Blog Entry: 3/25/2006 4:24:01 PM
I think you getting all confused about dsn's and what they really are.
A system dsn gets created via the ODBC control panel and gets listed there. A system dsn is nothing more than a registry entry telling information about where the database is an how to connect to it. Then every time code accesses the database it has to do a registry lookup. The whole process adds a lot of delays, causes very poor performance and is unnecessary.
A dsn-less connection simply connects directly to the database by specifying the driver being used, where the database is, and some other information like the password if there is one.
To get aspprotect or any other ASP application using a database all you have to do is make sure the database folder has correct permissions and then make a connection string like so. (with the correct info for your directory structure of course)
DBQ=c:\inetpub\wwwroot\aspprotect_6\data\database\ASPProtect _access2002.mdb;Driver={Microsoft Access Driver (*.mdb)};UID=Admin;Password=temp
If you are wondering Access databases always use the same username.
So, basically if permissions are set correctly and the directory is valid it will work.
It is really that simple. 99% of the time when people have problems it is one or the other.
That being said, don't worry about the odbc control panel and what is listed there for connections. All we really care about is that odbc drivers are installed and somewhat current.
One last thign for reference: even if you do make a system dsn the database folder still needs the correct permissions.
cwilliams38417.7371643518, I am still a little confused... one thing I would like to mention is that the passwords in the aspprotect database are encrypted... meaning you cant just add a password to the user database by hand because it wont be the encrypted value and wont work.
It is something the application takes care of when you add a user via the web based interface.
You can however still add users manaully or with careful import/exporting... but you will have to use the existing password conversion technique which is covered at the end of our upgrade instructions in these forums.
http://support.cjwsoft.com/code/moreinfo174-1.htm
Basically you want to add a field to the "ASPP_Users" table called "Old_Password" and that is where you enter the password in plain text. Then after you are finished adding users to the database manually you do this.
You want to run a special page via the browser.
http://www.mysite.com/password_admin/convert_to_encrypted.asp
Which will convert the passwords to the encrypted value for you.
See the bottom of this thread for all the info on that.
http://support.cjwsoft.com/code/moreinfo174-1.htm
,
Haven't gotten to it yet. I do know there are a few customers using it to edit the app and said it was not all that different. Maybe they will chime in with some tips., In addition to that I just noticed the </href> you have in there.. man that is some scary stuff you came up with.. that may appear to work and make a link but it is not correct. Each link will work but never truly be closed.
That is just not valid proper use of the anchor tag.
You make a link in html like so
<a href = "somepage.htm">somepage.htm</a>
http://www.w3schools.com/tags/tag_a.asp
Then your surrounding each link with <span lang="en-us"> </span>
Not sure why ?
, Chris,
I've given the IUSR account modify access for the aspprotect folder.
In the ODBC manager module on the webserver I've taken out the aspprotect access driver option.
The dataconn_inc.asp line reads as
ConnectionString = "DBQ=D:\missourirealtor.org\members\aspprotect\data\database \ASPProtect_access2002.mdb;Driver={Microsoft Access Driver (*.mdb)};UID=Admin;Password=temp"
Now this should make it DNS-less correct? with the permissions set properly?
I've also taken out the password on the access database.
The original database of users I had was an access database from a different program called spooky login. I exported them into a tab delimited file and changed the column headings to match those in aspprotect exactly. Actually access would not let me import them in the databases without them being exact.
I imported that information directly using access's import options. I tried the import/export manager in aspprotect but kept timing out as well.
, does emailing work at the simplest level.. ??
meaning does a user get an email when you send an email from the admin users screen ?
if emails are not sending it could very well be the setting you have chosen for emails in the settings.
the best thing to do is keep trying to send an email there and try different emails settings until you get something that works... even when I do installs for people I often have to try a lot of various things before I get emails to send.. like picking different components and trying different things for the email server address because what they tell me is often wrong
also, sometimes emails get sent but depending on where they go they may get deleted as spam.. aol, hotmail, msn, and yahoo are famous for that , how di I change the currency dollar sign to gdp pound sign ?
I need all my tranactions in gdp puund sterling to use on paypal
regards
simon
, It is most likely because they have something running like Norton Ad Blocker.
