Blog Entry: 3/25/2006 4:28:17 PM
Your actually confusing me with the whole "joe bloe" thing and user access. I just do not get what you are trying to tell me. Perhaps you can explain in a less confusing way. Your just not technically explaining it andand thats what I need to know to possibly help.
As for the subweb thing you just can not do that. Subwebs have their own sets of application and session variables. An ASPProtect installation and any pages you protect with it are required to be in the same "application" in IIS. Sicne subwebs have their own "applications" in IIS that won't work. It is the nature of "forms based authentication" A sub web is alo considered by our licensing to be a seperate web site and ASPProtect is licensed per web site.
As for breaking pages.. you really shouldnt be editing any pages in the admin area as you will break them unles you are very good with ASP. (does not sound like you are..no offense meant at all)
Pages in the "users" folder are less complex and it is usually ok to edit them carefully.
http://www.powerasp.com/content/hintstips/common_sense.asp
Pages of your own that you password protect can still be edited in your usualy way though without effecting anything.
Truth is if you back things up before you start editing how can you go wrong ? That's how you learn. , yup. that is correct... they can't log in so they can't see any pages you protect
its the nature of forms based authetication ,
You really should check out the documentation regarding the config file before you go any farther.
If the server supports ASP.NET you do not have to spend any money to have real fast loading thumbnails.
Also, licenses of ASPImage only cost 69.95 and regardless any quality host supporting ASP should have one of the 3 supported resizing components installed or else you should consider a better host like www.alentus.com Places like that have good hosting prices and give you access to 3000.00 worth of 3rd party asp components.
, Well I still haven't gotten it to work yet completely. I tried to import the users again and it imported some, but timed out again. Trying to log in takes forever...ready to jump back on this one?, Christopher,
I can empathize. It can be a real pain to stablize a server and fend off hack attacks.
As for beta testing, I was referring to once you get to the point where you're ready to release it to the public whether it's this month, next month, etc.
Good Luck!
Al , Help!.. I need to export the username and password fields to a mail merged letter so everyone knows their username and passwords. However whenever i access the database or do an export. The passwords showup as encrypted. Is there a way to access the list, un encrypted?
thanks , well, for now you have to watch the logs. What your talking about would take up a lot of server resources and database space to keep track of. Maybe some day, but no plans at the moment., It sounds like permissions... to the database folder specifically
they are not correct
It could also be that your odbc drivers are very new and you are not using a new enough version of the access Database. I recommened using the 2002-2003 verison of MSACCESS
Now.. if using a SQL Server Database permissions to certain tables are handled in enterpise manager cwilliams38303.5892708333, did anyone find a way to get the descriptions to show under the image yet?
, Lastly, I put there information here to help, but please don't ask me any questions about it.
I am not microsoft SQL server support. If this doesn't work for you simply start troubleshooting and doing google searches like I do. , I didn't think that was it, but just to prove, I just viewed the same album from 2 different IP's. It did not increment the "hits". , Not sure how to response.write the session variable, (Password_Email_Confirmation_Mod) for ASPProtect Version 7.x
This will change the basic registration pages so that the email address and password entered must be confirmed when signing up. This eliminates the auto generated password during signup.
Some may prefer it working this way.
Directions:
Back up your existing ASPProtect installation.
Copy the two new files into your "users" folder
"register.asp"
"add_new_account.asp"
2005-12-01_182201_Password_Email_Confirmation_Mod.zip , I do not have any programming knowledge and have what might be a simple question.
I am having a hard time getting my hosting company to modify the rights on the data folder. They state they support ASP and access databases however this is the response I got when I requested the modify permissions set for the internet guest account:
Were the rights changed on the data folder? No, we do not manage rights to folders.
My question to you is: Doesn't supporting asp require those permissions be set on the database folder or can asp (not just aspprotect) work without those rights modified?
Thanks , Whenever you are running software that can block scripts from certain things you are going to have issues like this.
I imagine many complex asp scripts you will download will do things like this as well.
A highly doubt it is anything to worry about regarding people that use your site.
ASP code delivers standard html to the browser... nothing weird goes on as far as that goes.
This system has been sold for 6 years and this is just not something to worry about. Trust me.. though you may want to tone down black ice so it doesn't give you issues as it tries to block various things.
