Blog Entry: 3/25/2006 4:34:08 PM
Yes, that worked... 
, Cool.
Well I'm in the middle of uploading the txt file and it's about half way done and sitting there...so I'm keeping my fingers crossed.
,
Can you be more specific on the javascript I should look for? Can it be combined with ASPBanner?, Ok.. glad you got it working., Noted:
I actually did not think you did.
As far as debugging goes.. thats all built into visual studio.net.
There is a tag you edit in the web.config file to enable project debugging
http://support.cjwsoft.com/code/moreinfo251-1.htm
Like I said though for changes to ASPProtect.NET I'd start off from scratch and stick with vb.net... using the visual.studio.net interface is not really vary hard to remove and change things you dont' need even if you are a C# coder. Especially simple stuff like you mentioned.
, Well, I assumed I'd be able to tweak this thing but it is all so intertwined it doesn't pay to mess with any of the files. Hence, I'm going to have buy a different system only a week or two after buying the unlimited version here.
As I leave I want to give you some impressions here. While the system is low-cost, the 99 dollar version is missing a few pieces that I think would bring the value to 99. It is one thing to talk about the speed/performance, but to a degree that's hard to measure, and to anyone with web advertising on their site, performance will always run second to potential site income.
It definitely needs a user interface and registration for advertisers, and it definitely needs a single variables file for changing the hundreds of variables for which there is no control. I had to search on my own just to change the look and feel.
Lack of multi-zone support is a serious drawback. I would submit that anyone with a serious website needs it, and will gladly pay you 139 over 99 for just that one feature.
Take them or leave them, they are just suggestions.
, I would like to change this file name to the typical Login.aspx, how to do this? I have a VS 2003 but need instrutions if that's the route to go., Hey, I thought I'd share this tip with the ASPProtect community...
If you'd like to remove, modify, or add fields to the "Users" view in
the password_admin default.asp page, it's really easy to do. Well, at
least it was for me. I'm using an MS Access database, by the way.
For me, I don't need "Company" info, but I do need last access and # of
times accessed displayed. Therefore, I had to change the default page
in three areas:
In /password_admin/default.asp, go to about line 185 or so, where you see stuff like:
[code]<td valign="bottom"><font face="Arial" color="#000000"
size
="2"><b>First Name& lt;/b> </font></td> [/code]
OK, those are the column headings. Each one corresponds to a column
from your USERS table in your database. There are two more areas to
consider, both of which appear immediately after this section.
The next section has statements that look like this:
[code]<td valign="bottom"><a href="<% =THISPAGE
%>?SORTBY=First_Name+ASC&MyPageSize=<% =MyPageSize
%>&Keyword=<% =Server.URLEncode(Keyword)%>"><img
border="0" src="../images/sort_ascending.gif" Alt="Sort
Ascending"></a><a href="<% =THISPAGE
%>?SORTBY=First_Name+DESC&MyPageSize=<% =MyPageSize
%>&Keyword=<% =Server.URLEncode(Keyword)%>"><img
border="0" src="../images/sort_descending.gif" Alt="Sort
Descending"></a></td>[/code]
See the "First_Name" items? The first is for an ascending sort, the
second for a descending. This particular line corresponds to the code
snippet immediately above it. But all this does is handle the sorting.
For the actual data, look lower for this stuff:
[code] <td bgcolor="<% = Cellbgcolor
%>"><font face="Arial" size="1"> <%=
CmdListUsers("First_Name")
%& gt; </font></td> [/code]
It's a good ways down, so don't be impatient if you don't see it in 10
lines from the end of the last mentioned section. This stuff handles
the display of the data from the database (where else ya gonna get
data, anyway?)...
Now, to remove a field, you need to find the three sets that go with
that data. The ascending/descending sort is potentially the trickiest,
because it's the longest set of data and can take a number of lines.
Just clear it from the start td to the end /td and you'll be fine.
To *add* a field, copy and paste the code from an existing field and
modify it. In the first one, the column title, you can type whatever
you want to describe your info. Nobody but you and your admins will see
it. For the next two sections, though, you need to get the correct
column heading from the USERS table and use that to correct the lines
in the copied code you pasted in.
