[QUOTE=cwilliams]actually, passwords can be up to 75 characters long in ASPProtect.
the only requirement when entered from a non admin user is that they are at least 4 characters long.

what does MSAccess have to do with this ? Are you trying to convert and old system or something? I noticed you created and "old password" field in there ? Is there something I do not know about as far as what you are trying to do?

Passwords in version 7 are encrypted so I hope you understand all of that and realize you can not enter or change passwords right from SQL server. Also if you import info you must handle that accordingly and convert the passwords to encrypted format. [/QUOTE]

First off, I haven't imported anything from MS Access.. The only reason I mentioned it is cuz I thought initially it worked with Access and not SQL server.

I am not converting nor entering any data manually into the db, nor have I changed anything in the way the registration is made (don't know where the "Old password" has come from? thought it was a function you made?)

Its still not there as labeled 'internet guest'.  There's a 'guest' and a host of others.  Is there a way to identify it as the proper guest account to use with ASPProtect?

Also, looking through support documentation, I see other possibilities it could be (http://www.powerasp.com/content/hintstips/permissions.asp).  Is there a way of telling which the problem is and whether we use a dsn connection or not?

The error we are getting is

 Microsoft OLE DB Provider for ODBC Drivers error '80004005'

[Microsoft][ODBC Microsoft Access Driver]General error Unable to open registry key 'Temporary (volatile) Jet DSN for process 0x1340 Thread 0x17a4 DBC 0x162becc Jet'.

/aspprotect/scripts/populate_config_variables_inc.asp, line 11

Is there an easy way to make this work with reoccurring a monthly or yearly subscription?

hello,

There is no built in option. You would have to add code to do that.
Its not difficult but custimization like that is not something I support.

A question.  Does this apply to all areas of the application.  I have recently uploaded 50 photes.  But when I look at the site from the url, I have X where the picture should be.  Now, if I look at it though the localhost, I see the pictures perfectly.

I am trying to import a file, and I get this error:

Microsoft VBScript compilation error '800a03f9'

Expected 'Then'

/aspprotect/password_admin/upload_post.asp, line 6

If Session("Admin") <> "True"
-----------------------------^

Any suggestions on how to fix it?

Thank you.

[QUOTE=cwilliams]I would like to delete the SQL tables and set them up from scratch using enterprise manager and sql query manager and see what happens

If that is ok with you let me know.

Something is wrong like I said...  almost seems like the database is caching old password info from the field.[/QUOTE]

Sure go ahead

The company is called Eschelon - there customer service leaves a lot to be desired. I have contacted them again and they said that they require the account holder to manage permissions, they won't make changes. I wish they would have told me that a week ago when I asked them about changing the permissions. They haven't responded to me yet how I am to do that though.

Frontpage ext. are not installed.

Once I hear back from them about how I connect to manage rights I should be all set.

Thanks again for all your help!

(User Search & Contact Mod) for ASPProtect Version 7.x

This will allow an individual user to search for other users as well as email or call them.

Notes: This is a down and dirty mod. The users page from the admin area was used as a starting point. I then edited it up real quick to be used as a user search. The way it is it shows the user email as a regular email link. If you want to set it up so emailing is done from the application and emails are not actually shown you will have to do some extra work. If you don't want phone numbers shown you will have to remove that column which is not very difficult.

Directions:
Back up your existing ASPProtect installation.

copy "search.asp" into your "users" folder

2006-03-10_143253_User_Search_Contact_Mod.zip

Direct your users there. They will have to be logged in to view the page.

WARNING: This has not been extensively tested for SQL Injection attacks.
I think it is perfectly fine the way it is by looking it over quickly, but use it at your own risk.

All this being said installing the desktop version of SQL may be a little tricky as it may complain that your SA account needs a strict password.

The solution is to run the SQL Desktop setup.exe with some parameters specifying a password for the SA account.

So you go to the command prompt or make a shortcut to the setup file and run something like this

setup.exe SAPWD="YourPassword"

minus the quotes...