If I were you I would do some google searches on black ice and issues with it blocking asp scripts.. etc etc
Now, if you are running black ice right on the server that a whole other story and something you as a server admin need to decide what to do about. I doubt that is the case as black ice is not probably suitable for a commercial webserver but I just thought I would throw that out there. , thanks for posting this... Since "private" is the default setting from what I read and setting it to "public" cured the issue chances are leaving it at "public" is the way to go.
http://msdn.microsoft.com/library/default.asp?url=/library/e n-us/iissdk/html/33f2780a-eee8-4601-84b7-b489e4c756df.asp
http://www.w3schools.com/asp/prop_cachecontrol.asp
ALSO: since you are one the few people that has ever contributed anything helpful to the forums I am going to reward you with a free copy of the password expiration mod. I am sending you a PM with the download info. , I am trying to import a database into my list of registered
users. When I go the import_export_manager.asp page most of the
content is missing. All that appears is the first 2 lines of text
and a box. The rest of the page is blank. I have tried this
under 5 different browsers on 3 different machines and on 2 operating
systems. I also ftp'd the original .asp file with no success. Any
clues?
, What other information do you have ?
Details are very important.
Info on situations where it works... like OS, browser version.. etc etc
Info on situations where it does not work... same stuff
size of the PDF files ?
server info ?
Maybe protect a page and offer a PDF file so myself and some of the forum users can try it and report back what happens.
Also, Many people zip up PDF files when letting people download them as browsers can act pretty odd at times with them. Perhaps that is an option. , a. Sorry for the missunderstanding
b . Im running XP pro and done what was explained
c. The iis stops responding - Till I make iisrest
thanks
Ran , Thanks for the quick reply!
I was thinking it was an ASP config/install issue.
I usually deal with Linux/PHP, so this is all new to me :) , ok, [QUOTE=cwilliams]Humm, Did you make any changes to the code ?
Solid Black is not the default so it must have changed at least once.[/quote]
I did change the top_logo.gif and the associated link. That was on the default page not the Solid Black skin which is unchanged. After downloading/uploading the skins I tried changing it to one of the Beach skins and that's when it changed to Solid Black and has been stuck there ever since.
[quote]Otherwise it might be some sort of application variable problem.
I would make sure the web is and "application" in the IIS console.[/quote]I don't have access to the Microsoft IIS console as this is a host site. I can access the site's "control panel" but it does allow for those type of settings. Mostly just permissions, DSN entries, etc.
Thanks.
Al , More Upgrade Info
To upgrade an existing ASPBanner system please follow these steps.
Back up your old system completely before starting.
Install the new system per the installation instructions that came with it.
Once it is running simply use your old ASPBanner database with the new system.
You may also want to keep your banner images folder from before in the same location so your existing banners still link to valid image urls because the new system stores banner images in a new location.
Since the config table in the database is no longer used you will need to go to the settings screen of aspbanner again and configure things. The config table in your old database can be deleted or left alone. It won't be used anymore so it does not matter either way.
That is all there is to it. If you have any issues please ask in the forums and we will help you out. cwilliams38211.7525231481, ok, I am going to do that in the next few hours. I cant do it right now as I have a few other business's and something else needs my attention right now.
Chris, Chris,
Thanks for the reply. It all makes sense.
I have gone with your first option but here is the problem:
I have moved the password protected page from the detail page with the
querystring to the straight .asp page. This obviously fixes the
previous error.
Once someone has logged in they are then presented with a list of links
to the previously protected pricelist detail pages (example -
"somepage.asp?ID=3""). They are then able to access the pricelists.
The problem is that if someone copies the pricelist URL they are then
able to pass it on to someone else and bypass the password protection.
If I also password protect the pricelist pages then someone will have to login twice.
Is there some code that i can add that will simply check that they have
logged in otherwise kick them back out to the protected .asp page.
All code in your documentation tends to open the login page regardless of whether you have previously logged in.
Thanks,
Stuart
, I have ASPPhotoGallery installed. Everything has been working great for some time. Suddenly, for no apparent reason, I am not getting the "Hits" incremented when a user opens an album. It works when an administrator is logged on. Does not for any anonymous users. Everything else seems to work fine. Again, this used to work. Any ideas. , Connecting user is dbo of database.
