Blog Entry: 3/25/2006 4:32:43 PM
I am trying to find out where I can enter the ttle for the application.
There is a variableor field called App_Name into which it would be good to insert a generic name. Can this be edited?
I have searched high and low but cannot find anything to do with it.
, I was actually able to do similar thing by allowing our dedicated search engine to access the site unchallanged.
<%
If Trim(Left(Request.ServerVariables("HTTP_USER_AGENT"),11)) = "MYPASSWORD" Then
SearchFlag = True
End If
If SearchFlag <> True Then
If Session("Access_Level") > CHECKFOR or Session("Access_Level") = "" Then
%>
<!--#include virtual="/Auth/check_user_Code.asp" -->
<head>
<title>My Title</title>
</head>
<body>
My Protected stuff here
</body>
</html>
For this to work, the search engine must pass the PW to the web site. I just was not sure how to do the same thing with IPs. I will play with the code and see what happens. If it works, I will post it here to help others, if this is OK with forum rules.
Thanks,
Mo
,
Totally 100% depends on what you are doing.. you certainly can't be renaming any fields unless you plan on editing a lot of code that references them. Adding new fields is nothing to worry about.
Also, you really should post a question like this under the forum section for the application you are referring to as well as specify exactly what changes you are talking about. For example I don't even know what application you are referring to.
I sell about 8 applications.,
Hello,
I want to create a user for my manager. This user should be able to see
all statistics (Reports) and all (Banners). But, he should not be able
to edit anything.
How can I create the type of user described above?
Best regards,
Mohammad Al-Mohsin
, I down loaded your latest ASPProtect.NET_v1.4 and now when i try to get in the admin area it won't let me in. The admin box is selected in the database under the admin user and i can update my user information (password and Address, not username). Is there something that was changed on this version or is it more likely user error on my part? What do you think i should try first?, Well, I had no more trouble after I read the instructions.
The PayPal integration is really neat stuff! WOW! And the email
users function got up and running in a snap... this is an awesome
package!
The coolest thing with the user registration is that the account
username and password are selected by the user. That is very very nice.
Much less typing for me to do.
, like I said you made changes to something to cause that...
users/user_area.asp
runs fine the way it ships "it is one of things I tested earlier when I looked at your installation for you"
If you want I'll go look via FTP and tell you what is wrong
cwilliams38456.1069212963, I agree -- don't use the code as is. I provided it only as an idea for a work-around if your ASPProtect users with Internet Explorer complain about the Page Expired message.
I did not test it to be sure the parms coming into the target page (which would be part of the URL when bookmarking) are properly preserved. It would be easy to make sure they are preserved, but I am not sure the code in the example does that. I also customized the code with my own page header and footer.
I have the Option Pack but the site does not need it yet so I haven't applied it. I don't expect many problems re-applying my few lines of modifications.
The IE behavior is not a big deal if you provide an explicit login page, since users would have less interest in paging back to that. In my case, I simply gave a link to a protected part of the site, and when they take that link, they instead get the login form if they aren't logged on. Once they log on, they get their desired content page, to which they sometimes want to page back later on.
From searching the Microsoft Knowledge Base and other sources, I could not find a way (using HTML) to turn off IE's behavior of refusing to quietly reload a page containing form data. Netscape does not do this. So my IE workaround is to ensure my target page does not contain the login form. It does not solve the cause of the problem, but in this case it gets rid of the Page Expired error message for my IE users.
I also purchased ASPProtect for another site, and I'm using that "out of the box" unmodified. I'm very pleased with ASPProtect's functionality and the fact that it works completely without the need to customize. However, I've found it is very easy to customize if I want to.
Jim
Puli Club of America
, that would probably work...
any ".aspx" page can grab that data after someone logs in..
Session("Username")
Session("User_ID")
etc etc
anything you see set in the "aspprotectlogin.aspx.vb" file will be there
any data not set there would have to be added and then the project recomplied so that data gets saved...
