Blog Entry: 3/25/2006 4:31:23 PM
I really do not know for sure, but I imagine there are customers using their windows hosting. Usually I do not know what hosting company a customer uses and I am usualy the only one that responds to forum questions.
Why not download the current Free lite version and try it out ?
CJW
, ok, then I need more information.
Was the code changed ? Thats the big one. If it worked and now it doesn't something must have changed. Things just don't stop working on their own. I would try putting the original files back in there for everything but the config and dataconn files just to make sure and see and if it works with the original files. (back up your old ones 1st so you can copy them back of course)
Also, perhaps PM me the site info so I can go look as well. ,
its one or the other... you cant protect upload.asp at the same time if upload.asp is included in another page..
I mean sure you can protect upload.asp from running when another page calls it by password protecting the page calling it.
And sure you can protect upload.asp by itself if it also runs all by itself. But you can not include the "check_user_inc.asp" more than once in any order of execution scenario. That includes pages being included.
Generally anytime a page is included in another that included page is not meant to run by itself and wouldn't produce any outcome if run by itself so this would never be an issue.
if you don't want "upload.asp" to ever be run by itself in that scenario put it somewhere in your web site that is not web browser accessible.
I would also suggest you look into using Virtual includes. It will save you a lot of time figuring out this sort of thing "../../../../../" becuase once you figure out the virtual include path you can use the same server side include from any directory level.
http://www.powerasp.com/content/code-snippets/includes.asp
, [QUOTE=sdunham]
My hosting company uses ASPEMAIL - and I am trying to setup the mailing settings on ASPPROTECT - but cant seem to get it to work. I've tried many different options - here are two that are the closest - but have issues:
1. If I use the settings:
email component: aspemail
Mail remote server: my internal server name
*no smtp authentication
email mail notification - my email address on my internal server
***I get the following results:
I can get get notified when a new user logs in, email a user from aspprotect user screen if they are in my company and have a valid email -- but I can not send to the outside world - I get an relay prohibited error.
2. If i try to change the setting to use the Hosting Website email server - I get the following results: I dont get notified when a new user registers, I cant send to internal company people - but I can send to the outside world.
**any suggestions on what to do? I'm trying to work with the people who manage the mail servers - but since I dont know anything about them - its a bit difficult.
[/QUOTE]
The relay error is because when you send emails outside your email domain smtp authentication is required.
I suggest trying to use CDOSYS with the smtp authentication option. CDOSYS is on all servers by default and is really the way to go. Use a real email account and password to send the emails through the server. Be sure to check smtp authentication for cdosys and to specify all that info for your email account and password in the settings screen.
If you want to know about CDOSYS read my article.
http://www.powerasp.com/content/new/sending_email_cdosys.asp , Once you have the LANGUAGE = VBSCRIPT and Checkfor = 1 on your page,
you'll have it secured. I've got over 1600 pages secured in such a
manner, thanks to ASPProtect!
, ummm.. ok.. Then this doesnt make sense. On two out of the three machines I have in house here, the images do not show up. They only show up on the server machine. I am using the constant url on all three machines. www.rfamilystuff.com Does it show up on your?
, Permissions and Folder Locations
By default and to keep things clean we store everything in folder called "data"
That folder then has it in 4 sub folders
database (where the .mdb and temporary .ldb files are handled)
export (where the aspprotect export files are saved)
logfiles (where the aspprotect logfiles are saved)
user_pics (where the user pictures are saved)
Doing it this way makes it very easy for a system administrator to right click on one folder and set permissions for that folder and all of it's child folders.
Now, that being said.. you do not have to use these folders.
For example if you already have a folder in your web with modify permissions for the anonymous webserver account then you can use that one folder to store all of the 4 things above.
You'd simply edit your data connection string to point to that folder and then edit the other paths in the settings area of ASPProtect.
We did it that way so you would have options in case your hosting company was being difficult with your ASP hosting needs. cwilliams38403.6837962963, This user is talking about preparing more than 100 pics at a time for an album that already exists and doing it using linux.
I asked the user to post the code here because I think it is interesting and it may help someone who is working with the app.
This article is not for everyone for a few reasons.
1.) The application can already mass import pics on it's own. It does 100 pics pretty quickly on a decent server. The built in method also resizes pictures and make low res thumbnails should your server support a supported ASP image resizing component. The method above simply rename pictures in a folder so the application will see them as part of an album.
2.) We don't support or recommend that anyone sets the application to use more than 100 pics per album. It is just not tuned for that and there will be issues. Please dont ask me what they are as it is complicated and I am not sure/dont remember what they all are.
