Thank you....  yes it does

Is there a limit in the number of Zones you can have in the database.

thanking you

ok, here is what is going on

you are password protecting an ".asp" page that requires querystring info to run correctly   (example - "somepage.asp?ID=3"")

that is something I never intended anyone to do.. while it does handle and repass the querystring info along during successful login it does not re-pass that info during a failed login as you have found out

this is all by design.. the only reason the system re-passes the querystring info at all is because I wanted to make it smart for the sake of the remember me/cookie feature.. so if someone was using that and bookmarked a page deep in your site with querstring info...then when they went back to that bookmark they would get authenticated and still see the page as intended with the querystring info in tact

it was a nice feature never intended to handle any situations other than what I just described...

now...
notice the url in the browser after failing a login.. then logging in successfully.. it is missing the querystring info

that more than anything is what is going on..  browser caching can cause some confusion when dealing with this because the browser likes to return you to the page minus the querstring info... when that happens a simple browser refresh at that time may very well solve the problem and then you see the page you are supposed to see...

To avoid all of this...

One solution to this is to always start people logging in to an ".asp" page that has no querystring info. That way this won't happen. Once they are logged in you can then offer them links to the pages they need to go to. (you of course still want to password protect those pages)

Another solution is to log them into a page with no querystring info and then do a response.redirect to the page with quersytring info.. thus accomplishing the same thing but without the possibility of the issue because of a failed login.

Another solutions is to do checks in your asp page for missing querstring info.. and if it isn't there do something about it like send them somewhere else.. or display a message about there being an error... etc etc

So,basically you don't want to tell people to login into such and such page with querstring info... and providing a username and password..... You can do it but like you found out it can cause an error if they mess up logging in the 1st time. The system just was not designed to handle that. There are complex reasons for that involving security that would just take me too long to explain.

I hope this makes some sense to you.. it is very hard to try and explain

I would look on the pictures folder on the server and see what is there for pictures. Also, when you see a broken X on the site right click and see where it is trying to get the picture from and what the pictures name should be.

I would also be sure to clear out your temporary internet files in IE. clost and restart all browsers..

maybe show me the site ? so I can see this happening ?

I had never noticed this before, but a customer sent me email to say that they had set up their aspclassifieds profile such  that they be contacted by email and not by phone.

However, in their ad, their phone number still appears. The lines in view_ad.asp that check for True values for the Contact_Via_Email and Contact_Via_Phone before displaying that information seem to always evaluate to True, regardless of their setting in the database.

I'm using an Access2000 DB for this. When I open the DB in access, I see the checkboxes correctly unchecked for phone and checked for email. However, if I do a quick test to display the retrieved values in the view_ad.asp (<%=contact_via_phone%> <%=contact_via_email%> they both display True.

What gives? I have had nightmares with Access and its weird handling of true/false 0/1 yes/no fields, but this is driving me nuts.

Hello,

You'll need to find a validation function to test for it.
Either server side or right in the form via client side javascript.

I dont have any experience with validating zip codes here much less UK.

Google it would be my best advice.. or maybe find some free app written in UK format and see how they did it.

Good Luck..

And if ya find anything post it here if ya like

The only other thing I can think of if you are not getting any errors.

Is that you may have the path to the server include file correct but ASP server side code is not executing in that part of your web site.

You can do a simple test to tell if it is...

Make a simple ".asp" page in the same folder.

Put only this code in it.

<% Response.Write ("ASP is executing") %>

then run the page via the web browser thru the server..

If the text prints out ASP is running... if you don't see anything it is not

you password protect an asp page in your site "where that is is up to you"

http://support.cjwsoft.com/code/moreinfo171-1.htm

then you link them there from your own pages

thats all there is to it

is that what you are asking?

Additionally...any page you password protect automatically becomes a login page... where you want to start and where you send them after or before login is something you have to handle on your own

Any pages you pasword protect will prompt the user for login info if they are not yet logged in that is.

Then once logged in it returns them to the same page they are showing the page content as it would normally appear.

this issue has been resolved.. see following thread

http://support.cjwsoft.com/code/moreinfo316-1.htm

Hi - I am a recent user of your software. I administer it for the owner. I probably missed something in your forums somewhere - but I'd like to know how to stop the software from sending an "accept registration" e-mail (after they fill out the registration page) from going out so fast - usually within minutes.  I'd like to know how to defer the message for 24 hours, more or less, so that our company can go over the registration details and decide whether to allow the person registering to actually have access to our protected website pages.  The program is working very well and we are excited about it.  So far, no problems (knock on wood!).

Thanks so much for your help!

When did you download the ASPProtect Version 7 zip file ?

what did you enter as a wrong password to make that happen ?

does it it do it when other wrong passwords are entered ?

Microsoft VBScript compilation error '800a0400'

Expected statement

D:\CLIENTS\RKLARMAN\DRSWEISBERG\PASSWORD_ADMIN\../dataconn_i nc.asp, line 18

<%
^

Is there a simple way to upgrade from 7.x Lite to 7.x Full?  I was testing out the software and I just purchased it.  I have made some look and feel changes to the lite version (ie: login page), but no look and feel changes to the admin section.  Is there certian files that I can add to have the full version without shorting myself features or functionalbity? 

Thanks

If I also password protect the pricelist pages then someone will have to login twice.

nobody should have to log in twice... ?

session variables keep track of access... once your in - your in and you can browse to and from any password protected pages you like

If it is making you log in each time then cookies are most likely disabled.. session variables requires cookies being on to work.. cookies being on  is a requirement of aspprotect and is how Formed Based Authentication works..

let me know if that is the issue there...

you shouldnt have to be logging in more than once per session

Thats the whole point of the application...

