User Registration

The "users" folder allows users to sign themselves up and edit there accounts as well as retrieve lost passwords..

In the settings tab of the ASPProtect admin area there are options for which fields are used and which are mandatory when a user signs up. The only validation the system performs by default is checking for mandatory status. If you want to add more validation so reduce the chances of input errors that is up to you.

You can add additional server side validation by doing server side checks on the save pages... you can also make the field sizes larger in the database if you think you need to. You'll need to be good with ASP to do this.

Always backup your files before making changes to them so that you can revert back to a working copy if you mess something up.

I think I've found the problem..

The password "abcdefgh" works

The password "abcdefghi" does not

(username "ace45")

Passwords can obviously only contain up to and including 8 characters... By some coincidence I only used short passwords with MS Access.

If you still cant see the upload buttons after checking the settings send me a PM with the info and I will take a look at your installation. It will have to be up on a live server of course.

The main users screen... the 1st screen you see when you go to the admin area..  where you email an individual user..

The settings I am referring to being the various emailing settings on the settings screen, The settings you showed me.

As for emailing via a remote server over dsl. It may not be working because the ISP's block the port (25) to stop people from running email servers over their dsl.

Your POP3 works because POP3 uses port 110.

If you want to send emails from your local server on your dsl you should probably install the SMTP service of IIS if you have not and send emails using that with CDOSYS. Either that or get a commerical DSL account with a static IP that allows for running email servers.

Still not ready... I have no time to finsih it at the moment..

release date is unknown...

humm, I dont know then..

If you want PM me your site info and I will go in and troubleshoot.

Frontpage or frontpage access, either way

and also the site URL

Hi,

We use ASP Protect 6.0 and the database is SQL Server. Our hosting company is charging a lot for daily and weekly backups for everything. Which directories/folders do we need to backup daily and weekly incase something happenes to the site and we need to restore and get the password-protected are that works with ASP Protect to get working.

dsn-less is the way to go..
http://support.cjwsoft.com/code/moreinfo9-2.htm

you also need to use newer versions of the database as the odbc drivers on the server are sometimes very new and no longer work with access 97 databases

When I add a user, I can not activat it.

It sends me back to log on and will now allow me to log in as admin???

I can restart the APP and log in as Admin, but the user I added

is still not activated??

My system will also not allow me to set the Stay Loged in FLag.

It just ignores it....

Please Note : ASPProtect v7.x has a new feature called groups that is much more powerful than access levels. Access Levels were left in the product primarily for existing customers that upgrade to the new version so they do not need to make a lot of changes to their site if they were using Access Levels.


More On Access Levels

Again, Examples of managing Access Levels are provided in the "multiple_access_levels" folder included in the root of the Password System. Look at the source code of the ASP pages in that folder with a text editor to see the working code.

Access Levels and how they work can be re-coded to work in many different ways. However, you have to be a good ASP developer to make changes to it. Here is some information on how they work by default.

In the "check_user_inc.asp" that comes in the root of this system Access Levels work as follows.

Level 1 has Access to - Level 1
Level 2 has Access to - Level 1,2
Level 3 has Access to - Level 1,2,3
Level 4 has Access to - Level 1,2,3,4
Level 5 has Access to - Level 1,2,3,4,5
Level 6 has Access to - Level 1,2,3,4,5,6
Level 7 has Access to - Level 1,2,3,4,5,6,7
Level 8 has Access to - Level 1,2,3,4,5,6,7,8
ADMIN has Access to - Level 1,2,3,4,5,6,7,8,ADMIN

Here is some additional info..

If the access levels are too restrictive you can ignore them all together and create your own totally custom solutions.
Here is a quick rundown of some of the things you can do.

Ok... so if you want to be really specific about what each user can see and
can't .. here's an example of what you can do

Don't use the access levels before the include file..
Don't worry about what you set a user to in the admin area since the access levels won't be used.

Do something like this..

Every time a user logs in session variables are set that you can access at
any time.. thus allowing you to know who they are.

So you could do something like this...


<%@ LANGUAGE="VBSCRIPT" %>

<!--#INCLUDE FILE="check_user_inc.asp"-->

<%
If Session("USERNAME") = "bob1267" or Session("USERNAME") = "carl45" or Session("ADMIN") = "True" Then
Session("PASSWORDACCESS") = "Yes"
Else
Session("PASSWORDACCESS") = "No"
Response.Redirect(Request.ServerVariables("script_name"))
End If
%>

The following URL explains what Redirects are.
http://www.powerasp.com/content/code-snippets/redirects.asp

That would in effect create totally custom access levels.. but you would
have to do it manually for each user.

