also.. every once in a while I get some nervous person concerned about security... and the pros and cons of having parent paths enabled.

etc etc etc

so let me add this bit of info..

I don’t know what your hosting company will say because it is an iffy topic and those that understand it have a hard time explaining it to someone who doesn't. Also usually the hosting company doesn't have a clue except they heard it was a security risk.

The default database password is "temp"

This is noted in the docs. You can also see the current password by looking at your connection string.

someone has to do something other than me.. i've given up

if i give u the username/pw can you set this up on the network solutions host and ask them to set whatever permissions are needed?

cant do it anymore....

right..

I had to open up the permissions to get it to work.  I now have to go back and uncheck each one for directory listing.. :)

Thanks, I'll take a look.

Nick

Well, I assumed I'd be able to tweak this thing but it is all so intertwined it doesn't pay to mess with any of the files. Hence, I'm going to have buy a different system only a week or two after buying the unlimited version here.

As I leave I want to give you some impressions here. While the system is low-cost, the 99 dollar version is missing a few pieces that I think would bring the value to 99. It is one thing to talk about the speed/performance, but to a degree that's hard to measure, and to anyone with web advertising on their site, performance will always run second to potential site income.

It definitely needs a user interface and registration for advertisers, and it definitely needs a single variables file for changing the hundreds of variables for which there is no control. I had to search on my own just to change the look and feel.

Lack of multi-zone support is a serious drawback. I would submit that anyone with a serious website needs it, and will gladly pay you 139 over 99 for just that one feature.

Take them or leave them, they are just suggestions.

Looks great. I can't wait until this will be released. Will there also be an easy way to migrate my current version ?

Hans

OK, I just spent like an hour in your site.. I almost gave up

1st off... I don't know what FTP Program/Settings or what OS you are using but all the ASP Protect Files had been reformatted in a odd way which was causing some issues and the database also had problems. Your somehow introducing all sorts of UNIX line breaks to all the files and the database was actually missing some crucial parts of itself and was corrupted. So I had to update everything which means a new database. I have never seen anything like it but I fixed it all. Its something you are doing but I do not know what. Maybe your unzipping method again ?


So to get back into the admin area...

admin
test

Now, the reason  the albums were not showing is because you are using the ole connection string which causes problems like that. However because you host has like the worst setup ever with that network path crap for the site that was the only connection string that would work for some reason.

I highly suggest a new host with a proper setup for running ASP. www.alentus.com
Your hosting companies setup is horrid as far as I am concerned.
Access Databases are not meant to be connected to via a network path.
http://www.aspfaq.com/show.asp?id=2168

Anyway, I rewrote some of the code because of the ole connection and got the albums showing up for you.. who knows what other problems that OLE connection may bring up in the future.. for now things I tested seem ok.

As for your broken image in the your header/footer...  You cant link to images and links using virtual pathing in those includes because the files are called from different directories and will work in some and not others

so when your in the root you see the image, when in a different folder you see a broken image

In other words.

link to

http://www.vickerylightning.com/gallery/vickery_template5_r2 _c1.jpg

not just

vickery_template5_r2_c1.jpg

The same goes for hyperlinks.. use the full url paths


Whatever you do...Back up the gallery folder with my changes before you go doing anything.

no, there is not not.

If you wanted to to that you would have to add some code to check their album count in the database and not allow them to make a new album if they were at the limit.

YES.. you need to edit your SWF file to link to the aspbanner system...

example.. the link may look something like this
http://banserver.powerasp.com/aspbanner/banner_redirect.asp? Banner_ID=60

of course you need to put in the right information for your site and whatever banner ID it is in your system

Like it says above.. if you save the new banner at least once and then come back to edit that link will be generated for you at the bottom of the edit page.

then when your flash banner is clicked on it will go track the click and then send them to the "link_url" specified for that banner when you edited it.
(you need to enter the final destination url there if you want that to work)

ok, 1st we need to rule out the #1 reason people sometimes think that is not working.

Is is set up never to allow the same IP to increment the count more than once in a row so when testing it is real easy to think the count isn't working because unless you can change your ip you can not increment the count more than once per album

It's a poor mans spam abuse type of deal..
For the most part it will keep some Joker from hitting refresh 100 times and inflating the count of an album.

Do you think that is possible what is happening ?

Also, here is an older thread about the same issue?
http://support.cjwsoft.com/code/moreinfo54-2.htm

Hi,

I am just wondering if anyone else has had this problem. Even though the guestbook is empty, it takes just about 20 to 30 seconds for the guestbook/default.asp lto oad. Is this normal has anyone else has had this problem.