For example, when I added a column to show the number of times a user
logged in, I copied the above snippets and pasted them in where I felt
the column I needed should be. Then, in the first one, I changed "First
Name" to "Logins". In the ascending/descending snippet, I changed
First_Name to Counter. Same for the last snippet.
The result? A new column, showing the number of logins my users were successful with.
Of course, before you experiment, back up your existing default.asp file, JUST IN CASE.
Have fun!
, I have a very weird problem. At the top of the page, where there used to be
[Place Ad] [Classifieds Home] [Register] [Sign In]
now there is only
[] [Classifieds Home] [Register] [Sign In]
so the words "Place Ad" have disappeared completely. Can you please tell me which file in which folder would control this
, yup. that is correct... they can't log in so they can't see any pages you protect
its the nature of forms based authetication
, If I also password protect the pricelist pages then someone will have to login twice.
nobody should have to log in twice... ?
session variables keep track of access... once your in - your in and you can browse to and from any password protected pages you like
If it is making you log in each time then cookies are most likely disabled.. session variables requires cookies being on to work.. cookies being on is a requirement of aspprotect and is how Formed Based Authentication works..
let me know if that is the issue there...
you shouldnt have to be logging in more than once per session
Thats the whole point of the application...
, I have no idea.. perhaps PM me info on how to log into your site and reproduce the issue., Three questions here:
1. I am having a problem with characters being displayed properly when viewing listings. Some alphabet characters and punctuation characters do not display properly when viewing the pages.
Sample here:
http://www.hibari2.com/lanoitanretni/kokusai_profiles/view_i tem.asp?Ad_ID=102&CatLevel=2&Cat1_ID=3&Cat2_ID=& amp; amp; amp; amp;Cat3_ID=&Cat4_ID=&FromSearch=True&SearchPage =%2Flanoitanretni%2Fkokusai%5Fprofiles%2Fdefault%2Easp%3FCat Level%3D2%26Cat1%5FID%3D3
In the access database I was looking at the properties for the ‘Ad_Custom’ fields. Unicode Compression is 'Yes' but IME Mode is set to 'No Control'. I wonder by changing this to ‘Hiragana’ if will solve the issue.
Note: the essays are typed in English on computer with Japanese OS, and then pasted up. Even though they are typed in English, there are several setting that may affect the output.
2. I want to reverse sort order for listings instead of listing 4, 5, 6, 7, I’d like to sort 7, 6, 5, 4… Could you tell me which page has to be edited, and in simplest terms what has to be changed?
3. Also, I’d like to increase the default display of ‘items per page’ from 25 to 100. Could you tell me which page has to be edited, and in simplest terms what has to be changed?
Thanks
HIBARI38155.8447569444, Thanks Chris.
Yes i never actually considered that they should log in twice.
The site uses two main url and the cookie was being stored for only one
of them. I have fixed the double login issue by making changes to
menu to ensure that they are always logging only via the url stored in
the cookie.
Thanks for your hep,
Stuart
, Hello,
Yes, that is how it works. Unless you make modifications to the code there is no way to easily do what you are talking about.
If you design the site to be intelligent that scenario should never happen.
For example.. you should only be offering links to pages that the current logged in user has access to. You do this by checking the session variables and with simple if-else logic around your html links.
It requires some work but if you dont give them links to pages they dont have access to what you are talking about will not happen.
Here are some simple examples.
Here is an example using access levels.
<%
If Session("Access_Level") = "1" Then
' show links to pages that allow access level 1
End If
%>
And one for groups..
<%
If Instr(Session("Groups"),"*6*") or Instr(Session("Groups"),"*7*") Then
' show links to pages that allow groups 6 and 7
End If
%>
cwilliams38354.0786921296, can add photo album but after i upload a pic, nothing shows.
where do i look to research why pics aren't showing in the albums
,
Best setup I recomend is just setting up a rig and making a workgroup.
