Blog Entry: 3/25/2006 4:40:23 PM
Ok, I tried what you suggested but the program won't let me leave the
date area on the banner ad blank. I reset it to a date in 2010.
I deleted the Level 1 Access note in the notes area.
I then attempted to access the banner stats using the correct info and
the right link. Again, got this message:
ACCESS DENIED
INVALID Username & Password
Username HAS EXPIRED
Any ideas? Should I just delete the whole account and start fresh?
TIA,
Laura
, ((TITLE EDITED BY ADMIN))
it would be nice if there was an option for login abuse, where a login account would be flagged if it logged in from x number of different IPs over a period of time. I know many have dynamic IPs, but there's got to be a balance between legitimate logins and logins that are 'shared' for the sake of saving money (I sell subscriptions), in the end costing me.
Maybe searching the first two number groups in the IP (example, 209.168.*.*), and if finding more than an admin specified number of logins per week from IPs with different first two groups, the record would be flagged or locked...
,
If you are using version 6 CDOSYS is not supported. That is one reason why version 7 came out. If you want to rewrite the code to work with CDOSYS in version 6 that is something you need to sort out on your own as I do not support custimization to the code.
,
The only reason no one else
asked this many questions is possibly because they didnt NEED the functions i
am TRYING to do.
We offer tech support for
installation of the base application purchased in it's native form.
In other words were not planning on spending weeks holding your hand and
teaching you how to build your application or modify the one you bought. Not
because anyone wants to make it hard on you but because there is a practically infinite
number of things someone could be trying to do and the only way to give you the
exact answer would pretty much involve either writing it for you or having a
look at your code to see what the heck your doing. Sorry but my time isn’t cheap
nor do I have a lot to spare. I already gave you my approach on what to do and
what you should be looking at but obviously you’re not catching on. SO ONCE
AGAIN, PLEASE LOOK AT THE SOURCE CODE AND DECIDE HOW YOU WANT TO HANDLE YOUR
END OF THINGS BASED ON HOW THE APP DOES ITS THING. I really don’t know how I
can be more clear that that. I don’t have a crystal ball that can tell me where
you’re going with your own code, what the final requirements are... what field
you want to add or remove for the database etc. There is a demo up that
everyone can look at and play with so they can get a feel for how the things
behave and look. It’s not my fault your naivety led you to believe you could do
anything with it in ten seconds. I mean if I just add some wings to my car
maybe it will fly, and if you just add a shopping cart and a few products maybe
you can start your own Amazon.com with that software right? Sounds good to me…
It would take me longer to re-write YOUR code
than it would to have LEARNED ASP.NET and made MY OWN.
Well thats one thing we both agree on, I bet it would take you a long
time to rewrite the code when you dont know how to write it in the
first place. By you own admission you dont know enough about what your
doing to be messing
with a .NET app at this point. Maybe you should take your own advice
and LEARN
SOMETHING ABOUT IT. What’s even worse is that application isnt even
complicated, its 101 stuff honestly. One class, thats it! Your not
looking at thousands
and thousands of them that you will have to read and comprehend. If you
can
actually “read” the code we kept it lean and mean and to the point.
Nothing
strange or random, no references to a zillion things all sprinkled here
and
there. Its reads like a book if you know the language. That’s why
developers
buy these apps all the time. Not because they couldn’t write one
themselves,
but because they know their time is valuable as well and for $150 which
is less
than most get paid an hour they couldn’t be bothered. Furthermore we
both spend a lot of time making sure these apps are "dumbed down" so
that the average programmer without a lot of object oriented background
can pick up the coding style tweak it if they need to. Some people do
modify things to suite their needs and
others are
happy with our apps "as is".
Just to recap we already wasted two days yappin about your
jacked up servers and after you went through THREE of them and finally got one
working you said the code was working. Red lights started flashing in my office
by the time you got to the second screwed up machine, but hey weird things
happen so at that point I wasn’t 100% concerned. Technically we could have and
possible should have cut you off there as the policy in place is pretty clear
about us not being your tech support crew when it comes to getting your machine
working properly (especially one we cant even look at). Go check those posts
again both Chris and I were answering your questions and being as helpful as
anyone could possibly expect.
Several more days have been spent answering questions about
how to modify your application and again that’s not our responsibility and we don’t
support modified versions of the software for all the reasons that should be
obvious. No software company does and if I have to explain why that is well this
conversation is beyond hope.
