ok, I just sent you a private message with download information.

replace you existing

"check_user_inc.asp"

"admin/check_admin_inc.asp"

"admin/email_user.asp"

with the new versions in the download

Do some testing to make sure that HANNAH password works ok for you.

Hopefully this cures the issue...
If it works ok for you for a while I will offer the fixes to everyone and start using this code from now on

BTW:
"admin/email_user.asp" had an unrelated bug in it that only happened if its error handling got triggered... it was posting back to the wrong page when that happened and causing an error

I have narrowed it down.  The ../ for includes will not work with .asp files but will work in .shtml files.

any ideas?

What am i supposed to do now... i do have another member server that is not a domain controller-

However, i have like 5 websites running on this domain controller already. I have thought about this before how its a HUGE security risk but it will take too long to configure everything on the other computer :(

I was actually able to do similar thing by allowing our dedicated search engine to access the site unchallanged.

<%
If Trim(Left(Request.ServerVariables("HTTP_USER_AGENT"),11)) = "MYPASSWORD" Then  
 SearchFlag = True
End If
 
If SearchFlag <> True Then
If Session("Access_Level") > CHECKFOR or Session("Access_Level") = "" Then 
%>
<!--#include virtual="/Auth/check_user_Code.asp" -->
<head>
<title>My Title</title>

</head>

<body>

My Protected stuff here

</body>

</html>

For this to work, the search engine must pass the PW to the web site. I just was not sure how to do the same thing with IPs. I will play with the code and see what happens. If it works, I will post it here to help others, if this is OK with forum rules.

Thanks,

Mo

whether you use SSL or not really does not effect aspprotect in any way

I say, the smart thing to do there is too not start them off at a http:// url

one way to do it is put a simple ASP redirect on that default page and send them to an SSL version of the page instead...

http://www.powerasp.com/content/code-snippets/redirects.asp

another way would be not start them off on a protected page right off the bat and offer links to the the protected area...

in my opinion thats pretty odd to be starting them off on a protected page anyway
SLL maybe, but protected right from the time they hit the default page of the site.. thats just odd.. usually you want o say a little something about the site your at and then link people to protected areas or give them a login form which posts to a protected area.


Regardless if you always want users at your site under https:// you should have code on every single page in your site checking the url info at every page load. Then if someone ever hits a page and is not using the https://  you can do something about it like redirect them to the SSL home poge or redirect to that same page but with the https:// in the url..

Need to clarify something..

Your talking about the page where a new user registers right ?
Your not talking about adding a new user from the admin area ?

Either way under no circumstances do I see anything like you are saying happening nor has any other ASPProtect user ever mentioned this probem.

I am going to need to see your site and see this happening. It just makes no sense the way you are describing it.

Also. did you edit the registration page code in any way. If so please revert back to an original copy to ensure this is not some sort of problem introduced by editing the code.

Sorry, I forgot about that when I got hung up on the install problem.

 I'll tackle your explanation now to see if I can get it working. Since I already bought the software I'll keep my fingers crossed.

Thanks

thats not good.. its a web server configuration issue of some sorts ?

post is a common method for forms.. if it is not supported it is something you should ask the server admins about.

Is this a windows based web server running true microsoft ASP because that error is usally associated with non windows IIS based web servers from what I can see by doing a google search ?

ASPProtect only runs on windows servers running IIS and True Microsoft ASP.
http://support.cjwsoft.com/code/moreinfo165-1.htm

My guess is your web server is running Apache Unix or something like that.

that really does not make any sense...

I dont know what else to tell you as this really shouldn't be anything too difficult to sort out...

redirection based on criteria is not something aspprotect does by default... I try to help a bit... I've shown everyone how to do it in this thread...I know plenty of people doing it... I've done it myself... I know it works

let me ask you this... are you using ASPProtect 6 with the Option Pack ?
I assume you must be or you would not have the Groups feature ?
And you asked this question in the ASPProtect 6 section.

but then maybe your using 7.. I do not know

this should all work the same either way

Just an update,,,

the permission were all correct.... i left it and tried from my pc at work and it works fine... so i dont know what hahhpened.... thansk for your quick response

regards

Domenic

Sydney, Australia

I'am in the process of modifing registration and tieing in paypal. When I get live I will send you a link. Thanks for help.

John

For all you advanced users..

Here are two examples of ASP.NET code you can use on your ".aspx" pages to call banners from the ASP 3.0 version of ASPBaner Unlimited V8

This code is not supported... and you of course must change things accordingly like the variable names and zone numbers to match the zone you want to call banners from as well as the url.

2004-08-27_153832_asp.net_examples.zip

The album ID thing is completely normal and by design. Once an ID in the database is used it can not be used again. That is how autonumber fields in a database work.

As far as not being able to delete images... Are you by chance using ASP.NET to show dynamic thumbnails... Because if you are you must turn that feature off and wait 20 minutes or so (maybe more) before you will be able to delete any of the images. It is because the current version of the ASP.NET script used to make the thumbnails locks the images on the server temporarily anytime it creates a thumbnail.

