Much thanks, the duplicate incl's I spaced on and should have caught.  The hidden form variable was a key issue.  Thanks for the syntax and the help.  Now I get this page together. j  As a note - I got faster results by dropping my timeout to 3 minutes temporarily while progging and cleared browser cache between tests.  Thanks again.

Thank you so much that works great.

I will test with the other settings on the email server again thanks for the advice,

best regards

I will actually explain how to set access_levels and/or groups...

in "users/add_new_account.asp"

UPDATE:  read whole thread..
Version has been delayed




These are my personal notes on the new version of ASP Photo Gallery that should be out sometime in May/June 2004. Please ingore any typos.

This version may be more expensive than the current pro version as this is a major re-write and there will be a ton of new features.

Regardless, special pricing will be offerered to existing users.

If you see any features not listed that you think would be nice please post them here. We will of course consider them.

ASP Photo Gallery Version 4

------------------------------------------------------------ --------------------------------------------

Finished Improvements:

new setup page makes setting up the data connection easier than ever
it attempts to determine the possible data paths and makes suggestions for what to try
when you finally get the data connection working it gives you a link to the admin area of the application
so you can get started using the application

all database table names can be specified in the config_inc.asp file for advanced users that they may need
to change the table names in the database.. helpful for sql installation where one sql database must be
shared by many applications

new data folder is the only folder that needs permissions set
before multiple folders needed permissions
now everything can be put in this folder... database,logfiles,configuration files,picture upload folders...
eventually all cjwsoft applications will do this allowing multiple cjwsoft applications to use that same folder
therefore making it easier than ever to setup more applications without asking your host to set more permissions

new text based config file makes it easier to add new options to the program without making changes to
the database structure... therefore the need for the configuration table in the database has been eliminated
this also reduces system resources needed to load the config data for each page because it eliminates calls to the
database for config data

added voice effects for data connection page, intro users page, and settings page

made it so ratings color was an option (red or blue)

fixed minor bug that wasn't showing fixed category heights when that was selected and am image wasn't originally sized that way during initial upload

changed logfiles dates so they always show up in the proper order 09 vs 9

added config option to change bit query value to 1 or -1
default it to 1.... this is a technical thing

added the extra options currently in the config file to the settings page so people do not have to manually edit that
file any longer...

added new persits email option and authentication options to the settings page

added new CDOSYS emailing option

added support for dundas emailer

added support for ASPSMARTMAIL

fixed word filter so if it is empty it doesn't mess up
also make editing it part of the main settings

made email functions include file and edited all page that email to use it

added css/style sheet support and removed a lot of the old font tags

seperated the settings page into sections because it was too big and confusing

added ability for text watermarking when using the ASPImage component

made the picture upload error message no longer mention browsers that do not support picture uploading
as that is confusing people... and the problem is never that anymore

Made the ASPImage test page delete the bar graph before creating it so if it is already there they will
not think it is working

added crystal ball feature to admin users screen... shows additional user info when you hold the mouse over it

Made search function highlight search word in results.
Made the search function search the image description text files as well

Eliminated the guestbook directory as there was no need for the guestbook to be in it's own directory. This also simplified the menu.asp file as the guestbook section could be removed.

------------------------------------------------------------ --------------------------------------------

Possible Improvements:

eventually make new and much better directions/documentation... html based for multiple reasons

Eliminate the need for parent paths to be enabled on the web server.
(THIS MAY NOT BE POSSIBLE)
Many hosting companies disabled parent paths and will not enable them for their users.
On Windows 2003 Server Parent Paths are disabled by default.

make it so users ability to upload pics can be optionally disabled

possibly make some of the special functions in the extras folder built in to the admin area

Make the category picture uploader smarter because of the jpg gif issue when reuploading cat icons
A jpg loaded over a gif.. doesn't delete the old gif graphic and vice versa

Reduce number of ".asp" pages in general.

Use more functions for redundant tasks.