, You really should just look at the documentation that came with the application. It tells you everything you need to know.
it is in the docs folder in html format.. it is also linked to from the aspclassifieds website
http://www.aspclassifieds.com/demo/docs/
, Hi, I am wondering if I can redirect users with "GROUPACCESS"
just like access levelS. I tried to redirect using both "Groups"
and "GROUPACCESS" example below:
<%
If Session("GROUPACCESS") = "1" Then
Response.Redirect("group1.asp")
Else
Response.Redirect("allothers.asp")
End If
%>
I could only get the Access_Level to actually redirect. Is
this something the option pack supports? If so, any words of
advice?
, no, its part the concurrent login checking system.
currently when that is on logging off does not come into play..
(pretty much because it is such a complex system I wasnt able to make it quite that intelligent this time around)
when concurrent login checking is enabled the only way to log in again at another system with the same username and with a different IP is to wait till that time period is over
sorry
as you may recall it was rush feature at the last moment before I got version 7 finished. Hopefully I can improve on the feature in the next version but I dont really see it as being a big issue at the moment. Sometimes when you want maximum security you have to make some tradeoffs and that is why the feature is optional.
, This may be an old question ??? If it is please point me to the post or documentation where I can find the answer please.
When creating protected pages I am using the following to protect them:
<%@ LANGUAGE="VBSCRIPT" %>
<!--#INCLUDE FILE="/aspprotect/check_user_inc.asp"-->
But that is not working. I get the following error when I try to access the members logon page in the directory that I wish to add the pages to:
Active Server Pages error 'ASP 0130'
Invalid File attribute
/filelocation/filename.asp, line 3
File attribute '/aspprotect/check_user_inc.asp' cannot start with forward slash or back slash.
However if I create the pages in the root of the AspProtect directory and use a link to the same page that exists in the AspProtect directory and the following include:
<%@ LANGUAGE="VBSCRIPT" %>
<!--#INCLUDE FILE="check_user_inc.asp"-->
The pages work fine.
I really do not want to put all of my protected pages in the root of the AspProtect directory.
I would like to mix protected and unprotected pages throughout the site in order to #1 make it easier to administer. #2 keep the AspProtect directory solely for authentication. And, #3 keep any user authentication pages out of the AspProtect directory.
TIA
, The main users screen... the 1st screen you see when you go to the admin area.. where you email an individual user..
The settings I am referring to being the various emailing settings on the settings screen, The settings you showed me.
As for emailing via a remote server over dsl. It may not be working because the ISP's block the port (25) to stop people from running email servers over their dsl.
Your POP3 works because POP3 uses port 110.
If you want to send emails from your local server on your dsl you should probably install the SMTP service of IIS if you have not and send emails using that with CDOSYS. Either that or get a commerical DSL account with a static IP that allows for running email servers.
, Alright...I'll try those out. Also, if I do the data import on my laptop initially and just publish it to the server do you think that will help?, ASPProtect v7 comes with working example code of protecting a file download.
This comes with the system as an example folder with some files in it.
(some of the initial purchaser's of the system might not have that directory.. if that is the case please ask)
Here is how it works...
Basically we protect the file download by only allowing a logged in user to download it. The special ".asp" page we use the stream the file is password protected. It also hides the true location of the file so you can keep your files out of your web or keep them in a folder in your web that does not allow file browsing. Under this scenario even if someone looks at the html source they can not tell where the file really came from and they can only download if they are logged in and you offered them the link to the file.
For the file download protection examples to work you may need to edit some values
in the stream_download.asp file that are valid for your setup.
Look at the source. The values you can edit are commented.
Now, you also need to call a valid "download file name" from the download_link.asp file which is an example of how make a download link to the streamed download.
