Hi Chris

Unfortunately the bl**dy server was down and unavailable for 17 hrs so I couldnt even get to see what the settings were!

It is on, the relevant users appear to have all rights for the data/tempstats folder.

I'm guessing you're going to suggest turning it off and see if the problem still appears.

Colin

Hi Chris,

Thanks for the answer. No, I am not using Paypal since these are employees and sales reps. I guess i'm on my own on this one. :)

Thanks
Sylvain

LOL

I recently upgraded my ASPclassifieds from MS Access to SQL.  The application launches, I can browse existing catagories, etc. but when I try clicking on the login, guestbook, register or accessing the classifieds_admin,  I get the HTTP 500 - Internal server error.  Guessing this must be a folder or file permission issue?  Have tried changing IUSR permissions but nothing helps.

Please advise.
Thanks, lancem

After turning off the friendly errors, here is the detail.

Active Server Pages error 'ASP 0131'
Disallowed Parent Path

/users/register.asp, line 16
The Include file '../dataconn_inc.asp' cannot contain '..' to indicate the parent directory.

ANSWER:
http://support.cjwsoft.com/forum/forum_posts.asp?TID=5&K W=Disallowed+Parent+Path+

Hi there,

Well, that is why we added the PayPal subscription pack where all of that is taken care of and customers get put under a recurring billing cycle.
The more people you get to pay that way the less you have to do.

We also have routines for the two other supported payment methods so people can look up their account and add time to it whether it is active/expired or not.

Other than that, yes it is something you need to sort out on your own based on how you want to run your system. You have the source code and the sky is the limit on how you want handle all of that.  You send out an email to users about to expire. Whether they come back to the site/look up their account and add more time to it is up to them. I really just do not see any way ASPProtect could handle that whole process automatically.

As for batch changing to users in the database. We give you the source code and we also use an open database structure. You can run any query you want on the database whether with ASP code or directly in your database using the tools that come with it, You can write any code you like to do whatever you like to the database. You can even tie other systems and code into the database via OBDC and manipulate data. The sky is the limit like I said. I also don't really see how batch changes to the database relates to individual users paying again for access or not especially since we include payment  pages were a users can look up their accounts and pay for and add more time to it automatically ? At least not regarding the payment routine we provide support for.

ASPProtect can not handle everything every person would need to do. It is meant as a solid starting point for any project, but there are going to be times when more functionality will need to be added by the customer based on their specific needs.

Thought that was already done....

Back to the drawing board...

It's MS Access, Version 7 (the Full one).

Anyway, I had inadvertently changed the user_id field type to "number".  When I changed it back to "autonumber", everything went back to normal.

Thanks you very much for your quick reply and sorry to have bothered you.

Hi, I am glad you like the system.
Thx for the comments..

The banner logic in aspbanner it tweaked for speed and performance.. that sort of thing really wouldn't fit into the current code structure very well. It would slow things down and be a nightmare to code because of the way aspbanner uses ultra fast application variables for the banner rotation. Basically its a feature I didnt incorporate for performance and pricing reasons.

I would suggest making different zones for different conditions.. then surrounding the banner calling code with if else logic so a different baner zone was called under certain conditions.

That way performance would not be effected and you could actually show a different group of banners based on certain conditions.

Sorry, but that is the best advice I can offer at this time.

I built ASPBanner for performance and at this time I refuse to sacrifice that for any feature that will slow it down and consume more resources.

Change the action of the form to the page you want them to log into.
Make sure the page you send them to is protected by the "check_user_inc.asp" file.

<center>
  <table border="0" width="400" height="200" bgcolor="#000000">
    <tr>
      <td bgcolor="#F4F4F4">
        <form method="POST" action="memberarea.asp">
          <input type="hidden" name="Status" value="Checkem">
          <p align="center"><font face="Arial">ASPProtect Login</font></p>
          <div align="center">
             <center>
             <table border="0" bgcolor="#C0C0C0">
               <tr>
                 <td bgcolor="#EBEBEB"><strong><small><font face="Arial">Username</font></small></stro ng></td>
                 <td><input type="text" name="Username" size="10"></td>
               </tr>
               <tr>
                 <td bgcolor="#EBEBEB"><strong><small><font face="Arial">Password</font></small></stro ng></td>
                 <td><input type="Password" name="Password" size="10"></td>
               </tr>
               <tr>
                 <td bgcolor="#EBEBEB" colspan="2"><font face="Verdana, Arial, Helvetica" size="-1"><input type="checkbox" name="KEEPMESIGNEDIN" value="True">Keep
                   me signed in on this computer unless I log off.</font></td>
               </tr>
             </table>
             </center>
          </div>
          <div align="center">
             <center>
             <p>&nbsp;<input type="submit" value="Login"></p>
             </center>
          </div>
       
        </form>
      </td>
    </tr>
  </table>
  </center>

No can do.  In both cases there is an icon that says "Not uploaded".  I click in it and nothing happens.  There is no link to upload.  Am I missing something?