You can also do things like this after a person logs in

Show custom html to any specific user based on either their username or
access level ... like so

say there was a menu and a certain link should only show up to username
"paully67"

you could do something like this


<HTML>
<HEAD>
<TITLE></TITLE>
</HEAD>
<BODY>


<br>
<a href="main.asp">Home Page</a>
<%
If Session("USERNAME") = "paully67" Then
%>
<br>
<a href="paullys_page.asp">Pauls Stats Page</a>
<%
End If
%>
<br>
<a href="links.asp">Links Page</a>

</BODY>
</HTML>

Or you can show custom HTML or links based on Access Levels or any other info.

You can do just about anything with if-then statements and
using the built in vbscript functions..

Hopefully this info will help to give you some ideas...

Bottom line is you have to do some work within your site to make the Access Level system really come alive.

noted.

1.) this has been explored and because of the way groups works is not feasable. Because us this I wrote code to allow you to view and sort all users for any group on the actual groups page. You pick a groups and then click the "Show Users" button

2.) noted

My hosting company uses ASPEMAIL - and I am trying to setup the mailing settings on ASPPROTECT - but cant seem to get it to work.   I've tried many different options - here are two that are the closest - but have issues:

1. If I use the settings:

email component: aspemail

Mail remote server: my internal server name

*no smtp authentication

email mail notification - my email address on my internal server

***I get the following results:

       I can get get notified when a new user logs in, email a user from aspprotect user screen if they are in my company and have a valid email -- but I can not send to the outside world - I get an relay prohibited error.

2. If i try to change the setting to use the Hosting Website email server - I get the following results:  I dont get notified when a new user registers, I cant send to internal company people - but I can send to the outside world.

**any suggestions on what to do? I'm trying to work with the people who manage the mail servers - but since I dont know anything about them - its a bit difficult.

I purchased two site licenses for ASP Protect a while back and am now trying to implement the application.

The connection to the database is fine, because it recognizes the user and displays the user name.  However, there must be a problem with the permission because I get the DNS error information from the On Error in the check_user_inc.asp file.

I set the permissions on my PC as you indicated, both on the folder and the database file.  But get the error and cannot access the database to view or modify.  I also uploaded the file to my web server and set the permissions as well, but get the same problem.

You mention on your forum that it is not the code, but I don't understand if the code is correct and if it finds the database and the permissions have been set as you indicate, why doesn't the code work?

I am up to speed on how it works. My goal was to not have just a link to a protected page- so that when a user clicks it they get the "access denied" screen and then have to log in. My goal was to avoid that if possible by having them log in and then redirected to the protected page.

So this isnt possible? The only way for it to work is for a user to click a link to the protected page, get the denied screen, then login and be redirected?

Or is there another way..?

I made my point by rebuttling your "cafepress" with agreeing "YES" that is what i want... now you are changing this around on me. I dont think i can be ANY clearer in what i intend to do. It is extremely clear and i am not sure why its becoming more than it should be. I just want the user to be able to log in from ANY PAGE ON THE WEBSITE AND THEN BE REDIRECTED TO THE PROTECTED PAGE IF THE HAVE THE PROPER CREDENTIALS. It would be nice if this software gave an error message when an incorrect username/password was entered instead of simply refreshing the screen.

I am trying to find out where I can enter the ttle for the application.

There is a variableor field called App_Name into which it would be good to insert a generic name. Can this be edited?

I have searched high and low but cannot find anything to do with it.

here is the answer
http://www.iisanswers.com/IIS51.htm

CDONTS

CDONTS (Colloaborative Data Objects for NT Server) is a feature of NT and W2K that allows you to easily send mail from a web page using the SMTP server. The simplicity of the code and widespread availability of free scripts employing CDONTS has resulted in  CDONTS being widely adopted.

Quite a surprise to many administrators to discover that IIS 5.1 does not support CDONTS as do IIS 4.0 and IIS 5.0. This has been replaced by CDOSYS which appears to have more capability, but it is not quite as simple to use. See: http://support.microsoft.com/default.aspx?scid=kb;EN-US;q195 683 for more details.

