Hello -

Believe it or not I finally can access the photogallery. You were right Chris regarding the unzipping of the files.

Now onto the next challenge! I have set up three categories and proceeded to create a test album. I uploaded a couple of pictures (yeah that worked!!!) but the album does not show up on the default.asp page under the category.

Please advise -
Rhona (rookie)

I have a user who is trying to login. However, I am getting a error that I can't seem to find.
Username: executive.barcheski
Password: executive@amcpc.com

Encrypted Password: �?=�`م�

Error on check_user_inc.asp line 114

If (Request.Cookies("PASSWORDSYSTEMCOOKIE")("KEEPMESIGNEDIN") = "True") And (Request.Cookies("PASSWORDSYSTEMCOOKIE")("COOKIE_USERNAME") <> "") And KeepSignedInOption And Status <> "Checkem" Then
CheckUserSQL = "SELECT " & tbl_label_users & ".* FROM " & tbl_label_users & " WHERE (Username = '" & RC4(Request.Cookies("PASSWORDSYSTEMCOOKIE")("COOKIE_USERNAME "), CookieEncryptionKey) & "') And (Password = '" & Replace(RC4(RC4(Request.Cookies("PASSWORDSYSTEMCOOKIE")("COO KIE_PASSWORD"), CookieEncryptionKey), PasswordEncryptionKey),"'","''") & "')"
Else
CheckUserSQL = "SELECT " & tbl_label_users & ".* FROM " & tbl_label_users & " WHERE (Username = '" & Username & "') AND (Password = '" & Replace(RC4(Password, PasswordEncryptionKey),"'","''") & "')"
End If

CmdCheckUser.Open CheckUserSQL, ConnPasswords

error received: unclosed quote after '�?=�

Any ideas

Jason Johnson

Chris:

I just got done trying it myself and it worked great for me too. I was aware of the security issue, but I'd already planned on using SSL for this particular call, as well as for the secured pages accessed through the normal process, so the bad guys will be kept at bay.

Thanks for the help.

did you fix it because I see all the pictures just fine ?

http://mcintoshcounty.org/real_estate/view_item.asp?Ad_ID=1

I am converting the email over from CDONTS to CDO so it will run on my host 2003 server.

What files should I be concerned with?  Under gallery_admin there is an email_user.asp and  under the main gallery folder thier is an email friend. Is there an other email routines I should be concerned with?

Thank You for your Assistance.

Jeromy

I need a point or a little insight please.

I need to get information from a credit card authorization called netbilling. I have been looking at your code for PayPal and 2 checkout. I have a feel for the code flow and the relationships of the "includes" .

I have been doing a lot of reading in my books and am seemingly twisted around the axel. I am not expert in ASP I am better in VB. I am not afraid to write code I am just a little nervous about messing up existing relationships.

My plan is simple: code a page to open the database and populate the database fields from netbilling and convert their field name to yours in the database.

I appreciate your time and insight. As in the past I need your help again.

Thanks

Christopher

Found this but I dont really know what to do with it or even if its the right thing.

<%
'=========================================================== ==================='

' Application:     Utiity Function
' Author:          ; John Gardner
' Date:         & nbsp;  20th December 2004
' Description:     Used to check the validity of a postcode
' QueryString:     None
' Version:         V1.0

' Required routines:        &nb sp; None
                    
'----------------------------------------------------------- -------------------'

function Check_Postcode (byRef strPostcode)

' This routine checks the value of the form element specified by the parameter
' for a valid postcode.

' The definition of a valid postcode has been taken from:
' http:'www.royalmail.com/docContent/other/Downloadable_Files/ PAF_Digest_Issue_5_0.pdf

' If the element is a valid postcode, the function value is returned as TRUE
' and the postcode is returned in uppercase with the separating space in the
' right place.