Thanks

i will probably end up doing this myself, but dropping all the log data in a sql table would be nice as it offers much more flexibility on how an admin can keep track and use the data. Browsing through each log file is very inconvenient. I can search for text in the files (server-side, others with a shared server would probably have to separately download all log files first), but with the current method I don't have the following important options:

• cannot sort by any criteria
• quickly see a list of all login attempts by a specific user (i need to search each log file individually for this info)

if you had an option during setup perhaps (or elsewhere) in a future version that allowed an admin to specify the preferred logging method (separate files or a table in sql) i'm sure many admins would find it very useful to have a database alternative of keeping track of users becuase it would offer the two benefits listed above, plus more.

It's not working because i guess im copying the viewstate also...and it comes up

Validation of viewstate MAC failed. If this application is hosted by a Web Farm or cluster, ensure that <machineKey> configuration specifies the same validationKey and validation algorithm. AutoGenerate cannot be used in a cluster.

all that docmunetation is online as well right here so you dont really need the chm file
http://support.cjwsoft.com/code/info24.htm

the chm format is a windows format that can only be viewed on windows pcs. I do not know why you can not see it. I would do reseach on viewing CHM files on whatever operating system and version you are running because perhaps you are using a mac or linux operating system which can not natively view chm files ?

(Indemnification Agreement Mod)

This very simple mod will add an Indemnification Agreement Pop-up to the registration signup form which must be agreed to before continuing. This is often done for legal reasons to help cover yourself if something should come up later on.



Instructions:

Download 2006-03-19_212700_Indemnification_Agreement_Mod.zip which contains "terms.js" and put it in your scripts folder. It contains the text that will be displayed in the pop-up. You can of course carefully edit it with a text editor to say whatever you like.

Now carefully edit "users/register.asp" with a text editor. Add this bit of code in blue right after the include to the "footer_inc.asp" file like so. It will be near the bottom of the page.


<!--#INCLUDE FILE="footer_inc.asp"-->

<% If ErrorMessage = "" Then %>
<script language="JavaScript" src="../scripts/terms.js">
</script>
<% End If %>

Your done, that's it. Now when "users/register.asp" is run for the 1st time the pop-up will come up.

It's not normal at all. My guess you accidently edited the code in a bad way.

(thats the same code the every guestbook in every application I sell uses including ASPGuest which gets downloaded for free about 50 times a day)

No one has ever said it acted funny.

I would do a default installation with the original code somewhere and see if the problem occurs. If it does I can take a look.

In the meantime I wouldn't be running that as it is probably using up massive processor time because of whatever is wrong with it. 

Chris:

I just got done trying it myself and it worked great for me too. I was aware of the security issue, but I'd already planned on using SSL for this particular call, as well as for the secured pages accessed through the normal process, so the bad guys will be kept at bay.

Thanks for the help.

The problem was in config_inc.asp. we had renamed the field in the DB but didn't change it in this file.

But we changed it, it is back to normal.

Thanks

ok... lets forget about all this redirecting business for a minute

when I go to "GP01.asp" directly via your web site I get a big nasty error that says this

Microsoft VBScript compilation error '800a0411'

Name redefined

/protect/config_inc.asp, line 15

Dim  Address_Required,CDONTS_Installed,City_Required,Registration _Type,VerifyURL,Log_Off_Page
----^ 

then when I look at what you did in that file I see why

you have this code which is totally wrong because you cannot include the password protection file twice

<%@ LANGUAGE="VBSCRIPT" %>
<!--#INCLUDE FILE="check_user_inc.asp"-->
<% GROUPACCESS = "*1*" %>

<!--#INCLUDE FILE="check_user_inc.asp"-->

it should be

<%@ LANGUAGE="VBSCRIPT" %>

<% GROUPACCESS = "*1*" %>
<!--#INCLUDE FILE="check_user_inc.asp"-->

and that is probably the root of this entire problem.. the redirection was working...
but you were sending them to invalid pages with errors

all those pages are wrong...

if you dont see the real error above see this

http://support.cjwsoft.com/code/moreinfo11-1.htm

if you look over the aspprotect 7 installation instructions that is the very 1st thing I tell people to do

hopefully this is the info you need to continue and get some work done

no, its part the concurrent login checking system.

currently when that is on logging off does not come into play..
(pretty much because it is such a complex system I wasnt able to make it quite that intelligent this time around)

when concurrent login checking is enabled the only way to log in again at another system with the same username and with a different IP is to wait till that time period is over

sorry

as you may recall it was rush feature at the last moment before I got version 7 finished. Hopefully I can improve on the feature in the next version but I dont really see it as being a big issue at the moment. Sometimes when you want maximum security you have to make some tradeoffs and that is why the feature is optional.

I would highly suggest setting up a DSN-LESS connection.

