Blog Entry: 3/25/2006 4:24:20 PM
Hi,
I have just one quick question, I know this works with Paypal but does this work with Merchant Account?
How difficult it is to make it workable with Merchant account? I appreciate your answer.
Thanks.
, You might just learn something and actually get your project finished before 2010 
your over there hacking away on your virus infested WaReZ machine
LOL thanks for the good laugh-- i guess its time to do some reading and making my own mods to the program..
btw i never insulted cafrepress.. not sure where you got that from- just advised that what they have is exactly what i want to have done. How much for your service?
,
[QUOTE=afifm]
I was actually able to do similar thing by allowing our dedicated search engine to access the site unchallanged.
<%
If Trim(Left(Request.ServerVariables("HTTP_USER_AGENT"),11)) = "MYPASSWORD" Then
SearchFlag = True
End If
If SearchFlag <> True Then
If Session("Access_Level") > CHECKFOR or Session("Access_Level") = "" Then
%>
<!--#include virtual="/Auth/check_user_Code.asp" -->
<head>
<title>My Title</title>
</head>
<body>
My Protected stuff here
</body>
</html>
For this to work, the search engine must pass the PW to the web site. I just was not sure how to do the same thing with IPs. I will play with the code and see what happens. If it works, I will post it here to help others, if this is OK with forum rules.
Thanks,
Mo
[/QUOTE]
I just added couple of lines and it works fine
If (Request.ServerVariables("REMOTE_ADDR")) = "xxx.xx.xxx.xxx" Then
' Session("PasswordAccess") = "Yes"
SearchFlag = true
End If
, I tried the iFrame method that you have shown, and it works great!!!!, Thank you! I thought that is what had to be done, just didn't want to miss out on a short cut if there was one. Thanks again, I got ya. Well hey, that's what's great about the iframe right?
, I did not make a mistake.. what I typed is what I meant to say. I think maybe you are taking it the opposite way as I explained it.
Regardless,
What you want to do... logging them in under https and then having them continue though the site under http is not possible.
It doesn't work that. way. As far as the webserver is concerned https is a totally different site than http and each have their own unique set of application and session variables.
In a sense no different than www.somesite.com is different then somesite.com (each has their own unique set of application and session variables as well).
Now, because of the nature of Forms Based Authentication session varibles created under one will not carry over to the over and thus no password access if you switch over from a secure url to a non secure url.
If you want them logging in under SSL you need to keep them under SSL.
That is not to say there is some ultra complex scenario to mimic the session variables on the non secure side of things (possible with a complex http post to a non secure page from the scure page telling it what variables to create and set), but doing so means a ton of work and also has security concerns of its own.
, Along with being able to set an expiry date or number of impressions, is it possible to add another option for a banner to be "non-expiring"?
With our current ad software (which we are transferring all data from to ASPBanner), we run banners for both paid advertisers, and for our own services. The banners relating to our own services, we would like to set to "non-expiring" so they appear all the time. , No, because ASPProtect.NET is licensed per and only runs in One website (one iis application)
That error however probably has more to do with parent paths being disabled on the server., Hi, I haven't heard anything from you.
Has this issue been resolved ?
Thanks
, That was wrong of me but not what I meant. It seems as soon as I purchase something like this it doesn't work right and it can't be altered to work with what I have. The support ends up sucking or being none. Listen I’ve gone thru you're product and it's wonderful and does exactly what you say it does so that's a relief. Sorry about my ignorance with .NET but I’m from an ASP world and it's a lot different. You can see what I’m trying to protect here http://www.hotmixxent.com:8087/default.aspx. The final site after testing will be http://mxais.sfmx.org/default.aspx. Again thanks for the support on Christmas Sunday, that’s defiantly beyond the call and I appreciate it a lot.
