Blog Entry: 3/25/2006 4:37:58 PM
Please forgive any ignorance on my part.
Using the live demo, it seems that with the banner software my advertisers would only have access to reports, but no ability to upload banners, specify keyword triggers or zones, what have you. Is this correct?
The other thing I couldn't quite figure out, assuming I had a categorized directory on my site, is this system configurable to display different banners based on category? Perhaps through keyword triggers?
Thank you in advance for any assistance. , no, but in the standard version it probably will not run so great with more than 75 or so.
The unlimited version can handle pretty much whatever.,
Chris-
A general question - Can you have multiple instance of the gallery on the same server? , also.. every once in a while I get some nervous person concerned about security... and the pros and cons of having parent paths enabled.
etc etc etc
so let me add this bit of info..
I don’t know what your hosting company will say because it is an iffy topic and those that understand it have a hard time explaining it to someone who doesn't. Also usually the hosting company doesn't have a clue except they heard it was a security risk.
Here is the low down from someone that really understands it...
(well, at least I think I do)
The only real security risks are from YOU and possibly other people hosting on the same server if they have parent paths enabled that is.
Meaning your site visitors can't possibly do anything with it unless of course you let them upload and run their own asp files to the server.
Anyway.. if YOU run malicious asp scripts you could potentially attack other sites on the server and look at things you shouldn't. As could other sites on the same server do to you I suppose.
So, unless you plan on doing that or some other site admin on the server does it to you its not really a concern. Just an advantage in coding abilities.
If you attack someone elses site on the server or lurk where you shouldnt then you are probably violating your hosting agreement.
99% of the time everyone gets all nervous over nothing.. half the people nervous about this have sites nobody would ever want to hack anyway.
Many people with a really important/busy sites are going to have a dedicated server somewhere so the setting is not relevant..
The hosting companies of course have to warn you.
This setting was enabled by default for years on IIS4-IIS5. I never once heard one single real story about anyone attacking anything because of this setting. That doesn't mean it doesn't happen but I am just telling you what I know.
This is all my opinion so take it for what it is...
If you are a Hosting Company your better off turning it on at the customers request, giving them a warning about it, and in turn having happy customers.
The big hosting companies like Alentus and MaximumASP do it...
There are far worse things than this to let people do after all.
Beleive it or not I have actually been in servers where they gave the anonymous webserver acount modify permissions EVERYWHERE yet they disabled parent paths ???? cwilliams38391.6024189815, If logfiles do not get created it is most likely one of 3 things
- invalid physical path specified
- permisssions
- filesystem object is disabled on the server
that path doesn't look correct to me for a live professionally set up server but only you or your server admins can know that for sure
you will not get any errors when things arent perfect.. just no physical logs
RecentActiveUsers and RecentPageRequrests are not related to the stored logfile feature.. Recent Activity is a different thing , To finalize this thread.. a target was added to the form by the customer by accident thus causing the situation, like I said you made changes to something to cause that...
users/user_area.asp
runs fine the way it ships "it is one of things I tested earlier when I looked at your installation for you"
If you want I'll go look via FTP and tell you what is wrong cwilliams38456.1069212963, You have old code I think.
It's probably because his password used with your encryption key by chance creates a single quote and messes up the database query
A notice went out about this. I will PM you the latest download with the updated files. , Well. fontpage publishing is evil. That you have found out.
Do not use it. It usually wont work right when running asp code locally and also at the server because of differences with the paths and virtual directory structure. etc etc etc
You can definetly use frontpage to connect to the web site live and drag and drop files into it/edit them... but the sooner you stop using the publishing feature the better off you will be. , Good Morning - I am receiving an Http 500 internal server error when I go to add a new user via the register.asp page. the url when the error appears is: .../users/add_new_account.asp
I think the error has to do with my email component setting - becuase it works fine otherwise.
I have the email component setting set to CDOSYS (using remote server) with the mail.remote.server set to email.cidra.com - email address set to webmaster@cidra.com
Note: I receive the email notification and the user does get added.
Can you help please? Shirley
UPDATE...I just figured out that it only errors when the email address I use for the user is NOT from cidra.com -- Any idea why?
