well, so far one other guy found one..

his, was some sort of weird character that was causing a line break or something though in my testing I just couldnt figure out what was going on

now for me to reproduce any error someone find with a password I need to know the key used and the password used

which make it real hard to troubleshoot

ConnectionString = "DBQ=C:\TradersReportsCom\aspprotect\data\database\ASPProtec t_access2002.mdb;Driver={Microsoft Access Driver (*.mdb)};UID=Admin;Password=temp"

I have already set the folder permissions as indicated in the documentation.

Hello,

1.)

I dont really have any ideas about the japanese characters. I also don't have any ideas about changing settings in the database. Your going to have to do some research on all of that.

Perhaps try pasting the text into a text document 1st.. then copy/paste them into the application. Perhaps that will eliminate any unseen weird characters. I do it sometimes when pasting things from word to my html editors and it works great.


2.)

I dont/cant support custimization to the code but here are some tips to get you started.

edit "items_inc.asp" carefully with a text editor
(back it up before you begin so you can revert back)

change this anywhere you see it

?SORTBY=Name

to

?SORTBY=Name+Asc

or

?SORTBY=Name+Desc

Expiriment to see which gives you the desired sorting.
Do the same process for the price.
The + Sign just passes a "space" back to the page in the proper format if you are wondering.

3.)

The items for page setting is easy. Just go to the settings page when logged in as the admin. Edit this field.   "ResultPageSize"

I cleaned up the code as you suggested, and I still can't get the images to display without the whitespace around it.

How do I download the ASP version?  I'll give it a try.

Thanks for your help,
JDooley

How do I recover or reset admin password used for the aspprotected pages. I have installed it months and months ago, but now can not recall the password. Any help appreciated, as I do not feel like installing it again.

If I also password protect the pricelist pages then someone will have to login twice.

nobody should have to log in twice... ?

session variables keep track of access... once your in - your in and you can browse to and from any password protected pages you like

If it is making you log in each time then cookies are most likely disabled.. session variables requires cookies being on to work.. cookies being on  is a requirement of aspprotect and is how Formed Based Authentication works..

let me know if that is the issue there...

you shouldnt have to be logging in more than once per session

Thats the whole point of the application...

Upgrade from V6 to v7.x with an MSACCESS DATABASE

1st of all, backup your existing ASPProtect files and database before performing this upgrade. Please be really careful while performing this upgrade. Version 7.x  is a highly advanced application compared to any previous versions. CJWSoft under no circumstances is responsible if you lose information or have website downtime.

BOTTOM LINE: (PERFORM THIS UPGRADE AT YOUR OWN RISK)

To do this upgrade you're going to need to have the Microsoft Access Application.
To work with an Access .mdb file it can not be newer than the version of Microsoft Access you are running.

That being said, on with the upgrade..

Open you're existing Acccess Database up in Microsoft Access..
You should see this something like this.



By right clicking on then choosing rename
Rename "Users" to "ASPP_Users"
Rename "Groups" to "ASPP_Groups"

If you do not have a "Groups" table do not worry about it right now.

Now right click and DELETE the Config Table.
Yes, delete it..

You should now see this. (with or without the "Groups" table)



Now, right click on "ASPP_Users" and go into design view.
It should look like this.


Rename the "Password" field to "Old_Password"
Be sure to spell it perfectly using the Underscore
It will look like this.


Now scroll down to the bottom a bit It should look like this.



Now..

If you have a "Groups" Field... leave it alone
If you do not have a "Groups" Field add one and make it a memo field.

Now, we are going to add a few more new fields.

Add a field called "Redirection_URL" make it a "text" field with 150 field size
Add a field called "PayPal_Subscriber_ID" make it a "text" field with 100 field size
Add a field called "Newsletter" and make it a yes/no field
Add a field called "Password" and make it a "text" field with 100 field size

It should now look like this.
(you do not need to worry about the field descriptions.. that part is optional and only seen when working on the database)



Now close that window and save the changes..

Your now going to open up another Access Database while still leaving the one you have on your screen open. You going to open up one of the new databases that came with v7.x. This database has some info we are simply going to copy and paste.

You'll want to open it and put it side by side on your desktop like so.
(the old database is on the left.. the new one is on the right)



Now, for the fun part.

