Blog Entry: 3/25/2006 4:39:47 PM
You need to make sure you created the SQL database using the SQL scripts we provide and that no errors occur whatsoever. That is extremely important. You must use our SQL creation scripts.
Then, when you create the user you need to go back to that user and make sure you check the admin account and save that user again. (many times when setting up a system for someone I find myself forgetting that step and then I have to go back in and check the admin box for the user I created.)
And of course create the user from the ASPProtect admin area web interface. Do not add the user to the database manually because you will have no way to enter the password correct as it is encrypted. And do not change the encryption key after making the user/.
It would also be wise to check the SQL server database at every step to make sure the user info gets created and that all the field info looks correct for the most part.
You also want to be sure to specify SQL as the database type side the connection string info as the SQL directions go over
a remote sql server should not an issue.
thats really all I can think of right now
, Is it possible to set the user account time limits when they register? I am using email verification and am trying to have their accout expire 32 days after their initial login.
Also I have an issue with the email notification not notifying me when a new user logs in. It does a beautiful job notifying the new user. I do not understand why my server will send to one and not the other, I ahve searched the links but none seem to answer this.
Thank you for your help and insight
,
Anyone have any experience configuring PhotoGallery to use a backend mySQL database?
The application connects successfully for Read operations, but no amount of troubleshooting can get it to Write records to the tables.
http://www.marc-lisa.com/photos/default.asp
, No luck...this is the message
Return To Import / Export Screen.
Active Server Pages error 'ASP 0113'
Script timed out
/members/aspprotect/password_admin/upload_post.asp
The maximum amount of time for a script to execute was exceeded. You can change this limit by specifying a new value for the property Server.ScriptTimeout or by changing the value in the IIS administration tools.
, Thanks and glad that fixed it.
You can review this software at http://www.aspin.com/func/review?id=4952510
That being said, ASPIN has a lot of problems with anonymous reviews so if you can please sign up with them and post an Authentic review as they carry a lot more weight. Authentic reviews involve responding to their validation email so when doing so use a real email address that you regularly check.
And sorry I made you use the forums, but as you can see this is exactly the sort of thread that will help someone else later on.. and that is why I require people to use the forums now instead of just email support. That way the conversations are out in the open where they can help everyone instead of buried in my outlook where no one will ever see them. And of course if information is sensitive you can always do a Private Message as you did earlier.
It is all about creating a knowlegebase of valuable information.
, One problem that is appearing is that in the admin section, in the users.aspx page, only one user is showing up when there are in fact 9 users. Also, when I click the edit user or email icon, the page does not go to the edit screen, it remains on the same page.
Also, I’ve been trying to modify the code to adapt it for our application -- by removing fields that we do not need such as address, city, state, phone, but I am having trouble getting visual studio to compile. It could be due to the fact that the rest of the project is in C#. Or it could be due to some other factor in ASP Protect.
, I did not make a mistake.. what I typed is what I meant to say. I think maybe you are taking it the opposite way as I explained it.
Regardless,
What you want to do... logging them in under https and then having them continue though the site under http is not possible.
It doesn't work that. way. As far as the webserver is concerned https is a totally different site than http and each have their own unique set of application and session variables.
In a sense no different than www.somesite.com is different then somesite.com (each has their own unique set of application and session variables as well).
Now, because of the nature of Forms Based Authentication session varibles created under one will not carry over to the over and thus no password access if you switch over from a secure url to a non secure url.
If you want them logging in under SSL you need to keep them under SSL.
That is not to say there is some ultra complex scenario to mimic the session variables on the non secure side of things (possible with a complex http post to a non secure page from the scure page telling it what variables to create and set), but doing so means a ton of work and also has security concerns of its own.
, I am trying to import a database into my list of registered
users. When I go the import_export_manager.asp page most of the
content is missing. All that appears is the first 2 lines of text
and a box. The rest of the page is blank. I have tried this
under 5 different browsers on 3 different machines and on 2 operating
systems. I also ftp'd the original .asp file with no success. Any
clues?
, I have just started to move my sites to a new dedicated Windows 2003 box. I have parent paths enabled, SSI turned on but I still can't get ../ to work with server side includes. Everything I read online says that I need to turn on parent paths but again, they are already turned on.
The hosting company where the server is located can't tell me anything, they just say that that is the way it is with Windows 2003. I don't buy it!
Can anyone tell me anything on this issue to help enable the ../ for serverside includes?