3.) Your going to have to be familiar with linux to use the code shown above. cwilliams38210.5694444444, Good Evening,
I have been trying to log into my site using the protected pages comments you have in support. I have copied the code in the ASPprotect 7 guide.
<%@ LANGUAGE="VBSCRIPT" %>
<!--#INCLUDE FILE="check_user_inc.asp"-->
and pasted it in my page, set the the IIS to open this page and the page will not open it and the page will not open and the error is
Error Type:
Active Server Pages, ASP 0126 (0x80004005)
The include file 'check_user_inc.asp' was not found.
/olem/reldt/introduction.asp, line 3
When I remove the two lines of code everything goes normally.
I have aspprotect in its own directory in the website. I have read the installation several times and I am afraid I am missing something blatently obvious so I really appreciate you thoughts.
I am presently using redirects. I like not haveing to use them as your comments have suggested. I have pulled all that code from the pages I desire to protect during this test.
I have three test users in my database - 1 administrator
Any suggestions?
Thanks and best regards
, it is an email server/setting issue most likely
your email server probably requires outgoing authentication or something like that and that is why internal emails can be sent to but nothing else
its something along those lines
this will help you see the real error instead of the generic 500
http://support.cjwsoft.com/code/moreinfo11-1.htm , I dont understand why I would get an error? -- I'm not sending the email from internal - so why would it try to validate?
I'm trying to send an email to an independent place - just like I would send an email to you
Am I using the wrong email setting - should I be doing something other than using "remote server" , Hi,
Ok, well... you have a lot of stuff going on there.
More importantly than that.. you cant even log into the admin area using the admin account. There is something majorly wrong with the installation.
I also notice you havent even saved any path settings in the settings page of the admin area. I am looking that over now and filling in the missing info. That information needs to be populated. , well, so far one other guy found one..
his, was some sort of weird character that was causing a line break or something though in my testing I just couldnt figure out what was going on
now for me to reproduce any error someone find with a password I need to know the key used and the password used
which make it real hard to troubleshoot , Ok nevermind that... i got by that wasn't paying attention...
The problem is even before this which i didn't know until now.
I placed the protect tag in a page i called members.aspx
When i go to this page is says ACCESS DENIED etc etc etc.
When i go to login to view this page i get the error..which i DIDNT know because i assumed it was working. This is the error im getting:
Server Error in '/MAP' Application.
The resource cannot be found.
Description: HTTP 404. The resource you are looking for (or one of its dependencies) could have been removed, had its name changed, or is temporarily unavailable. Please review the following URL and make sure that it is spelled correctly.
Requested URL: /map/users/aspprotectlogin.aspx
Version Information: Microsoft .NET Framework Version:2.0.50727.42; ASP.NET Version:2.0.50727.42
btw it says /map because that is the subfolder within the root folder , I have been having some display issues with the .NET version of ASPBanner. I set the size of the image, and I set the size of the banner and there is still white space above and below the image. I am not using a text link below the banner, so I have it set to blank.
Here is a link to my page.
http://www.nababaseball.com
Two of the three banners in the rotation on the main page have non-white backgrounds so it's easy to see the issue I'm talking about.
Is there a way to tighten up the formatting so that the image fits onto the page in the size specified?
JDooley , The problem was in config_inc.asp. we had renamed the field in the DB but didn't change it in this file.
But we changed it, it is back to normal.
Thanks , you would have to edit the application in visual studio.net.. change some things around and recompile the application... in the process figuring out how you want to handle all of that (probably combining the username and email fields just on the registration form then saving both values to the database)
very doable.. just not anything documented or supported as it is custimization
I do have a very nice article on the forums on how to set up a project in visual studio.net with the application.. it is in the forums, I posted this in the wrong forum. Sorry.
I have installed ASPProtect on a client's website and I have been
notified that some of their customers have been unable to login to the
protected pages.
On testing it seems that the issues seem to be related to how cookies are being stored by IE 6.
ASPProtect is being used to protect particular template files within a
Content Mangement System. 90% of the time it is working fine but on the
odd occassion particular cutomers are unabe to login.
After quite a bit of testing I have managed to find the scenario in
which it starts to have problems and was hoping you may be able to
provide a solution.
If a customer enters the wrong password, then reenters the correct
username and password, they receive a message "template can not be
found" from the Content Management System. This message is generated
when a url is entered that contains a link to a template file that does
not exist. In this case the template does exist. If I remove the
ASPProtect code the page opens without error.
Everytime they re-enter the details they receive the same message.