On the new database to the right.. right click on the "ASPP_Config" table and pick "Copy"

Then move your mouse over to the old database on the left. Right click in the open white area and click "paste"

It will ask you for a database name. Type in "ASPP_Config"
Leave "Structure and Data" checked and hit OK

Your old database on the left should now have a nice new "ASPP_Config" table.

OK, now for the "ASPP_Groups" table

If you already have a "ASPP_Groups" table in your old database you are done.

If you do not have one your going to copy and paste the table from the New Database to your old database just like we just did with the "ASPP_config" table.

Your old database should now look like this.



Now, you are done upgrading your database from within Microsoft Access.

The existing passwords still have to be encrytped and moved from the "Old_Password" to the "Password" field

To that we have a special page we run in the application that will take care of that.

So, for now... go install the application, but using the database we just created.
Follow these instructions for the most part...
http://support.cjwsoft.com/forum/forum_posts.asp?TID=181& ; ;PN=1

When you get to the part where you finally get into the admin area and need to make an admin account you will notice that your existing user database is there but none of the users have passwords if you look at them in the edit screen.

That is normal. Simply do what the instructions say and create and admin account using a username that does not exist..

Then log off... then back in as that new admin account. If that works you are ready to convert the passwords.

This part is very easy.

You want to run a special page via the browser.

http://www.mysite.com/password_admin/convert_to_encrypted.asp

Replacing the part in blue with your website info.

Once you get the page running you will see a login prompt and one form field just like before with the "get_me_in.asp" page

You will need to paste the "PasswordEncryptionKey" value that you used in the "config_inc.asp" file in the form field and hit enter.

If all goes well you will see a page telling you to click here to encrypt the passwords and copy them over.

So do what it says... dont click more than once and wait.

Eventually it should say it is finished. So go log in to the admin area of the system using the new admin account.

Now edit some users but dont save... you want to see if the passwords are showing up. If they are the conversion worked. If you see nothing or a garbled mess it did not work and you made a mistake during this whole process.

If things went well backup and delete the conversion file below.

http://www.mysite.com/password_admin/convert_to_encrypted.asp

You do not need it anymore.

Once you are positive every thing is running smoothly and everyone's passwords are ok you can go in and delete the "Old_Password" field as well.



If things didnt go well.. try again from scratch and go slowly.
If they still dont go well get ahold of us for help.

We are here to help, but if you really want us to we can be hired to do the conversion.

You have old code I think.

It's probably because his password used with your encryption key by chance creates a single quote and messes up the database query

A notice went out about this. I will PM you the latest download with the updated files.

Or at least I think so.  I have been trying to get this software to work so I can see if it meets our needs for an upgrade purchare. Here is my error.

Microsoft JET Database Engine error '80040e10'

No value given for one or more required parameters.

/aspprotect/scripts/populate_config_variables_inc.asp, line 15

My provider says that the problem is NOT on there end, that it is a problem with the code.  I think that it is a database connection problem.  Can you please help.  Below is my connection string based on what the setup page directed me to do:

ConnectionString = "data source=\\NAWINFS03\home\users\web\b1347\rh.957theride\asppro tect\data\database\ASPProtect_access2002.mdb; Provider=Microsoft.Jet.OLEDB.4.0;Jet OLEDB:Database Password=temp"

When I first set up the program I got this error:

Provider error '8000ffff'
Catastrophic failure
/aspprotect/scripts/populate_config_variables_inc.asp, line 11

Once again, the looked into it and said the permissions were fine and that the code was most likely bad.  But then the errror changed to the one that I first listed.  Which is the one I am currently getting. 

BTW here is the page address

http://www.957theride.com/aspprotect/password_admin/get_me_i n.asp

Thank you!

I am running .asp pages and using the longer code method to display flash banners on my site.

I have noticed a considerable decrease in the loading of my index page when I have a banner called.  When I remove the banner, all is fine.

Any suggestions?

Dave

really all depends on the sql connection string you are using and the names of your sql user you are using...

you really havent described very much..

I'd double check all of it.. something is wrong

I recently upgraded my ASPclassifieds from MS Access to SQL.  The application launches, I can browse existing catagories, etc. but when I try clicking on the login, guestbook, register or accessing the classifieds_admin,  I get the HTTP 500 - Internal server error.  Guessing this must be a folder or file permission issue?  Have tried changing IUSR permissions but nothing helps.

