Blog Entry: 3/25/2006 4:24:21 PM
Can we get access to the source project files for ASPProtect.net since we'd like to put in some of our own branding on the pages and not everything can be done in HTML.
Thanks
, here is the next response to this which was emailed to me but should have been posted here
From: Mo Afifi
Sent: Sunday, October 23, 2005 4:47 PM
To: CJWSoft Support Info
Subject: Re: CJWSoft Support Info : SSL - Verisign Certifcates
Hello,
Thank you for responding to my posting. In the second line of your response you said “not start them off at an http:// url". I think what you meant is to "not start them off at an https:// url". If this is your intention then I agree with you 100%. I have revised my pages so the users will go first to a non-https page and then make a choice either to use secure or non-secure access. Please note that the site is not intended to be completely SSL protected but only the sign up pages. I have another problem though when I click on the "Secure Log In" and enter my log in information; the entire subsequent URLs will have https:// in them which I could not shake off. As I said the intention was to use the https for sign in only.
I realize that this issue does not have any thing to do with your product, but any input will be appreciated. Best,
,
Additional Information.
A set of these variables get created for every user that logs in to your site.
For performance and memory conservation reasons some of them can be turned off and are optional.
If you look in the "check_user_inc.asp" file or the "check_admin_inc.asp" file you will see a section of code like this
' Start of optional session variables to be set
' Recommended that you remark out any of the session variables below that you don't really need to use
' This will save a lot of server resource because every user logged in has a set of these
' I added some code here to not create these if they are empty
If CmdCheckUser("First_Name") <> "" Then Session("First_Name") = CmdCheckUser("First_Name")
If CmdCheckUser("Last_Name") <> "" Then Session("Last_Name") = CmdCheckUser("Last_Name")
If CmdCheckUser("Company_Name") <> "" Then Session("Company_Name") = CmdCheckUser("Company_Name")
If CmdCheckUser("Email") <> "" Then Session("Email") = CmdCheckUser("Email")
If CmdCheckUser("Address") <> "" Then Session("Address") = CmdCheckUser("Address")
If CmdCheckUser("City") <> "" Then Session("City") = CmdCheckUser("City")
If CmdCheckUser("State_Province") <> "" Then Session("State_Province") = CmdCheckUser("State_Province")
If CmdCheckUser("Zipcode_Postal_Code") <> "" Then Session("Zipcode_Postal_Code") = CmdCheckUser("Zipcode_Postal_Code")
If CmdCheckUser("Phone") <> "" Then Session("Phone") = CmdCheckUser("Phone")
If CmdCheckUser("Custom1") <> "" Then Session("Custom1") = CmdCheckUser("Custom1")
If CmdCheckUser("Custom2") <> "" Then Session("Custom2") = CmdCheckUser("Custom2")
If CmdCheckUser("Custom3") <> "" Then Session("Custom3") = CmdCheckUser("Custom3")
If CmdCheckUser("Custom4") <> "" Then Session("Custom4") = CmdCheckUser("Custom4")
If CmdCheckUser("Custom5") <> "" Then Session("Custom5") = CmdCheckUser("Custom5")
If CmdCheckUser("Custom6") <> "" Then Session("Custom6") = CmdCheckUser("Custom6")
' End of optional session variables to be set
If you do not need a particular variable to be set as a session variable simply comment that line out with single quote.
If you have an extremely busy site with a lot of users this is a good idea. If not, you probably don't need to bother doing this. I added some code in there so they will not be created if they are empty and that alone helps out a lot.
cwilliams38419.5459606481, I need a point or a little insight please.
I need to get information from a credit card authorization called netbilling. I have been looking at your code for PayPal and 2 checkout. I have a feel for the code flow and the relationships of the "includes" .
I have been doing a lot of reading in my books and am seemingly twisted around the axel. I am not expert in ASP I am better in VB. I am not afraid to write code I am just a little nervous about messing up existing relationships.
My plan is simple: code a page to open the database and populate the database fields from netbilling and convert their field name to yours in the database.
I appreciate your time and insight. As in the past I need your help again.
Thanks
, A very common and extremely bothersome error encountered when running ASP apps that connect to a database is the "80004005" error. It comes in many varieties.
These articles cover it.
(an article I wrote)
http://www.powerasp.com/content/hintstips/permissions.asp
(more articles)
http://www.aspfaq.com/show.asp?id=2009
http://support.microsoft.com/default.aspx?scid=kb;en-us;3065 18
http://www.aspfaqs.com/aspfaqs/ShowFAQ.asp?FAQID=115
http://www.macromedia.com/support/ultradev/ts/documents/8004 005_cannot_open_unknown.htm
cwilliams38102.4447222222, Oh yes...I've changed the time a script is allowed to run before timing out from 90 seconds to 180 seconds on the aspprotect folder., thats intertesting.. I have never heard of the concept until now..