Or something of that nature that blocks anything with certain words in it like "ad"
They are running something that is doing it.cwilliams38450.0079282407, When a logged in user with specific group rights tries to look at a
page that has different group membership requirements the Login screen
comes up giving them an opportunity to login with different rights to
view the page. If you log in again with your current user name
the same login screen returns with the added words something to the
effect of "Access Denied, you dont have group rights to this page...".
The only way to get back to the previous page is to hit the back button
on the browser (there is not a back button on the denied page).
I would really rather not even present the "login again" screen to a
user but just have a custom page that says "access denied" of my own
design with a back button on it. Is this an option provided for
in ASPProtect currently? I did not see it in the admin section
settings tab. Is there a separate "login again" asp file that is
being used for this
group access deny message that I could alter, or does it always have to
be the login asp file?
Or would this require me modifying the check_user_inc.asp file around
line 356 to change this behavior (I don't want to screw up any other
stuff though...).
Thanks!!
Oh, PS. just a quick check...it looks like if a user is an
"admin" he automatically gets to see all group pages regardless of
which set of group numbers are assigned in his user account...is that
right?
, It is not something I did when I wrote the emailing sub routines. You would have to edit the email sub routine for CDONTS and add something to it most likely. The email sub routines are in the "scripts" folder in the "emailing_subs_inc.asp" file.
I am not sure you can do that when using CDONTS though I think you can do it with CDOSYS. You would have to do some research and edit the code like I mentioned.
, I am using ASPProtect's password program, which has been very successful, for managing over 1,500 military veterans' memberships at http://www.vspa.com. What I am trying to do now is utilize the "Groups" code, as generated by the Admin page, to prevent members with expired accounts (and non-members) from accessing restricted "members only" .ASP pages they may have bookmarked, or found via web search. The code generated and used is as follows:
<%@ LANGUAGE="VBSCRIPT" %>
<!-- Begin ASPProtect Code -->
<!-- Groups with access to this page. ( * ADMIN * Member Current * Member Life * Officer/Staff * ) -->
<% GROUPACCESS = "10,12,14,19" %>
<!--#INCLUDE FILE="check_user_inc.asp"-->
<!-- End ASPProtect Code -->
The above is placed over the <html><head> statements on the page.
When I am logged in the code works perfectly! When I log off and try the URL again, the page appears in its entirety but with a Login box for Username and Login Password at the top of the page. You may view the problem at: http://www.vspa.com/aspprotect/vspa-password-enter.asp .
What I would like to have happen is expired members and non-members would be sent (or Redirected) to a Login page. I do not want the Login password box to merely be inserted above the page that I am trying to keep them from visiting.
Don Poss,
VSPA Webmaster
, Chris:
The string is being saved and I get a .wav ring sound to confirm. I have tried editing in "notepad" and then running the "data/show_path_info.asp" file after with the same results.
Ken
, sorry for delay responding,
I got bombarded with support inquiries while I was gone and I missed this one since I been home.
Does the server_info.asp page I provide say that aspupload is indeed installed. Let's start there. , ok, I am going to do that in the next few hours. I cant do it right now as I have a few other business's and something else needs my attention right now.
Chris,
The reason is obvious, the file is called aspprotectlogin.aspx. It is self advertising for your product which is against the law for me to do on a government support website such as mine. Every other login system I have come across uses the login.aspx file. If I can’t change it I will file with the credit card company and return your product. I do like your product and hope to stay one of your customers. I will let you know, thanks for your help.
, I really do not know to tell you the truth. I'll do some research.
The script only allows .jpg, .jpeg, and .gif extensions.
If someone uploads a file called... "filename.vbs.jpeg" with bad vbscript in it I seriously doubt anything can happen because of it because of the extension.
But I really do not know.
It has never happened to any sites I have or know of.
cwilliams38447.0491435185, I dont know about the unspecified errors. I really need more detailed information. (Since it has been working fine for quite a long time you might want to consider installaing the application from scracth again and see if you still get errors)
As for the log in not persiting. Did you by chance turn off cookies in your browser ? They are required for forms based authentication to function. Otherwise, yes you would need to log in to each and every page as you moved around.
cwilliams38414.6054166667, Awesome -thanks - I'll give it a try , It should be released sometime late May 2004 or early June 2004 but no gurantees as I am pretty busy right now with some projects.
There will be upgrade instructions and it should be a fairly easy upgrade.
, It's not normal at all. My guess you accidently edited the code in a bad way.