If they close down the browser and then reenter the correct details in some instances the page will open correctly.
More often than not, they have to delete cookies and temporary files
and close the browser. This seems to fix the problem again for
most users. For users who's web access is heavily cached by an internal
server, even this does not work.
Have you come across this problem before and can you suggest a remedy.
If you can email me privately I can give you the URL and access codes.
Thanks,
Stuart
, If you PM your site info and I can go in and troubleshoot. I have no more ideas. Usually people have zero issues installating this application as I got it pretty tweaked so I need to see what is going on in order to help., I was actually able to do similar thing by allowing our dedicated search engine to access the site unchallanged.
<%
If Trim(Left(Request.ServerVariables("HTTP_USER_AGENT"),11)) = "MYPASSWORD" Then
SearchFlag = True
End If
If SearchFlag <> True Then
If Session("Access_Level") > CHECKFOR or Session("Access_Level") = "" Then
%>
<!--#include virtual="/Auth/check_user_Code.asp" -->
<head>
<title>My Title</title>
</head>
<body>
My Protected stuff here
</body>
</html>
For this to work, the search engine must pass the PW to the web site. I just was not sure how to do the same thing with IPs. I will play with the code and see what happens. If it works, I will post it here to help others, if this is OK with forum rules.
Thanks,
Mo , Is there a way to know if it is a SQL server with IIS5? My database type is MSACCESS.
Thanks!
Rhona (rookie) , ok, do you want my help making the database with your import file ?, Now that I think about you may very well be able to use the existing login_form_inc.asp page
the header and footer files for the users area may be ok as well.
probably the smart thing to do is try your old ones and compare them to the new and see if everything you need is there. If not add it by looking at the source html and comparing.
All other files should definetly be replaced with the new. , Makes sense to me. I used the ASPProtect_access2002.mdb supplied.
(I am using 2003). Only added more names and other personal info
to it for test. Uploaded the amended db with FTP. This did not
restrict someone not listed in db from logging in.
Would each individuals' information need to be added to the code in
order to have it check the database first to find out if the person is
authorized to view?
Part of the problem is I dont know which ASP page or script links the
db to the rest of the web, or how one page relates or links to the
other.
Sometimes I wonder if problems I encounter originate with the server.
Thanks for patience.
, IMPORTANT UPDATE - READ THIS
http://support.cjwsoft.com/forum/forum_posts.asp?TID=205& ; ; ; ; ; ; ; ; ; ; ;PN=1
The 2Checkout Support Pack which is built in to ASPProtect 7 contains all the pre-built scripts you need to implement 2Checkout Payments with ASPProtect. You must be using version 2 of the 2checkout system. They are phasing out version 1 regardless so everyone will be using version 2 very soon if they are not already.
THIS IS NOT INTENDED OR DESIGNED TO USE 2CHECKOUT SUBSCRIPTIONS. (see bottom of this thread for more info on that)
This Support Pack basically gives you an additional signup and registration directory "2checkout_signup" and it should not interfere with any changes or customizations you have made to your ASPProtect setup in general. New users can register in this directory and pay for membership at the same time. Existing users whether active or expired can be sent to this directory where they can lookup their account and buy additional membership time online. You can also assign various Access and Group Levels during signup and you can set up various prices for various amounts of time as well. This is a real-time setup for the most part. As soon as a user pays via 2Checkout your system is updated and they will have access.
The 2checkout pack is NEW.. and was released on March 19, 2005. If you don't have it and would like it please just ask.
To start using this edit the "2checkout_signup/2checkout_config_inc.asp" file
You will be entering your 2Checkout Account number in that file as well as the URL you want a user to go to after payment. It is all commented in that file. (There is also a testing variable you can set to True if you want to do testing without real charges being applied)
After editing that file run this page.
http://www.mysite.com/2checkout_signup/show_postback_path.asp
Replacing the part in blue with your website info.
It will report back that postback url you need to use in the 2checkout system.
Log into your 2checkout version 2 account and under the "look & feel section" enter that postback url for both the "Approved URL" and the "Pending URL"
Trust me: You want the URL there for a pending URL because the 2Checkout system is quite random and 95% of the payments that come in go to the pending URL and end up being legitimate sales. (at least for me they do)
Now make sure the Direct Return option on that page is on as well.
If set to Yes buyers will be immediately directed to your URLs below once they click the
Complete Order button. If set to No the buyers will have to click a button to return
to your URLs below. |
|
|
Save that page... and leave 2checkout.
|
Now, delete this page from your ASPProtect setup.
http://www.mysite.com/2checkout_signup/show_postback_path.asp
It's a minor security risk and is no longer needed needed.