That system dsn is most likely the source of your trouble It is probably that or permissions are still not correct.

I can't tell you how many people have had trouble with system dsn's and finally set up a dsn-less connection and everything then worked as it should.

The location of your database is fine as long as permissions are truly set correctly like I mentioned.

Also, be sure you are setting the database type correctly in the dataconn_inc.asp file. That can cause problems as well as some people have been known to delete that line.

See my articles...

http://support.cjwsoft.com/code/moreinfo9-1.htm

http://support.cjwsoft.com/code/moreinfo136-1.htm

http://support.cjwsoft.com/code/code_info.asp?TID=40&KW= system+dsn

Of course ASP.NET is and HAS been installed. I have been running asp.net scripts for years on it. I am not new to asp.net nor setting up the server or anything. ASP.NET is properly installed and works perfectly.

You are missing the fact i mentioned it is a DOMAIN CONTROLLER.

I have come across MANY articles ONLINE via GOOGLE that mention if it is a domain controller, for some reason the aspnet account is not there or gets deleted.

IN ITS PLACE GOES THE IIS_WPG ACCOUNT. IS YOUR SOFTWARE NOT COMPATIBLE WITH THIS ACCOUNT?

Is it possible to run ASP.NET scripts without ASP.NET not being installed? Because I have been running asp.net pages without any problem.

I am having severe trouble with the SQL database connection for ASPlisting (generic version).

I have used all of the suggested connection strings but still get error messages such as:

[DBNETLIB][ConnectionOpen (Connect()).]Specified SQL server not found.

I have set up the tables in the database, although the database existed already with many other tables in it as it costs me per database per month so one has to suffice with many tables in it.

I use SQL a fair amount on my site but have not suffered any probs like this yet.

Any advise or help would be useful.

The main users screen... the 1st screen you see when you go to the admin area..  where you email an individual user..

The settings I am referring to being the various emailing settings on the settings screen, The settings you showed me.

As for emailing via a remote server over dsl. It may not be working because the ISP's block the port (25) to stop people from running email servers over their dsl.

Your POP3 works because POP3 uses port 110.

If you want to send emails from your local server on your dsl you should probably install the SMTP service of IIS if you have not and send emails using that with CDOSYS. Either that or get a commerical DSL account with a static IP that allows for running email servers.

ok... glad ya figured it out.

Yes.. for ASP server side code to run the page extension must be ".asp". I was gonna mention that but I guess I just didnt think anyone would do that.

no offense.. not everyone works with this stuff every day..

I just installed ASPProtect on my site. The instructions were definately on the target. Very very good instructions.

But... Isn't there always a but ???

I needed to setup my site with MS SQL and it is hosted so I don't have Enterprise Manager. I tried the web based Enterprise Manager and any other one I could find. But, I kept getting errors when trying to use the SQL Script.

I finally had to go back to my work where we do have the licenses and get an SQL Admin to use Enterprise Manager to run the script and it worked finally.

I don't know if this is a common problem ??? But, maybe you would want to look at the SQL Server script or make a different version that would work with the Web Based SQL manager.

Thanks

this error really does not mean anything specific

Your browser must support a standard called RFC 1867. Please check with your browser vendor for support of this standard"

If you get an error its real weird that the file is being uploaded.
Generally if you get an error during upload it is because of one of these 3 things

Invalid physical path specified

Unsupported upload method chosen

Permissions

See my article on XP and permissions
http://www.powerasp.com/content/new/windows_xp_pro_and_permi ssions.asp

many people dont do their permissions right on XP Pro and that article covers everything

Thanks.

Nick

The main root of your web site needs a "aspnet_client" folder for .NET apps like ASPProtect.NET to run.

If this isnt quite right one of two things can happen.

1.) You'll get a pop-up error like this.
'Unable to find script library WebUIValidation.js'

2.) The ASPProtect login screen will come up but just not let you log in.

This folder only goes in the root. Not in subfolders and subwebs.

If you dont have this folder in the root of your web.

Read this article to learn how to properly create the folder.
http://msdn.microsoft.com/library/default.asp?url=/library/e n-us/cpguide/html/cpconconfiguringaspnetapplicationforaspnet version.asp

If the app is installed on a hosted server you'll need to ask them to do that for you.

You can also try copying a the folder from your own machine after creating it the way the article above says.

or

here is a copy of my "aspnet_client" folder created under the latest framework at the time of this writing. v 1_1_4322

2004-11-03_134912_aspnet_client.zip

I am not sure if copying it in is as good as having created by the server as I haven't had time to really test all of that but it should work. Ultimately all this does is put some files .net needs in the web.