Please advise.
Thanks, lancem

Javascript Popup/Pop Under Generator

Until I have time to make one I suggest using the one on the banmanpro support site as it is pretty nice.

Just dont use option 2 on that page as that is specific to banmanpro

http://www.banmanpro.com/support/popupgenerator.asp

Hello,

It is very possible (just basic ASP and database accessing techniques)
It is just not the sort of thing I support in the forums as it is a customization related.

Even for me something like that would take 1-3 hours of coding time. Basically, it is just not something I could just explain to you real quick.

You might want to pick up a good book on ASP or check out some of the great resources out there. http://support.cjwsoft.com/forum/forum_topics.asp?FID=17

Doing stuff like this is relatively easy, but can be time consuming work.


In the future please use a more descriptive topic for yours posts "I need help" is not exactly helpful to anyone else searching through the forums . I therefore renamed your post accordingly.

I really try to keep the forums organized and clean. That's all.

Thanks

Understood.... can you point me to a place where there are other methods of calling banners?  Do you mean not use Flash?  I am new to this and will need some pushing over the cliff!

Thanks

Dave

When a user 1st signs up a proper case function is run on certain fields.
This is only once on user signup and never done in the admin area.

It's goal is to keep things entered in Proper Case,

so if someone enters "chris williams" it becomes "Chris Williams"

It's not perfect but it helps a lot to keep the data clean and more consistent. Since it only happens during registration those values can be changed later by the admin or the user if someone wants to.

The function is only applied to the fields that it makes sense to apply it to.... 
In your case adding a drop down menu means you want exactly what is in your drop down to appear so you wouldn't want it happening.

That being said, it is really easy to remove this situation from any field it is happening to during registration.

So edit "users/add_new_account.asp" with a text editor

find

CmdAddUser.Fields("Company_Name") = PCase(Company_Name)

and change it to

CmdAddUser.Fields("Company_Name") = Company_Name

That is all that is needed to made the change

look in the "check_user_inc.asp" file

Thank you that did it !!

Hi,

I can't seem to find the code where it limits the upload file size. I want to limit the upload size to 1.5 mg for all users. Also I've noticed that the 500 pix doesn't seem to work. As in if an image is bigger than 500 pix the script still uploads it. i am using Upload_post_VBSCRIPT.ASP.

Thanks

Chris:

I just got done trying it myself and it worked great for me too. I was aware of the security issue, but I'd already planned on using SSL for this particular call, as well as for the secured pages accessed through the normal process, so the bad guys will be kept at bay.

Thanks for the help.

Just to let you know that i figured out my problem. I had to modify the connection in the email code and get the correct path from my provider.

I hope you enjoyed your vacation.

Thank you
Adam

I am running Windows 2000 server. I do believe asp.net IS installed as I have the .NET 1.1 framework installed.

Funny about the bounce backs. I am at about 10% of my limit, which I control as I am the network admin. I'll check into that.

it is an email server/setting issue most likely

your email server probably requires outgoing authentication or something like that and that is why internal emails can be sent to but nothing else

its something along those lines

this will help you see the real error instead of the generic 500
http://support.cjwsoft.com/code/moreinfo11-1.htm

I just finished implementing the V7 product on our site and someone made mention that on the profile form where you are asked all your personal and user information there are 2 fields for passwords.  The first field uses masking to hide the password as you type it, where the second shows it in clear text.

Now we know that the only people able to see the password are the user and the administrator, but it is playing mind games with my users as they think there is a problem with the application.  I am not a programmer (however, learning ASP slowly now!) and am not sure if you did this on purpose or if it is a bug?

If it was done on purpose, can you advise how I can make the confirm password field masked as well to eliminate the unfounded questions!

Thanks

I pull that crap on myself once and a while... or my favorite is leaving a bootable CD in the drive and then wondering why the heck the OS doesn’t come back up. I pretty much promised myself back in 2002 that I would never mess with anything minor after 10PM. For whatever reason I always start messing around trying to "fix" something and end up sorry... Granted if it’s an emergency I am all for it, but I get dresses in advance anticipating the practically inevitable drive down to the datacenter.

