Blog Entry: 3/25/2006 4:25:28 PM
as far as sql goes if you follow the instructions with give for setting up a new database you shouldnt have any issues and permissions should be already set. because we handle that in the sql script we give you.. "its a good thing to look at and it is pretty easy to understand what is going on""
however using another account could cause permissions issues.."yes, even sa" basically the username your using needs datareader and datawriter permissions to all tables used by the photo gallery system and you probably have to go specifically set them usin ght e security tab for your database in enterprise manager. This is more of SQL server 101 than anything to do with the Photo Gallery Code so I am not going to get into it too deeply, but that is definetly the issue. Permissions...
cwilliams38303.6065740741, This is great FREE SQL Server Web Data Administrator App from Microsoft..
http://www.microsoft.com/downloads/details.aspx?FamilyID=C03 9A798-C57A-419E-ACBC-2A332CB7F959&displaylang=en
It is an ASP.NET web application that you install locally on your development server and then use to connect to a SQL database whether remote or local.
It can do nearly everything enterprise manager can do.
I have tested it and it works great for me.
cwilliams38325.7453587963,
[QUOTE=cwilliams]Humm, Did you make any changes to the code ?
Solid Black is not the default so it must have changed at least once.[/quote]
I did change the top_logo.gif and the associated link. That was on the default page not the Solid Black skin which is unchanged. After downloading/uploading the skins I tried changing it to one of the Beach skins and that's when it changed to Solid Black and has been stuck there ever since.
[quote]Otherwise it might be some sort of application variable problem.
I would make sure the web is and "application" in the IIS console.[/quote]I don't have access to the Microsoft IIS console as this is a host site. I can access the site's "control panel" but it does allow for those type of settings. Mostly just permissions, DSN entries, etc.
Thanks.
Al
, I think I have successfully integrated Paypal but seem to have a slight
issue. Once a person has entered the Paypal site but cancels their
order, the ad is still placed on the site. The optimal way for my site
to work would be to cancel the ad once the Paypal process has been
cancelled. Any help would be great.
Thanks
, I am trying to understand how/where the "Log_Off_URL" variable is set
I have searched the forum for that string but don't get real good
results...I think the _'s are replaced with spaces for the search.
I am learning how to use the groups options and have modified some of
your example access level examples to test out group stuff. At the
bottom of the default.asp page I see a "LOG OFF SYSTEM" link that is
filled with a link stored in the Log_Off_URL variable and it looks
like that is being set back to the default.asp file somehow. So when
I click on it it just refreshes the page and appears to keep my user
logged in.
Seems like it should log out the user and redisplay the
login page. Is there a way to log totally off and have the login page
show up again? I am sure I am missing some obvious thing
somewhere...I can see where the Log_Off_URL variable is being created
in the config_inc.asp file but did'nt know where to look for more
info. Can you point me to an existing forum link?
Thanks!!
, For pay signups you set the groups during signup it like this thread tells you to
http://support.cjwsoft.com/code/moreinfo186-1.htm
only difference is you need to specify the groups info like so
(basically getting rid of the commas and just leaving behind the group numbers with a * around everything)
Also be sure to have no double asterisks
so, *1*,*2* would just be *1*2*
so, *1*,*2*,*5* would just be *1*2*5*
cwilliams38460.5969444444, Hi Chris,
We installed our key onto the live server.
However, since our temp key has expired, we can't access our application on our development machine because the login won't work anywhere except on the live server.
Of course we can access the application on dev, if we remove the aspprotect tags, but if we need to log in to do something unique to the user, then we have a problem.
Can we get another temp key from you? And would there be a better long term solution to this debug/maintanence issue?
--JP
, Another good tip is to make a copy of the "password_admin/default.asp" named whatever you like..
"default2.asp" would work...
then maybe add a link to it from the header_inc.asp file
then you can modify that one all you want and your will still have the original around.