It is a known issue... and there is no fix at the moment other than what I told you above.

I really do not know to tell you the truth. I'll do some research.

The script only allows .jpg, .jpeg, and .gif extensions.

If someone uploads a file called... "filename.vbs.jpeg" with bad vbscript in it I seriously doubt anything can happen because of it because of the extension.

But I really do not know.

It has never happened to any sites I have or know of.

Running in parallel for testing is actually a smart way to do it, but the truth is you don't use anything from version 6 except the upgraded database (we have a tutorial on how to upgrade the database)

Version 7 was a drastic change /rewrite to all of the asp files that come with the application. So you will be starting out with fresh version 7 ".asp" files and folders... You will also find that once you get version 7 running that editing certain things like the look of the users area and the login screens is much easier to do.

That being said any of your own ".asp" pages that you protect use the same protection code they always did, so there will be no drastic changes needed there when you do finalize the upgrade.



If using MSACCESS as the database I suggest installing the application somewhere in your web and using a fresh ASPProtect 7 database. Once you are familiar with the setup and everything is working fine. Attempt the database conversion and when your done stick your converted database in there and see if everything is ok.

Also, if you already purchased the application download the latest version before doing the install. It's the same download URL. If you don't have it email me and I can hook you up. I have added some new features and fixed a couple minor things since it's release.

So far the feedback on version 7 has been awesome..

I did not make a mistake.. what I typed is what I meant to say. I think maybe you are taking it the opposite way as I explained it.

Regardless,

What you want to do... logging them in under https and then having them continue though the site under http is not possible.

It doesn't work that. way. As far as the webserver is concerned https is a totally different site than http and each have their own unique set of application and session variables.

In a sense no different than www.somesite.com is different then somesite.com (each has their own unique set of application and session variables as well).

Now, because of the nature of Forms Based Authentication session varibles created under one will not carry over to the over and thus no password access if you switch over from a secure url to a non secure url.

If you want them logging in under SSL you need to keep them under SSL.

That is not to say there is some ultra complex scenario to mimic the session variables on the non secure side of things (possible with a complex http post to a non secure page from the scure page telling it what variables to create and set), but doing so means a ton of work and also has security concerns of its own.

If things are not perfect there will be no log files and no errors.. it can only be one of these things really
http://support.cjwsoft.com/code/moreinfo313-2.htm

You may also want to make your the filesystem on the server is working and not disabled by norton script blocking or anything random like that. Testing the filesystem object is best done by writing a simple text file to a folder. Plenty of examples of doing that can be found at www.aspin.com

Recent activity is temporary and admin activity in the admin area is not tracked. If your application in IIS has reset or there has been no activity in the users area or in pages you protected there will be nothing there. The busier your site the more chance something will be there. For example usually our online demo has something there except right after 4am when my server does an iisreset.

all that docmunetation is online as well right here so you dont really need the chm file
http://support.cjwsoft.com/code/info24.htm

the chm format is a windows format that can only be viewed on windows pcs. I do not know why you can not see it. I would do reseach on viewing CHM files on whatever operating system and version you are running because perhaps you are using a mac or linux operating system which can not natively view chm files ?

Okay thanks, I'll have to consider wether or not to go down the path of the upgrade or cut my losses as the Access cannot handle the pressure

It's just errored out again with the following message:

msxml3.dll error '80072ee2'

The operation timed out

/forum/banner.asp, line 15

Regards,

Dave

You should not have single quotes around the "-1" because Album_Active is not a string field in the database. It's true/false or bit field in the database depending on the database you are using (MSSQL or ACCESS)

I'd do it a little more like this I think.

SELECT COUNT(Album_ID) AS Alb_Count FROM " & tbl_label_albums & " WHERE User_ID = " & CmdListUsers("User_ID") & " AND Album_Active = 1"

I took out the parentheses as well since I dont believe they are needed in a simple case like this

but is hard to say unless your the one testing it... my version might have a mistake as I am a little rusty with my SQL at the moment

also: in case your wondering...
depending on the situation and the odbc drivers the 1 and -1 should work either way but sometimes it's picky and you have to do it one way or the other

[QUOTE=spider]At the bottom of my "users" list page, it asks the question "number of users displayed per page"?  After hitting a larger number than the default of 1-25, it increases the number of users per page to that number.  But as soon as I leave that page, it goes back to the default.  Any thoughts?[/QUOTE]

That is how it is supposed to work. It is not supposed to remember that info after you leave. If you want it to always start at some default number simply copy the URL info after picking a number. You'll see the querystrings that tell the page what to do in the address field of your browser. Take that entire URL and  edit the button in the admin area to link to that. The links for the buttons are in the "header_inc.asp" file and you should edit that file with a text editor.