By the way, I appreciate and am impressed with your rapid response. Thanks.

1st: try it with a normal dsn-less connection like we show in the example.. dont use that OLEDB.4.0 connection string.. connecting like that can cause a lot of problems and is not as great as everyone thinks it is and it can sometimes be difficult to get it working when the database has a password set on it

For the sake of troubleshooting just connect like so: (fixing the path of course)

ConnectionString = "DBQ=C:\Inetpub\wwwroot\aspprotect\data\database\ASPProtect_ access2002.mdb;Driver={Microsoft Access Driver (*.mdb)};UID=Admin;Password=temp"

ASPProtect will generate the actual connection string you should use when you run this page

http://www.mysite.com/data/setup_info.asp

Replacing the part in blue with your website info.


2nd: any IIS server setup to have the access database over the network path like that has a poor setup... and that can cause all sorts of problems as well, access is not designed to run over the network like that.. for more on that read this thread -  Start 5 posts down
http://support.cjwsoft.com/code/code_info.asp?TID=479&KW =OLEDB%2E4%2E0

3rd: If the app does not run using the connection string like I say to use then the problem is 100% on their end and is either related to permissions or the fact they are keeping the access database on a network path which is BAD BAD BAD... no quality host that knew what they are doing would set it up that way.. ultimately you don't want to host asp with a place that has a setup like that

4th: If you want to try some other stuff out we have a free guestbook, asptest, and a free version of aspbanner you can try out as well... www.cjwsoft.com

5th: If you need a quality asp host that knows what they are doing and offers great asp support www.alentus.com is the place

6th: Your right, it is not the code, its the data connection

You should read my article on server side includes… the path to the include file must of course be adjusted depending on where in your web you are.
http://www.powerasp.com/content/code-snippets/includes.asp

You will also notice if you look at the provided example pages that the include paths have been adjusted to make sense.

If it is 2 directories down it should probably look different..

example:)   "../../checkuser_inc.asp"

It’s weird that if you are not getting an error because if the path to the server side include is wrong you should get a nasty server error.

Also..

The ASPProtect system and any pages it protects must also be part of the same Application in IIS. It’s the nature of forms based authentication. Do a google search if you are not sure what an application is in IIS.

Lasty…. If you are logged in at the time

Whether your current session at the site is still active… or you have the cookie set to remember you.

Well, nothing will happen… cause your already logged in and you will just see the page as normal.

Perhaps things are working and you just don’t understand that part ?

You need to go to the log off page.. log off… then close all instances of the web browser windows..

Then come back to the site… then see if it prompts you to log in.

I'll try to help when I get back tues night,, see the contact page for info on where I am
http://www.cjwsoft.com/contact/default.asp?Subject=CJWSoft+G eneral+Inquiry

Great software.

How easy would it be to copy the email address entered at registration directly into the login id field so that the user's email address is automatically used as the login id? 

Also, where in the code can I turn off the random password generator - I'd rather force people to pick something they can remember themselves.

Thanks,

Nick

When a user 1st signs up a proper case function is run on certain fields.
This is only once on user signup and never done in the admin area.

It's goal is to keep things entered in Proper Case,

so if someone enters "chris williams" it becomes "Chris Williams"

It's not perfect but it helps a lot to keep the data clean and more consistent. Since it only happens during registration those values can be changed later by the admin or the user if someone wants to.

The function is only applied to the fields that it makes sense to apply it to.... 
In your case adding a drop down menu means you want exactly what is in your drop down to appear so you wouldn't want it happening.

That being said, it is really easy to remove this situation from any field it is happening to during registration.

So edit "users/add_new_account.asp" with a text editor

find

CmdAddUser.Fields("Company_Name") = PCase(Company_Name)

and change it to

CmdAddUser.Fields("Company_Name") = Company_Name

That is all that is needed to made the change

actually  I just went to it again and it was somewhat slow coming up this time..

perhaps you have some issues with the sql database.

it should be instant.. like this one I run on my server
http://banserver.powerasp.com/aspbanner/

I suppose it could also have something to do with sql server resources but its hard to say..

btw: who is this hosting company anyway ?

and did they give you access to a control panel that lets you manage your site ? sometimes that is where you manage those permissions if their interface supports it

lastly, are frontpage extensions installed in your web so it can be connected to via frontpage ?

ok, I just sent you a private message with download information.

replace you existing

"check_user_inc.asp"

"admin/check_admin_inc.asp"

"admin/email_user.asp"

with the new versions in the download

Do some testing to make sure that HANNAH password works ok for you.