Bottom line is the responsibility to support that
application ends the moment you get it running the way it was shipped. Were
pretty damn decent about going above and beyond and a lot of the time we go
into things we shouldn’t have to. If you have well thought out and specific
questions by all means ask, this isn’t some sort of thanks for your money now
get lost operation. CJWSoft has been around since the beginning of Microsoft’s
entrance into the web application market. We have thousands and thousands of
happy customers because we are developers and enjoy working with other
developers along the way.
You’re not the first N0oB to show up, but you’re the first
one I can think of that ever tried to tell us we didn’t write the apps we sell and essentially
wanted to argue that we don’t know what were talking about. Meanwhile you
should have been done with your thing days and days and days ago, not in here
yapping off and showing your ignorance to the other developers that regularly
browse these forums. You trying to tell me how CafePress works is a joke, I happened
to have been part of the team that worked on the first few revisions of that
site and again you really didn’t even understand what I was getting at in that
last post. LINK TO LOGIN PAGE not link to every protected page on the site.
If you think I am pissed off at you, your wrong. I'm
just irritated with the whining about this and that and rather than
admit your over your head you come back with half baked remarks that
only make sense to you. If you think you can
google
a few terms and come back here talking smack like you’re actually
someone that
knows what you’re talking about your just making a fool of yourself.
You sound like a guy from China trying to tell me how to speak
English... My
advice
is get a few books and start learning or try actually reading up and
listening
to the other bazillion knowledgeable developers out there that do a
great job
posting articles about the subject. You might just learn something and
actually
get your project finished before 2010 and when you do please come back
and
re-read your posts with "enlightened eyes" so you can see what a goofball you are for saying half
of the
things you have said. I am not in the mood to keep helping you get your
project done step by step. I have huge projects of my own going on and
if I thought you could actually provide a descent project specification
I might offer to make the changes for you at a serious discount so you
could go away and everyone would be happy. Problem is I dont get the
feeling you could explain your way out of a paper bag let alone provide
a group of programmer the techinal specs for your project.
Your best bet is to post a link to the start of
this thread at www.AngryCoder.com I'm sure a few of people over there would be more than willing to give you a ton of usefull advice 
Google 4GuysFromRolla… a great resource site with example, just
dont come back here telling me those guys/ladies posted things
that dont work either.
Chris has written hundreds of articles on PowerASP, a great
place to start looking as well… www.powerasp.com
I've been spitting out code for longer than I can remeber and I still look
thing up on this site because its LOADED with great info. That happens
to be one of the very first ASP sites that went up on the net so lets
just say he knows a bit or two about the subject.
I'm sure your frusturated but
your pushing your luck
seriously. 38 posts about this subject in a week and your over there
hacking away on your virus infested WaReZ machine which isnt exactally
the ideal development rig. I mean we provide the code and your supposed
to provide at
the least a very basic knowlege of what your doing and a production
grade platform to test it out on. To me thats like buying a
car and then asking how to drive it... then bugging the dealer to teach
you and when you smash the thing complaining because no one told you
that your not supposed to drive into a wall. I have the same policy as
the dealer, show me something wrong with the car from the factory and
we will fix it for you NO QUESTIONS at all with our appoligies, but
really once you take it off the lot what you do with it is your deal
and its not our responsability in the least.
, IFRAME is just an client side html thing...
has nothing to do with .NET
will work with any page extension or server side technology
As you see from that compatibilty chart I posted a link to.
Nearly every modern browser supports it.
cwilliams38155.4462847222, Thanks! Will try both.
Appreciate the support.
, If you need to know how to enable them on your test server.
http://support.cjwsoft.com/forum/forum_posts.asp?TID=5&P N=1
, You would set the groups during users signup the same way you would do the expiration in the following example.
http://support.cjwsoft.com/code/moreinfo170-1.htm
The groups field need to be set the exact same way it would look like in the database of course
So, if a user was part of groups 1, and 2
You would look in the database and see this in the groups fields for that user
*1*,*2*
so in the signup code you set that like so
CmdAddUser.Fields("Groups") = "*1*,*2*"
This info only applies to resgitrations and signups using the "users" folder.
if you wanted to make different sceanrios you would need to carefully make a copy of the users folder and adjust it accordingly
, People who have the option pack have a new feature called groups.
Groups are meant as a replacement for using the access levels as they are much more powerful. Support for pages protected using access levels is left in tact for backward compatiability for a customers older protection code.
A customer recently told me groups could not be used like access levels and that 8 access levels was not enough. This is how I explained that groups can do everything access levels can do.