The basic setup is finished. All you have to now is set up payments options the way you want them.
Changing Payment Options
In the "2checkout1.asp" file there are form options set up.
They look like this and you can have as many as you like.
<option selected value="30,9.95,3,">30 Days, 9.95</option>
In this option... A user has the option to purchase 30 days for $9.95 and he will be set to Access Level 3 when payment in completed.
Here is how it works.
The value setting (red) is essentially and array that can be made up 4 elements separated by comma's
They must be separated by a comma and there can be no spaces. In this example the 4th value was not used but the last comma must still be there. If you didn't want to set an access level and left out the "3" there would 2 commas at the end. etc etc
Basically there must always be 3 commas but you only have to set the 1st 2 values which are days and price.
days,price,access level,groups
The 1st value is the amount of days.
The 2nd value is the price for the amount of days.
The 3rd value is the access level you want to user assigned to.
The 4th option is the groups you want the user assigned to. (see PayPal subscription thread for examples of specifying group info)
Now, the label for the option in (blue) can say whatever you like. , humm, I see your using the lite version which is technically not supported.
I know you were responding to an existing thread but I really would rather you have posted this in the ASPProtect Lite area or at least mentioned what version you are using. Usually there are big differences in the versions and it helps me help you if I know what is going on.
Regardless, the code for this feature is actually the same and I just tested a fresh install of the lite version and it stored that verify url perfectly and all worked as it should in the verification email.
All I can think of is that you can try manually editing the "users/add_new_account.asp" file.
This part
EmailBody = EmailBody & "New Registration.." & vbCrLf & vbCrLf & "Your registration still has to be validated." & vbCrLf & "Go to " & vbCrLf & VerifyURL & "?u=" & Server.URLEncode(Request("Username")) & "&v=" & ValidateEmailCode & vbCrLf & "to verify your registration." & vbCrLf & vbCrLf
Would need your verify URL hardcoded into it which would pretty much guarantee it would get put in the email.
EmailBody = EmailBody & "New Registration.." & vbCrLf & vbCrLf & "Your registration still has to be validated." & "http://localhost/aspprotectlite/users/v.asp" & "Go to " & vbCrLf & VerifyURL & "?u=" & Server.URLEncode(Request("Username")) & "&v=" & ValidateEmailCode & vbCrLf & "to verify your registration." & vbCrLf & vbCrLf
Of course change the url to be valid for your setup.
Still, the fact that this isn't working means there is something wrong with your installation. It would probably be a good idea to erase everything, do an iisreset, and re-install the application in a different directory... immediatly log and go to the settings page, carefully set everything and save it... then register as a new user and see what happens.
There is no reason that variable shouldn't get set. I mean I tested it just now with a fresh install of the version you are using and not only that... 1000's of people have been using that same code for over a year in the full version and no one has had this problem except the guy who started this thread who never populated the value.
My guess is still a problem with your "IIS application" for that web. It is not doing it's thing for some reason. When the settings page is saved and application variable gets set telling the config file to reload the variables as it doesn't do it every time to conserve resources.
If that isn't getting triggered and that variable isn't getting set who knows what else isn't getting set and it's not pratical going around hardcoding 15 important variables., do you have the smtp part of iis installed on your machine
cdonts needs that
then again I am not sure you can even use cdonts on a xp box without making some changes...
cdonts has kinds died out and as of windows 2000 basically got replaces by cdosys , if you are talking about IPN subscriptions and how they work paypal has detailed manauls on their site.. if you are talking about asp.net in general there are probably a lot of good books..
the reason I said look at the aspprotect 7 code is cause the applications and database are very similar and the same techniques will apply for the most part as far as how the ipn subscription posts from paypal talk to the database and what happens during the various post events.. etc etc etc , one more problem I see...
I think your login box on the main page is missing the hidden form variable
http://support.cjwsoft.com/code/moreinfo169-1.htm, Hey, I run a business and I will not have things like that mentioned in these forums. , That would be great.
I am sure you know that many virus that are sent via email have the same property. (double extension). The code can be executed even though Windows identifies them as simple text files etc.
Thanks again , You can mix and match banner calling methods all you want.
Try it and see what happens.
However, the only method that is going to work on non ".asp" pages is the javascript or the new iframe method listed in the support forums.
cwilliams38209.532349537, Yes, that’s all I wanted to know. The problem is on my end. The server is not creating the .NET site correctly. I think I got it working now. Thanks.
