Blog Entry: 3/25/2006 4:25:59 PM
let's try this... edit that page with a text editor like notepad...
Carefully replace any instance of "Cint" with "CDbl".. I may have missed some of those when testing the last time I edited the code.
, I will actually explain how to set access_levels and/or groups...
in "users/add_new_account.asp"
carefully edit with a text editor
find this part
CmdAddUser.Fields("Access_Level") = "4"
that is where the acess level gets set...
you can change the level or remove that line all together if you dont want one set
now for groups you would add this line in the same area
CmdAddUser.Fields("Groups") = "*3*"
or
CmdAddUser.Fields("Groups") = "*1*,*2*,*3*"
Groups access for a user is stored in one field in the database like you see above. If you are confused what you should be saving in that field I suggest simply setting a user to whatever groups you want via the admin area and then looking in the database to see what got saved in that field. It's pretty simple really how they are stored.
*1*,*5*,*9*
that user would be a member of groups 1,5, and 9
,
I uploaded the files designed for an aspprotect folder at the root of my site (mysite.com/aspprotect) and went to mysite.com/password_admin/get_me_in.asp and receive this error:
Microsoft OLE DB Provider for ODBC Drivers error '80004005'
[Microsoft][ODBC Microsoft Access Driver]General error Unable to open registry key 'Temporary (volatile) Jet DSN for process 0xf54 Thread 0x908 DBC 0x90c41dc Jet'.
/aspprotect/scripts/populate_config_variables_inc.asp, line 11
I am assuming my host has still not set rights properly and that is why I receive this error. Am I correct?
I will definitely recommend hosting company you suggested for our businees site.
, do you have the smtp part of iis installed on your machine
cdonts needs that
then again I am not sure you can even use cdonts on a xp box without making some changes...
cdonts has kinds died out and as of windows 2000 basically got replaces by cdosys
, If you run asplistings auto in its own folder with its own application in IIS. Connected to its own database.
And you run your other version of ASPListiings in its own folder with its own application in IIS. Connected to its own database.
You will have zero major changes to make to anything... other than what you did above..
But remember theyare the same app and share a lot of thing including sessions and application variables.. that is why if they are installed in the same domain each one needs its own application set in the IIS console so they run seperately of one another.
cwilliams38312.5189814815,
I am successfully using ASP protect on our site. I have one question:
The file Check_user_inc.asp looks a bit bland as I can't seem to use the sites Dreamweaver template. If I apply a template to this page, it is duplicated on other pages with this template.
How can I apply a template to this page?
Thanks
Clark
, Using "Email Authentication" as a registration option you cannot do that. There is no possible way I know of to have a delay on the authentication email like that. Also that method is not intended to involve any sort of manual registration like what you are doing.
Because you want to review people manually you need to change to registration process to "manual" and then send the email out manually from the users screen after making a user active.
, sorry for delay responding,
I got bombarded with support inquiries while I was gone and I missed this one since I been home.
Does the server_info.asp page I provide say that aspupload is indeed installed. Let's start there. , The problem was that I did not have
ConnectionString = "Driver={Microsoft Access Driver (*.mdb)}.... in the connection string.
Thank You.
, The way the application works is one separate installation and database is required for each (IIS Application).... not only is it a licensing thing but it is also the nature of (forms based authentication) because every application in IIS has it's own set of application and session variables and they can not be shared with other various IIS applications.
That being said if you plan to run a separate install for each web/IIS application buying new licenses is fine
If you want to run one installation and database and share that with other web.IIS applications it is not technically possible.
Each web/IIS application requires a seperate install of ASPProtect.NET, thank you for such a quick response -- It sounds straight forward - so I should be all set. Thanks again., It looks like your product is perfect for my new site, but I have one question. One of the pages I want to protect on my site will be called by an application running on a remote server every 15 seconds. The application can include the username and password in the URL it is calling. Will your product allow access to the protected page on my server? , Just having the database with members does not protect the page. You need to add the appropriate code to every page you want to restrict access to.
You need to click on the Groups tab in Admin.
Click on Generate PW protection code.
Click on the basic button if you don't want to include levels or groups or choose a level or group(s) and click the appropriate button.
Paste the code that's generated into the top of an ASP page in code view.