I got that info from this article and it worked fine
http://www.experts-exchange.com/Databases/Q_21036508.html

The other thing to remember is it might take a reboot to actually see the SQL server icon running in the taskbar. You may also need to go into the administrative services and enable the "SQLSERVERAGENT" as well as set its startup type to "automatic"

And a reboot here and there..

Whammo... your in business...

Just wanted to say how much I like the program! I hunted for days and finally purchased a Perl based product. After several days of goofing with it I gave up. ASPPhoto worked right on first install!!!!

Way to go!

I purchased two site licenses for ASP Protect a while back and am now trying to implement the application.

The connection to the database is fine, because it recognizes the user and displays the user name.  However, there must be a problem with the permission because I get the DNS error information from the On Error in the check_user_inc.asp file.

I set the permissions on my PC as you indicated, both on the folder and the database file.  But get the error and cannot access the database to view or modify.  I also uploaded the file to my web server and set the permissions as well, but get the same problem.

You mention on your forum that it is not the code, but I don't understand if the code is correct and if it finds the database and the permissions have been set as you indicate, why doesn't the code work?

That’s about all I can tell you. It's just not something I support.

Have SQL 2000 backend...
We just moved from Windows 2000 to Windows 2003, used import data routine in SQL to move data.

Logged into admin area. When adding new user, no record is created. However, editing record works just fine.

Any ideas would be appreciated.

The only reason no one else asked this many questions is possibly because they didnt NEED the functions i am TRYING to do.

We offer tech support for installation of the base application purchased in it's native form.  In other words were not planning on spending weeks holding your hand and teaching you how to build your application or modify the one you bought. Not because anyone wants to make it hard on you but because there is a practically infinite number of things someone could be trying to do and the only way to give you the exact answer would pretty much involve either writing it for you or having a look at your code to see what the heck your doing. Sorry but my time isn’t cheap nor do I have a lot to spare. I already gave you my approach on what to do and what you should be looking at but obviously you’re not catching on. SO ONCE AGAIN, PLEASE LOOK AT THE SOURCE CODE AND DECIDE HOW YOU WANT TO HANDLE YOUR END OF THINGS BASED ON HOW THE APP DOES ITS THING. I really don’t know how I can be more clear that that. I don’t have a crystal ball that can tell me where you’re going with your own code, what the final requirements are... what field you want to add or remove for the database etc. There is a demo up that everyone can look at and play with so they can get a feel for how the things behave and look. It’s not my fault your naivety led you to believe you could do anything with it in ten seconds. I mean if I just add some wings to my car maybe it will fly, and if you just add a shopping cart and a few products maybe you can start your own Amazon.com with that software right? Sounds good to me…

It would take me longer to re-write YOUR code than it would to have LEARNED ASP.NET and made MY OWN.

Well thats one thing we both agree on, I bet it would take you a long time to rewrite the code when you dont know how to write it in the first place. By you own admission you dont know enough about what your doing to be messing with a .NET app at this point. Maybe you should take your own advice and LEARN SOMETHING ABOUT IT. What’s even worse is that application isnt even complicated, its 101 stuff honestly. One class, thats it! Your not looking at thousands and thousands of them that you will have to read and comprehend. If you can actually “read” the code we kept it lean and mean and to the point. Nothing strange or random, no references to a zillion things all sprinkled here and there. Its reads like a book if you know the language. That’s why developers buy these apps all the time. Not because they couldn’t write one themselves, but because they know their time is valuable as well and for $150 which is less than most get paid an hour they couldn’t be bothered. Furthermore we both spend a lot of time making sure these apps are "dumbed down" so that the average programmer without a lot of object oriented background can pick up the coding style tweak it if they need to. Some people do modify things to suite their needs and others are happy with our apps "as is".

Just to recap we already wasted two days yappin about your jacked up servers and after you went through THREE of them and finally got one working you said the code was working. Red lights started flashing in my office by the time you got to the second screwed up machine, but hey weird things happen so at that point I wasn’t 100% concerned. Technically we could have and possible should have cut you off there as the policy in place is pretty clear about us not being your tech support crew when it comes to getting your machine working properly (especially one we cant even look at). Go check those posts again both Chris and I were answering your questions and being as helpful as anyone could possibly expect.