Optimize all instances of the old filefound function which is using more resources than are necessary

option.explicit the entire application and get all the variables dimmed once and for all

possibly incorporate the new category system I am working on which allows for unlimited categories and levels
also simplifies the heck out of the pages that call the categories

possibly add some cool image manipulation functions such as rotation for the various image components supported

possibly add the ability to move pictures around in an album. and maybe between albums
I must also remember to move the ratings and desc as well for that image.

possibly add the ability to make individual pictures require approval

possibly add the streaming image ability (asp page called from image tag) I came up with as an option for
people that can use it. this will better secure images in password protected albums and also possibly make
it so images can only be viewed from certain urls.. and maybe make an interface for a list of allowed urls

improve the .net support to also resize the larger images.. currently it does not

possibly add a feature to store 3 versions of images uploaded
thumbnail, medium res, and high res/original
this will appeal to professionals or people that may want to sell prints
storing a large version will be optional

possible support for multimedia content other than gif and jpg images

fix... url to link to..   problem on control pics page when both a jpg and a gif are present... which also relates to a another slight
bug that needs to be taken care of

make interface in admin to listen to installed midi files
and also to upload / delete them

possibly make per album guestbook... or call it something else like disussion or comments

add option to store the images orginal name in the images description area during upload
may be helpful to people that name their images in a somewhat descriptive way

change approval settings so they work on a per user basis
eliminate access levels from edit user screen and get rid of the level 4 stuff mentioned
possibly add a per user option for individual pic approval as well if I get that feature implemented

add support for the ibulc bulk upload client that I recently discovered
it is very cool

You can't unless you plan on editiing and custimizing the code.

The application is only designed to have one kind of admin and that kind has full access to the admin area.

You can of course give any user access to stats for their banners via the bannerstats page.

That is how it works. There are no other levels of admin access.

The problem with that is when a user deletes an album, the album record does not get deleted from the DB, so counting all the records would return the accurate result. :(

Any hints?

Ahhh....yes, I always forget about the cache.  That's exactly what it was. 

 I had made modifications to the import_pics.asp file, because I added more fields to the db, and made the import folder path dynamic, but I seem to have forgotten to add in the response.expires=0

Once I added this back in it has stopped messing up.

What was happening was, it wasn't overwriting the files, nor were they too big, but you would click on one thumbnail in an album(category) and it would display a picture from a totally different category.  It seems browser cache was the culprit, however.

Thanks for the quick reply, great product tooo!!!

lets get back to using the forum and not the pm's  please only use the PM's for sensative information. its too hard for me to keep track of all of this as well as help everything else when I got an inbox full of pm's

Ok, so you say no paypal subscription info is being put in the database at all.

I know we have a bunch of people using the paypal subscription code with no issues so I know it works but obviously you got something wrong.

It could be a few things.

Did you enable IPN in the paypal system and put in a postback url like my directions say ?

Are you sure you are not getting paypal single payments and paypal subscriptions mixed up ?

Are the paypal links you made for paypal subscriptions in the correct format like are directions state ? That is critical and another example of something important that you have not shown me.

Did you populate all settings correctly for our paypal subscription code ?
This includes a correct and valid postback url because if that is not right paypal cant communicate with the aspprotect system and no info will get posted back from them at all.

You say your upgrade went well but if you did all all field names perfectly there could be issues with that.

There is just way too much for me to figure out under free support with the info you keep providing me.

I dont think we are going to get anywhere unless I go into your system and spend a considerable amount of time checking everything out. That is not something I do under normal support so if you are interested it is going to involve a fee paid via paypal. It's probably going to take me a while to check everything out and I need you to be 100% sure IPM is enabled in your PayPal account. If you are not sure how to turn it on search their help system as they have plenty of documentation on the process.

in Control_pic.asp is there way to wrap the description field so that it doesn't go outside the table.

Thanks

All can say right now is take a break and get away from it for a bit. All your going to do is stress yourself out more if you keep working on it.

There is probably a way to make it work but it may require days of fiddling around and reading articles and trying things and even then you may not get it working AND THEN ITS JUST A BAD IDEA ANYWAY. Like John says you are better off running it on a server that is not a domain controller.

works fine now

If you still cant see the upload buttons after checking the settings send me a PM with the info and I will take a look at your installation. It will have to be up on a live server of course.