Lastly, we provide a working example. Now, you obviously may need to customize it to fit your needs. Please realize you are going to have to make special download links in your .asp pages and not only should you only show those links to people with appropriate access to download the files, but you should also protect the streaming download page accordingly as well as far as level, groups, and particular users. What I am saying is which files a particular user is allowed to download is not automatically handled by ASPProtect in any way. We give you all the tools to provide protected downloads to logged in users, but if you have complex needs you’re probably going to need to come up with a system that works for you. It's not really difficult because we did all the complicated stuff, but its something you have to sort out.
Perhaps someday in the future ASPProtect will have an interface to upload files and associate them with certain users. But at the moment it does not.
, Three questions here:
1. I am having a problem with characters being displayed properly when viewing listings. Some alphabet characters and punctuation characters do not display properly when viewing the pages.
Sample here:
http://www.hibari2.com/lanoitanretni/kokusai_profiles/view_i tem.asp?Ad_ID=102&CatLevel=2&Cat1_ID=3&Cat2_ID=& amp; amp; amp; amp;Cat3_ID=&Cat4_ID=&FromSearch=True&SearchPage =%2Flanoitanretni%2Fkokusai%5Fprofiles%2Fdefault%2Easp%3FCat Level%3D2%26Cat1%5FID%3D3
In the access database I was looking at the properties for the ‘Ad_Custom’ fields. Unicode Compression is 'Yes' but IME Mode is set to 'No Control'. I wonder by changing this to ‘Hiragana’ if will solve the issue.
Note: the essays are typed in English on computer with Japanese OS, and then pasted up. Even though they are typed in English, there are several setting that may affect the output.
2. I want to reverse sort order for listings instead of listing 4, 5, 6, 7, I’d like to sort 7, 6, 5, 4… Could you tell me which page has to be edited, and in simplest terms what has to be changed?
3. Also, I’d like to increase the default display of ‘items per page’ from 25 to 100. Could you tell me which page has to be edited, and in simplest terms what has to be changed?
Thanks
HIBARI38155.8447569444, I did not make a mistake.. what I typed is what I meant to say. I think maybe you are taking it the opposite way as I explained it.
Regardless,
What you want to do... logging them in under https and then having them continue though the site under http is not possible.
It doesn't work that. way. As far as the webserver is concerned https is a totally different site than http and each have their own unique set of application and session variables.
In a sense no different than www.somesite.com is different then somesite.com (each has their own unique set of application and session variables as well).
Now, because of the nature of Forms Based Authentication session varibles created under one will not carry over to the over and thus no password access if you switch over from a secure url to a non secure url.
If you want them logging in under SSL you need to keep them under SSL.
That is not to say there is some ultra complex scenario to mimic the session variables on the non secure side of things (possible with a complex http post to a non secure page from the scure page telling it what variables to create and set), but doing so means a ton of work and also has security concerns of its own.
, I hear ya.. problem is it just does not fit into the banner rotation logic.
I know it sounds like a simple thing, but it is not because ASPBanner does it's rotation logic in a totolly unique way that no other system I know of does. It basically does everything in memory.
I just don't see anyway to do add what you are asking about without totolly re-writing how it works. The system would have to rely totally on complex (SQL queries / stored procedures) to do the banner rotation like every other poorly performing system out there.
It's really hard to explain, but I just no way I see to add it to the high performance application variable banner logic. If I changed the system to not use those application variables there would be a tremendous performance loss because the database would be doing about 90% more work than it currently does.
As I have said before sacrificing performance is just not something I am willing to do.
http://support.cjwsoft.com/code/moreinfo144-1.htm
I built ASPBanner for performance and speed and that has always been it's main intention.
I leave the bloated features to the competition. If I lose sales because of it that is just unfortunate. I want the best performing system. The system I can be proud of. The system that can handle millions of impressions per day under a MSSQL or MYSQL installation and not even flinch. That is what ASPBanner is all about.
The other thing is pricing. The price is kept low partically because the feature set is low.
Maybe someday there will be a version with more features and less performace. I really do not know. Right now it's just not something I plan on doing.