Several more days have been spent answering questions about how to modify your application and again that’s not our responsibility and we don’t support modified versions of the software for all the reasons that should be obvious. No software company does and if I have to explain why that is well this conversation is beyond hope.

Bottom line is the responsibility to support that application ends the moment you get it running the way it was shipped. Were pretty damn decent about going above and beyond and a lot of the time we go into things we shouldn’t have to. If you have well thought out and specific questions by all means ask, this isn’t some sort of thanks for your money now get lost operation. CJWSoft has been around since the beginning of Microsoft’s entrance into the web application market. We have thousands and thousands of happy customers because we are developers and enjoy working with other developers along the way.

You’re not the first N0oB to show up, but you’re the first one I can think of that ever tried to tell us we didn’t write the apps we sell and essentially wanted to argue that we don’t know what were talking about. Meanwhile you should have been done with your thing days and days and days ago, not in here yapping off and showing your ignorance to the other developers that regularly browse these forums. You trying to tell me how CafePress works is a joke, I happened to have been part of the team that worked on the first few revisions of that site and again you really didn’t even understand what I was getting at in that last post. LINK TO LOGIN PAGE not link to every protected page on the site.

If you think I am pissed off at you, your wrong. I'm just irritated with the whining about this and that and rather than admit your over your head you come back with half baked remarks that only make sense to you. If you think you can google a few terms and come back here talking smack like you’re actually someone that knows what you’re talking about your just making a fool of yourself. You sound like a guy from China trying to tell me how to speak English... My advice is get a few books and start learning or try actually reading up and listening to the other bazillion knowledgeable developers out there that do a great job posting articles about the subject. You might just learn something and actually get your project finished before 2010 and when you do please come back and re-read your posts with "enlightened eyes" so you can see what a goofball you are for saying half of the things you have said. I am not in the mood to keep helping you get your project done step by step. I have huge projects of my own going on and if I thought you could actually provide a descent project specification I might offer to make the changes for you at a serious discount so you could go away and everyone would be happy. Problem is I dont get the feeling you could explain your way out of a paper bag let alone provide a group of programmer the techinal specs for your project.

Your best bet is to post a link to the start of this thread at www.AngryCoder.com I'm sure a  few of  people over there would be more than willing to give you a ton of usefull advice

Google 4GuysFromRolla… a great resource site with example, just dont come back here  telling me those guys/ladies posted things that dont work either.

Chris has written hundreds of articles on PowerASP, a great place to start looking as well… www.powerasp.com I've been spitting out code for longer than I can remeber and I still look thing up on this site because its LOADED with great info. That happens to be one of the very first ASP sites that went up on the net so lets just say he knows a bit or two about the subject.

I'm sure your frusturated but your pushing your luck seriously. 38 posts about this subject in a week and your over there hacking away on your virus infested WaReZ machine which isnt exactally the ideal development rig. I mean we provide the code and your supposed to provide at the least a very basic knowlege of what your doing and a production grade platform to test it out on. To me thats like buying a car and then asking how to drive it... then bugging the dealer to teach you and when you smash the thing complaining because no one told you that your not supposed to drive into a wall. I have the same policy as the dealer, show me something wrong with the car from the factory and we will fix it for you NO QUESTIONS at all with our appoligies, but really once you take it off the lot what you do with it is your deal and its not our responsability in the least.

all that docmunetation is online as well right here so you dont really need the chm file
http://support.cjwsoft.com/code/info24.htm

the chm format is a windows format that can only be viewed on windows pcs. I do not know why you can not see it. I would do reseach on viewing CHM files on whatever operating system and version you are running because perhaps you are using a mac or linux operating system which can not natively view chm files ?

so use the connection string the readme.txt in the sql installation folder file tells you to... it has the correct username.. I just posted that info above

or change the username in the connection string so its rigfht

or go into sql and give any user you want access to the database and use them

Any connection strings that come in the datacon_inc.asp file the way it ships are examples. We fully expect people to edit them.