Weird

at this point I would say install a fresh untouched copy in the web in a different directory and lets see if it acts weird from scratch.. the we can go from there.. I dont know what is going on

Upgrade from V6 to v7.x with an MSSQL SERVER DATABASE

1st of all, backup your existing ASPProtect files and database before performing this upgrade. Please be really careful while performing this upgrade. Version 7.x  is a highly advanced application compared to any previous versions. CJWSoft under no circumstances is responsible if you lose information or have website downtime.

BOTTOM LINE: (PERFORM THIS UPGRADE AT YOUR OWN RISK)

To do this upgrade you're going to need to have SQL Enterprise Manager and SQL Query Analyzer

That being said, on with the upgrade..

Open your SQL database in SQL Enterprise Manager

Regarding the following Tables

Rename "Users" to "ASPP_Users"
Rename "Groups" to "ASPP_Groups"

If you do not have a "Groups" table do not worry about it right now.

Now right click and DELETE the Config Table.
Yes, delete it..

Now, go into Design View for the "ASPP_Users" Table.

Rename the "Password" field to "Old_Password"
Be sure to spell it perfectly using the Underscore

If you have a "Groups" Field... leave it alone
If you do not have a "Groups" Field add one and make it a "nvarchar" field with a lengh of 255.

Now, we are going to add a few more new fields.

Add a field called "Redirection_URL" make it a "nvarchar" field with a lengh of 150.
Add a field called "PayPal_Subscriber_ID" make it a "nvarchar" field with a lengh of 100.
Add a field called "Newsletter" and make it a "bit" field
Add a field called "Password" and make it a "nvarchar" field with a lengh of 100.

Now close that window and save the changes..

Download these scripts.
2005-02-23_171110_aspprotect_v7_sql_upgrade_scripts.zip

Now open up SQL Query Analyzer
Connect to your SQL server.

Then load the script  "aspprotect_v7_config_table.sql" into the Query Analyzer.  Click the green play button at the top. If everything goes well the response should read something like this.

******************************************************
(1 row(s) affected)
******************************************************

Now, if you had a Groups Table your done with the database changes.

If you didnt have a groups table.

Then load the script  "aspprotect_v7_groups_table.sql" into the Query Analyzer.  Click the green play button at the top.

Now, go back to your database in Enterprise Manager and make sure all 3 tables are there and look ok. You might need to do a refresh or two to see them.

Now make sure an existing or new SQL user has (public / datareader / datawriter) permissions for all three tables. You reference this user in the asp code connection string so this user must be set up correctly. You may need your SQL server admins or hosting company to help you on this step as you may not have access to do this. You may not need to create a user and set permissions as the sql user you were logged in as to use query analyzer may by default get the correct permissions on anything you create.

Regardless, as you can see from this screenshot I have a SQL user called "aspprotectuser" and proceeded to set the permissions for that user. Under database access giving him (public,datareader, and datewriter permissions).


Now, you are done upgrading your SQL Server Database.

The existing passwords still have to be encrytped and moved from the "Old_Password" to the "Password" field

To that we have a special page we run in the application that will take care of that.

So, for now... go install the application, but using the database we just created.
Follow these instructions for the most part...
http://support.cjwsoft.com/forum/forum_posts.asp?TID=181& ; ;PN=1

When you get to the part where you finally get into the admin area and need to make an admin account you will notice that your existing user database is there but none of the users have passwords if you look at them in the edit screen.

That is normal. Simply do what the instructions say and create and admin account using a username that does not exist..

Then log off... then back in as that new admin account. If that works you are ready to convert the passwords.

This part is very easy.

You want to run a special page via the browser.

http://www.mysite.com/password_admin/convert_to_encrypted.asp

Replacing the part in blue with your website info.

Once you get the page running you will see a login prompt and one form field just like before with the "get_me_in.asp" page

You will need to paste the "PasswordEncryptionKey" value that you used in the "config_inc.asp" file in the form field and hit enter.

If all goes well you will see a page telling you to click here to encrypt the passwords and copy them over.

So do what it says... dont click more than once and wait.

Eventually it should say it is finished. So go log in to the admin area of the system using the new admin account.

Now edit some users but dont save... you want to see if the passwords are showing up. If they are the conversion worked. If you see nothing or a garbled mess it did not work and you made a mistake during this whole process.