, recently i've been getting a lot of unspecified errors. i've been running aspbanner for about a year and a half now. i don't know what would have caused all these problems. also, for some reason it won't maintain my log-in, ever time i got from page to page or try to submit a form it asks me log-in again.
Jason S.
cwilliams38389.8791550926, no, its part the concurrent login checking system.
currently when that is on logging off does not come into play..
(pretty much because it is such a complex system I wasnt able to make it quite that intelligent this time around)
when concurrent login checking is enabled the only way to log in again at another system with the same username and with a different IP is to wait till that time period is over
sorry
as you may recall it was rush feature at the last moment before I got version 7 finished. Hopefully I can improve on the feature in the next version but I dont really see it as being a big issue at the moment. Sometimes when you want maximum security you have to make some tradeoffs and that is why the feature is optional. , ((TITLE EDITED BY ADMIN))
it would be nice if there was an option for login abuse, where a login account would be flagged if it logged in from x number of different IPs over a period of time. I know many have dynamic IPs, but there's got to be a balance between legitimate logins and logins that are 'shared' for the sake of saving money (I sell subscriptions), in the end costing me.
Maybe searching the first two number groups in the IP (example, 209.168.*.*), and if finding more than an admin specified number of logins per week from IPs with different first two groups, the record would be flagged or locked...
, If you run asplistings auto in its own folder with its own application in IIS. Connected to its own database.
And you run your other version of ASPListiings in its own folder with its own application in IIS. Connected to its own database.
You will have zero major changes to make to anything... other than what you did above..
But remember theyare the same app and share a lot of thing including sessions and application variables.. that is why if they are installed in the same domain each one needs its own application set in the IIS console so they run seperately of one another. cwilliams38312.5189814815, There is nothing built in to the system but it is very doable.
However, you need to be a decent asp coder because your going to have to write some code.
Basically you would want to do a check on the screen where a user uploads to count how many pictures they have uploaded.
Then act accordinly and either let them or dont let them proceed.
On a side note the overall filesize limit of the total of all pictures a user can upload can be set when you edit a user.
, Hello -
Believe it or not I finally can access the photogallery. You were right Chris regarding the unzipping of the files.
Now onto the next challenge! I have set up three categories and proceeded to create a test album. I uploaded a couple of pictures (yeah that worked!!!) but the album does not show up on the default.asp page under the category.
Please advise -
Rhona (rookie)  , This is great documentaion for windows script 5.6
in windows chm file format for jscript and vbscript.
We use server side vbscript in all our our ASP 3.0 applications so this info can be a lot of help.
2005-02-18_150921_vbscript_docs.zip
cwilliams38401.6321990741, I just started using ASPJpeg, and i used the
"generate_new_thumbnails.asp" to create new thumbs of all of the
existing albums. It generates the thumbs just fine, but they
don't get picked up by the "Randomly Selected Photo" section. If
I upload new pics, they will show up in the random photo area.
So, it reads the new upload thumbs, but not the newly generated ones using your .asp page.
Is there anything I can do?
, I have multiple zone banners displayed on a single page using the AspHTTP Component Method.
However, in IE 6.x and NS 7.x each banner has some text displayed before it similar to:
HTTP/1.1 200 OK Server: Microsoft-IIS/5.0 Date: Fri, 17 Sep 2004 07:15:12 GMT MicrosoftOfficeWebServer: 5.0_Pub Connection: Keep-Alive Content-Length: 229 Content-Type: text/html Set-Cookie: ASPSESSIONIDAASSDQBA=HAICCGCANEBEPANCDHLHJJGC; path=/ Cache-control: private
This text does not appear when using Netscape 4.x cwilliams38325.741099537, Why all the pages at the directory .../password_admin/ are very slow to open online? vaghelis38300.5280208333, I'm all set - after thinking about your replies - i checked a bit more and changed the email component type -- thanks again for all your help. , Same here. Thinking it might be server load or the bandwidth to the server.
Thanks for checking!
Lance , I am running Windows 2000 server. I do believe asp.net IS installed as I have the .NET 1.1 framework installed.