, edited due to inappropriate content
, I just remembered the current skin is stored in a text file in the pictures folder. If it did not have permissions for writing it could give you trouble. That could of had something to do with it.cwilliams38295.3821064815, how about translating the error to english..
Looks to me off hand that it would have something to do with the SQL server itself not being run in an english lcid/format and causing some sort of date issue.
I would also suggest you start off with a brand new blank SQL ASPBanner database and make sure that works before you attemp t to import any data into it.
, The count is in the album area where the small pictures and description of album. Viewed 1 time(s) This count never changes.
Thanks
John
, I am sure its permissions as well, but I don't have that much access to the hosted server...lol.
I will use access for now, since it works fine, and try to talk with the hosting people later.
Thanks!
, here is the next response to this which was emailed to me but should have been posted here
From: Mo Afifi
Sent: Sunday, October 23, 2005 4:47 PM
To: CJWSoft Support Info
Subject: Re: CJWSoft Support Info : SSL - Verisign Certifcates
Hello,
Thank you for responding to my posting. In the second line of your response you said “not start them off at an http:// url". I think what you meant is to "not start them off at an https:// url". If this is your intention then I agree with you 100%. I have revised my pages so the users will go first to a non-https page and then make a choice either to use secure or non-secure access. Please note that the site is not intended to be completely SSL protected but only the sign up pages. I have another problem though when I click on the "Secure Log In" and enter my log in information; the entire subsequent URLs will have https:// in them which I could not shake off. As I said the intention was to use the https for sign in only.
I realize that this issue does not have any thing to do with your product, but any input will be appreciated. Best,
, alternate databases are right here.. the documentation clearly links to this, its really not difficult to find
http://support.cjwsoft.com/code/moreinfo164-1.htm, Actually quite well. I have this problem worked out and it
actually isn't to bad. But now I am getting some strange
error messages. I will start another post.
Cheers
Roy
,
Hi Chris,
Alright. We figured out how to work with both C# and VB, by creating a separate VB web project in VStudio, and then passing the aspprotectnet.dll to the C# project.
Ok. I have another question:
How can our code determine the identity and user_id of the currently logged in user:
Is it Session["User_ID"].ToString() and Session["Username"].ToString()?
thank you
, And I'm the one who finds those rarities! I'm not surprised. 
Oh well...this should be interesting trying to get an 80 year old man to change his password.
Thanks for your quick responses Chris. This is still an awesome membership system!
Mick
, who knows, thanks for your input, I am further than I was when I started talking to you!, i was only kidding!! 
, I am trying to set up ASP protect 6 and have a problem that when a new user registers their email is not transferred to the database.
I can see the rest of their entries both in the database and in the admin/edit form but not the email.
Any ideas?
, just FYI -- i added in a new data table into the database. I
havent finished implementing the whole thing across the entire site,
but it wasn't too difficult. Once I have all of the functionality
complete I'll post some details. Some of the changes are the
addition of a new album nav style which combines style 2 and some of
the features of the new data table.
Very easy app to work with guys.
, I am not sure totally understand your question.
I need you to explain it differently.
Any ".asp" page that is protected is going to automatically prompt them for a login box or log them in automatically depending on if they set that option.. In the end returning them to that same page.
So, it really all takes care of itself for the most part.. It doesn't even matter if the bookmark a protected page deep in your site. The system is smart enough to keep them at that page as well as handle their access.
Now of course if they are at an unprotected page of your site and navigate to a protected page they get a loin prompt or are allowed in if they already logged in...
Also.. when you say unprotected page ? do you mean ".htm" or ".asp"
cwilliams38298.6571759259, YAY FOR ASPPROTECT 7!!!
Now I need to know... how can I automate PayPal subscriptions and purchases? I'd like it so that once PayPal gets its money, my accounts get marked active.
Now, the documentation on this site currently says, to point the IPN post action to a null page. Yet, I see an IPN.asp in my files for PayPal subs and PayPal purchases... Looking over the code there, I see actions to make accounts active and stuff like that. Is the page ready for prime time, or should I hold off for a new version?
cwilliams38421.7014814815, 5 Computers in an office, random hardware and operating systems. Some wireless some wired - all the same ISP connection.