Is that what you're looking for?
Michelle
, Umm, if your using MSACCESS your using MSACCESS
SQL server has nothing to do with it.
, If you are having trouble setting up a simple data connection ASPTest is a great learning tool.
You can download it from the www.CJWSoft.com website near the bottom. cwilliams38087.5457060185, also, just to show you what happens when a user creates a subscription this is the code. you can see in red where the subscrition is is set and also where the exp date is set to null
If txn_type = "subscr_signup" Then
Set ConnPasswords = Server.CreateObject("ADODB.Connection")
Set CmdEditUser = Server.CreateObject("ADODB.Recordset")
ConnPasswords.Open ConnectionString
SQL = "SELECT " & tbl_label_users & ".* FROM " & tbl_label_users & " WHERE (User_ID = " & User_ID & ")"
CmdEditUser.Open SQL, ConnPasswords, 1, 3
CmdEditUser.Fields("Active") = "1"
CmdEditUser.Fields("Validated") = "1"
CmdEditUser.Fields("PayPal_Subscriber_ID") = subscr_id
CmdEditUser.Fields("Notes") = "Successful PayPal Subscription Signup on " & Date
CmdEditUser.Fields("Expiration_Date") = Null
If Access_Level <> "" Then
CmdEditUser.Fields("Access_Level") = Access_Level
End If
If Groups <> "" Then
CmdEditUser.Fields("Groups") = Trim(Groups)
End If
CmdEditUser.Update
CmdEditUser.Close
Set CmdEditUser = Nothing
ConnPasswords.Close
Set ConnPasswords = Nothing
End If , At the bottom of my "users" list page, it asks the question "number of users displayed per page"? After hitting a larger number than the default of 1-25, it increases the number of users per page to that number. But as soon as I leave that page, it goes back to the default. Any thoughts?, as an update... it is now possible to use Website Payments Pro with classic ASP..
However, you basically need to own/run your own server because of certificate signing and special things that must be installed on it. The certificates you have to generate requires your paypal username and password so it's definetly not something hosts are going to do for people.
So... this still isn't plausible at this time..., Still not ready... I have no time to finsih it at the moment..
release date is unknown...
, If you code support for it yes, the application comes with no paypal code or support built in.
If you think it will help you, you are welcome to a copy of the classic asp version which supports paypal subscriptions. Perhaps looking at the code would help you.
, I didn't know about it. I will try to check it out some more this week.
, works fine now
, Ok...thanks., not anything built into the app... it would be done with client side javascript if you wanted to look into it... my client side javascript skills are ziltch, I think I've found the problem..
The password "abcdefgh" works
The password "abcdefghi" does not
(username "ace45")
Passwords can obviously only contain up to and including 8 characters... By some coincidence I only used short passwords with MS Access.
, ASPProtect version 6 does not officially support any sort of redirection or is it a feature.
You can however do redirection after login with some basic ASP if-else statements and ASP redirects. Basically you check the session variables after successful login and send users where based on that info. You of course also need to protect any pages you send users to and make sure any people that aren't supposed to go there do not go there directly and bypass your security.
I highly frown on Redirecting during login (In my opinion it is poor site design and it defeats the purpose of dynamic web pages, there is seldom a good reason to even need to do it if you design your site well) but you can check out this thread which should give you lots of good information.
http://support.cjwsoft.com/code/code_info.asp?TID=17&KW= redirect, ok, I'll give it a shot within the next day or so. I'm busy with a few other things right now. You're right about just saving a copy before I start. It can't really hurt anything.
Thanks Chris. I'll let you know how it turns out.
-john
, I have set up a user to be redirected to a different page when logging in for the first time.
I assumed this function would count the number of times a user has logged in. When the login count was greater than 1, the user would be taken to the default.asp
This isn't happening. The user is always redirected. The user login count in the database is now 9.
What am I missing?
, New Power Supply and a new (CPU Fan/Heat Sink) seemed to do the the trick. She's running like a champ now...
Hopefully it keeps doing so. Only time will tell.
It she's stable I can get back to designing some new software.
cwilliams38296.9772800926, Then, you would have to add those users to the aspprotect user database. You would do so using the built in import/export features of msaccess and being very carteful about it. It is not a process we support and the technique used would be unique to any situation. Its basic database work though but still you have to be able to do it.