Funny about the bounce backs. I am at about 10% of my limit, which I control as I am the network admin. I'll check into that. , Anyway,
How busy your site is actually won't be the only factor. Really the application should not restart unless something happens. If the IIS application is reseting alot it could very well be the ISP restarting the server or doing IISRESETS as well or other sites on the server causing the application pools to restart.. etc etc etc Quality ASP hosting is important. Regardless your hosting company most likely will not admit to anything be out of the ordinary.
As far as that directory deleting itself on you.. I doubt they will have an answer for that one. All I can tell for sure is I didn't put any code to delete it in there. , IFRAME is just an client side html thing...
has nothing to do with .NET
will work with any page extension or server side technology
As you see from that compatibilty chart I posted a link to.
Nearly every modern browser supports it.
cwilliams38155.4462847222, The application is only intended for use with $ the way it comes.
Use of other currencies is not supported.
(this is noted on the product page)
However, it can probably be used fairly easily with UK customers.
You'll probably want to look into setting the currency to UK in the code generated for the PayPal buttons which is in "view_item.asp". There is probably a hidden form variable you add to it to specify the currency. PayPal's shopping cart documentation and help system would have more info on that.
Doing a search real quick there I came up with this.
<input type="hidden" name="currency_code" value="GBP">
Then you may also want to change the LCID settings for the web site to UK. (I think)
To do that edit the "config_inc.asp" file with a text editor.
Add this code between the <% and %> tags.
Near the top is good
Session.LCID = 2057 There may also be hard coded dollar signs in the code that you will need to change to whatever.. If after you do the above to steps you see then you'll know where to change them based on the named of the page you on.
It is quite possible that simply changing the LCID will take care of everything, but I am not sure.
Those are the tips I can give you. , New Version 8.1 Released
Whats new..
http://www.aspbanner.com/v8_notes.asp
Upgrade Instructions...
Upgrade at your own risk. Though we try new versions are not always perfect due to minor bugs we may miss.
Back up your old setup so you can revert back if necessary..!!!
Save your data connection string info in a text file so you have it.
You can get that by viewing the system info page in the admin area.
Carefully copy all the ".asp" files from the new version to the old.
Your going to want all the .asp files in the aspbanner folder.
Your going to want all the .asp files in the aspbanner/scripts folder
Copy the aspbanner/images folder because there are some new images
Be sure to also copy the "data/config" folder files.folders as well as a lot of that is new including the actual config file. If you dont get the new config file copied in there you will have problems later on with some of the new features.
Be sure to create a new folder in the "data" folder called "tempstats"
Make sure it has proper permissions if you plan on using the delayed stats feature as the stats gets temporarily stored there.
Go back to the area where you originally setup the data connection and do that again...
From the web browser run the following URL
http://yoursite/data/config/aspbanner_unlimited.asp
Replace "yoursite" with the proper url info relevant to your web site location.
When run via the web server that page will ask for a password. By default it is "temp". You should change it later on for security reasons. That page tells you how.
Now... moving on..
There were no changes to the database except for SQL Server users so you can use your existing database.
SQL Server users that want to use the new stored procedures feature (it's optional) will need to update their SQL database with the stored procedures.
Scripts to do that are provided.
ALSO: I have been running this new version using SQL Server Stored Procedure mode for a 1 week on a special banner server that serves banners to many of my own sites. I have also been using the new Delayed Stats feature.
All I can say is it is running like a champ and the SQL server is using less memory than it ever did before.
cwilliams38291.7372800926, These are 4 valid examples of calling a flash movie.
The more simple examples may cause problems for people that don't have the flash plugin installed. I really do not know as I am no flash expert. All these work fine for me. Of course I have the latest flash plugin installed. Perhaps some of you can shed some light in this. The 3rd and 4rth examples are obviously only slightly different and mention different versions of flash as far as downloading the plugin goes.