No real reason for a production machine to have any access to internal
security when you think about it.
classic asp should be pretty easy to move, just set up new webs and
dump the scripts in there. If you have 2 machines its always easier to
look at the one while your building the other. Basically copy the setup
and tada... the only thing you might need to remeber is components (if
your using any) and thats usually not a very big deal either.
Point sort of being at some point your going to have to change that
thing around and while its no fun you have to imagine now is a better
time to bite the bullet and get it set up the right way. Your
alternative is to mess around for hours and hours praying that you
change domain wide security to the point that running NET
apps on that domain controller works. Personally I wouldnt sleep well
knowing I had just messed around so bad with the OS that I had no clue
what bugs and security holes I might have accidently opened in the
process. I wont even get into the possible things that might stop
working on the rest of the domain if you fiddle with accounts like
"Network Service"
Oh and if thats not enough reason to make you think about it, consider
how hard it will be to try and rember what you did at 2AM 6 months from
now if that machine takes a dive or some critical update undoes what
you changed.
I feel for you though, trust me we have all been down that road once or
twice. Get some sleep and in the AM the task at hand wont seem nearly
as bad. You live and you learn, and you will definatly be WAY better
off making things right sooner than later
, thats a new one... I need some sort of error to go on..
No error ever ? It must eventually show something ?
, ok
, We would like to give a member an opportunity to upload an image when on their profile page. How does this work with the photo option on the settings page? Is this the intended usage? Thank You. , SQL server hotel ehh ? Humm that sounds bad whatever that is ?
Is that a real term or just something you named it cause they have like a zillion people using that SQL server? I have never heard of that name ?, Not really. The way I thought activity would work is that I would always see the last 50 users. Not sure what controls that and why I wasn't seeing it, but it sounds like it is an IIS thing and since my site is not all that busy, it will not show the users if some process has reset the numbers. Not a big deal.
As for the log files, I think it is related to my other question regarding the export directory. I have the ISP looking into things at thier end to see if they are doing anything that could cause the directories to disappear.
Thanks,
Dave
, Hello,
You'll need to find a validation function to test for it.
Either server side or right in the form via client side javascript.
I dont have any experience with validating zip codes here much less UK.
Google it would be my best advice.. or maybe find some free app written in UK format and see how they did it.
Good Luck..
And if ya find anything post it here if ya like
cwilliams38381.5607638889, There are 8 Access Levels by default.. they work like this.
http://support.cjwsoft.com/forum/forum_posts.asp?TID=166& ; ; ;PN=1
Access Levels exist in ASPProtect Version 7 for backward compatibilty for customers using previous versions.
Truth is Groups are the replacement for Access Levels and they are much more powerful and flexible. You can also make as many of them as you want in the admin area.
http://support.cjwsoft.com/forum/forum_posts.asp?TID=167& ; ; ;PN=1
On a side note:
We also coded ASPProtect Version 7 so there could technically be as many access levels as you wanted. It's not supported but if you really wanted more Access Levels you would carefully add more Access Levels to the drop down choices when you edit a user. "edit.asp"
I don't know why anyone would want to use Access Levels however when they can use Groups.
cwilliams38433.5546875, Hello cwilliams, and thank you for the fast reply.
Well, i have tryed with the ASPImage enabled and disabled, with the same results. I have used gifs and jpgs in the tests.
I have made some different test. Some with uploading the picture over an excisting picture and some as the first picture. Same results.
Everytime, it´s the 2nd thumbnail that won´t show itself, but the large picture will show, if you press the thumbnail.
I have tryed to look in the code (view_ad.asp), but as far as i can see, everything seems just fine ?!
I know, it wasn´t much help i could give you, but i think i have tryed all the possibilities.