You can enable CDONTS on XP by copying CDONTS.DLL from a Windows 2000 installation to your XP system’s Windows\System32 folder (default name). Then at command prompt Windows\System32 run REGSRV32 CDONTS.DLL. The extent of my testing on this was to deliver one piece of mail, so this should not be construed as a complete analysis of the effectiveness of this technique.

All of the fields with the expected paths show the correct file structure, so now I've put them in them in the boxes

Chris,

Yesterday when I would access the get_me_in page with the password key, I was then taken to the default login page.  It did not give me the option to create a user. 

Today, when I entered the password key into the get_me_in page, I was taken right to the create user page.  So, yes the problem has been resolved.  I have no idea why though.

You can't do that. ASPProtect 7 does not work with ASP.NET.

It is a classic ASP application. As the web site states it can only be used to protect ".asp" pages written using vbscript.

ASP and ASP.net are completely different animals.

Thats why we have a .NET version.
http://www.aspprotect.com/more_info_net.asp

I'll give it a shot loading it on the laptop and publishing it, if it doesn't work I'll let you know and you can take a look at it tomorrow afternoon.  Thanks for all the help tonight...

Good luck pouring that concrete!

ASPProtect protects ".asp" pages only.

That is your problem.

Sorry Chris,

It didn't fix it.  Looks like I had the current code.  I bought the system in mid-April.  The version says 3-10-2005.

I do know that in the database, the password shows as " éG"  but in the error code, it shows as " éG".  The square character is missing. 

Thanks,
Mick

Edit: well heck.  It skips the square box here too.  The password in the database puts a square box in front of the éG

let's try this... edit that page with a text editor like notepad...

Carefully replace any instance of "Cint" with "CDbl".. I may have missed some of those when testing the last time I edited the code.

ASPProtect and PayPal are fully automated and ready to go.
Accounts will automatically get activated after payment.

We actually do not tell you to put nothing in the PayPal system for the IPN URL. Something has to be there or PayPal will not let you enable IPN. We actually tell you in you PayPal settings to turn on IPN and make up an IPN url because something has to go there. (I think we suggested making a blank asp page on you're site to send it to) It really doesn't matter where you send that but it might as well be a valid page on your site to avoid any 404 errors in your logs when a non ASPProtect payment comes in.

You see, we dont set that IPN url set in the PayPal system because each ASPProtect signup script directory (single payment and subcription) uses it own IPN url and that all gets set on the fly by the aspprotect system. There is a way to overide the defaul IPN url is what I am saying.

Also:
A  lot of people already have something there and we didn't want the ASPProtect system to interfere with things they already had going on.

Hi Chris,

Alright.  We figured out how to work with both C# and VB, by creating a separate VB web project in VStudio, and then passing the aspprotectnet.dll to the C# project.

Ok.  I have another question:

How can our code determine the identity and user_id of the currently logged in user:

Is it Session["User_ID"].ToString() and Session["Username"].ToString()?

thank you

basically one at a time because of limitations of the file uploads that browsers can support 

more on that here
http://www.aspphotogallery.com/pro_add_ons.asp


An Admins can however ftp a bunch of pics to the import folder and import them into any album all at once pretty easily

Hi. Chris.  I'm not a programmer of any sorts, so I am not comfortable plugging in the changes you suggested and not knowing for sure if it will "break something somewhere else".  If the programmer tells me "you have been warned", its a pretty good sign its a no win situation. If you don't know, theres no way i can know.

I saw in the code where you mentioned the changes. I don't see where it mentions the last name is required either, but the bottom line is it does require it it the actual new user form.

Thanks anyway Chris. I'll figure something out.

-john

Now that I really think about it.. instead of logging that info to a text file and worrying about folder permissions you could probably just save the post info into an application variable during the paypal ipn.asp post like so

For Each Item In Request.Form
formdata = formdata & vbCrLf & Item & "=" & Request.Form(Item) & vbCrLf
Next

Application("PayPalPost") = formdata & " - " & NOW


then anytime you wanted to see if that info was there or when it happened you could make a simple asp page in your site to display the results like so

<%
Response.Write "(" & Application("PayPalPost") & ")"
%>

As an update to this thread I fixed the "upload_post.asp" page quite some time ago but forgot to post the updated file here.

So here it is.

2005-09-16_165913_upload_post.zip