(thats the same code the every guestbook in every application I sell uses including ASPGuest which gets downloaded for free about 50 times a day)
No one has ever said it acted funny.
I would do a default installation with the original code somewhere and see if the problem occurs. If it does I can take a look.
In the meantime I wouldn't be running that as it is probably using up massive processor time because of whatever is wrong with it.
cwilliams38454.954212963, Yup, it probably means the virtual directory is not configured as an Application in IIS.
You did put this in a plain folder in your web, correcct ?
Not a subweb
Regarding the application settings for the virtual directory.. if it is your server you set that stuff up in the IIS console.
If hosted somewhere it is there responsibility to have that set up correctly for you and you need to contact them and ask them what the deal is.
cwilliams38455.9035300926, let's try this... edit that page with a text editor like notepad...
Carefully replace any instance of "Cint" with "CDbl".. I may have missed some of those when testing the last time I edited the code.
, well, ultimately it comes down to this and this is stated in the footer of every page in the cjwsoft family of websites.
"In some cases in order to receive proper tech support your application will be need to be installed on a live professionaly setup server on the Internet. We simply cannot troubleshoot all issues when the application is only installed on your local machine."
and if you have some sort of weird timeout going on on your local machine and cant even give me a detailed error message there is just no way I can possibly troubleshoot it... I told you what to check and thats really all I can do... all my applications run on XP. As a matter of fact I do all my development on XP boxes.
It could be any numbers of things... odbc drivers, versions of vbscript... other software on the pc interfering such as antivirus script blockers like norton... all sorts of issues can pop up on personal machines running xp
If you put this up on a live professionally setup web server I can help you. On your local machine there is only so much I can suggest. , I had both ASP Listings & Classified on the same website. The categories seem to be getting mixed up. I removed ASP Classified but classfieds categories is still appearing in the student of ASP Listing.
How do I fix this?
Thanks
, Did you do what that thread said so you see a more detailed error ?
Can I see the site and look around.. ?
I just am not sure what is going on from what you are explaining ?
If so private message me with the admin account details and tell me what to do to reproduce the error. , Attached is a SQL script to create the ASPProtect Database with the Option Pack Changes already applied. This lets you create the database in one step and you wont have to make the option pack changes as they are already there.
This only applies to people using MSSQL and doing a new installation.
This scripts are run via SQL Enterprise Manager.
You make a new database then run this script on it in query manager.
2004-06-14_180056_aspprotect_w_option_pack.zip cwilliams38152.7522569444, The sql script creates aspgalleryuser
dataconn_inc.asp out of the box indicates aspgallery as the user.
GalleryConnectionString = "Provider=sqloledb;Data Source=127.0.0.1;Initial Catalog=aspgallery;User Id=aspgallery;Password=temp;"
, How to set a new users expiration date.
You'll need to edit the "users/add_new_account.asp" with a text editor.
Find this section..
<%
CmdAddUser.Fields("ValidateEmailCode") = ValidateEmailCode
CmdAddUser.Fields("Access_Level") = ""
' PUT YOUR CODE HERE
CmdAdduser.Update
ID = CmdAdduser("ID")
CmdAdduser.Close
Set CmdAdduser = Nothing
ConnPasswords.Close
Set ConnPasswords = Nothing
%>
You'll want to add code like this right between the Acccess_Level and Updates section
CmdAddUser.Fields("Expiration_Date") = Date + 60
That will give take todays date and add 60 days to it.
You can of course do whatever you want here.
Actually, any database value for the user can be set during registration.
You can also change the default Access_Level to whatever you like.
cwilliams38403.6828587963, I didn't know about it. I will try to check it out some more this week.
, I'll try to help when I get back tues night,, see the contact page for info on where I am
http://www.cjwsoft.com/contact/default.asp?Subject=CJWSoft+G eneral+Inquiry
, Thanks Chris.
Your solution worked!
, recently i've been getting a lot of unspecified errors. i've been running aspbanner for about a year and a half now. i don't know what would have caused all these problems. also, for some reason it won't maintain my log-in, ever time i got from page to page or try to submit a form it asks me log-in again.
Jason S.
cwilliams38389.8791550926, on that particular page check the session variables manually (not using the include)
that way you are keeping the login access checking to an absolute minimum, elminating any form processing from the login procedure, and keeping the upload script happy
like so
<%
If Not InStr(Session("Groups"),"*1*") Then
' do whatever
End If
%>
you could response.write something followed by a response.end
or you might even want to response.redirect them to some other page that using the "check_user_inc.asp" where they can log in
And if you are going to be using a free asp upload script use this one as it is probably the best pure code upload solution available as far as performance goes.
http://www.freeaspupload.net
, that really does not make any sense...