If things went well backup and delete the conversion file below.

http://www.mysite.com/password_admin/convert_to_encrypted.asp

You do not need it anymore.

Once you are positive every thing is running smoothly and everyone's passwords are ok you can go in and delete the "Old_Password" field as well.



If things didnt go well.. try again from scratch and go slowly.
If they still dont go well get ahold of us for help.

We are here to help, but if you really want us to we can be hired to do the conversion.

Hello,

I have ASPprotect 7 installed on my remote server.  I am able to go to the examples/default.asp page and login in without any difficulties.  If I copy the code from that page and paste it in a new page called the same thing but in a different folder, I get this error;  (Keep in mind that this is essentially the same exact page in a different location of the website)

Error Type:
Active Server Pages, ASP 0126 (0x80004005)
The include file '../../check_user_inc.asp' was not found.
/aspprotect/Pages/default.asp, line 3

I get the same error if I paste the "protection code" I have generated into the top of a current (.asp) page in my site.

Basically, the only pages that work are the ones that came with the program as examples.  Thats great, but now I need to make it work for my pages.  Any thoughts?

Yes, that’s all I wanted to know. The problem is on my end. The server is not creating the .NET site correctly. I think I got it working now. Thanks.

In case you wanted to know? The only reason I asked you is because you mentioned that you where having trouble with overseas piracy and my account is new. I figured it was my user error by just though I’d ask you first. Hope you have no more piracy issues and have a good rest of the day.

Thanks again for the quick response.

Just having the database with members does not protect the page.  You need to add the appropriate code to every page you want to restrict access to.

You need to click on the Groups tab in Admin. 
Click on Generate PW protection code. 
Click on the basic button if you don't want to include levels or groups or choose a level or group(s) and click the appropriate button. 
Paste the code that's generated  into the top of an ASP page in code view.

Is that what you're looking for? 

Michelle

I did not make a mistake.. what I typed is what I meant to say. I think maybe you are taking it the opposite way as I explained it.

Regardless,

What you want to do... logging them in under https and then having them continue though the site under http is not possible.

It doesn't work that. way. As far as the webserver is concerned https is a totally different site than http and each have their own unique set of application and session variables.

In a sense no different than www.somesite.com is different then somesite.com (each has their own unique set of application and session variables as well).

Now, because of the nature of Forms Based Authentication session varibles created under one will not carry over to the over and thus no password access if you switch over from a secure url to a non secure url.

If you want them logging in under SSL you need to keep them under SSL.

That is not to say there is some ultra complex scenario to mimic the session variables on the non secure side of things (possible with a complex http post to a non secure page from the scure page telling it what variables to create and set), but doing so means a ton of work and also has security concerns of its own.

My Admin user got corupted, and I need to reset the password and user, what is the defualt password for this database, as I do not think I have changes this (hopefully) as of yet.

Regards,

Paul

Whein I went by the numbers off of your directions, which work well up to that point, the import would time out.

At that point I tried to import directly into access...and then it hung trying to login.

okay so I've put in a clean database and created a new record for me as admin.

People who have the option pack have a new feature called groups.

Groups are meant as a replacement for using the access levels as they are much more powerful. Support for pages protected using access levels is left in tact for backward compatiability for a customers older protection code.

A customer recently told me groups could not be used like access levels and that 8 access levels was not enough. This is how I explained that groups can do everything access levels can do.



Groups can honestly do everything access levels can do if you really think about it.
Using groups and protecting pages accordingly you could actually create a system that basically worked identically to the way the access levels works.

For example..

You make 8 groups and assign users to them accordingly

Protection code on page allows access to groups 1-8
The aspprotect system generates this code for you…

<% GROUPACCESS = "1,2,3,4,5,6,7,8" %>
<!--#INCLUDE FILE="check_user_inc.asp"-->

In this case a user assigned to any one of those groups would have access..

Protection code on page allows access to groups 2-8
The aspprotect system generates this code for you…

<% GROUPACCESS = "2,3,4,5,6,7,8" %>
<!--#INCLUDE FILE="check_user_inc.asp"-->

In this case a user assigned to any group between  2-8 would have access..