That's the easy non technical way to set a default on the users page and that applies to anything including doing a sort or whatever.

example...

you might change this

<a href="default.asp"><img src="../images/users.gif" border="0" alt="Users"></a>

to something like this

<a href="http://www.yoursite.com /aspprotect/password_admin/default.asp?SORTBY=Email+DESC& ;MyPageSize=500="><img src="../images/users.gif" border="0" alt="Users"></a>

The problem with that is when a user deletes an album, the album record does not get deleted from the DB, so counting all the records would return the accurate result. :(

Any hints?

What other information do you have ?

Details are very important.

Info on situations where it works... like OS, browser version.. etc etc

Info on situations where it does not work... same stuff

size of the PDF files ?

server info ?

Maybe protect a page and offer a PDF file so myself and some of the forum users can try it and report back what happens.

Also, Many people zip up PDF files when letting people download them as browsers can act pretty odd at times with them. Perhaps that is an option.

There was nothing wrong with the server configuration. It turned out that the problem was that I disabled the email notification of new user registrations that I continually receive. That appears to disable the authorization email to new users as well.

One other issue. It appears that AOL email addressee's are not getting the authorization email. Does AOL have any blocks to CDONT generated emails?

far as I can tell it does... that session abandon thing called in the logoff page should be enough to cover everything

once thing to be careful about

If you log in.. then log off... then go back to a page and do a refresh... you  may in fact be reposting the username and password from before.. thus logging yourself right back in

Perhaps not.. all depends on what your doing... but it is something to be careful of when testing 

I purchased and installed the full version ASPProtect 6.0 in Feb 05 (must have been just before 7.0 came out) and have been using CDONTS for email authorization during the registration process.

It was working fine for about three months. Now, after registering, the  email  authorization is NOT delivered to the new registrant. There are no error messages.It just doesn't arrive.

Any thoughts on the subject would be appreciated.

Yes, you are right.

We have now tested it using the DSN less connection with Access 2002 and it works fine. We have also tested it again with a DSN using 2002 and this also seems to work.

The comment about speed is a consideration although I have not noticed any differences. ( we only have a few database entries at this time).

Thanks for your help

YES.. you need to edit your SWF file to link to the aspbanner system...

example.. the link may look something like this
http://banserver.powerasp.com/aspbanner/banner_redirect.asp? Banner_ID=60

of course you need to put in the right information for your site and whatever banner ID it is in your system

Like it says above.. if you save the new banner at least once and then come back to edit that link will be generated for you at the bottom of the edit page.

then when your flash banner is clicked on it will go track the click and then send them to the "link_url" specified for that banner when you edited it.
(you need to enter the final destination url there if you want that to work)

Thank you for the response to my question. In the mean time if I can figure any workaround I will post it here.

Sorry, not really.. not without a lot of changes to the code.
the recent activity info recycles.. it is not meant to be day by day

My suggestion there would be to look at both the log files and the user activty screens...

Okay, this also shows at the bottom of the import/export page

I've got the IUSR account with modify permissions on this data folder as well.  Is the "this directory needs change permission" line just a general reminder?

Files are being stored in "D:\missourirealtor.org\members\aspprotect\data\export\\"

This directory needs change permissions for the anonymouse webserver account.
Those permissions can only be set by your hosting company.
These features will not work without those permissions being set.

Thanks, I really appreciate you working on this. The software works GREAT and the support you give can't be beat. I will definately tell other that are looking for software for their sites to check your first.

one more question.

To use the bulk upload feature of aspuload, do I just need to add another upload section to the same upload page, that will allow more than one file to be selected then tell it to put the files in as Photo 1, 2, 3 etc.? I am a rookie at ASP but I think this is possible and with a little research I should be able to get it going.

Just want to make sure I am on the right track.

Thanks

Hello,

VBScript is the most popular ASP scripting language, and has the most support available. I estimate that less than 5% of the ASP coders out there use anything other than vbscript

That being said it specifically says on the aspprotect site ASPProtect is only for use in protecting asp using "vbscript" as the language.

http://www.aspprotect.com/more_info_full_v7.asp

http://www.aspprotect.com/comparison.asp

it is something I specified very clearly for this very reason.

Sorry, but you can not use ASPProtect to protect pages using Language="Javascript". The code is too complex to be mixed with server side Javascript.

To password protect asp pages written using "Javascript" you really need a an application specifically written in and designed to work with ASP pages written using "Javascript". And then of course that application would not be able to protect ".asp" pages written using "vbscript." (I mean never say never, but it would be a ton of work to get both working and I doubt you will ever see a commercial application that does both)

as for switching back and forth between vbscript and javascript you really can't except with very simple code. Doing so with anything complex can be extremely problematic because the order of execution sometimes gets all mixed up because of the complexity of the code being used.

That doesn't mean it can not work....

You would really want to do something like this.


do not specify a default language at the top

surround the aspprotect include file with this

<SCRIPT Language="vbscript">

</script>

surround your javascript code with this

<SCRIPT Language="JavaScript">

</script>

then make sure none the code including the aspprotect include file has any <% or %> tags in it

that means you have to remove that sort of thing everywhere... that means a lot of work if you used a lot of that sort of thing instead of response.writes to write out html type stuff

and again... I don't know if you would ever get it all working