That concept works for a lot of things.. for example you could make a copy of the "users" folder and call it "users2" granted a few paths might need to be changed here and there but really not a lot. (how do you think the paypal signup folders were created, they started as a copy of the "users" folder of course)
You can even make a copy of the "check_users_inc,asp" file if you like. Then make a copy of the "scripts/login_form_inc.asp" file... then make your new "check_user_inc.asp" file reference it.
Then you can password protect pages using different versions of the "check_user_inc.asp" file. Why ? well maybe you want different looking logn forms for different parts of your website or you want to make a lot of changes to the "check_user_inc.asp" file and want to leave the original alone.
The sky is the limit really. When it comes down to it besides the actual guts of the "check_user_inc.asp" file ASPProtect is nothing but html tags and chunks of simple server side code that produce more html dynamically. What your browser ends up with is basic html. (some client side javascript in certain cases, but that is pretty basic stuff too.)
cwilliams38422.509525463, You do not say something like that in a support forum for a legitimate software product. I don't think piracy is funny in the least bit. It is something I deal with every day with my own software. If you want to joke about it please do it someplace else. If you are downloading things via p2p do not talk about here. I don't want to know about it period., Can you incorporate a secure log in within the scripting. I would like the account information to be secure without having to have the whole site using running through a secure (https://) path. If this is possible, the scripting is perfect!
, DONE IT
DON'T WORRY!
DON'T ASK HOW, BUT NOW IT WORKS!!
THANK YOU IF IT WAS YOU, OR THANK YOU GOD IF IT WAS ME!!!
,
Access to some sections of the forums must be requested.
Please Click on the following link and read all of it carefully.
http://support.cjwsoft.com/
cwilliams38291.6121296296, Yes, that’s all I wanted to know. The problem is on my end. The server is not creating the .NET site correctly. I think I got it working now. Thanks.
In case you wanted to know? The only reason I asked you is because you mentioned that you where having trouble with overseas piracy and my account is new. I figured it was my user error by just though I’d ask you first. Hope you have no more piracy issues and have a good rest of the day.
Thanks again for the quick response.
, I have multiple zone banners displayed on a single page using the AspHTTP Component Method.
However, in IE 6.x and NS 7.x each banner has some text displayed before it similar to:
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 Date: Fri, 17 Sep 2004 07:15:12 GMT MicrosoftOfficeWebServer: 5.0_Pub Connection: Keep-Alive Content-Length: 229 Content-Type: text/html Set-Cookie: ASPSESSIONIDAASSDQBA=HAICCGCANEBEPANCDHLHJJGC; path=/ Cache-control: private
This text does not appear when using Netscape 4.x cwilliams38325.741099537, It seems that if a user attempts to access a page that is not in their access level or they do not have the group permission they are redirected to the login page. Re entering their ID generates an eror and they cannot go back to the pages they are alowed to access. Is there a way for them to simply be blocked and return to the previous page or to a defined page so they can continue using the site?
thankyou
, Attached is a SQL script to create the ASPProtect Database with the Option Pack Changes already applied. This lets you create the database in one step and you wont have to make the option pack changes as they are already there.
This only applies to people using MSSQL and doing a new installation.
This scripts are run via SQL Enterprise Manager.
You make a new database then run this script on it in query manager.
2004-06-14_180056_aspprotect_w_option_pack.zip cwilliams38152.7522569444, Once you have the LANGUAGE = VBSCRIPT and Checkfor = 1 on your page,
you'll have it secured. I've got over 1600 pages secured in such a
manner, thanks to ASPProtect!
, [QUOTE=cwilliams]actually, passwords can be up to 75 characters long in ASPProtect.
the only requirement when entered from a non admin user is that they are at least 4 characters long.
what does MSAccess have to do with this ? Are you trying to convert and old system or something? I noticed you created and "old password" field in there ? Is there something I do not know about as far as what you are trying to do?