, If a picture does not show after uploading it is one of the following things.
The upload method chosen is not supported on the server
or
The physical path specified to the pictures folder is not correct.
or
The URL to the Pictures folder is not correct.
or
Permissions to the pictures folder have not been set properly
Here is more information on how permissions are set.
http://support.cjwsoft.com/code/moreinfo136-1.htm
http://support.cjwsoft.com/code/moreinfo56-1.htm
Without more information and the settings you have entered and chosen that is all I can offer for now.
, thx for posting this..
Just a few notes... more than 100 pictures specified in the config file is not supported. You are of course on your own if you specify more than 100
Also, technically the post above should say more than 102 pictures... "I think" as you wont need more html cell code until then..
The loop in the code is probably how I should have done it in the 1st place but I was in a hurry to get this finished and I also never expected/wanted anyone to specify more than 100 pics per album.
Lastly.. depending on what style you are using in the config file the code above may not work as some of the styles do not use cells but line breaks instead.. At least from what I remember.
cwilliams38306.7506481481, Umm, if your using MSACCESS your using MSACCESS
SQL server has nothing to do with it.
, On the banner rotation order screen it says:
"The Order Of These Banners Will Change Randomly From Time To Time"
Can you tell me the function that does this? I'd like to increase the frequency with which the rotation order changes.
Thanks!
, 
ASPProtect v7.x runs on Microsoft IIS servers only.
That means Windows XP Pro, Windows 2000 server and Windows 2003 server. The web server must have ASP support enabled and support Data Connections. 99% of them do as it's a pretty normal thing, but you should ask and make sure your hosting plan supports it.
ASPProtect can use a Microsoft Access Database or Microsoft SQL Server as it's data source. We provide the access databases and everything you need to create the SQL database, however customer's using Microsoft SQL Server are required to have SQL Enterprise Manager and SQL Query Analyzer in order to setup and maintain the SQL database. Other scenarios are possible but we do not support them.
ASPProtect v7.supports 13 different emailing methods and components so chances are you will have no problem finding one that will work for you.
CDONTS
CDOSYS
ASPEMAIL
ASPMAIL
ASPSMARTMAIL
DUNDASMAILER
JMAIL
SASMTPMAIL
Bamboo Mail
Simple Mail
ASPQMail
QuickSoft EasyMail Objects
OCXMail
We extensivley support all implemenations of CDOSYS which is installed on all the servers by default. We also support outgoing SMTP authentication requirements. If you can not send emails from the application using one of our 13 methods and you have an ASP solution that can send an email on your server we will work with you to make sure the application can send emails.
FINALLY
ASPProtect v7.x does not run under Chillisoft ASP. That means it does not run under Unix, Linux, Apache, etc etc. ASPProtect v7.x can not use a MySQL database. MySQL and Microsoft SQL are not the same thing.
If you are wondering if your web server runs Windows or Linux you can try using the header check here.
http://www.port80software.com/support/p80tools
Be warned however it will not always be accurate because some people cloak that information or show something different than what they are running to trick potential hackers. With commerical hosting though the the header information is usually accurate. , ok... lets forget about all this redirecting business for a minute
when I go to "GP01.asp" directly via your web site I get a big nasty error that says this
Microsoft VBScript compilation error '800a0411'
Name redefined
/protect/config_inc.asp, line 15
Dim Address_Required,CDONTS_Installed,City_Required,Registration _Type,VerifyURL,Log_Off_Page
----^
then when I look at what you did in that file I see why
you have this code which is totally wrong because you cannot include the password protection file twice
<%@ LANGUAGE="VBSCRIPT" %>
<!--#INCLUDE FILE="check_user_inc.asp"-->
<% GROUPACCESS = "*1*" %>
<!--#INCLUDE FILE="check_user_inc.asp"-->
it should be
<%@ LANGUAGE="VBSCRIPT" %>
<% GROUPACCESS = "*1*" %>
<!--#INCLUDE FILE="check_user_inc.asp"-->
and that is probably the root of this entire problem.. the redirection was working...
but you were sending them to invalid pages with errors
all those pages are wrong...
if you dont see the real error above see this
http://support.cjwsoft.com/code/moreinfo11-1.htm
if you look over the aspprotect 7 installation instructions that is the very 1st thing I tell people to do
hopefully this is the info you need to continue and get some work done
, Hello,
It is very possible, however there may be some issues such as the session variables specific to a particular user would not be able to be created because there would not be a specific user.