User_ID is primary key with auto increment identity.
SQL Script of current table:
CREATE TABLE [dbo].[Security_Users] (
[User_ID] [int] IDENTITY (1, 1) NOT NULL ,
[First_Name] [nvarchar] (100) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Last_Name] [nvarchar] (100) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Company_Name] [nvarchar] (100) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Username] [nvarchar] (75) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Password] [nvarchar] (15) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Access_Level] [nvarchar] (30) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Notes] [nvarchar] (1000) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Admin] [bit] NOT NULL ,
[Active] [bit] NOT NULL ,
[Expiration_Date] [smalldatetime] NULL ,
[Email] [nvarchar] (100) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Address] [nvarchar] (100) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[City] [nvarchar] (100) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[State_Province] [nvarchar] (100) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Zipcode_Postal_Code] [nvarchar] (20) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Phone] [nvarchar] (20) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Counter] [int] NULL ,
[Last_Access] [smalldatetime] NULL ,
[Login_Limit] [int] NULL ,
[Custom1] [nvarchar] (255) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Custom2] [nvarchar] (255) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Custom3] [nvarchar] (255) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Custom4] [nvarchar] (255) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Custom5] [nvarchar] (255) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Custom6] [nvarchar] (255) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[ValidateEmailCode] [nvarchar] (50) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Date_Created] [datetime] NULL ,
[Validated] [bit] NOT NULL
) ON [PRIMARY]
GO
ALTER TABLE [dbo].[Security_Users] WITH NOCHECK ADD
CONSTRAINT [PK_Security_Users] PRIMARY KEY CLUSTERED
(
[User_ID]
) ON [PRIMARY]
GO , This is great documentaion for windows script 5.6
in windows chm file format for jscript and vbscript.
We use server side vbscript in all our our ASP 3.0 applications so this info can be a lot of help.
2005-02-18_150921_vbscript_docs.zip
cwilliams38401.6321990741, Turn off "Show Friendly HTTP error messages"
If you are getting errors with your ASP application go to Internet Explorer and make sure this setting is unchecked. Having this checked can cause a generic error to be displayed in you web browser when ASP code encounters an error. This generic error message doesn't really help you fix the problem. Having this setting unchecked will usually result in a more detailed error message and the line number the error is occurring at, thus giving you a good clue as to where the problem is within the ASP code. If detailed ASP error messages have been disabled at the server level this setting will make no difference. cwilliams38084.7513773148, I just got home from a lonnng trip.. I will try to answer this 1st thing in the morning.
CJW, I will actually explain how to set access_levels and/or groups...
in "users/add_new_account.asp"
carefully edit with a text editor
find this part
CmdAddUser.Fields("Access_Level") = "4"
that is where the acess level gets set...
you can change the level or remove that line all together if you dont want one set
now for groups you would add this line in the same area
CmdAddUser.Fields("Groups") = "*3*"
or
CmdAddUser.Fields("Groups") = "*1*,*2*,*3*"
Groups access for a user is stored in one field in the database like you see above. If you are confused what you should be saving in that field I suggest simply setting a user to whatever groups you want via the admin area and then looking in the database to see what got saved in that field. It's pretty simple really how they are stored.
*1*,*5*,*9*
that user would be a member of groups 1,5, and 9 , Great suggestion, routing the banner click through an intermediate page before the destination. We use Deepmetrix LiveSTATS.xsp V7 and I should be able to configure a filter to capture the stats of the intermediate page.
Thanks for the help!
Lance , That's excellent!
I did learn that parent paths were disabled on my test 2003 server...
But on the hosted server, it looks like parent paths are supported as I change the file location of the language file in the forum common.asp as such, and obviously moved the file as well:
from:
<!--#include file="language_files/language_file_inc.asp" -->
to:
<!--#include file="../language_file_inc.asp" -->
Everything seems to work fine and I thank you very much for you quick response!!! 
Ok, time to buy...thanks again!
- Jason
, Can ASPClassifieds display the ads by city?
I have a web directory that lists websites and companies by city. Is it possible to have specific ads shown to the user depending on what city they click on? For example, only ads in New York would be shown to users that have already clicked on that city in my directory.
thanks, , How can I make so it goes to certain webpages if user enters valid username and password??