<EMBED src=" http://www.aspbanner.com/test/aspbanner/images/banners/power asp.swf" WIDTH="468" HEIGHT="60">
<object width="120" height="22">
<param name="movie" value=" http://www.aspbanner.com/test/aspbanner/images/banners/power asp.swf">
<embed src=" http://www.aspbanner.com/test/aspbanner/images/banners/power asp.swf" width="468" height="60">
</embed>
</object>
<OBJECT classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase=" http://download.macromedia.com/pub/shockwave/cabs/flash/swfl ash.cab#version=6,0,40,0"WIDTH="468 " HEIGHT="60" id="myMovieName">
<PARAM NAME=movie VALUE=" http://www.aspbanner.com/test/aspbanner/images/banners/power asp.swf">
<PARAM NAME=quality VALUE=high>
<PARAM NAME=bgcolor VALUE=#FFFFFF>
<EMBED src=" http://www.aspbanner.com/test/aspbanner/images/banners/power asp.swf" quality=high bgcolor=#FFFFFF WIDTH="468" HEIGHT="60" NAME="mybannername" ALIGN="" TYPE="application/x-shockwave-flash" PLUGINSPAGE="http://www.macromedia.com/go/getflashplayer">
</EMBED>
</OBJECT>
<OBJECT classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase=" http://active.macromedia.com/flash2/cabs/swflash.cab#version =4,0,0,0" ID=banner WIDTH="468" HEIGHT="60">
<PARAM NAME=movie VALUE=" http://www.aspbanner.com/test/aspbanner/images/banners/power asp.swf">
<PARAM NAME=quality VALUE=high>
<PARAM NAME=bgcolor VALUE=#FFFFFF>
<embed src=" http://www.aspbanner.com/test/aspbanner/images/banners/power asp.swf" quality="high" bgcolor="#3CBDCD" WIDTH="468" HEIGHT="60" TYPE="application/x-shockwave-flash" PLUGINSPAGE=" http://www.macromedia.com/shockwave/download/index.cgi?P1_Pr od_Version=ShockwaveFlash">
</OBJECT> cwilliams38089.6129513889, I am converting the email over from CDONTS to CDO so it will run on my host 2003 server.
What files should I be concerned with? Under gallery_admin there is an email_user.asp and under the main gallery folder thier is an email friend. Is there an other email routines I should be concerned with?
Thank You for your Assistance.
Jeromy , Now I am having trouble using the log function.
I have checked the box in administration area for UseLogFiles. I have put the expected path for the LogFileDirectory in the box. I have modified the permissions for the anonymous web site user to modify this directory. However the log file does not get updated and there is nothing when I go to view the logs.
thx , I am not sure totally understand your question.
I need you to explain it differently.
Any ".asp" page that is protected is going to automatically prompt them for a login box or log them in automatically depending on if they set that option.. In the end returning them to that same page.
So, it really all takes care of itself for the most part.. It doesn't even matter if the bookmark a protected page deep in your site. The system is smart enough to keep them at that page as well as handle their access.
Now of course if they are at an unprotected page of your site and navigate to a protected page they get a loin prompt or are allowed in if they already logged in...
Also.. when you say unprotected page ? do you mean ".htm" or ".asp" cwilliams38298.6571759259, Ahhh, I see it, thanks that was the ticket.
, Installing and running NET on a DOMAIN CONTROLLER is a BAD idea period.
Besides the security risks you will have nothing but endless problems
with that setup. Domain controllers ARE NOT and NEVER were intended to
be run as any sort of application server. Your best bet is to run your
asp and asp.net scripts from a member server or one set up just for web
apps. Of course if your in the mood to mess around endlessly it is
possible to make that work, but why would you want to when the prefered
solution is a heck of a lot easier.
, I didn't know about it. I will try to check it out some more this week.
, Good Evening,
I have been trying to log into my site using the protected pages comments you have in support. I have copied the code in the ASPprotect 7 guide.
<%@ LANGUAGE="VBSCRIPT" %>
<!--#INCLUDE FILE="check_user_inc.asp"-->
and pasted it in my page, set the the IIS to open this page and the page will not open it and the page will not open and the error is
Error Type:
Active Server Pages, ASP 0126 (0x80004005)
The include file 'check_user_inc.asp' was not found.
/olem/reldt/introduction.asp, line 3
When I remove the two lines of code everything goes normally.
I have aspprotect in its own directory in the website. I have read the installation several times and I am afraid I am missing something blatently obvious so I really appreciate you thoughts.
I am presently using redirects. I like not haveing to use them as your comments have suggested. I have pulled all that code from the pages I desire to protect during this test.