I can't tell you exactly how to do it as it would probably take a few hours of messing around with the code to sort it out. Bascially, it's not something I could tell you how to do real quick and I do not support custimizations to the code.
But, it is very possible. You want to check the server variable for the IP address. The tricky part would be where and how this all just integrated into the "check_user_inc.asp" file
, SQL Server Datareader Datawriter Permissions..
here is a screenshot that shows how to set datareader and datawriter permissions on a database using "SQL Enterprise Manager"
In this example we are making sure the aspbanneruser has those permissions on the aspbanner database in the SQL Server
cwilliams38390.5986921296, How to set a new users expiration date.
You'll need to edit the "users/add_new_account.asp" with a text editor.
Find this section..
<%
CmdAddUser.Fields("ValidateEmailCode") = ValidateEmailCode
CmdAddUser.Fields("Access_Level") = "4"
' PUT YOUR CODE HERE
CmdAdduser.Update
ID = CmdAdduser("ID")
CmdAdduser.Close
Set CmdAdduser = Nothing
ConnPasswords.Close
Set ConnPasswords = Nothing
%>
You'll want to add code like this right between the Acccess_Level and Updates section
CmdAddUser.Fields("Expiration_Date") = Date + 60
That will give take todays date and add 60 days to it.
You can of course do whatever you want here.
Actually, any database value for the user can be set during registration.
You can also change the default Access_Level to whatever you like.
cwilliams38088.4986689815, How to set a new users expiration date.
You'll need to edit the "users/add_new_account.asp" with a text editor.
Find this section..
<%
CmdAddUser.Fields("ValidateEmailCode") = ValidateEmailCode
CmdAddUser.Fields("Access_Level") = ""
' PUT YOUR CODE HERE
CmdAdduser.Update
ID = CmdAdduser("ID")
CmdAdduser.Close
Set CmdAdduser = Nothing
ConnPasswords.Close
Set ConnPasswords = Nothing
%>
You'll want to add code like this right between the Acccess_Level and Updates section
CmdAddUser.Fields("Expiration_Date") = Date + 60
That will give take todays date and add 60 days to it.
You can of course do whatever you want here.
Actually, any database value for the user can be set during registration.
You can also change the default Access_Level to whatever you like.
cwilliams38403.6828587963, Well, you cant have a login box on the home page when using ASPProtect.NET.. there is no way to make that work. I tried all day to come up with something and it is not going to happen. I suggest you make a login button and link it directly to the protected page you want them to start on. The redirect or link them whereever from there. Either that or write your own forms based authentication solution that works exactly the way you want it to or edit the code accordingly since you have the source. It is not a feature we advertise for the product regardless. It works the way it works. , Connecting user is dbo of database.
User_ID is primary key with auto increment identity.
SQL Script of current table:
CREATE TABLE [dbo].[Security_Users] (
[User_ID] [int] IDENTITY (1, 1) NOT NULL ,
[First_Name] [nvarchar] (100) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Last_Name] [nvarchar] (100) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Company_Name] [nvarchar] (100) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Username] [nvarchar] (75) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Password] [nvarchar] (15) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Access_Level] [nvarchar] (30) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Notes] [nvarchar] (1000) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Admin] [bit] NOT NULL ,
[Active] [bit] NOT NULL ,
[Expiration_Date] [smalldatetime] NULL ,
[Email] [nvarchar] (100) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Address] [nvarchar] (100) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[City] [nvarchar] (100) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[State_Province] [nvarchar] (100) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Zipcode_Postal_Code] [nvarchar] (20) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Phone] [nvarchar] (20) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Counter] [int] NULL ,
[Last_Access] [smalldatetime] NULL ,
[Login_Limit] [int] NULL ,
[Custom1] [nvarchar] (255) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Custom2] [nvarchar] (255) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Custom3] [nvarchar] (255) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Custom4] [nvarchar] (255) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Custom5] [nvarchar] (255) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Custom6] [nvarchar] (255) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[ValidateEmailCode] [nvarchar] (50) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Date_Created] [datetime] NULL ,
[Validated] [bit] NOT NULL
) ON [PRIMARY]
GO
ALTER TABLE [dbo].[Security_Users] WITH NOCHECK ADD
CONSTRAINT [PK_Security_Users] PRIMARY KEY CLUSTERED
(
[User_ID]
) ON [PRIMARY]
GO
, There is nothing built in to the system but it is very doable.