ASPProtect uses its own user database and you have to use that database. ASPPortect can not authenticate users using some other existing database.
Does that make sense ?, hi,
Sounds like permissions.. the text file that the config file data is not being written to.
open the file "data/config/aspbanner_unlimited_config.asp" with a text editor and see if your values are getting saved.. if they are not its permissions to that folder and file as far as not saving config settings goes.
You may also want to check out "data/show_path_info.asp" which if run from the browser has info on manual/alternate setup scenarios.. as far as what directories you put things in and also editing the config file manually.
lastly make sure the filesystem object is not disabled by something like norton script blovking or something similar which can also cause trouble regarding writing to text files.
, People who have the option pack have a new feature called groups.
Groups are meant as a replacement for using the access levels as they are much more powerful. Support for pages protected using access levels is left in tact for backward compatiability for a customers older protection code.
A customer recently told me groups could not be used like access levels and that 8 access levels was not enough. This is how I explained that groups can do everything access levels can do.
Groups can honestly do everything access levels can do if you really think about it.
Using groups and protecting pages accordingly you could actually create a system that basically worked identically to the way the access levels works.
For example..
You make 8 groups and assign users to them accordingly
Protection code on page allows access to groups 1-8
The aspprotect system generates this code for you…
<% GROUPACCESS = "1,2,3,4,5,6,7,8" %>
<!--#INCLUDE FILE="check_user_inc.asp"-->
In this case a user assigned to any one of those groups would have access..
Protection code on page allows access to groups 2-8
The aspprotect system generates this code for you…
<% GROUPACCESS = "2,3,4,5,6,7,8" %>
<!--#INCLUDE FILE="check_user_inc.asp"-->
In this case a user assigned to any group between 2-8 would have access..
Protection code on page allows access to groups 3-8
The aspprotect system generates this code for you…
<% GROUPACCESS = "3,4,5,6,7,8" %>
<!--#INCLUDE FILE="check_user_inc.asp"-->
In this case a user assigned to any group between 3-8 would have access..
cwilliams38114.800775463, Hey CJWSoft,
We're helping out some clients of ours in a server transfer and we
really need some assistance from you guys. We've got everything
transfered and running, except for the ASP.NET banner. Do you
have any directions on how to go about moving the install from one
server to another? We've sent a couple emails through the site
but haven't gotten any responses back.
Please help.
-Tony Valenti
, Yea.. that error is totally because the asp pages are looking for fields in the database that are not there.. and causing a nasty loop.
if using the option pack you must go over the directions very carefully...
Make sure everything works step by step..
After upgrading to option pack code you either need to upgrade the database from the base system or use the newer database provided with the option pack.
Then.. you want to test every function of the groups.. if pages act slow and seem odd... especially the groups page and edit users page..
Then your not using a valid database. Either you didnt upgrade the old one, are not using the new one, or your connecting to an older verison by accident and not realizing it.
That's pretty much it...
cwilliams38300.5555671296, I recently upgraded my ASPclassifieds from MS Access to SQL. The application launches, I can browse existing catagories, etc. but when I try clicking on the login, guestbook, register or accessing the classifieds_admin, I get the HTTP 500 - Internal server error. Guessing this must be a folder or file permission issue? Have tried changing IUSR permissions but nothing helps.
Please advise.
Thanks, lancem
, You can't do that. ASPProtect 7 does not work with ASP.NET.
It is a classic ASP application. As the web site states it can only be used to protect ".asp" pages written using vbscript.
ASP and ASP.net are completely different animals.
Thats why we have a .NET version.
http://www.aspprotect.com/more_info_net.asp
, (Capcha Security Image Mod)
This mod will add a Capcha Security Image to the registration signup form.
Instructions:
Download the latest version of the ASP Security Image Generator from this site. http://www.tipstricks.org/
Unzip that download and copy "aspcaptcha.asp" and "aspcaptcha_distort.asp" into the aspprotect "users" folder.
Now edit "users/register.asp" with a text editor and add the code shown below in blue. The code to add goes near the bottom of the form right above the submit button. Just add the blue code. The code around it is shown to help you find the area of code where it gets placed.