Good luck with that, I am sure you will be much better off in the long run.

Hi,

You see, an include file is no different then a link to an image or graphic. The path to the include file must of course be valid. That file isn't in the same directory as that page so you get an error.

You simply need to make the call to the include file valid.

See my article on server side includes.
http://www.powerasp.com/content/code-snippets/includes.asp

You should also look at some of the provided example pages and see how the paths to the include files are done.

You can also use a virtual include if you figure out the page for that. See my article for the difference between a file include and a virtual include.

The code generator in the admin area shows examples of both but depending on your site structure the paths may need to be slightly edited.

Server Side Includes are a fundamental part of using ASP and they are used a lot. Once you understand how include files are used you will think it is the simplest thing.


More articles on server side includes

http://www.w3schools.com/asp/asp_incfiles.asp

http://www.4guysfromrolla.com/webtech/faq/Beginner/faq6.shtm l

http://www.minwar.com/24

Humm, I dont see how moving to a new server could have anything to do with that.

What method of displaying the banners are you using. Perhaps try some of the other ones.

Don't use the javascript method with a javascript based ad like google.. that's for sure.

Your SQL statement to the database is the key.

You want to change the sortby hyperlink on that page so that it will in turn change the dynamic sql statement to sort the way you want

Find

?SORTBY=Date_Created

change it to

?SORTBY=Date_Created+ASC

or maybe

?SORTBY=Date_Created+DESC

One of them is the default anyway, but I cant remember which is which off hand so just try them both till you get the desired result

near the top you can also change the default sortby when thet page is loaded

SORTBY = Request("SORTBY")
If SORTBY = "" Then
 SORTBY = "Name"
End If

there you would use a space though.. not a "+" sign when adding the ASC or DESC

The + sign is only used in the hyperlinks because it means a space for browsers that can't deal with spaces in links

ok, I moved this thread..

The code in the ASP application handles all encryption and un-encrpytion of passwords in the database. I uses the vbscript RC4 function and the password encryption key specific to your installation to do this.

The whole idea is that if someone gets your database and opens it up that they will not get the passwords (utilitiies to crack access databases are common and work well so they can easily get by the main password)

That being said when you open the database manually your not supposed to see clear text passwords. Your also not supposed to have an easy way to make them clear text. It's a security thing. 

Though I am not officially supporting it I will tell you what I think would be the easisest way to make an export file with clear text passwords in it.

Use the export fire creator in the admin area of aspprotect.
Mosdify "export.asp"

change

Password = CmdDataExport("Password")

to

Password = RC4(CmdDataExport("Password"), PasswordEncryptionKey)

Then make an export file and see if that worked.
you can then import the export file into and access database or do whatever you like with it.

Chris, that fixed it.  Found 2-references to guestbook2 in the file show_messages_inc.asp located in the \guestbook\ directory.

Suggestion for future release.  Create an option to email the admin when a message is posted.  If this code already exists please advise.

Thanks, Lance

Is there any way to extend the limit multiple login feature to a certain number instead all or none?  In other words, i need to have a user be able to use the same login for x number of people.  My customers are institutions and want to be able to have a single login for however many users they purchase for.

I was actually able to do similar thing by allowing our dedicated search engine to access the site unchallanged.

<%
If Trim(Left(Request.ServerVariables("HTTP_USER_AGENT"),11)) = "MYPASSWORD" Then  
 SearchFlag = True
End If
 
If SearchFlag <> True Then
If Session("Access_Level") > CHECKFOR or Session("Access_Level") = "" Then 
%>
<!--#include virtual="/Auth/check_user_Code.asp" -->
<head>
<title>My Title</title>

</head>

<body>

My Protected stuff here

</body>

</html>

For this to work, the search engine must pass the PW to the web site. I just was not sure how to do the same thing with IPs. I will play with the code and see what happens. If it works, I will post it here to help others, if this is OK with forum rules.

Thanks,

Mo

[/QUOTE]

I just added couple of lines and it works fine

If (Request.ServerVariables("REMOTE_ADDR")) = "xxx.xx.xxx.xxx" Then 
 ' Session("PasswordAccess") = "Yes"
 SearchFlag = true
End If