However, you need to be a decent asp coder because your going to have to write some code.
Basically you would want to do a check on the screen where a user uploads to count how many pictures they have uploaded.
Then act accordinly and either let them or dont let them proceed.
On a side note the overall filesize limit of the total of all pictures a user can upload can be set when you edit a user.
, Come on the threats are not necessary- i got the point the first time you said it.. i thought i made a friend thru this and felt comfortable to say something like that... i am not a big online chatter just do the web stuff as a hobby... i am a network / computer hardware guy (yet i work for a mortgage co. go figure...), You shouldn't be renaming or moving anything... unless you really really understand what you are doing and are at an expert level expert as far as ASP coding goes.
like I said earlier..
http://support.cjwsoft.com/code/code_info.asp?TID=354&ge t=last#1130
redirecting with version 6 is not supported but this thread tells you exactly how to set it up (I showed you this thread in an that earlier post)
http://support.cjwsoft.com/code/code_info.asp?TID=17&KW= redirect
This thread below may also help in case the page you want to start on with a login form should not be password protected..
http://support.cjwsoft.com/code/moreinfo18-2.htm , I am converting the email over from CDONTS to CDO so it will run on my host 2003 server.
What files should I be concerned with? Under gallery_admin there is an email_user.asp and under the main gallery folder thier is an email friend. Is there an other email routines I should be concerned with?
Thank You for your Assistance.
Jeromy
, An email I just received from eastcoastguy.. to keep this thread up to date
Your quick reply was greatly appreciated... I removed the password and was able to use a DSN...I will look into a DSN-less connection later..once i get this working !
Cheers
eastcoastguy
cwilliams38146.6165509259, I am using cdont to send email. what do i have to do send email to other display my full name instead of email address. In other word I want to see first name last name in their email client instead of email address.
thanks for your help
, It should be released sometime late May 2004 or early June 2004 but no gurantees as I am pretty busy right now with some projects.
There will be upgrade instructions and it should be a fairly easy upgrade.
, Anyway,
How busy your site is actually won't be the only factor. Really the application should not restart unless something happens. If the IIS application is reseting alot it could very well be the ISP restarting the server or doing IISRESETS as well or other sites on the server causing the application pools to restart.. etc etc etc Quality ASP hosting is important. Regardless your hosting company most likely will not admit to anything be out of the ordinary.
As far as that directory deleting itself on you.. I doubt they will have an answer for that one. All I can tell for sure is I didn't put any code to delete it in there.
, You are not supposed to use "../" with a virtual include
Thats goes against what a virtual include is and makes no sense.
When using a virtual include you give the path as if accessing from the root of the main web / virtual directory
I find it very hard to believe it ever worked like that and if it ever did it was wrong.
cwilliams38434.6703356481, I am having difficulties importing new Users.
I have exported the existing list and then copied in the additional users and save the file as text (tab delimited) in Exel.
When I go to import the file (browse then upload) I get the following error:
Microsoft VBScript compilation error '800a03f9'
Expected 'Then'
/aspprotect/password_admin/upload_post.asp, line 6
If Session("Admin") <> "True"
If I upload the text file by FTP and then try to import it it only tends to import the first two existing rows.
All collumns match but not sure if I need to add "User_ID". I have added it and created consequecutive numbers.
Any assistance would be appreciated.
Thanks
, The way the application works is one separate installation and database is required for each (IIS Application).... not only is it a licensing thing but it is also the nature of (forms based authentication) because every application in IIS has it's own set of application and session variables and they can not be shared with other various IIS applications.
That being said if you plan to run a separate install for each web/IIS application buying new licenses is fine
If you want to run one installation and database and share that with other web.IIS applications it is not technically possible.
Each web/IIS application requires a seperate install of ASPProtect.NET, I am confused.
Humm, how did ASPBanner 8 come with your purchase of ASPProtect ? That is not something I am aware of or something I do. Please provide more information on how you obtained ASPBanner 8. If I gave yu a copy for some reason please refresh my memory so I can go look up th emails about it. I need to know you have a valid license.