<tr>
<td valign="top" align="right"><font face="Arial" size="2"><strong>
Newsletter</strong></font></td> ; ; ; ; ; ; ;
<td valign="top">
<input type="checkbox" name="Newsletter" value="True" checked>
<font face="Arial" size="1">Do you want to be subscribed to the
newsletter ?</font></td>
</tr>
<tr>
<td valign="top" align="right"></td>
<td valign="top"> <img src="aspcaptcha.asp" alt="" width="86" height="21" />
<font face="Arial" size="2" color="#000000">Type the characters shown in image for verification.</font><br>
<input name="strCAPTCHA" type="text" id="strCAPTCHA" maxlength="8" /></td>
</tr>
<tr>
<td colspan="2" bgcolor="#FFFFFF">
<p align="center"><input type="submit" value="Register"></p>
</td>
</tr>
ok, now edit "users/add_new_account.asp" with a text editor and add the code shown below in blue. Just add the blue code. The code around it is shown to help you find the area of code where it gets placed.
If User_Custom6_Used = True Then
If User_Custom6_Required = True Then
If Custom6 = "" Then
ErrorMessage = ErrorMessage & Server.URLEncode("You need to enter a " & User_Custom6_Name &".\n\n")
End IF
End If
End If
strCAPTCHA = Trim(Request.Form("strCAPTCHA"))
if strCAPTCHA = Trim(Session("CAPTCHA_" & Session.SessionID)) then
else
ErrorMessage = ErrorMessage & Server.URLEncode("You did not type in the verification info correctly.\n\n")
End If
If ErrorMessage <> "" Then
Response.Redirect "register.asp?" & Request.Form & "&ErrorMessage=" & ErrorMessage
Response.End
End If
Your done. You just added a Capcha Security Image to your signup form. If you would like a more distorted image that is more difficult for an automated program to figure out change the image tag to call the "aspcaptcha_distort.asp" page instead. It will look more like this.
, Below is the email I received when testing the self-registration. Does anyone know what setting I configured incorrectly?
I received the email to confirm the registration but the link to activate is invalied.
Thanks!
Your registration still has to be validated.
Go to
?u=bubbaj&v=4579
to verify your registration.
, ... doesn't seem to be working on my site. I expect I did something wrong.
I've created some groups, "week", "month", and "year". Their IDS are 6, 5, and 4, respectivelty. When someone goes through the PayPal signup, he's assigned to one of those groups based on his subscription.
When I see a new subscriber and check the relevant group the person's supposed to be in, that person's not in that group. I'm adding them manually for now, but I'd sure like a solution for when I go to sleep...
My subscription code looks like this:
input type="hidden" name="custom" value="5,*4*,<% =User_ID %>
One-off code looks like this:
option selected value="7,4.95,1,*6*"
I've created the groups in my management console. Is there anywhere or anything else I'm missing?
,
Timecard Entry: 3/25/2006 4:25:59 PM
phones, sign ups, enter po's & invoices, meet with Ben Brannan, Cash Flow reports, check email, voice mail, Worked with Don on CG & Chart of accounts, met w/Don & Seth on mediation, ETC. ETC. ETC., Emails and ICQ to watertown , finished up what i could with inventory, weekly staff meeting, * Digital Junction: Hyde Park Trading debug and support, Going over a few things in ASP with Bill M., check email, voice mail, Created proposal for Uihlein Nursing Home, Researching some information about wireless LAN's and some of the setups that are out there, review of open w/o's, Team Mtg, answered incoming calls, call backs, channel 7, foreverbroadcasting streaming media contract, storybook ticc web site, jcjdc proposal, dsl flier, Enter bills, Getting software ready to install on qbserver., TIIC DB website redesign., busy teching calls, Clayton Chamber - posters, Amy - In office about Alexbay.Com, BackToBasicsPetFood.Com, and Carthage Savings Bank. Questions about secure form submission., NEXTCOM.COM DEVELOP HOMEPAGE GRAPHICS, travel time to clayton, lots of calls, 5000/5000 numbers busy, 19 Miles - Massena - Potsdam, Spiffs, phone, Golf with your Buddies - web site design, creating mock layout for review..,