, A nice addition for the listing script would be if the script would allow a "featured ad" or ads that would appear on the default page. , also, just to show you what happens when a user creates a subscription this is the code. you can see in red where the subscrition is is set and also where the exp date is set to null
If txn_type = "subscr_signup" Then
Set ConnPasswords = Server.CreateObject("ADODB.Connection")
Set CmdEditUser = Server.CreateObject("ADODB.Recordset")
ConnPasswords.Open ConnectionString
SQL = "SELECT " & tbl_label_users & ".* FROM " & tbl_label_users & " WHERE (User_ID = " & User_ID & ")"
CmdEditUser.Open SQL, ConnPasswords, 1, 3
CmdEditUser.Fields("Active") = "1"
CmdEditUser.Fields("Validated") = "1"
CmdEditUser.Fields("PayPal_Subscriber_ID") = subscr_id
CmdEditUser.Fields("Notes") = "Successful PayPal Subscription Signup on " & Date
CmdEditUser.Fields("Expiration_Date") = Null
If Access_Level <> "" Then
CmdEditUser.Fields("Access_Level") = Access_Level
End If
If Groups <> "" Then
CmdEditUser.Fields("Groups") = Trim(Groups)
End If
CmdEditUser.Update
CmdEditUser.Close
Set CmdEditUser = Nothing
ConnPasswords.Close
Set ConnPasswords = Nothing
End If , Hi Chris,
The password is HANNAH. If you're into trouble shooting mode and would like the key, I can send it to you. If not, no big deal, I've email the guy a new password. We'll see how many rounds it takes him to get it right.
Thanks,
Mick
, We have a site that currently runs ASPProtect and would like to install a second instance of it. The reason is that the current one is set up to manually authorize new users (it is for applying discounts to the Trade), but we want a second instance that will allow new users to register freely (this is for personalization).
Has anyone set up such a goofy scenario themselves? Is this even possible?
Thank you!
, Just wanted to let you know that after modifying the remote host string in the email pages and getting the correct connection from my server, everything is running fine.
I hope you enjoyed your vacation.
thank you
adam
, Yes, that was it! I had not created the banner for that zone yet. Once I did it came up fine. Do I win the Bonehead of the Year award?
I am just implementing the product, and I deleted the included zones instead of renaming them. That is why it is up to 6. I am migrating banners from my current system before I implement the code onto my pages.
If I may, I'd like to ask another question. I use rotation on all pages of my site except for the home page, where the banners are all smaller and static - an advertiser can expect their banner to always be in the same spot on the page.
I am currently hard coding this via html, but then I do not have the ability to collect stats on home page banner clicks, so I want to use ASPBanner. My question is, can I do this without creating a seperate zone for each banner? In other words, is there a way to modify the html code (that works just fine) so that in addition to indicating the zone, it can indicate the specific banner I want to appear? I would then paste the code in each cell of the table, and alter the banner #. If I do this with just the zone, I expect that the page will randomize the position of each banner across the page. You can see what I'm talking about by clicking here: http://www.PoconoCommuter.com/
Thanks for your help!
, yes. what you are talking about has to do with norton ad blocking software.. it blocks images or paths that have the word "ad" in them.. and you see red x's where images should be on web sites.. usually
it is different then what this thread initially mentions which has to do with a code/server issue with the application variables.
, Then you should have current enough code.
If you PM me the encryption key you are using and the plain text password for this user I can see if I can reproduce the error and come up with a fix.
I believe you found one of the rare examples where the encryption creates a strange character that messes up things. Sometimes those characters are not even visable.
Changing the password should solve the problem in the meantime., I think you may be using old code where that was an issue... I am going to PM you the latest version..
to be safe upgrade all the ASP files except the dataconn_inc.asp files and your config_inc.asp files
"be real careful not to lose your current encryption keys in the "config_inc.asp" file or you will be in real trouble
You can use your existing database
, Well, I had no more trouble after I read the instructions.
The PayPal integration is really neat stuff! WOW! And the email
users function got up and running in a snap... this is an awesome
package!
The coolest thing with the user registration is that the account
username and password are selected by the user. That is very very nice.
Much less typing for me to do.
, [QUOTE=cwilliams]Humm, Did you make any changes to the code ?
Solid Black is not the default so it must have changed at least once.[/quote]
I did change the top_logo.gif and the associated link. That was on the default page not the Solid Black skin which is unchanged. After downloading/uploading the skins I tried changing it to one of the Beach skins and that's when it changed to Solid Black and has been stuck there ever since.
[quote]Otherwise it might be some sort of application variable problem.
I would make sure the web is and "application" in the IIS console.[/quote]I don't have access to the Microsoft IIS console as this is a host site. I can access the site's "control panel" but it does allow for those type of settings. Mostly just permissions, DSN entries, etc.
Thanks.
Al
, yes, usernames and passwords are both case sensitive. It increases security.
, I have just started to move my sites to a new dedicated Windows 2003 box. I have parent paths enabled, SSI turned on but I still can't get ../ to work with server side includes. Everything I read online says that I need to turn on parent paths but again, they are already turned on.
The hosting company where the server is located can't tell me anything, they just say that that is the way it is with Windows 2003. I don't buy it!