I suppose user enters its information on check_user_inc.asp page, and username and password are stored on SQL database.
Thanks
, i've got a client who has handed me a 151 character banner URL, and i see that the database is designed to take 150 characters. i took the obvious step of just increasing the size of that text field in the database, but i still get this error when i try to enter the URL in the proper form field:
Multiple-step OLE DB operation generated errors. Check each OLE DB status value, if available. No work was done.
/banners/aspbanner/save_banner.asp, line 200
now, line 200 is just this:
If Banner_Link_URL = "" THEN
CmdEditBanner.Fields("Banner_Link_URL") = NULL
Else
CmdEditBanner.Fields("Banner_Link_URL") = Banner_Link_URL
End If
which tells me that something is blocking the assignment of that long value to that field, even though i believed i had extended the length of that field in the source database.
where else might i look?
, you can whatever you like but like I said those gif files are already in the correct place. The log parser is messing up. , Kurt,
There really is no default width in general.
The thing to remember is that the default.asp page includes a lot of different pages.. and some of those pages also include pages.
Now all of this gets wrapped by the header and footer include files so in a sense what you do there can effect everything inside to a certain degree.
Now there are some widths set here and there for different tables and what not on certain pages, but its really the kind of situation where you just have to dig around in the code and experiment until you eventualy find what you are looking for and get the desired result.
I'd love to tell you there is easy way to just set a width, but it is not that simple.
Maybe someday it will be. Just not in the current version.
CJW , I'm getting this error when I try to login:
Active Server Pages error 'ASP 0131'
Disallowed Parent Path
/gallery/users/login.asp, line 19
The Include file '..dataconn_inc.asp' cannot contain '..' to indicate the parent directory. , (User Search & Contact Mod) for ASPProtect Version 7.x
This will allow an individual user to search for other users as well as email or call them.
Notes: This is a down and dirty mod. The users page from the admin area was used as a starting point. I then edited it up real quick to be used as a user search. The way it is it shows the user email as a regular email link. If you want to set it up so emailing is done from the application and emails are not actually shown you will have to do some extra work. If you don't want phone numbers shown you will have to remove that column which is not very difficult.
Directions:
Back up your existing ASPProtect installation.
copy "search.asp" into your "users" folder
2006-03-10_143253_User_Search_Contact_Mod.zip
Direct your users there. They will have to be logged in to view the page.
WARNING: This has not been extensively tested for SQL Injection attacks.
I think it is perfectly fine the way it is by looking it over quickly, but use it at your own risk.
,
Timecard Entry: 3/25/2006 4:28:17 PM
sitting with Randy as he worked on the Hogansburg cisco problem......having issues with Logical Net....he rebooted it and it the frame didn't come back up.........off to Hogansburg we go., Took general tech calls, watched RADLOG and called expired users, Checked -ask Question and Checked voice mail., technical support supervisor duties. helped techs with issues, maintained and managed --- qlight, radlog, new user call backs, expired user call backs, dial up issues, ask us a questions, voice mail, emails, emonitor, NOC calls, follow ups on noc and customers, customer calls in, calls made out to the customer, radlog, open incidents....and helped with the new phone system taking incoming calls, sign ups, some phone, entering info, Meeting with KV about Syracuse Business Fair. LM for Kathleen at center stage about internet access. , dms translations, slower afternoon. , lunch, Working on creating wo for TICC and getting three servers ordered from dell, also working on auto responder code, rewiring the network management panels with Randy, Gisco.cashflow, Filing, cleaning email, etc, TICC Team Mtg, research Flash designs for Vermont Internet portal site, work orders, usa1net.net, travel to pick up rental car then pick up Howard at his home. Travel from his house to the Hotel in Ottawa Canada, cfm foods web site consultation, lunch at ob's, Watertown to Oriskany - 88 miles, checked modems, Dr. Appt - I have an ear infection... :(, work on makeing sure everything is ready for cutover of www.gisco.net, Helping dave with learning some asp and fixing realrockfm poll site, steady afternoon, recieved deliveries of new equipement, Vermont Internet public site: dhtml and content development, pull pd invoices to clear file, LEARNING NEW! ADOBE PHOTOSHOP 5.5 AND IMAGEREADY, email/voicemail, meet with mark f,
|