Some users do not see the PLACE A NEW AD hyperlink. How can this be hidden? There is no conditional statement yet some see it and others don't.
To make this problem even more confusing if I take an image and put the place_new_ad.asp hyperlink on that image the users don't even see that image any longer.
How can this be resolved?
, humm.. can I possibly see this happening ?
any changes to that part of the code ?
, The application is only intended for use with $ the way it comes.
Use of other currencies is not supported.
(this is noted on the product page)
However, it can probably be used fairly easily with UK customers.
You'll probably want to look into setting the currency to UK in the code generated for the PayPal buttons which is in "view_item.asp". There is probably a hidden form variable you add to it to specify the currency. PayPal's shopping cart documentation and help system would have more info on that.
Doing a search real quick there I came up with this.
<input type="hidden" name="currency_code" value="GBP">
Then you may also want to change the LCID settings for the web site to UK. (I think)
To do that edit the "config_inc.asp" file with a text editor.
Add this code between the <% and %> tags.
Near the top is good
Session.LCID = 2057
There may also be hard coded dollar signs in the code that you will need to change to whatever.. If after you do the above to steps you see then you'll know where to change them based on the named of the page you on.
It is quite possible that simply changing the LCID will take care of everything, but I am not sure.
Those are the tips I can give you. , Hello,
I need some help with the following code. Please look at the area in red. I need to be able to set someting up to where the variable eval1 (a yes/no field in my database) is set to false after the associated link is pressed.
Thank you
="vbscript" %>
<!--#INCLUDE virtual="/irp/check_user_inc.asp"-->
<html>
<head>
<title>Administrator Evaluations</title>
<style>
<!--
div.MsoNormal
{mso-style-parent:"";
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman";
margin-left:0in; margin-right:0in; margin-top:0in}
-->
</style>
</head>
<body background="../images/1.gif" bgcolor="#C0B59A" vlink="#FF0000" alink="#FF0000" link="#0000FF">
<p><map name="FPMap1">
<area href="http://www.utb.edu/" shape="rect" coords="627, 66, 670, 81"></map>
<span lang="en-us"> & ; ; ; ;nbsp; & ; ; ; ;nbsp; & ; ; ; ;nbsp; & ; ; ; ;nbsp; & ; ; ; ;nbsp; & ; ; ; ;nbsp;
</span>
<img border="0" src="https://blue.utb.edu/irp/Inst-Research&Plan.jpg" usemap="#FPMap1" width="675" height="82"><br>
</p>
<h2 align="center"><span lang="en-us">Administrator Evaluations</span></h2>
<p align="center"> </p>
<p align="left"><span lang="en-us"> <b>Welcome, </b> </span> <b> <% Response.Write(Session("FIRST_NAME")) %>
</b>
</p>
<p align="left"><b><span lang="en-us">On this page, you will see a list of names
that represent the persons that you will be evaluating this year.