Can anyone tell me anything on this issue to help enable the ../ for serverside includes?
, I'm all set - after thinking about your replies - i checked a bit more and changed the email component type -- thanks again for all your help.
, btw: who is this hosting company anyway ?
and did they give you access to a control panel that lets you manage your site ? sometimes that is where you manage those permissions if their interface supports it
lastly, are frontpage extensions installed in your web so it can be connected to via frontpage ?
, If it stopped working it has nothing to do with the ASP code. YIf could have stopped for any number of reasons as hosts often change email server requirements and info. You need to go over the email settings. Of course make sure you and the person you are sending to have valid email addresses and try different methods/settings until you get emailing to work again.
Testing it by sending emails off from the users screen.. in each email type in what you are trying at that time so you know what worked if emails make it through. Also, be sure to check junk filters when testing to make sure the emails are not being put in any of those.
That's what I would do. CDOSYS is always your best bet for sending emails as it has so many options and all new server support it. , I did all that you sugessted and all failed, you said "I did a sign up.. your verify URL is not saved/set in the application variables. is this somthing I can change manually? below are the steps I performed......
1 - made sure the web is it's own application in IIS
2 - Reset IIS in command promt
3 - Restarted the server, the only thing is I have not waited perhaps long enough for it to kick in. but it should have with the restart.
I am running windows 2003 on the front end with wondows 2003 and Exchange 2003 on the back end, is there anything else that may be causing this issure?
Thank you!
Matt...
,
I pull that crap on myself once and a while... or my
favorite is leaving a bootable CD in the drive and then wondering why the heck
the OS doesn’t come back up. I pretty much promised myself back in 2002 that I
would never mess with anything minor after 10PM. For whatever reason I always
start messing around trying to "fix" something and end up sorry...
Granted if it’s an emergency I am all for it, but I get dresses in advance
anticipating the practically inevitable drive down to the datacenter.
Good luck with that, I am sure you will be much better off
in the long run.
, I am not sure. I can tell you that I run windows 2003 server and I have never had any issues setting permissions for ASP.NET files and folders. This very server is 2003 and the ASPProtect.NET demo runs on this server as well.
Course, I can't say that I have specifically tried to remove ASP.NET READ permissions on the database folder as it's just not something I would not have a reason to do. Why are you trying to do that? The ASP.NET account needs that permission. If you are trying to stop file browsing and downloading in that folder that is not how you do that. The best way to do that is by keeping the database somewhere else on the server that is not part of the http web. , Great suggestion, routing the banner click through an intermediate page before the destination. We use Deepmetrix LiveSTATS.xsp V7 and I should be able to configure a filter to capture the stats of the intermediate page.
Thanks for the help!
Lance
, ok, I moved this thread..
The code in the ASP application handles all encryption and un-encrpytion of passwords in the database. I uses the vbscript RC4 function and the password encryption key specific to your installation to do this.
The whole idea is that if someone gets your database and opens it up that they will not get the passwords (utilitiies to crack access databases are common and work well so they can easily get by the main password)
That being said when you open the database manually your not supposed to see clear text passwords. Your also not supposed to have an easy way to make them clear text. It's a security thing.
Though I am not officially supporting it I will tell you what I think would be the easisest way to make an export file with clear text passwords in it.
Use the export fire creator in the admin area of aspprotect.
Mosdify "export.asp"
change
Password = CmdDataExport("Password")
to
Password = RC4(CmdDataExport("Password"), PasswordEncryptionKey)
Then make an export file and see if that worked.
you can then import the export file into and access database or do whatever you like with it.
, Is there a way to set various members to upload a limit of photos. So, one member can only upload 5 photos in 1 album and another can upload 30 photos in 2 albums. Even if you just set a permission for the number of uploads for each member.
Thank you
, Just an update,,,
the permission were all correct.... i left it and tried from my pc at work and it works fine... so i dont know what hahhpened.... thansk for your quick response
regards
Domenic
Sydney, Australia
, when you get back to work.. your "redirect.asp" needs the password include file at the top of it.. or that wont work either..
and of course those pages you send people to all need to be repaired
, Hello,
While there is no option in the admin area / asp code we give you here is what I can tell you.
You have the source code and we also use an open database structure. (MSAccess or MSSQL) So that means you can really run any query you want on the database whether with ASP code or directly in your database. You can even tie other systems and code into the database via OBDC and manipulate data. The sky is the limit.
In MSSQL you can run queries in SQL enterprise manager or query analyzer. Using Access you can run queries in query view.
