashplayer">
</EMBED>
</OBJECT>

<OBJECT classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase=" http://active.macromedia.com/flash2/cabs/swflash.cab#version =4,0,0,0" ID=banner WIDTH="468" HEIGHT="60">
 <PARAM NAME=movie VALUE=" http://www.aspbanner.com/test/aspbanner/images/banners/power asp.swf">
 <PARAM NAME=quality VALUE=high>
 <PARAM NAME=bgcolor VALUE=#FFFFFF>
 <embed src=" http://www.aspbanner.com/test/aspbanner/images/banners/power asp.swf" quality="high" bgcolor="#3CBDCD" WIDTH="468" HEIGHT="60" TYPE="application/x-shockwave-flash" PLUGINSPAGE=" http://www.macromedia.com/shockwave/download/index.cgi?P1_Pr od_Version=ShockwaveFlash">
</OBJECT>

This is what it says in that thread I pointed you to

This zip file contains 3 sets of alternate files depending on your situation. You simply replace your existing aspprotect v7.x files with these new ones.

I really dont see what is confusing about it. I think I explained it all in detail in that thread.

Great Thank you!

As of thus far the program is working rather nicely.

I am very impressed :)

I'm getting this error when I try to login:

 Active Server Pages error 'ASP 0131'

Disallowed Parent Path

/gallery/users/login.asp, line 19

The Include file '..dataconn_inc.asp' cannot contain '..' to indicate the parent directory.

We do not support customization of the code or any custom coding you may end up doing with Visual Studio.NET. However, if you can show me that the application functions incorrectly in its default unmodified form I can help. If not it has to be something you did most likely.

Though I do not if it is the issue, mixing c# and vb.net in the same project can be tricky if not problematic. It’s definitely just not something I can support.

If you have not seen it we have tuturial on setting up the project in visual studio.net.
http://support.cjwsoft.com/code/moreinfo85-1.htm

I would suggest starting with a clean installation. Test everything to make sure the things you say are ok or not. (if not post here about it) Then try your hand at editing the application and compiling it. Keep the c# out of the mix at 1st.

I am not even sure if adding c# to the same project is feasable.
(maybe it is , maybe it isn't)

That being said.. ASPProtect.NET can of course be used to protect pages using c#. But compiling the ASPProtect.NET project with C# code added sounds a bit iffy to me. We wrote the application in VB.NET so you really need to use vb.net when making changes to it.

If you can would you do it for a price as a mod or will this be added to the new version.

here ya go

http://support.cjwsoft.com/code/moreinfo169-1.htm

Hi Chris,

We installed our key onto the live server.

However, since our temp key has expired, we can't access our application on our development machine because the login won't work anywhere except on the live server.

Of course we can access the application on dev, if we remove the aspprotect tags, but if we need to log in to do something unique to the user, then we have a problem.

Can we get another temp key from you? And would there be a better long term solution to this debug/maintanence issue?

--JP

I really need more info on what you have going on?

This can sometimes be cause by a slow server / bad data connection.

Sometimes caused when someone is using the option pack but did not make the proper changes to the database.

Sometimes caused when a user adds users the database on his own and does some "incorrect" things..

The more details you can provide the better. Think of anything and everything and describe it.

SQL or MSACCESS... version of either
Server OS
Using Option Pack or not
Did you have your host set permissions...

etc etc etc

Yup everything looks ok - but why no error?

This just gets better - now the email a friend link says sent successfully and doesn't send out - what the heck...

What would cause it to 'think' it is doing the task yet still fail?

Have SQL 2000 backend...
We just moved from Windows 2000 to Windows 2003, used import data routine in SQL to move data.

Logged into admin area. When adding new user, no record is created. However, editing record works just fine.

Any ideas would be appreciated.

Chris,

I have had a couple of users log out of the system as they are supposed to, move to another computer and not be allowed to login because of "they are currently logged in using another IP address" when in fact they logged off properly.  Is there anything that they should be doing differently?

Thanks,

Jess