  Dim strPostcodeRegExp(2)   ' holds the regular expressions for valid postcodes
  Dim intCount        &nbs p;      ' For loop counter
  Dim strPostcodeCopy        ' Copy of postcode
 
  ' Variables used to hold regular expression object  
  Dim objRegExp, objMatches, objMatch
 
  ' Expression for postcodes: AN NAA, ANN NAA, AAN NAA, and AANN NAA
  strPostcodeRegExp(0) = "^([a-z]{1,2}[0-9]{1,2})([0-9]{1}[abdefghjlnpqrstuwxyz]{2})$"

  ' Expression for postcodes: ANA NAA, and AANA  NAA
  strPostcodeRegExp(1) = "^([a-z]{1,2}[0-9]{1}[a-z]{1})([0-9]{1}[abdefghjlnpqrstuwxyz]{2})$"
 
  ' Exception for the special postcode GIR 0AA
  strPostcodeRegExp(2) = "^(gir)(0aa)$"

  ' Copy the parameter and convert into lowercase
  strPostcodeCopy = Lcase(strPostCode)
 
  ' Assume we're not going to find a valid postcode
  Check_Postcode = false
 
  ' Strip out spaces
  strPostcodeCopy = Replace (strPostcodeCopy, " ", "")
  Check_Postcode = False
 
  Set objRegExp = New RegExp
 
  ' Check the string against valid types of post codes
  For intCount = 0 to Ubound(strPostCodeRegExp)
 
    ' Check next pattern in list
    objRegExp.Pattern =  strPostcodeRegExp(intCount)
    If objRegExp.Test (strPostcodeCopy) Then
   
      ' Post code found. Ensure input parameter is in correct format.
      Set objMatches = objRegExp.Execute (strPostcodeCopy)
      Set objMatch = objMatches(0)
      strPostcodeCopy = Ucase (objMatch.subMatches (0)) & " " &  Ucase (objMatch.subMatches (1))
     
      ' Show that we have found the postcode
      Check_Postcode = True
    End if
  Next
 
  ' Ensure that the uppercase postcode gets returned if valid
  If Check_Postcode Then strPostcode = strPostcodeCopy
 
End Function
%>

regards

John

Permissions and Folder Locations

By default and to keep things clean we store everything in folder called "data"

That folder then has it in 4 sub folders

database (where the .mdb and temporary .ldb files are handled)
export (where the aspprotect export files are saved)
logfiles (where the aspprotect logfiles are saved)
user_pics (where the user pictures are saved)

Doing it this way makes it very easy for a system administrator to right click on one folder and set permissions for that folder and all of it's child folders.

Now, that being said.. you do not have to use these folders.

For example if you already have a folder in your web with modify permissions for the anonymous webserver account then you can use that one folder to store all of the 4 things above.

You'd simply edit your data connection string to point to that folder and then edit the other paths in the settings area of ASPProtect.

We did it that way so you would have options in case your hosting company was being difficult with your ASP hosting needs.

MSACCESS 2000

server: windows

option pack: yes (after the install I have this problems with groups and edit users )

host permissions: yes

MESSAGGE:
Active Server Pages error 'ASP0113' Script time out/password_admin/groups.asp The maximum amount of the time for a script to execute was exceeded. ...

OK, well, that error is pretty self explanatory really. There isn't anything else it could mean.

What you showed me in that screen shot all looked correct, but still permissions to that file just can't be correct. The paths are correct. The path to the file looks correct. The ASPNET (ASP.NET) account looks correct.

I would try settings permissions directly on that XML file. Perhaps child permissions did not go through the way you intended. (the advanced tab must be used for that) If that doesn't work try giving ASPNET and Everyone full permissions on the file directly.

Possibly check the paths in the web.config file just for the heck of it.

Last case scenario, you can edit that XML file directly instead of using the screens in the application. Of course if that file does not have correct permission chances are other things like log files will give you issues as well.

That is all I can think of right now.

Thanks very much for the tip. I'm a beginner with all this stuff so forgive me for the inate stupidity!

By the way, I think the system is great and I am very pleased my purchase.

ok...

you got problems if you cant import a file created by the system..

You using SQL or MSACCESS and do any of the users data have apostraphes in it ?

I checked the option pack code as well and it looks correct.
I tested it and it acted as it should.

You can see it in active at the live demo
http://www.aspprotect.com/demo3/demo.asp

admin
test

go the the admin area.. you will notice 3 users with level 4 access
1 of them is inactive

then go to the mass email area and pick   active and level 4
it will say it is sending email to 2 users which is correct

then go to mass email again and pick level 4 and inactive
it will say it is sending email to 1 user which is correct

choose any status and access level 4 and it will send email to 3 users which is correct

When you do this please realize you can not choose a group as well.
That will cause a problem because you can not choose a group and an access level at the same time.


Anyway... perhaps you can private message or use the contact us form and and let me take a look at your system. Since I can't reproduce the behavior that is the only way we might figure this out.