Hopefully this cures the issue...
If it works ok for you for a while I will offer the fixes to everyone and start using this code from now on

BTW:
"admin/email_user.asp" had an unrelated bug in it that only happened if its error handling got triggered... it was posting back to the wrong page when that happened and causing an error

I am getting closer.

This error actually does not have anything to do with the forgotten password feature or your database.

It has to do with the settings you chose for emailing.

it relates to aspmail and it not liking the remotehost you used, or something like that.... etc etc

The album ID thing is completely normal and by design. Once an ID in the database is used it can not be used again. That is how autonumber fields in a database work.

As far as not being able to delete images... Are you by chance using ASP.NET to show dynamic thumbnails... Because if you are you must turn that feature off and wait 20 minutes or so (maybe more) before you will be able to delete any of the images. It is because the current version of the ASP.NET script used to make the thumbnails locks the images on the server temporarily anytime it creates a thumbnail.

It is a known issue... and there is no fix at the moment other than what I told you above.

This is a great article from my old powerasp.com site.
Connections And Server Database Permissions

Not really sure how to do this.... i think you know what i am looking to do.. is there anyway you can show me or create that solution for me? It would prob. take you minutes as its been taking me hours

Can you do a better price deal for that version in place of the one I've just purchased ie for a single licence rather than unlimited Christopher?

Or failing that can you give me an idea of how many changes you had to make to convert 7.3 to work with Mysql?

Regards,

Dave

[QUOTE=cwilliams]
Is that a real term or just something you named it cause they have like a zillion people using that SQL server?[/QUOTE]

yeah thats it, you buy into a part of the sql server so it's an sql server hotel...

How do I recover or reset admin password used for the aspprotected pages. I have installed it months and months ago, but now can not recall the password. Any help appreciated, as I do not feel like installing it again.

Hello,

You'll need to find a validation function to test for it.
Either server side or right in the form via client side javascript.

I dont have any experience with validating zip codes here much less UK.

Google it would be my best advice.. or maybe find some free app written in UK format and see how they did it.

Good Luck..

And if ya find anything post it here if ya like

The problem with that is when a user deletes an album, the album record does not get deleted from the DB, so counting all the records would return the accurate result. :(

Any hints?

ok, here is what is going on

you are password protecting an ".asp" page that requires querystring info to run correctly   (example - "somepage.asp?ID=3"")

that is something I never intended anyone to do.. while it does handle and repass the querystring info along during successful login it does not re-pass that info during a failed login as you have found out

this is all by design.. the only reason the system re-passes the querystring info at all is because I wanted to make it smart for the sake of the remember me/cookie feature.. so if someone was using that and bookmarked a page deep in your site with querstring info...then when they went back to that bookmark they would get authenticated and still see the page as intended with the querystring info in tact

it was a nice feature never intended to handle any situations other than what I just described...

now...
notice the url in the browser after failing a login.. then logging in successfully.. it is missing the querystring info

that more than anything is what is going on..  browser caching can cause some confusion when dealing with this because the browser likes to return you to the page minus the querstring info... when that happens a simple browser refresh at that time may very well solve the problem and then you see the page you are supposed to see...

To avoid all of this...

One solution to this is to always start people logging in to an ".asp" page that has no querystring info. That way this won't happen. Once they are logged in you can then offer them links to the pages they need to go to. (you of course still want to password protect those pages)

Another solution is to log them into a page with no querystring info and then do a response.redirect to the page with quersytring info.. thus accomplishing the same thing but without the possibility of the issue because of a failed login.

Another solutions is to do checks in your asp page for missing querstring info.. and if it isn't there do something about it like send them somewhere else.. or display a message about there being an error... etc etc

So,basically you don't want to tell people to login into such and such page with querstring info... and providing a username and password..... You can do it but like you found out it can cause an error if they mess up logging in the 1st time. The system just was not designed to handle that. There are complex reasons for that involving security that would just take me too long to explain.

I hope this makes some sense to you.. it is very hard to try and explain

in that file "upload_post.asp"

change

<%
If Session("Admin") <> "True"
 Response.End
End If
%>

to

<%
If Session("Admin") <> "True" Then
 Response.End
End If
%>