I did a search for ASP examples or ASP components that can help with the process and just couldn't find anything about it., This server is sitting in my den on a DSL circuit, so I don't have a hosting company. The install for Windows 2000 server is with default settings for all components installed.
I am not sure what you are referring to when you say:
"Does emailing work under the simplest scenario ? (directly from the users screen"
What user screen?
What settings are you referring to that I may have chosen?
, I checked with our web hosting company and CDOSYS is installed and properly registered on the Windows 2003 Server our site resides on.
How do I go about changing the ASPProtect code to use CDOSYS?
Please advise.
, alternate databases are right here.. the documentation clearly links to this, its really not difficult to find
http://support.cjwsoft.com/code/moreinfo164-1.htm, I purchased 6.0 in Feb 05. Is there an upgrade price to 7.0
I spent considerable time setting up 6.0 to work with my web site. From what I read in the forum, it sounds like I have to start over again to integrate the new version into our web site. I do not relish the thought of that, but I have to move to an email system with a valid MX record.
Will I be starting over from scratch with this upgrade?
, This may be an old question ??? If it is please point me to the post or documentation where I can find the answer please.
When creating protected pages I am using the following to protect them:
<%@ LANGUAGE="VBSCRIPT" %>
<!--#INCLUDE FILE="/aspprotect/check_user_inc.asp"-->
But that is not working. I get the following error when I try to access the members logon page in the directory that I wish to add the pages to:
Active Server Pages error 'ASP 0130'
Invalid File attribute
/filelocation/filename.asp, line 3
File attribute '/aspprotect/check_user_inc.asp' cannot start with forward slash or back slash.
However if I create the pages in the root of the AspProtect directory and use a link to the same page that exists in the AspProtect directory and the following include:
<%@ LANGUAGE="VBSCRIPT" %>
<!--#INCLUDE FILE="check_user_inc.asp"-->
The pages work fine.
I really do not want to put all of my protected pages in the root of the AspProtect directory.
I would like to mix protected and unprotected pages throughout the site in order to #1 make it easier to administer. #2 keep the AspProtect directory solely for authentication. And, #3 keep any user authentication pages out of the AspProtect directory.
TIA
, So do I just replace the four folders that came with aspprotect with the four (in my case domain directory) folders in the patch or just move the files?, Regarding hosting companies..
Now.. obviously if you are hosting on someone elses server you may not be able to set permissions like this.
Ultimately, if you are hosting somewhere and ASP and Database connectivity is part of your hosting plan. It is the hosting company's responsibility to set these permissions for you when asked or to give you a special interface to do so on your own. If they are not helping you do this then maybe it is time to get a hosting company that is serious about your ASP Hosting Needs.
Also... JUST TO BE PERFECTLY CLEAR
The permissions we are talking about cannot be set via FTP or Frontpage access to your web site. They must be set like shown above or via a special interface meant to set the permissions correctly. For all you people out there messing with the permissions you see in FTP and Frontpage.. you are wasting your time and possibly creating problems in your web.
All ASP scripts that communicate with an Access Database, Upload Pictures, Modify Text files.... are going to need these permissions set in some way or another. We have no control over that fact.
cwilliams38360.69125, Hi,
First and foremost, a great product. I downloaded it last night and it took little effort to get it up and running 
.....now a little question...
Has the software/code been tried out on a Mysql db and if so did it work?
The reason I ask is that my website is very busy (1.5million page views per month avg) and I'm considering converting the ASPBanner Access db to a Mysql one to help handle the traffic. For every page view one banner impression is being made which means that the Access db is under a bit of pressure
This afternoon there were 1012 simultanious users on the website and it froze with an error message displaying where the banner should have been (I didn't quite catch the message but something to do with the banner script timing out). I'm not sure if the Access db had something to do with it but it seemed too coincidental. Rebooting the server cured the problem but obviously kicked off the visistors as well
At present there's 668 online and no problems so I'll have to monitor it to see how it goes but if anyone can answer the Mysql question I'd be grateful
Thanks,
Dave
, does emailing work at the simplest level.. ??
meaning does a user get an email when you send an email from the admin users screen ?
if emails are not sending it could very well be the setting you have chosen for emails in the settings.
the best thing to do is keep trying to send an email there and try different emails settings until you get something that works... even when I do installs for people I often have to try a lot of various things before I get emails to send.. like picking different components and trying different things for the email server address because what they tell me is often wrong
also, sometimes emails get sent but depending on where they go they may get deleted as spam.. aol, hotmail, msn, and yahoo are famous for that , Login failed for user 'aspgallery'.