Also.. the SQL scripts primarly goal is give you a properly set up database with correct files and table settings. Users and permissions often need a little extra attention from the installer as that part doesn't always get set right by the scripts It really all depends on what sql user you are when you execute the scripts. Many times the user someone logs in with doesn't have permission to make users and set permissions.

(Password Expiration Mod) for ASPProtect Version 7.x

This Advanced Mod requires decent knowledge of Databases and working with ASP. I originally wrote something like this for a customer on a custom project. I then took the time to re-write all the code from scratch so it could easily be plugged in to the current version of ASPProtect as an option. All in all this mod took me over 15 hours of time to develop and will save you a ton of time & money if you were planning on writing something like this on your own. Some parts of this were so difficult to get working that I would never have written this code if I was not paid to do so. (The encrypted array that rotates through the last 12 passwords was quite frustrating to get working)


 
The price on this is 19.95. I am not incorporating this into the base product because it makes things more complicated and isn't for everyone.

Purchase Page

Security is a big concern and making your users change their password every so often is a good idea. Keeping track of previous passwords they used and making them choose something they haven't used before takes the concept even further.

This Mod will add a password expiration date to the application. When the password expiration date is hit the user must confirm their old password as well as pick a new one before they can log in again.

There is a new password expiration directory where they must choose a new password that has not been used before. The new password must be confirmed during this process. (It remembers 12 old passwords the way it is coded) The old passwords are stored in the database in an encrypted array.


Directions:
Back up your existing ASPProtect installation.

Add two new fields to the "ASPP_Users" table in your database.

For an MSAccess Database

Password_Expiration_Date (Date_Time Field)
PreviousPasswords (Memo Field)

For a MSSQL Database

Password_Expiration_Date (smalldatetime)
PreviousPasswords (nvarchar 160 characters)

once that is done

Copy all the new ".asp" pages into your site.


Edit the "PasswordExpirationURL" variable in the "check_user_inc.asp" file

It needs to be the full URL to to the "change_password/default.asp" file


Now edit the "change_password/processchange.asp" file

There are 3 variables you can edit.

PageSentToAfter = "http://localhost/aspprotectmods/password_admin/default.asp"
PassMinLength = 4
PassMaxLength = 8

The "PageSentToAfter" is where you want them sent to after they change the password. It can be whatever you like.
If it is a protected page they should automatically get logged in with the new password they just changed to which is nice.

The other two values should be obvious.

That's it...

Just remember the password change thing is not used in the admin area...
You could easily add code for that on your own though by looking at the the password expiration code I added to the publics "check_user_inc.asp" file

Also:
You will see a new field to edit on the user edit screen for the Password Expiration of course. 

<!-- Web.Config Configuration File -->

<configuration>
    <system.web>
        <customErrors mode="Off"/>
    </system.web>
</configuration>

<!-- Web.Config Configuration File -->

<configuration>
    <system.web>
        <customErrors mode="RemoteOnly" defaultRedirect="mycustompage.htm"/>
    </system.web>
</configuration>