Groups can honestly do everything access levels can do if you really think about it.
Using groups and protecting pages accordingly you could actually create a system that basically worked identically to the way the access levels works.
For example..
You make 8 groups and assign users to them accordingly
Protection code on page allows access to groups 1-8
The aspprotect system generates this code for you…
<% GROUPACCESS = "1,2,3,4,5,6,7,8" %>
<!--#INCLUDE FILE="check_user_inc.asp"-->
In this case a user assigned to any one of those groups would have access..
Protection code on page allows access to groups 2-8
The aspprotect system generates this code for you…
<% GROUPACCESS = "2,3,4,5,6,7,8" %>
<!--#INCLUDE FILE="check_user_inc.asp"-->
In this case a user assigned to any group between 2-8 would have access..
Protection code on page allows access to groups 3-8
The aspprotect system generates this code for you…
<% GROUPACCESS = "3,4,5,6,7,8" %>
<!--#INCLUDE FILE="check_user_inc.asp"-->
In this case a user assigned to any group between 3-8 would have access..
cwilliams38114.800775463, I have been working on this all night long. I have been reading every possible article. I have created an ODBC connection on the server.. which i have never done before? Still nothing. I looked at the machine.config file... i read about impersonating whatever the hell that is... I am really stressed out. I have the 1.1 framework installed.
I read about dsn and dsn-less connections. Is there another way i can connect to the database? Without using a username and pw maybe?
, I would also double check that you changed the field size correctly and on the correct database that is being used in the connection string
, the following error message appears, but only when attempting to log off. all other parts of the program seem to be working.
[Microsoft][ODBC Microsoft Access Driver]General error Unable to open registry key 'Temporary (volatile) Jet DSN for process 0xa04 Thread 0xa38 DBC 0x21ff024 Jet'.
, I moved the password check file out of /user and am getting this message:
Microsoft VBScript compilation error '800a0400'
Expected statement
/asplog/check_user_inc.asp, line 404
End If
^
Is this a standard database connection error so I should ask my IIS to make sure permissions are correct?
Thanks..!
, I just told you a lot of different things to try... and I doubt you have tried them in the time since I mentioned them
, After a user edit his information (name, email, etc), the session variables are not updated. In the user_area.asp
page, I "Response.Write" all the session variables, and they are still
showing the old information. I tried refreshing the page but to no
avail. The only way to update the display is to log off and login again.
please help.
, Its a great idea. I didnt really check the counter until the album started working. Its a great concept though., ADODB.Recordset error '800a0cc1'
Item cannot be found in the collection corresponding to the requested name or ordinal.
/aspprotect/password_admin/default.asp, line 287
I'm doing an upgrade from an OOOOOOOOOOLD version (not sure if it was 6 or not) and it read my database OK prior to adding a new user. Now I get this error message. I was able to run the password encryption function OK, but I still get this error when I try to view the password_admin stuff. I can log in via the "get_me_in" asp page just fine, but I get the above error.
If I try to log in with my admin account, I get
ADODB.Recordset error '800a0cc1'
Item cannot be found in the collection corresponding to the requested name or ordinal.
/aspprotect/password_admin/check_admin_inc.asp, line 166
*****
OK, my question is this... if I retype all the info from the old DB into a brand new one, never before used, that would work, right? I only have 108 users, so that's about an hour of work. Or is there a 5-minute fix that I can try? I've done some messing around that got nowhere and returned all edited files to their original state, with the exceptions of the ones calling the DB location.
I'll start the C&P process and await your reply... 
On a side note, I really love the new format and am excited about the new features. I'm not married to upgrading the DB and if copy and paste is faster (I just need first name, last name, username, password, email, and expiration date), then I'm using v.7 that much faster.
cwilliams38457.6090509259, Two things you can do to test..
make sure there is at least one ".log" file in that directory.. then if you go to the log file screen and it does not show up in the list the physical path you are using is just not correct
remember the physcial path must contain a drive letter (sometimes a network path starting with // is ok if they have it setup as a network drive)
the other thing you can do is use this script to try and write a simple text file in the directory
http://www.devasp.com/samples/writetofile.asp
That will show you if permissions are correct
, A mod like this would improve tracking by leaps and bounds.
Do you think this addon would be availalbe anytime in the near future? If/when this feature or mod becomes availalbe, it certainly would be ideal if some script was made to import all the log file data.
, not anything built into the app... it would be done with client side javascript if you wanted to look into it... my client side javascript skills are ziltch, Can I have the logon be in a top frame while having the protected pages displayed in a main frame?