Now, as for the two not working together and the login screens messing with each other. I am even more confused. Tell me more as I just do not understand what you did ? ASPBanner has it's own user database and login system so there is no reason you should be mixing the two together as far as logins go. The two applications can certainly be in the same web together and not bother each other. ASPBanner can certainly serve banners to any pages you protect with ASPProtect or don't protect, but you certainly should not be protecting any ASPBanner code with ASPProtect code. ASPBanner already has code in it to do that. If that is the case don't do that. ASPProtect is not meant to protect code that already has a login system. That should just be obvious as far as I am concerned and hopefully you dintn't try to do that.
(you said you just put the directory in there but there must be more too this than that)
But again, tell me more. I can't really know everything ??
I just dont see how your ASPProtect pages could be effected by ASPBanner unless you really did something wacky like included the ASPBanner "check_user_inc.asp" instead of the one that comes with ASPProtect or overwrote it... etc ect
If in the same web aspprotect can be wherever and aspbanner needs to be in a folder called "aspbanner". There should be no conflicts under normal use and the two will essentially run seperate of one another.
, ASPProtect protects ".asp" pages only.
That is your problem.
, that's they way it should be done..
the only other thing would have been to test everything with sql before trying to import any data.. and make sure all was fine at that stage
more info on the errors would be helpful.
Id' also carefully visually compare the SQL tables and fields with the SQL scripts and make sure all field types and settings got set correctly.
Also, make sure the user accessign the database has datareader and datawriter permissions of course.
, Yes, you are right.
We have now tested it using the DSN less connection with Access 2002 and it works fine. We have also tested it again with a DSN using 2002 and this also seems to work.
The comment about speed is a consideration although I have not noticed any differences. ( we only have a few database entries at this time).
Thanks for your help
, Hello Chris:
Let me run some more test if it's working on your end it should be on mine? I have made some custom updates to the code but no in that area.
Thanks,
-Ricardo
, 
Hi, we purched ASP Protect a few months back and had it installed on our hosting company under a "temporary" domain name -- cidrasensors.com
We are now about ready to switch this development site over to production and I need to change the domain from cidrasensors.com to cidra.com
My hosting company wants us to create a new accounting and re-set everyting up.
So...based on this, I have a few questions for you:
1. Do I need to re-install the software? or can I copy from one account to the other?
2. Assuming I can copy the software to the new account - are there changes that will need to be made to point to the new domain?
3. If I decide I wanted to keep the first account alive for development purposes (never turn on the website domain to the public) - would I need to have a seperate ASP Protect license?
4. If I decided to ask you to do the transfer for us - is that covered in the $20 Installation fee I saw on the web?
, Not a problem. Have a good time at your wedding.
thanks!
, no the "expected path" is something that gets generated for you if you have parent paths enabled. to help you fill things in correctly...
basically if parent paths are enabled it shows you what the path should be for each path field on the settings page... if parent paths are disabled there will be nothing to the right of expected path for technical reasons (lack of being able to do a "../../" to figure out the paths more or less)
in that case there is a file called "expected_paths" in the data folder that you can run to tell you the expected path info
,
Timecard Entry: 3/25/2006 4:39:47 PM
Travel back to Clayton, Met with Paul from severence photo- demo of wireless will follow up next week to set up trial at his place and bring in Quote, SunandShield.Com - Bookshelf, phones modems, on line and dial up, rad log, open incidents, clean up/trash, Times - Basketball, On phone w/Chris B. - Needs an emergency upload component added to FXCaprara.com, Travel to/From/Having sales and marketing meeting, Work on New Hires Press Release, print, review, mail invoices, cancellations for nonpayment, quality check customer paperwork, answered phones, Marketing, Steady phones Ans. Billing Questions Stuffed evelospes. Report and invoices., SAME AS ABOVE, not busy at all, working on proposals , working on samaritan, pull deposit invoices; backup, , Admin (emails and organize), updated staff info page, worked on Emerald incident (aucoin) for Dave D., made 100 User Manuals for girls downstairs, helped Matt with Cathy's computer, met with Heike regarding a database she's working ok, BAH in Syracuse, general graphic/web design research, Review FPSE perms for Keith Darby sites, Training Bill M. and helping him update report a problem and tech problems to SQL, deliver sample meta tags to Jake Hynes @ TS Peck.com (as a result of 7/5/00 meeting w/Jake), to Watertown, Busy all day, 0100, and RNA's seemed to be the main problems., lunch, Going over to IMC to reboot a server, also checked on a few things., Following up on Liberty Christian, checked the antenna on the Herald Building, teched calls and radlog and newusers, more tech support and rad logs, Email,