New Features added to 7.x

1. Entire application gone through and updated.
2. New graphics, new look and feel
3. Passwords and Cookies are now encrypted using separate keys individual to each customer install.
4. Groups Feature... powerful way to protect pages based on group access
5. Ability to upload a picture for each user.
6. New printable profile user screen.
7. Supports 13 email components as well as outgoing authentication for a few of the email components
8. New Lockout option. "However many" try’s to login and you are locked out for a certain amount of time.
9. PayPal signup routines for both single payments and subscriptions integrated into the application. Everything is handled automatically. Charging for membership couldn't be easier. 
10. New Newsletter Feature allows you to send newsletters to those subscribed. 
11. New ability to Email users soon to expire
12. HTML emailing for people using CDOSYS. This includes an inline html editor so you can send out some really professional looking emails.
13. Ability to redirect a user anywhere on 1st login
14. Option to turn off Login Remember Me Feature
15. Login Form now very easy to edit
16. All paths for places that need permissions can be easily changed.
17. Works with Parent Paths Disabled on the web server.
18. Company Name is now an optional field
19. Handy javascript popup date selectors
20. All date functions now internationl date friendly
21. Password conversion routine to upgrade existing users to the password encryption
22. Import / Export of user database built in
23. Protection Code Generators
24. Notes Feature. Javascript Popup on users screen that allows you to quickly see information without going to their edit screen
25. Mass email users incuding ability to send them usernames and passwords all at one time.
26. Option to not allow concurrent logins by the same username
27. Optional feature to keep track of recent users that have logged in as well as allow you to view the information.
28. Optional feature to keep track of recent users that have logged in, what pages they accessed, and when, as well as allow you to view the information.
29. Ability to protect other files types other than just protecting the viewing of the ".asp" pages. We provide working example code showing you how to protect images and file downloads in your protected ".asp" pages. You can protect nearly any type of file from downloading and viewing. (gif, bmp, jpg, zip, exe, pdf, rar, mp3,etc..)

[QUOTE=cwilliams]
Is that a real term or just something you named it cause they have like a zillion people using that SQL server?[/QUOTE]

yeah thats it, you buy into a part of the sql server so it's an sql server hotel...

Okay, here's the problem.  The out of the box sql script creates a catalog called aspphotogallery and a user id aspphotogalleryuser.

The out of the box GalleryConnectionString tries to access a catalog called aspgallery and a user id aspgallery

'*** GalleryConnectionString = "Provider=sqloledb;Data Source=p600laptop;Initial Catalog=aspgallery;User Id=aspgallery;Password=temp;"

I see the readme.txt has been corrected but the line in dataconn_inc.asp still needs to be changed.

Our knowledge base which is hosted at a remote location is protected by ASPProtect Full Version 6. I would like to allow our employee to access the knowledge base from within our internal network unchallenged. Is there a way which I can modify the code "check_user_inc.asp" to allow any one coming from say 10.1.X.X to access the site unchallenged?

Thanks,

Mo

I have been working on this. 2Checkout is like the most confusing and worst payment processing company on the planet. There are things about that page I just don not understand as many times as I read through it.

Doesn't seem like this stuff is mandatory just yet. (I asked)

I should have something soon.

Is there anyway to limit the number of Albums each user can make?

New Version 8.1 Released

Whats new..
http://www.aspbanner.com/v8_notes.asp

Upgrade Instructions...

Upgrade at your own risk. Though we try new versions are not always perfect due to minor bugs we may miss.

Back up your old setup so you can revert back if necessary..!!!
Save your data connection string info in a text file so you have it.
You can get that by viewing the system info page in the admin area.

Carefully copy all the ".asp" files from the new version to the old.
Your going to want all the .asp files in the aspbanner folder.
Your going to want all the .asp files in the aspbanner/scripts folder

Copy the aspbanner/images folder because there are some new images

Be sure to also copy the "data/config" folder files.folders as well as a lot of that is new including the actual config file. If you dont get the new config file copied in there you will have problems later on with some of the new features.

Be sure to create a new folder in the "data" folder called "tempstats"
Make sure it has proper permissions if you plan on using the delayed stats feature as the stats gets temporarily stored there. 

Go back to the area where you originally setup the data connection and do that again...

From the web browser run the following URL

http://yoursite/data/config/aspbanner_unlimited.asp

Replace "yoursite" with the proper url info relevant to your web site location.

When run via the web server that page will ask for a password. By default it is "temp". You should change it later on for security reasons. That page tells you how.

Now... moving on..

There were no changes to the database except for SQL Server users so you can use your existing database.

SQL Server users that want to use the new stored procedures feature (it's optional) will need to update their SQL database with the stored procedures.

Scripts to do that are provided.


ALSO: I have been running this new version using SQL Server Stored Procedure mode for a 1 week on a special banner server that serves banners to many of my own sites. I have also been using the new Delayed Stats feature.

All I can say is it is running like a champ and the SQL server is using less memory than it ever did before.