I have three test users in my database - 1 administrator
Any suggestions?
Thanks and best regards
, When adding a new user I am taken to a form.
There are several "required fields".
First and last names are 2 of them.
This is not needed by me and I need the company name as a required field instead. I work and deal with company names, not individuals.
So, i am unable to add any users due to this.
How can I either do away with the names as a required field or swap the individual names with the company name as a required field?
I have customers wanting to be able to view their own stats, but I need to do away with the required fields to work with my customer base.
-john , Looks great. I can't wait until this will be released. Will there also be an easy way to migrate my current version ?
Hans , Hi,
First and foremost, a great product. I downloaded it last night and it took little effort to get it up and running
.....now a little question...
Has the software/code been tried out on a Mysql db and if so did it work?
The reason I ask is that my website is very busy (1.5million page views per month avg) and I'm considering converting the ASPBanner Access db to a Mysql one to help handle the traffic. For every page view one banner impression is being made which means that the Access db is under a bit of pressure
This afternoon there were 1012 simultanious users on the website and it froze with an error message displaying where the banner should have been (I didn't quite catch the message but something to do with the banner script timing out). I'm not sure if the Access db had something to do with it but it seemed too coincidental. Rebooting the server cured the problem but obviously kicked off the visistors as well
At present there's 668 online and no problems so I'll have to monitor it to see how it goes but if anyone can answer the Mysql question I'd be grateful
Thanks,
Dave , Hello,
Yes, that is how it works. Unless you make modifications to the code there is no way to easily do what you are talking about.
If you design the site to be intelligent that scenario should never happen.
For example.. you should only be offering links to pages that the current logged in user has access to. You do this by checking the session variables and with simple if-else logic around your html links.
It requires some work but if you dont give them links to pages they dont have access to what you are talking about will not happen.
Here are some simple examples.
Here is an example using access levels.
<%
If Session("Access_Level") = "1" Then
' show links to pages that allow access level 1
End If
%>
And one for groups..
<%
If Instr(Session("Groups"),"*6*") or Instr(Session("Groups"),"*7*") Then
' show links to pages that allow groups 6 and 7
End If
%>
cwilliams38354.0786921296, yeah.. thats an old graphic probably only seen in a few places.
it is not on the main site
http://www.cjwsoft.com/
or here
http://www.aspprotect.com/
or here
http://www.aspbanner.com/
or here
http://www.aspclassifieds.com/
or here
http://www.aspphotogallery.com/
but I am sure there are a couple of pages left over still using it like the aspvendor and asplistings pages.. etc I am aware of it, just been too busy to go change them and I didn't consider it a big deal
2003 servers are NT based anyway ,
Timecard Entry: 3/25/2006 4:37:58 PM
lunch, Cancellation refunds and post office trip as well as UPS for Tim, FMLA Research and Employee Handbook design., Upload Manager Interface for FX-Caprara, lunch, AFLAC info, Reinstalled Konica drivers on JoAnn's pc. Installed network card drivers and Office on Dave's Computer. Assisted Elaine with installing Office on Amy's machine., 25 Miles : Deferiet - Watertown, installing 56K frame for Mount Zion Church....circuit wasn't completed yet...Bell having engineer issues with the frame....will contact customer in a few days when they are done., Ate nothing, drank lotsa water., Reinstalling all adobe products and office 2000 on my system after it crashed and corrupted some files, email, corporate channel partner brochure and instruction booklet, draw up the albany project on paper., softMLS Meeting., Programmed Router for Sithe Energies, gathered Network information., Research related to Telergy meeting, Getting DSL working over ATM in Vermont, CREG transaction, Distributed PC bundle Borchures and posters around clayton including Reinmans, the chamber, Jrecks, the Vistorian, Chris' Serive Station, ultra Mart, Clayton Big M, , Working on setup of windows server to use as temporary development server and quick books server, Trip to Florida, Review Car-Freshner website development contract, Lifetimedocksandhoists.com: moved all files to new URL, made text changes, began to make graphics changes, Marketing, Forever Broadcasting Front Page Training, Worked on the PV Bundle- contacted banks sent info, Showing Chris B. how North Country Now admin works., Team Meeting, read and sent emails,
| 