This server is sitting in my den on a DSL circuit, so I don't have a hosting company. The install for Windows 2000 server is with default settings for all components installed.

I am not sure what you are referring to when you say:

"Does emailing work under the simplest scenario ? (directly from the users screen"

What user screen?

What settings are you referring to that I may have chosen?

dsn-less is the way to go..
http://support.cjwsoft.com/code/moreinfo9-2.htm

you also need to use newer versions of the database as the odbc drivers on the server are sometimes very new and no longer work with access 97 databases

Great suggestion, routing the banner click through an intermediate page before the destination.  We use Deepmetrix LiveSTATS.xsp V7 and I should be able to configure a filter to capture the stats of the intermediate page.

Thanks for the help!
Lance

yes, usernames and passwords are both case sensitive. It increases security.

Just having the database with members does not protect the page.  You need to add the appropriate code to every page you want to restrict access to.

You need to click on the Groups tab in Admin. 
Click on Generate PW protection code. 
Click on the basic button if you don't want to include levels or groups or choose a level or group(s) and click the appropriate button. 
Paste the code that's generated  into the top of an ASP page in code view.

Is that what you're looking for? 

Michelle

lmao ... ya that has never happend to me before....

ok

Sounds cool.. post info when you get it sorted out

thx

hopefully someday I'll get the new version finished.. I just never seem to have time. Lately ASPProtect takes up all my time and now aspclassifieds seems to be in need of a new version more so than asp photo gallery

SQL Server Datareader Datawriter Permissions..

here is a screenshot that shows how to set datareader and datawriter permissions on an aspbanner database using "SQL Enterprise Manager"

In this example we are making sure the aspbanneruser has those permissions on the aspbanner table in the database

import/export feature WARNING !!

I just want to warn everyone that the built in import/export feature can be a little dangerous.
The reason being is when you import users they get new "Users_ID"s in the database.

The "User_ID" field is an autonumber field and that is why and there is nothing you can do about it.

So, if you are using a user's current "User_ID" to keep track up something important NEVER export the users and re-import them. Because their "User_ID" will change and you will be in trouble.

The PayPal signup features of ASPProtect actually use the "User_ID" like this and that is the main reason this warning is here.

now, that being said

If you are importing new users into ASPProtect

or

simply exporting existing users to another system

then this is nothing to worry about.


Basically, the moral of this story is dont think of the built in Import/Export feature as backup system because it is not. It is not a substistute for backing up your database.

It is a just a tool that can come in handy for various things.

I am having problems with a password a user wants to use.  He wants HANNAH.  When he (or I) try to log in with his username and password, I get a syntax error  -

Syntax error in string in query expression '(Username = 'changedforsecurity') AND (Password = ' éG'.
pathOnComputer../1protect/check_user_inc.asp, line 114

I've obviously changed the username and the server path in the info above for security. 

I have not messed with the encryption.   

What is it that the system doesn't like in the word HANNAH as a password?  I would just change his password for him but this guy has enough trouble just turning the computer on!  Confusing him with a new password would take weeks to set him straight. 

Thanks,
Mick

How can I make so it goes to certain webpages if user enters valid username and password??

I suppose user enters its information on check_user_inc.asp page, and username and password are stored on SQL database.

Thanks

Perfect exactly what I was looking for.

Thanks

I have never heard of such a thing...
If the settings are enabled for the web it should work.
That is, as long as your include file syntax is valid.

I run my own windows 2003 server (you are on it now) so I should know

for troubleshooting

try a very very simple example... like a file in a folder.. with a server side include to a file under it

and see if that works

use real simple asp files with nothing crazy in them... and an include like this

<!--#include file = "../myfile.asp"-->

I assume that if I am using this product, search engines such as Google cannot access and index my content. Can somebody confirm that; I want to be 100% sure.

In case it matters, I am using a basic, cheap ISP setup where my site is on a shared server.

Thanks in advance.

The code is ok..

Your getting an error because no banners are showing up in that zones rotation.

run this directly in the browser and you will see that there are no banners being generated for that zone ID
http://www.poconocommuter.com/aspbanner/aspbanner_inc.asp?Ba nnerZone=6

As a matter of fact I dont see any banners showing up for any zones previous to 6 which tells me either you dont have valid banners in there or the application variable info got corrupted do to a server crash / power off or something.

http://support.cjwsoft.com/code/moreinfo95-1.htm

If you are developing using Windows XP Pro and running the NTFS file system setting proper permissions on a folder in your website requires that you 1st disable simple file sharing.

To do so open up "my computer". At the top open up "tools/folder options"

Then the "view" tab.

Then at the bottom uncheck "use simple file sharing"

After that that is done... using "my computer" browse to the folder in your web that you need to set permissions on.

Right click on that folder and then choose the "security" tab.
(If simple file sharing is on that tab wont be there)

Give the "Internet Guest Account" Modify Permissions
This will check all the boxes under modify as well.

You can also give permissions to the everyone account and accomplish the same thing.



BTW:
If you are using ASP.NET you need to give permissions to an account called ASPNET. It wont show up in the user list. You'll need to click "add" and then type in "ASPNET"

<%@ LANGUAGE="VBSCRIPT" %>
<!--#INCLUDE FILE="check_user_inc.asp"-->
 
<%
    Response.Write(Session("Groups"))
%>