It's really not that hard if you do some research on SQL Statements and how to use them. You can do some very powerful queries and save yourself a lot of time. ,
If you want to have a login form on a non protected page that posts
to a protected ".asp" page use code like this.
Change the action of the form to the page you want them to log into.
Make sure to page you send them to is protected by the "check_user_inc.asp" file.
<center>
<table border="0" width="400" height="200" bgcolor="#000000">
<tr>
<td bgcolor="#F4F4F4">
<form method="POST" action="memberarea.asp">
<input type="hidden" name="Status" value="Checkem">
<p align="center"><font face="Arial">ASPProtect Login</font></p>
<div align="center">
<center>
<table border="0" bgcolor="#C0C0C0">
<tr>
<td bgcolor="#EBEBEB"><strong><small><font face="Arial">Username</font></small></stro ng></td>
<td><input type="text" name="Username" size="10"></td>
</tr>
<tr>
<td bgcolor="#EBEBEB"><strong><small><font face="Arial">Password</font></small></stro ng></td>
<td><input type="Password" name="Password" size="10"></td>
</tr>
<tr>
<td bgcolor="#EBEBEB" colspan="2"><font face="Verdana, Arial, Helvetica" size="-1"><input type="checkbox" name="KEEPMESIGNEDIN" value="True">Keep
me signed in on this computer unless I log off.</font></td>
</tr>
</table>
</center>
</div>
<div align="center">
<center>
<p> <input type="submit" value="Login"></p>
</center>
</div>
</form>
</td>
</tr>
</table>
</center>
, Not to be pushy, but how's the new version progressing?
I'm hoping these features will be in it:
- possibly add the ability to move pictures around in an album. and maybe between albums, I must also remember to move the ratings and desc as well for that image.
- possibly add a feature to store 3 versions of images uploaded
thumbnail, medium res, and high res/original
-
add option to store the images orginal name in the images description area during upload
may be helpful to people that name their images in a somewhat descriptive way
-
add support for the ibulc bulk upload client that I recently discovered
If you could use a beta tester, I'm still just setting up my site and would be willing to run a beta.
Thanks
Al
, let's try this... edit that page with a text editor like notepad...
Carefully replace any instance of "Cint" with "CDbl".. I may have missed some of those when testing the last time I edited the code.
, I have just purchased ASP v7 and loaded. Followed instructions. Obtained codes not prob. Get to single field login screen, enter password and following page appears:
Method Not Allowed
The requested method POST is not allowed for the URL /temp/aspprotect/password_admin/get_me_in.asp.
Added folder aspprotect under (temp web) folder - temp, but also tried under root folder of web site.
Still no luck.
Apache/1.3.27 Server at www.didac.co.uk Port 80,
Timecard Entry: 3/25/2006 4:24:20 PM
dead air on 2360, RNA 265-4812, Working on Database structure of new MLS software., Updated gogisco site, promotion spread sheets, finished press release for Chris B, phones, radlgo, dial up issues, ask us a question,, Craft School - VG01 - creating new ad for guide, answered emails, Drove to Syracuse for Training Seminar
90 miles, LEARNING NEW! ADOBE PHOTOSHOP 5.5 AND IMAGEREADY, General -phone with channels, wept, etc., invoices, lots of billing calls this morning., Making script to fix Taras customer database. Remove comma deliminations, reverse first and last names, fixed all ''Inc.'' names and all inconsistancies., Follow up on some PC Bundle issues, Return trip from Warren, PA, Watertown to Clayton - 24 miles, Lots of e-mails to Randy and a few to Mark Holberg., jim corbin, car freshner, past/present future, research press releases, review clec planet marketing ideas, nortel marketing, start nyab press release, helped one customer with network errors. helped another that couldn't surf, daily reports, Doing a wireless survery from the general area for Pete's restraunt. NO WORK ORDER CREATED YET!!!!!!!!!!!!!!!!!!!!!!!!!, weekly meeting with Randy and rest of Engineering department/Administration team, vermont internet web site development, Located and emailed Marketing Materials to Tara, Showing Dave how to remove ''non-secure items" message from Wratten secure form (was an externally linked image causing the problem)., Rest. Reviews for ti.com, helped a few users with their email. helped a user with her modem, Penny Collette, Started out as a quiet morning but really picked up from 10am on, *energy initiatives development, Watertown Business membership drive and dinner -, registered domain for ingles performance, did initial paperwork for site, roserealty virtual email setup, email, voicemail, call backs,