Passwords in version 7 are encrypted so I hope you understand all of that and realize you can not enter or change passwords right from SQL server. Also if you import info you must handle that accordingly and convert the passwords to encrypted format. [/QUOTE]
First off, I haven't imported anything from MS Access.. The only reason I mentioned it is cuz I thought initially it worked with Access and not SQL server.
I am not converting nor entering any data manually into the db, nor have I changed anything in the way the registration is made (don't know where the "Old password" has come from? thought it was a function you made?)
, actually I just went to it again and it was somewhat slow coming up this time..
perhaps you have some issues with the sql database.
it should be instant.. like this one I run on my server
http://banserver.powerasp.com/aspbanner/
I suppose it could also have something to do with sql server resources but its hard to say..
cwilliams38319.7859722222, Using just ASP (Form Based Authentication) you can only protect the actual content of the ".asp" files.
You can however use some ASP tricks to stream other types of files to the users.
That way the actual file locations are never known and they can only get them/see these files when they are logged in as you would be streaming files to them after they logged in.
Below are informative links I have collected on the subject in an email I sent to another customer a while back.
Using Active Server Pages you can only protect ".asp" pages.
You can however password protect ".asp" pages that stream files to the user using code like in these examples therefore keeping the actual file name a secret.
And from another email I sent...
ASPProtect only protects the content of ".asp" pages. Directory protection is not possible using just ASP.
Other file extensions can not be protected using just ASP.
There are ways to get around this.
You'd want to do a technique like this to stream non ".asp" files to the users.
The safileup component from softartisans can actually do something similar as far as streaming the files go.
Then use something like ASPProtect to protect the ASP files that streams the files.
The actual location of the files is never known to the users and of they don't have access to the asp pages they can not see or get those other types of files.
Very doable, but nothing ASPProtect takes care of automatically.
This info above should get ya on track.
cwilliams38344.8751736111, (customer replied aug-sep 2005)
OK, you have old code then... I will send you some updated files that you can try.. let me know here if it solves the problem. , Hi Chris,
I've got a page with a form that includes an input field with
'type="file"' for uploading an image. The page posts back to
itself to save the info to the database and run the code necessary to
upload and resize the image.
I need to limit this page to a group. So like usual, at the top of the page I put:
<% GROUPACCESS = "1" %>
<!--#INCLUDE FILE="../check_user_inc.asp"-->
This gives me the error: "Cannot call BinaryRead after using Request.Form collection"
I have used ASPUpload and SA-FileUP before and know that this is caused
by the components having their own .form collection. This script
is using "Pure ASP File Upload" from DMXZone for the upload which I'm
not familiar with.
So...my question is, do you know a way around the BinaryRead problem wtih ASPProtect?
Thanks,
Michelle
P.S. PLEASE don't send me to DMXZone for help....they've got notoriously bad support!
, A nice addition for the listing script would be if the script would allow a "featured ad" or ads that would appear on the default page. , My ISP uses ASPSmartMail. The email confirmation works except when I try to register an AOL user the server returns an error 500.
, Not really. The way I thought activity would work is that I would always see the last 50 users. Not sure what controls that and why I wasn't seeing it, but it sounds like it is an IIS thing and since my site is not all that busy, it will not show the users if some process has reset the numbers. Not a big deal.
As for the log files, I think it is related to my other question regarding the export directory. I have the ISP looking into things at thier end to see if they are doing anything that could cause the directories to disappear.
Thanks,
Dave
, Looks great. I can't wait until this will be released. Will there also be an easy way to migrate my current version ?
Hans
, I noticed that is grabbing the wrong URL for some reason. Even when i mouse over the URL its somehow getting the users sub directory. How.. i dont know... when i erase that users in the url it works perfectly.
I am looking at the code in the .vb file and i dont see anything that could be causing it to do that... but then again i am no programmer LOL
Its obviously kicking in that users subdirectory somehow... what are your thoughts?
, Christopher
Thanks for a speedy reply. This is what I have used most recently...