No can do.  In both cases there is an icon that says "Not uploaded".  I click in it and nothing happens.  There is no link to upload.  Am I missing something?

By the way, I appreciate and am impressed with your rapid response. Thanks.

recent activity infomation is temporary and mantains itself per application start up.. when the web application restarts for whatever reason the info is reset

a reboot, an iisreset on the server, application pool restarts, etc etc
this is done because if that info was saved in the database your database would get huge real quick

logfiles however do not do that and are permanent

I purchased and installed the full version ASPProtect 6.0 in Feb 05 (must have been just before 7.0 came out) and have been using CDONTS for email authorization during the registration process.

It was working fine for about three months. Now, after registering, the  email  authorization is NOT delivered to the new registrant. There are no error messages.It just doesn't arrive.

Any thoughts on the subject would be appreciated.

I would also double check that you changed the field size correctly and on the correct database that is being used in the connection string

as far as sql goes if you follow the instructions with give for setting up a new database you shouldnt have any issues and permissions should be already set. because we handle that in the sql script we give you.. "its a good thing to look at and it is pretty easy to understand what is going on""

however using another account could cause permissions issues.."yes, even sa"     basically the username your using needs datareader and datawriter permissions to all tables used by the photo gallery system and you probably have to go specifically set them usin ght e security tab for your database in enterprise manager. This is more of SQL server 101 than anything to do with the Photo Gallery Code so I am not going to get into it too deeply, but that is definetly the issue.  Permissions...

Hi,

I wanted to see if you had any suggestions for converting from Access to SQL sever database. I attempted this earlier today performing the following steps.

1) Create SQL Tables using Enterprise Manager / SQL Scripts
2) Use DTS to move all of the existing table data to the sql tables.
3) Update dataconn_inc.asp to use SQL and the required connection string.

When these steps were complete I was able to login to ASPProtect as an admin and search / find both groups and users. However, any attempt to edit or create users resulted in a "the page ... had a problem ... " type problem. It seems that I can read from the db fine but and getting errors writing to the tables. The user id that is being used to connect to the db is the [dbo].

Any additional hints for this procedure?

Thanks

Darrell

actually  I just went to it again and it was somewhat slow coming up this time..

perhaps you have some issues with the sql database.

it should be instant.. like this one I run on my server
http://banserver.powerasp.com/aspbanner/

I suppose it could also have something to do with sql server resources but its hard to say..

A question.  Does this apply to all areas of the application.  I have recently uploaded 50 photes.  But when I look at the site from the url, I have X where the picture should be.  Now, if I look at it though the localhost, I see the pictures perfectly.

Banners no longer show up on my site ?

If banners were working fine and now they are just not showing up.
1st check to see that you are calling a valid zone with live banners in it.
If you are then most likely this it what hapened.

The web server must have crashed or lost power and now the application variables are in limbo/not working.

I have seen this happen 3 times. Twice on my own server when the power went out for 2 hours and once on a customers server.

Basically the application variable system gets all messed up because it was not shut down properlly.

The ways to possibly cure it are as follows.

Edit and save a banner in the system. Hopefully that gets things going again.
If not... keep reading for the more drastic cures..


Go to the command prompt on the server and type "iisreset"
Sometimes that is enough.

Reboot the server.
Sometimes that is enough.

Stop the web in the IIS console.
Sometimes that is enough.

Stop the individual processes for each web in iis
"you must really know what you doing and be very careful about doing this"

Remove and recreate new applications in IIS for the web in question.


And sometimes it just takes a combination of the things listed above and a few reboots. I don't know the best way to cure it but I do know why it happens and the steps listed above can get things back on track.

Again, this is because the server lost power or crashed as far as I know.
It was not allowed to shut down properly which sometimes happens.

You'll know things are ok again when you see your banners show up on your site.

I think I've found the problem..

The password "abcdefgh" works

The password "abcdefghi" does not

(username "ace45")

Passwords can obviously only contain up to and including 8 characters... By some coincidence I only used short passwords with MS Access.

How to bring up the Code Generators

Simply go to the zones screen.
Select a Zone from the list.
Check the "Show Banner Code" option.

Click on "Display Banners in Selected Zone"

OK, I just spent like an hour in your site.. I almost gave up

1st off... I don't know what FTP Program/Settings or what OS you are using but all the ASP Protect Files had been reformatted in a odd way which was causing some issues and the database also had problems. Your somehow introducing all sorts of UNIX line breaks to all the files and the database was actually missing some crucial parts of itself and was corrupted. So I had to update everything which means a new database. I have never seen anything like it but I fixed it all. Its something you are doing but I do not know what. Maybe your unzipping method again ?