In case you wanted to know? The only reason I asked you is because you mentioned that you where having trouble with overseas piracy and my account is new. I figured it was my user error by just though I’d ask you first. Hope you have no more piracy issues and have a good rest of the day.
Thanks again for the quick response. , Some of our users complained that their users id and passwords are sent in the clear. So we decided to invest in an SSL certificate from Verisign. It has been tested fine with all forms and pages in ASPProtect version 6. The only remaining page which I am not sure how to protect is the home page. Let's say my home page is http://www.MyDomain.com/index.asp. When the user goes to this link he/she will be presented with the check_user_inc.asp page so he/she can enter their ID and PW. So how to make the login information send from this page thru HTTPS? , I have a solution for asp already but thanks anyway. Is there a good book or other learning tool I can purchase that you might know about? I would know where to start about how create a timed subscription in .NET. , ya, that firewall could mess that up.
just edit which ever style include you are using
(with a text editor)
it will be one of these depending on your settings.. and they are located in the "scripts" directory
view_album_style1_inc.asp
view_album_style2_inc.asp
view_album_style3_inc.asp
find this section of code and remove the part in red
If Last_Counter_IP <> Request.ServerVariables("REMOTE_ADDR") Then
Set CmdUpdateCounter = Server.CreateObject("ADODB.Recordset")
cmdTemp.CommandText = "SELECT " & tbl_label_albums & ".* FROM " & tbl_label_albums & " WHERE (Album_ID = " & Album_ID & ")"
cmdTemp.CommandType = 1
Set cmdTemp.ActiveConnection = ConnGallery
CmdUpdateCounter.Open cmdTemp, , 1, 3
CmdUpdateCounter.Fields("Album_Counter") = (Album_Counter + 1)
CmdUpdateCounter.Fields("Last_Counter_IP") = Request.ServerVariables("REMOTE_ADDR")
CmdUpdateCounter.Update
CmdUpdateCounter.Close
Album_Counter = Album_Counter + 1
End If , You cannot use server mappath in the connecting string of the application. If you want to know why read my article.
http://www.powerasp.com/content/hintstips/physical-path.asp
Make your connecting string just like in my example.. do not use the oledb connection string either as it will cause other problems.
If you need to find out the path to the mdb file you can use server.mappath to get that info but do not put server mappath in the connecting string. See my article again.
then if the database folder has proper permissions and the path to the mdb file is valid it will work... otherwise you get useless errors, its really that simple.
You also may want to download ASPTest from www.cjwsoft.com it is designed to show a person how to setup a working data connection., It looks like your product is perfect for my new site, but I have one question. One of the pages I want to protect on my site will be called by an application running on a remote server every 15 seconds. The application can include the username and password in the URL it is calling. Will your product allow access to the protected page on my server? , It a generic error that means something is wrong with your data connection.
http://support.cjwsoft.com/code/moreinfo27-1.htm
http://support.cjwsoft.com/code/moreinfo136-1.htm
,
Timecard Entry: 3/25/2006 4:31:23 PM
Checked the Watertown 8300 modem pool., Working on creating a batch file for uninstalling the filter software that will delete itself when completed running, lunch, *TaskForce - Spider Interface Design, Jeff Wood - White Mountain Internet., Changing advertisement graphics on gisco.net/nnybe/, General - Proposal to CPH, wireless, dsl work, etc., travel to Community Hospital In Syracuse
MILAGE 76 Miles, to Syracuse, Watertoen - General, Preped for Christensen meeting- rescheduled meeting for tuesday to include Gail, TaskForce, cash flow, USA1Net, HB, Gisco, Meeting with J. Wood, working in switch room, cleaning, organizing, Renzi bros- contact mike - register domain name-set virtual email
Fast lube- meet with jim peterson (gather info/)
Bresse chevrolet- set up meeting at10/28 at 3;30
Mikeco-left message for mike
Basta- left mesage for joe- contact tommorrow-
, Passport ATM Review (Network), template crap, Creating reports for Jodi on our customers that are at 19.95 and 21.95 rates so that we can send them one more bill at this rate and then change rates (form letters), same as above, ate two quality hotdogs, Nortel Training Schedule, Email, Reset DANC ISDN and Square Cam, J&M Power,E-Mail, Nortel Training, , Trouble shoot iNex issue for Nat'l Hanger, develop content for vermont internet site, lunch tanned, Re: Ogdensburg POP engineering w/ Ed, Randy, and Howard, howard and darrel, posted account and did a detail of the check sfor deposit, ans phones and also answesing questions regarding there accounts.,
| 