ListingsConnectionString = "DSN=longreach;UID=lradmin;PWD=skipper;"
DatabaseType = "SQL"
but that throws an error of:
[Microsoft][ODBC Driver Manager] Data source name not found and no default driver specified
I have private messaged you my SQL server IP address. I am a fast learner with ASP (I think!) but some things really catch me out!
, As I already had directories in my web site root called 'images' and 'templates' I loaded the files into a sub directory called 'aspprotect' as suggested in the installation guide where it say 'either way it really doesn't matter'.
However, it does.
The scripts are often looking for a file which it can't find because the /aspprotect part of the path is missing. Example:
I can't find a way of editing all the scripts that need changing. I'm assuming it would be easier to change my site to avoid using subdirectories used by aspprotect and reinstalling from scratch straight into the root directory.
Anyone with any suggestions?
Many thanks
Ian
, Terribly sorry, but we are not software-technical. So can you please tell us exactly which folder the database would be in.
Thanks in advance.
, We would like to use some of the variables from the user account in our web pages after they log in (something like, 'hello <user>"), but for professional printout reports using company name and user.
Could you offer some help as to what variable string we use to print that information on logged in pages?
By the way, the program is working great!!!
cwilliams38446.6302083333, if it is your own XP machine there is no reason you should edit that config file manually.
simply set permissions on the data folder and all the folders in it and the application will write to the config files on its own... if you are having problems chances are you are not setting permissions correctly.. please read all of this
http://support.cjwsoft.com/code/moreinfo56-1.htm
if is not an XP machine (your post was confusing and I am not sure) then this is an article for 2003 server
http://support.cjwsoft.com/code/moreinfo136-1.htm
Most importantly whats the real error ? error 500 does not help figure out anything
http://support.cjwsoft.com/code/moreinfo11-1.htm
lastly make sure you go into iis and make that web its own application
, I have activated both activity and log files. The directories exist on my server and don't give any errors.
When I check the activity tab, some times there are a number of items in it. Other times, there is only my login info. From what I can see, it is supposed to show the last 50 items of activity at all times. Am I missing something?
Also, when I click on the log file tab, there is no file or information to see. Is there something I need to do beyond activating it in the settings area and making sure the directory has write permissions?
Thanks.
, Sorry, there is no option for that.
I'll take it into consideration, but the way the banner rotation logic works would make adding such an option very complicated.
Just give it an expiration date way into the future if you do not want an ad to expire anytime soon.
I usually just make all my ads expire in like 2020 or something like that since I don't want them to stop running either on some of my sites.
cwilliams38247.1116319444, Ok, so I checked to see if ASP is running on the server and it is. then I added code to the top of a page and this is what i can see when 'view Source' on the web browser:
<%@ LANGUAGE="VBSCRIPT" %>
<!-- Begin ASPProtect Code -->
<!-- Groups with access to this page. ( * Admins * ) -->
<% GROUPACCESS = "4" %>
<! #INCLUDE FILE="check_user_inc.asp">
<!-- End ASPProtect Code -->
<html>
<head>
<title>TeamManagers</title>
Yet I get no challenage for a password and no error message!
, Oh also, I tried to run the asp on my machine (win XP) and unless I'm missing something fairly obvious, I cannot get it to run correctly...when previewing it, I see all the code instead of what I should be seeing., Yes, I was referring to ASP Protect.
I had about a dozen people access the same account, but it is highly unlikely that they would all try at the same time (unless there were several hundred people who had access). Having an enhanced login abuse would be nice.
, See, and that's what I thought. What's interesting is that if I call either an aspx page or an asp page in the iframe tag, it asks me if I want to open the page, it doesn't display it. I'm using IE6 so there's not problem with the support for the tag.
I'll keep looking to find out what's going on. I think the iframe method might work best.
JDooley
, False alarm. Dumb user alert (both the classifieds customer and me).
When I test fixes, I need to be looking at the right Ad_ID to get correct results 
, Tell tell me some info about your install?