I dont know what else to tell you as this really shouldn't be anything too difficult to sort out...
redirection based on criteria is not something aspprotect does by default... I try to help a bit... I've shown everyone how to do it in this thread...I know plenty of people doing it... I've done it myself... I know it works
let me ask you this... are you using ASPProtect 6 with the Option Pack ?
I assume you must be or you would not have the Groups feature ?
And you asked this question in the ASPProtect 6 section.
but then maybe your using 7.. I do not know
this should all work the same either way
, question 2 is answered best here
http://support.cjwsoft.com/code/code_info.asp?TID=319&KW =paypal
I should also mention that the paypal scenarios used in ASPProtect can not be tested using PayPal's sandbox. Also test using two real PayPal accounts and on a live setup. (You'll allowed two paypal accounts)
then you can log into the other and refund the transctions and of course it makes sense to use low amount like 1 cent and what not.
Also, I'd love to see what you came up with with the integration. I have been working on it here as well and took it in a different direction as I plan to sell directions for it as an add-on for aspprotect. I have it all working here but so far I dont see an easy way to let other people do it as I had to change things in both systems in a lot of places. Utimately if done under a SQL environment triggers should be used at the database level and that is another consideration.
, hello,
There is no built in option. You would have to add code to do that.
Its not difficult but custimization like that is not something I support.
, Hi Chris
Unfortunately the bl**dy server was down and unavailable for 17 hrs so I couldnt even get to see what the settings were!
It is on, the relevant users appear to have all rights for the data/tempstats folder.
I'm guessing you're going to suggest turning it off and see if the problem still appears.
Colin
, Yup everything looks ok - but why no error?
This just gets better - now the email a friend link says sent successfully and doesn't send out - what the heck...
What would cause it to 'think' it is doing the task yet still fail?
, i will probably end up doing this myself, but dropping all the log data in a sql table would be nice as it offers much more flexibility on how an admin can keep track and use the data. Browsing through each log file is very inconvenient. I can search for text in the files (server-side, others with a shared server would probably have to separately download all log files first), but with the current method I don't have the following important options:
- cannot sort by any criteria
- quickly see a list of all login attempts by a specific user (i need to search each log file individually for this info)
if you had an option during setup perhaps (or elsewhere) in a future version that allowed an admin to specify the preferred logging method (separate files or a table in sql) i'm sure many admins would find it very useful to have a database alternative of keeping track of users becuase it would offer the two benefits listed above, plus more.
, did anyone find a way to get the descriptions to show under the image yet?
,
Timecard Entry: 3/25/2006 4:24:01 PM
to Canton - 55 Miles, Called expiring users., prep for watn chamber mtg, waites, fx, bulk email setup and transimission , callbacks, Closing the day, email & voice mail response, Review CLEC plan, read and sent emails, Dial-up support: Cal Williams (ejlaw.com): send technical information to Cori Kennedy, paying bills, per diem, did cancellations for nonpayment, filed dsl waiting list customers, finished first draft of sign up procedure, covered for lunches, answered phones - signups, cancels, acct changes, made phone calls to city of watertown parks and recreation, fire prevention, worked on dsl Q&A book, Pinehurst - put entire site into tables, resize all graphics to fit on printed page, ran up to Clayton to deliver papers for Peggy, email, TICC mail, misc., hunting down information on the Sonoma products I have been asking for for about 2 weeks now. , Researching T1 pricing and PSC and FCC latest issues. Researching complaints filed w/ PSC re: Verizon and other CLECs in the area. Reading NECA Tarrif #5, containing competative pricing, and reading Verizon pricing on Wholesale website., traveled to mohawk to talk with herkimer county. , batching and answering phone. , Duties: invoice cancellations, answering phones, callbacks from voicemail checking emails. , WHITES :LUMBER - creating headers.., Watertown to Clayton, 24 miles, lunch, Gather additional information for Channel Partner site, reported RNA's on 4911 to BEn, Team conference call, SunandShield.Com - Bookshelf, General corporate, PO for Jeff, incomed executions and checks -Carol gave me the info, wrote out thank you''s from the opening,