So to get back into the admin area...

admin
test

Now, the reason  the albums were not showing is because you are using the ole connection string which causes problems like that. However because you host has like the worst setup ever with that network path crap for the site that was the only connection string that would work for some reason.

I highly suggest a new host with a proper setup for running ASP. www.alentus.com
Your hosting companies setup is horrid as far as I am concerned.
Access Databases are not meant to be connected to via a network path.
http://www.aspfaq.com/show.asp?id=2168

Anyway, I rewrote some of the code because of the ole connection and got the albums showing up for you.. who knows what other problems that OLE connection may bring up in the future.. for now things I tested seem ok.

As for your broken image in the your header/footer...  You cant link to images and links using virtual pathing in those includes because the files are called from different directories and will work in some and not others

so when your in the root you see the image, when in a different folder you see a broken image

In other words.

link to

http://www.vickerylightning.com/gallery/vickery_template5_r2 _c1.jpg

not just

vickery_template5_r2_c1.jpg

The same goes for hyperlinks.. use the full url paths


Whatever you do...Back up the gallery folder with my changes before you go doing anything.

Hi,

First and foremost, a great product. I downloaded it last night and it took little effort to get it up and running

.....now a little question...

Has the software/code been tried out on a Mysql db and if so did it work?

The reason I ask is that my website is very busy (1.5million page views per month avg) and I'm considering converting the ASPBanner Access db to a Mysql one to help handle the traffic. For every page view one banner impression is being made which means that the Access db is under a bit of pressure

This afternoon there were 1012 simultanious users on the website and it froze with an error message displaying where the banner should have been (I didn't quite catch the message but something to do with the banner script timing out). I'm not sure if the Access db had something to do with it but it seemed too coincidental. Rebooting the server cured the problem but obviously kicked off the visistors as well
At present there's 668 online and no problems so I'll have to monitor it to see how it goes but if anyone can answer the Mysql question I'd be grateful

Thanks,

Dave

Yes worked fine

thanks

This is the 1st time anyone has ever told me they had any issues with the import process so I need more detailed information.

What upload component/method are you using ?
Are you using an image resizing component ?
Have permissions been set on the import folder ?

And lastly..
Can I see this happening ?

If not please put it on a live server where I can troubleshoot it for you.
Like we say on our site.

In some cases in order to receive proper tech support your application will be need to be installed on a live server on the Internet. We simply cannot troubleshoot all issues when the application is only installed on your local machine. We also may require access to your server in order to troubleshoot any issues.

I am having problems with a password a user wants to use.  He wants HANNAH.  When he (or I) try to log in with his username and password, I get a syntax error  -

Syntax error in string in query expression '(Username = 'changedforsecurity') AND (Password = ' �G'.
pathOnComputer../1protect/check_user_inc.asp, line 114

I've obviously changed the username and the server path in the info above for security. 

I have not messed with the encryption.   

What is it that the system doesn't like in the word HANNAH as a password?  I would just change his password for him but this guy has enough trouble just turning the computer on!  Confusing him with a new password would take weeks to set him straight. 

Thanks,
Mick

that wont work the way you did it because groups are not stored like like.

groups are stored "*1*"
or "*1*,*9,*"

so if you test for them you must do so using the InStr function of vbscript

example:

If InStr(Session("Groups"),"*1*") Then
    ' do whatever
End If

also.. as for the session variable
it should be    Session("Groups")

And in Version 6.... (its all ready to go in version 7) that session variable must be saved in the check_user_inc.asp file near where all the others are saved. If it is not there by default "I dont remember if it is or not" you have to add it like so near where all the others are saved

Session("Groups") = CmdCheckUser("Groups")

If you are wondering if it is being saved correctly you can always response.write out the Session("Groups") to see if it holds a value

I set the max image width to 1000; previously it was null. Now I'm getting server errors:

page not found, then, service unavailable (the page is there). But in a new album, the images imported fine and it seems to be working now, despite the IIS issues.

I think my host restricted the amount of memory and resources my site is allowed to use.

I dont know. Perhaps a fresh installation in a new folder would be a good idea as well if possible..

for troubleshooting sake..