Please click on a name to select that persons evaluation form. Once you have completed
and submitted that persons evaluation, you will be returned back to this page to
continue with the next person on your list. Once you have completed all your
evaluations, you can log off the system using the link below.</span></b></p>
<p align="left"><b><span lang="en-us">Please note: Only <u>1</u> submission per
person will be accepted, any additional submissions will not be accepted.</span></b></p>
<p align="left"><span lang="en-us"><b>If you have any questions please feel free
to contact us at the number below.</b></span></p>
<hr color="#FF9933" width="80%" size="3">
<p align="center"><span lang="en-us"><b>Please click on a name below to begin
the evaluation process.</b></span></p>
<div align="center">
<table>
<%If Session("Link1_Name") <> "" Then %>
<table border="1" width="28%" id="table1" bordercolor="#000080">
<tr><td bgcolor="#FFFFCC" style="float: left"> <b><span lang="en-us"> <a href="https://<% Response.Write(Session("Link1"))%>" onclick="<%=Session("eval1")="true"%>;return true" </href> <font color="#000000"><span style="text-decoration: none"><%Response.Write(Session("Link1_Name"))%>< /span></font></a></span> </td>
</tr>
<%End If%>
<%If Session("Link2_Name") <> "" Then %>
<table border="1" width="28%" id="table1" bordercolor="#000080">
<tr>
<td bgcolor="#FFFFCC" style="float: left"> <b><span lang="en-us"> <a href="https://<% Response.Write(Session("Link2"))%>" </href><font color="#000000"><span style="text-decoration: none"><%Response.Write(Session("Link2_Name"))%>< /span></font></a></span></td>
</tr>
<%End If%>
<%If Session("Link3_Name") <> "" Then %>
<table border="1" width="28%" id="table1" bordercolor="#000080">
<tr>
<td bgcolor="#FFFFCC" style="float: left"> <b><span lang="en-us"> <a href="https://<% Response.Write(Session("Link3"))%>" </href><font color="#000000"><span style="text-decoration: none"><%Response.Write(Session("Link3_Name"))%>< /span></font></a></span></td>
</tr>
<%End If%>
POST EDITED / SOME CODE REMOVED TO KEEP IT SHORTER ..
This went to Link3_Name
</table>
<p> </p>
<p><span lang="en-us"><b>If you have completed all your evaluations and wish to
log out please click <a href="log_off.asp">here.</a></b></span> </p>
<p> </div>
<div class="MsoNormal" align="center" style="text-align:center">
<hr size="3" width="80%" noshade color="#ff9933" align="center"></div>
<p align="center" style="text-align:center"><b>Institutional Research and Planning
<br>
Tandy 270<br>
80 Fort Brown<br>
Brownsville, TX 78520</b></p>
<p align="center" style="text-align:center"><b>Phone: 956-544-8816 &nbs p; &nbs p;
Fax: 956-983-7652<br>
E-Mail:
<a style="color: blue; text-decoration: underline; text-underline: single" href="mailto:iresearch@utb.edu?subject=Administrators%20Evaluation">
iresearch@utb.edu</a></b></p>
, Thank you! I thought that is what had to be done, just didn't want to miss out on a short cut if there was one. Thanks again,
Timecard Entry: 3/25/2006 4:32:43 PM
SoftMLS training, worked on getting date/time to automatically be entered on the POP report page (have the date working so far), worked on troubleshooting Heike's cancelled customers page, researching color copier paper for ordering..., add/removed categories and sub-categories to doostore.com site in accordance to their fax of requests (doostore.com, billable), cleaned cellar stairs, found key
made copies,started folding/stuffing, Errol Line Redirection,Inventory, Answered tech related calls and checked email., NOC...more linux work, trying to sort out this highly tempermental OS...boy i miss GUI's, Conducting Job Interviews, PCS Meeting in Jeffs room, office maintenance, Modem Maint. Log, Cost Guard Presentation prep., rad -log e-mails, technical support supervisor. emonitor, radlog, dial up issues, ask us a questions, incoming calls, emails, took mostly incoming calls ... helped techs as needed ..covered incoming calls and tech issues , more ticc invites, email graphics to printers for t shirt, Mary Langer/Suimall.com: answer questions re: site templates, Atlanta, Working on design of required and used fields for property types, working on a feature for SoftMLS called the... "firm poster", Worked on completing a full Channel Partners CD lable file, Draft/review wireless antennae contract, Waiting for people to stop monkey around and relocate server. Check over system., reading asp book, worked on a couple problems for web customers, Went to Ryder to pick up a truck. Drove truck to Clayton and came back out to Watertown., SunandShield.Com - trying different sizes for left menu to accomidate for size of buttons that Tom made., email, worked on linux, answered incoming calls, call backs, sign -ups, did callbacks,