Best regards, Erling
, ok, here is what is going on
you are password protecting an ".asp" page that requires querystring info to run correctly (example - "somepage.asp?ID=3"")
that is something I never intended anyone to do.. while it does handle and repass the querystring info along during successful login it does not re-pass that info during a failed login as you have found out
this is all by design.. the only reason the system re-passes the querystring info at all is because I wanted to make it smart for the sake of the remember me/cookie feature.. so if someone was using that and bookmarked a page deep in your site with querstring info...then when they went back to that bookmark they would get authenticated and still see the page as intended with the querystring info in tact
it was a nice feature never intended to handle any situations other than what I just described...
now...
notice the url in the browser after failing a login.. then logging in successfully.. it is missing the querystring info
that more than anything is what is going on.. browser caching can cause some confusion when dealing with this because the browser likes to return you to the page minus the querstring info... when that happens a simple browser refresh at that time may very well solve the problem and then you see the page you are supposed to see...
To avoid all of this...
One solution to this is to always start people logging in to an ".asp" page that has no querystring info. That way this won't happen. Once they are logged in you can then offer them links to the pages they need to go to. (you of course still want to password protect those pages)
Another solution is to log them into a page with no querystring info and then do a response.redirect to the page with quersytring info.. thus accomplishing the same thing but without the possibility of the issue because of a failed login.
Another solutions is to do checks in your asp page for missing querstring info.. and if it isn't there do something about it like send them somewhere else.. or display a message about there being an error... etc etc
So,basically you don't want to tell people to login into such and such page with querstring info... and providing a username and password..... You can do it but like you found out it can cause an error if they mess up logging in the 1st time. The system just was not designed to handle that. There are complex reasons for that involving security that would just take me too long to explain.
I hope this makes some sense to you.. it is very hard to try and explain
, I am running .asp pages and using the longer code method to display flash banners on my site.
I have noticed a considerable decrease in the loading of my index page when I have a banner called. When I remove the banner, all is fine.
Any suggestions?
Dave
,
Error when click on banner. (I remove on error resume next in config_inc.asp)
The conversion of a char data type to a datetime data type resulted in an out-of-range datetime value.
banner_redirect.asp, line 36
Database - MS SQL Server.
Gignutyi38368.5403935185, that really does not make any sense...
I dont know what else to tell you as this really shouldn't be anything too difficult to sort out...
redirection based on criteria is not something aspprotect does by default... I try to help a bit... I've shown everyone how to do it in this thread...I know plenty of people doing it... I've done it myself... I know it works
let me ask you this... are you using ASPProtect 6 with the Option Pack ?
I assume you must be or you would not have the Groups feature ?
And you asked this question in the ASPProtect 6 section.
but then maybe your using 7.. I do not know
this should all work the same either way
, Ok, if the link to the import/export screen does not show up its probably because you never put the import/export path in the admin settings?
go check that for me.
cause running that page without a path for the files could cause a timeout.. thats why the link doesn't show if the path is not entered (so people won't run it)
it looks sorta like this (there will be a field to fill in which wont show here)
| Settings below specify the physical directory path of the export directory. This is used by the system when using the import/export feature. The export directory needs modify permissions for the anonymous webserver account. |
| ExportDirectory |
|
the path must be valid for your file structure and it must have correct permissions (when creating files) , The setting I am most interested in is what you have for the "Pic_Max_Image_Width" used when the image resizing components resize the big image
setting it to nothing or zero could cause this
, and did they give you access to a control panel that lets you manage your site ? sometimes that is where you manage those permissions if their interface supports it
lastly, are frontpage extensions installed in your web so it can be connected to via frontpage ?
so use the connection string the readme.txt in the sql installation folder file tells you to... it has the correct username.. I just posted that info above
i will probably end up doing this myself, but dropping all the log data in a sql table would be nice as it offers much more flexibility on how an admin can keep track and use the data. Browsing through each log file is very inconvenient. I can search for text in the files (server-side, others with a shared server would probably have to separately download all log files first), but with the current method I don't have the following important options:
if you had an option during setup perhaps (or elsewhere) in a future version that allowed an admin to specify the preferred logging method (separate files or a table in sql) i'm sure many admins would find it very useful to have a database alternative of keeping track of users becuase it would offer the two benefits listed above, plus more.
, FILE includes can not use virtual pathing infoHave you thought about language file so users dont have to go into the code to put it in their language??
, 