Protection code on page allows access to groups 3-8
The aspprotect system generates this code for you…

<% GROUPACCESS = "3,4,5,6,7,8" %>
<!--#INCLUDE FILE="check_user_inc.asp"-->

In this case a user assigned to any group between  3-8 would have access..

Hi there,

Well, that is why we added the PayPal subscription pack where all of that is taken care of and customers get put under a recurring billing cycle.
The more people you get to pay that way the less you have to do.

We also have routines for the two other supported payment methods so people can look up their account and add time to it whether it is active/expired or not.

Other than that, yes it is something you need to sort out on your own based on how you want to run your system. You have the source code and the sky is the limit on how you want handle all of that.  You send out an email to users about to expire. Whether they come back to the site/look up their account and add more time to it is up to them. I really just do not see any way ASPProtect could handle that whole process automatically.

As for batch changing to users in the database. We give you the source code and we also use an open database structure. You can run any query you want on the database whether with ASP code or directly in your database using the tools that come with it, You can write any code you like to do whatever you like to the database. You can even tie other systems and code into the database via OBDC and manipulate data. The sky is the limit like I said. I also don't really see how batch changes to the database relates to individual users paying again for access or not especially since we include payment  pages were a users can look up their accounts and pay for and add more time to it automatically ? At least not regarding the payment routine we provide support for.

ASPProtect can not handle everything every person would need to do. It is meant as a solid starting point for any project, but there are going to be times when more functionality will need to be added by the customer based on their specific needs.

Sounds to me like you got some bad databases or something. Or your trying to open a database with too old of a version of msaccess.. not sure

Everything is stored in one database. And yes there is more than just the users table.

Also,  removing the "temp" password should be a piece of cake.

Email me for a new copy of the download file ? Use the contact from on the cjwsoft site. Please tell me your order details as well so I know who you are.

Login failed for user 'aspgallery'.

Okay, shouldn't this be trying to use aspgalleryuser?

Lance

I did try to redit the banner and the old link was there, not the new one.  In addition I tried to ad a new banner to an account but it too was not saved.

Since I can see the banners from the aspbanner solution, does that not tell me that the solution is properly connected to the database?  The only thing is the solution only appears to be able to read the data and not write or delete it.

The settings for the directory are read write execute and delete so I am not sure what I need to do to get it working again

Just to put an end to this thread here is the solution for anyone reading.

The permissions were ok.

The data connection string never got edited in the "dataconn_inc.asp" file so it was invalid the whole time.

Once that was corrected the application ran.

So really this whole thread was over not following the directions and not editing the data connection string... 

Here are three known bugs and their fixes...

If you have any of these symptoms these fixes will most likely take care of them.
If you don't have a symptom do not make any changes as you most likely have an updated copy of the application.

Technically if you bought that app on or after April 27th 2004 these bugs should all have been corrected.

Description Fix

(no descriptions showing in pop up window)

Edit pic_window.asp with a text editor

Change

Set f=fs.OpenTextFile(Server.MapPath("pictures/Album_ID_" & Album_ID & ".txt"), 1)

To

Set f=fs.OpenTextFile(Server.MapPath("../pictures/Album_ID_" & Album_ID & ".txt"), 1)

Slideshow Fix…

(last image in slideshow it not showing)

In slideshow.asp

Change

<% For PicArrayIndex = 0 To Ubound(PicArray) - 1 %>

To

<% For PicArrayIndex = 0 To Ubound(PicArray) %>

Add To Favorites fix

(add to favorites feature doesn’t work at all)

Edit "album_uppermenu_inc.asp" in the scripts folder

Change

<a href="users/favorite_albums.asp?Album_ID=<% =Album_ID %>"><img border="0" src="<% =application("skinpath") %>add_to_favorites.gif"></a>

To

<a href="users/favorite_albums.asp?Album_ID=<% =Album_ID %>&Action=Add_To_Favorites"><img border="0" src="<% =application("skinpath") %>add_to_favorites.gif"></a>

Ok I used the following for the sql string.. is this correct?

SELECT COUNT(Album_ID) AS Alb_Count FROM " & tbl_label_albums & " WHERE (User_ID = " & CmdListUsers("User_ID") & " AND Album_Active = '-1'" & ")"