How am I supposed to know what is going on when you are not showing me what you have in your web config file and also the directory structure of the install or what you are putting in a page you are trying to protect ? It almost sounds like you are not editing the paths correctly in the various places. I mean yes you told me something about the "map" folder but what I saying is tell me more detail.
BTW: this is a very important setting in the web.config file and must be edited accordingly so the path is right.
<forms name=".aspprotect~net" loginUrl="/aspprotectlogin.aspx" protection="All" timeout="60" path="/" />
Basically your showing me random errors and posts left and right and I honestly have no idea what your doing ?
Ulitmately though I am trying to help you in this situation like the web site says.
We offer tech support for installation of the base application purchased in it's native form. In some cases in order to receive proper tech support your application will be need to be installed on a live server on the Internet. We simply cannot troubleshoot all issues when the application is only installed on your local machine.
Meaning I am not going to keep this up if you keep asking question after question after question regardign your local XP Pro installation. There is only so much I can assume or guess when you are running this on a local development server. I know you got all sorts of problems getting a decent live server to run this on but that just isn't my problem. Get this up and running on a professionaly and correctly setup live server and when these random configuration errors pop up atl least I can go run the pages and look at them. Right now I am just confused by nearly everything you have posted today. Half of looks like basic ASP.NET path issues that you need to sort of on your own based on where you installed the application on the machine and what you have in the web.config file.. etc etc etc
It is sounding more and more like ASP.NET is way over your head. If you want a copy of the classic ASP version of ASPProtect you are welcome to it. I think you will be a lotter better off sticking to classic ASP unless you really start reading up on ASP.NET and learning more about how forms based authentication and the web.config file work.
,
Timecard Entry: 3/25/2006 4:25:28 PM
email, checked email, answering phone,, emailed back and forth with ron to see how some emerald things were doing, checked customer accts, checked accts in imail, dsl meeting, worked on dsl database, lunch, Nortel Training Schedule, Email, lunch, template crap, TICC team meeting, email, voicemail, call backs, worked on changes on johnson lumber, , Still calls on signups and reactivations., Manning NOC. Watching network. Checking e-mail. Checking voice mail. Working on a streaming station for Z93., Duties:cc report, invoice cancellations, answering phone, callbacks from voicemail., Lot of calls due to modem failures. Caused by storms. 888 number went down. Called the company in charge and they were closed. I left a message for them to call back ASAP....Madrid server went down. Was back up after storms., warren db conv., Call from Niagara: want to sell ads on their site and also want to sell home page text area. Say that they were told it would only be $35 a pop. Sent a note to Nic/Dave V asking what was promised, discuss printers with Tim and Beth, answered tech related calls. checked online issues and ask a question emails. called users that left voice mail messages., Barstow motors- switching to cobalt
North country cinic- regsoiter domain, get info and send out proposal to sign- fax
Jim Snook- assist with ftp and virtual email
Eklaine Bar- historical society- left message
Garlocks- put info for new products
Nelson- speed shop sent email on instructions for online store and pricing
calumet fishing- set up meeting
will- aubertine 2000- receive fax- drop message to will
Send in trouble report for aubertine 2000
put info in timecard and other gisco databases
Remington museum- problem with order form-- did test- all right
, billing issues. , emailed Amy w/questions about changes on Ogdbg Bridge Auth. page (ogdensport.com, non-billable), grays flower shop- have chris sign and send out, Email/Voice Mail/Newsgroups, Meet with Howard (re: Phone company), worked on changes to Hacketts site including setting up an admin for changing the office hours, changing fields on gift certificate (which included having to put it on the secure server), change left navigation image (including image map links), change multiple static links in store to point to home page rather than store front page (hackettsonline.com, secure.gisco.net/hackettsonline, programming, billable), CD Graphics for BLUEMOO.net, Figuring out how to give rebates to MLS boards for each of their dialup users, Checking status of 1812ale and LaFargeville central school database., worked on pinging some web page addresses to see if they resided on a server we are going to be switching over..., Climax circuit... general... interns,