IMPORTANT UPDATE - READ THIS
http://support.cjwsoft.com/forum/forum_posts.asp?TID=205& ;PN=1


The IPN Subscription Pack which is built in to ASPProtect 7 contains all the pre-built scripts you need to implement PayPal IPN Subscriptions with ASPProtect. IPN stands for (Instant Payment Notification). It allows you to set up scripts on your server so whenever a PayPal payment is processed the PayPal server sends info to your server regarding the transaction and vice versa. This is a fully automated process and allows you to charge users for access by the month or however long you like.

The Subscription feature of PayPal handles recurring billing automatically. The PayPal server will communicate with the ASPProtect system and keep everything up to date with users and their subscriptions.

This Support Pack basically gives you an additional signup and registration directory "paypal_sub_signup" and it should not interfere with any changes or customizations you have made to your ASPProtect setup. New users can register in this directory and sign up for a subscription at the same time. Existing users whether active or expired can be sent to this directory where they can lookup their account and start a subscription. You can also assign various Access and Group Levels during signup and you can set up various prices for various amounts of time as well. This is a real-time setup for the most part. As soon as a user pays via PayPal your system is updated and they will have access.

To use this all you need to do in ASPProtect 7 is enter your PayPal account name into the settings screen. It will be an email address. You'll need a business or premier account with PayPal and you will need log into your PayPal account and turn on IPN in you profile. They make you enter a default IPN URL. We do not use that so if you already have something there leave it there. If you dont have something there you can type in any the full url to any page on your server. It's probably best to send it to an empty ".asp" page or something.

Changing Payment Options

In the "paypal1.asp" file there are some sample payment options set up.

They look like this and you can have as many as you like.

<!-- Begin Payment Option Code -->
<form action="https://www.paypal.com/cgi-bin/webscr" method="post" target="_blank">

<% Label = "Membership (1 Month) $9.99 Recurring" %>
<!-- Begin Form Fields You Can Edit.. See PayPal Subscription Manual For Details -->
<input type="hidden" name="no_shipping" value="1">
<input type="hidden" name="no_note" value="1">
<input type="hidden" name="a3" value="9.99">
<input type="hidden" name="p3" value="1">
<input type="hidden" name="t3" value="M">
<input type="hidden" name="src" value="1">
<input type="hidden" name="sra" value="1">
<!-- Field Below must have 2 commas First two values are optional (access level,groups,user ID)-->
<input type="hidden" name="custom" value=",,<% =User_ID %>">
<!-- End Form Fields You Can Edit.. See PayPal Subscription Manual For Details -->

<!--#INCLUDE FILE="form_data_inc.asp"-->
<input type="image" src="https://www.paypal.com/images/x-click-but20.gif" border="0" name="submit" alt="Make payments with PayPal - it's fast, free and secure!">

</form>
<hr>
<!-- End Payment Option Code -->
 

To really understand what these form values mean it is best to look through the PayPal Subscriptions Manual which is a PDF file you can get from the PayPal Site.

This link was valid the last I checked...
Subscriptions and Recurring Payments Manual

It also may be helpful to use their wizard to create some subscription buttons with different settings and then look at the code generated.

Bascially these are the important ones..

a3 - amount to billed each recurrence t3 - time period (D=days, W=weeks, M=months, Y=years) p3 - number of time periods between each recurrence

The custom field is something we are using to send info from ASPProtect to PayPal.
it allows you to set the access_level or groups access (groups support require the ASPProtect Option Pack)

<input type="hidden" name="custom" value=",,<% =User_ID %>">

or this example where we are setting the access_level to (2) and also giving the user access to groups (3 and 4)

<input type="hidden" name="custom" value="2,*3*4*,<% =User_ID %>">

Here is how it works.
The value setting (red) is essentially and array that can be made up 3 elements separated by comma's

access_level,groups,User_ID

If you do not want to set the access_level or groups access.. then you don't even need to edit the setting.

Values must be separated by a comma even if there is no value and there can be no spaces.  If you didn't want to set an access level or groups there would still be 2 commas at the beginning.  etc etc
Basically there must always be 2 commas but you only have to set last values which is the User_ID from the ASPProtect system.

The 1st value is the access level you want to user assigned to.
The 2nd option is the groups you want the user assigned to. (requires option pack)
The 3rd option is the User_ID which the system takes care of. Do not edit this option. Leave it as <% =User_ID %>
 

- I am using the original files that came with the software.
- The software ads items to the database flawlessly.
- ASPImage works great.

- When I try to remove an ad or an image it says it's been removed.
- The ad does not show up on the site anymore.
- BUT, when looking at the sql database the ad is still listed there.

Why is the software not deleting the columns from the database and the images from folder?

Note: My other tables for other projects, in the database, allow me to delete them.