Also, how will it behave if a user moves in between a protected page to a public page and back to the protected page again?, Let me put it this way.
My home page (default.asp) is an unprotected page.
When a user that has signed in on another (protected pages) and has the remember me checkbox checked closes the browser cookies should be set for the next time they return.
When the user opens their browser and returns to my home page (default.asp), I'd like to put a message saying:
Welcome back <%Session ("Username")%>
How is this done?
, humm,
thats a new one.. something is very wrong.
Please show me screenshots of exactly what happens and what you see. It does not make any sense so I need more info or I least need it described in more detail., No, Unfortunately.
I have seen your messages.
I have not edited the code at all.
Tomorrow I will install the sql database again from your script as I
did before and I will try again. I will send all the details.
Thank you again.
, I am sure its permissions as well, but I don't have that much access to the hosted server...lol.
I will use access for now, since it works fine, and try to talk with the hosting people later.
Thanks!
, Yeah, its a win2k server.
Im up and running now (my guess is ASP wasnt installed, but he did not say), but am not having luck with any of the email. I contacted my host to see what is available and have yet to hear back. Do you generally recommend people to run CDOSYS?
Ive been reading through the docs, and the users and protection seems to be pretty straightforward. Nice!
The only other real question I have (and cant find in the docs) is how to remove the self registration option all togehter. My client wants to add its users manually, and not give the option for them to sign up themselves. Do I just find any remove any code that references it?
, Hi
I would like to ensure the the user uses a UK style postcode not a clue how to ensure this as I am new to asp. Any ideas?
regards
John
, I downloaded v7 3/7/2005
I entered a password that was supposed to be all caps with only first letter caps.
it is odd, if I go to other user and enter wrong password that does not come up. it apprpriately goes to a screen that says Access Denied.
thx
, If you have messed up the admin account or forgotten the admin password you generally should open up the database manually and add a new account or see what the old account is.
In version 7 however you have another option. Go through the installation instructions again. Specifically the part where you use the "get_me_in.asp" page to get back into the admin area by pasting in the password encrpytion keye you are using from your config file. , no, that system only works with ASP.NET code.
Currently it can not possibly work with classic asp.
PayPal made it a nightmare to use and work with.
Special things regarding the signing of digital certificates also need to be installed on the web server so if it isn't your server your also out of luck.
, That would be great.
I am sure you know that many virus that are sent via email have the same property. (double extension). The code can be executed even though Windows identifies them as simple text files etc.
Thanks again
, Protecting ASP Pages
To protect a page without using the Access_Level or Groups feature simply add this code to the top of that page.
Put this under the <%@ LANGUAGE="VBSCRIPT" %>
<!--#INCLUDE FILE="check_user_inc.asp"-->
This is an example of a File Server Side Include. You could also use a Virtual Server Side Include.
The following URL explains what Server Side Includes are.
http://www.powerasp.com/content/code-snippets/includes.asp
Now when someone runs that page they will prompted to login. They will not be allowed access to that page until they successfully logged in.
An example of doing this is provided in the "default.asp" file included in the root of the Password System.
Look at the source code with a text editor to see the working code. It is quite simple.
Protecting ASP Pages Using Access Levels
To protect a page using the Access Level feature simply add this code to the top of that page.
You simply specify the Access Level before the include file is called. In this example we are protecting the page with Access Level 4.
Put this under the <%@ LANGUAGE="VBSCRIPT" %>
<% CHECKFOR = "4" %>
<!--#INCLUDE FILE="check_user_inc.asp"-->
This is an example of a File Server Side Include. You could also use a Virtual Server Side Include.
The following URL explains what Server Side Includes are.
http://www.powerasp.com/content/code-snippets/includes.asp
Now when someone runs that page they will prompted to login. They will not be allowed access to that page until they successfully logged in as a Level 4 user.
Examples of managing Access Levels are provided in the "multiple_access_levels" folder included in the root of the Password System.
Look at the source code of the ASP pages in that folder with a text editor to see the working code. Again, It is quite simple to follow.
Protecting ASP Pages Using Groups
Please see the code generators in the admin are for the code to do that.
Also, check all field and table settings manually by comparing them to the SQL creation script we provide. You may very well be missing auto increment and primary keys which would make adding new data not work.
It is most likely one of those two things.
, Thank You.
, Actually, as far the "aspprotectnet.dll" file goes it makes sense because of the following.
! This from my hosting company this morning...