Okay, shouldn't this be trying to use aspgalleryuser?
Lance
cwilliams38325.8848263889, It is common when testing a site that this happens because of the nature of session variables.
Admins have access to EVERYTHING so it is very important when testing different user accounts that you specifically log out... and then close every single browser window before logging in as a different user. This is to ensure session info from the previous user does not overlap in any areas.
(The session variable for admin access being the main one)
Under normal circumstances a user would not log in with many different accounts on the same computer this this would only be a problem for a developer who is testing.
So make sure you go to the to log-off page and log off.. then close all browser windows.. then test another user.
If all this is not the case then something else is going on and I will need more information. I pretty much know the level checking code for ASPProtect Version 6 is correct as there has been no reason to change any of it in over a year. I would have heard reports of problems with it. , It does not matter what directory name the ASPProtect files and folders are in but you cant go moving around critical file and folders like it appears you did nor is there any reason to.
All that is is saying is that the users folder, the password_admin folder, the scripts folder, the check_user_inc.asp file, and all the other files and folders that come with the system can be in any directory name as a whole.... but that doesn't mean you can go messing around with the files and folders in that directory.
I assure you 100's of users do not use "aspprotect" as the main folder name and they have no issues doing so.
Regardless, you need to explain in much clearer detail exactly what you did and what paths you used and what is where. At this point I really do not know what is you did as your post was not clear to me.
You should also check that you have entered correct path info in the admin settings page area. The register page is one of the paths that geths set there.
, Humm, Did you make any changes to the code ?
Solid Black is not the default so it must have changed at least once.
Otherwise it might be some sort of application variable problem.
I would make sure the web is and "application" in the IIS console.
, I used Dreamweaver4 to make my site is there anything I can do to make it work?
, I dont know about the unspecified errors. I really need more detailed information. (Since it has been working fine for quite a long time you might want to consider installaing the application from scracth again and see if you still get errors)
As for the log in not persiting. Did you by chance turn off cookies in your browser ? They are required for forms based authentication to function. Otherwise, yes you would need to log in to each and every page as you moved around.
cwilliams38414.6054166667, Hi,
I am investigating the possibility of purchasing above script having spent some hours trying to integrate various free banner rotators into my Invision portal.
What attracts me to your script is that it has 6 ways to call banners. I am an inexperienced webmaster with only a smatterring of knowledge about ASP. Will ASP Banner be able to integrate with my portal?
Many thanks
David van der Want
, the txt file is only lke 624 kb...so I'm not sure, ok, then I need more information.
Was the code changed ? Thats the big one. If it worked and now it doesn't something must have changed. Things just don't stop working on their own. I would try putting the original files back in there for everything but the config and dataconn files just to make sure and see and if it works with the original files. (back up your old ones 1st so you can copy them back of course)
Also, perhaps PM me the site info so I can go look as well.
, I want to try this on the machine im using now; which is windows XP.
Is this possible? I don't think i can set folder permissions on XP... there is no option to do so...
Is there a way to do it?
, You are NEVER supposed to move any files, especially that one. Of course that is going to break a lot of things.
Please put it back the way it was.
You change the path of the include file when you call it, never the location of the include file., enjoy the bar.. drink one for me.. cause that was the problem..
, The random password is generated during signup and the function that creates it is located on this page of code.
users/register.asp
it looks like this
Function RndStr(Length, UseChrs)
If IsNull(UseChrs) OR (UseChrs = "") Then UseChrs = "0123456789abcdefghijklmnopqrstuvwxyz!@#$%^&*()_+=-"
NewStr = ""
Randomize(CByte(Left(Right(Time(),5),2)))
For gpIndex = 1 To Length
NewStr = NewStr & Mid(UseChrs, Int((Len(UseChrs)) * Rnd + 1), 1)
Next
RndStr = NewStr
End Function
For example go to this page and hit refresh and watch the password change.
http://www.aspprotect.com/demo2/users/register.asp
Yes, sometimes if you hit refresh quickly over and over you'll get the same password, but not generally. Also that is not something that would happen normally as a user isnt going to sit at that screen and hit refresh over and over.
Anyway... when signing up the new user of course has the option to change that password to something they would like better...
As far as... "selecting the same user name and password every time"
I need more information. That does not make sense for a lot of reasons.
Most importantly because usernames are not generated. The are inputed by the user during signup. They are then checked to ensure they do not already exist before the user is allowed to complete their signup.
So under normal circumstances there can never be duplicate usernames in the system or even users with duplicate emails as that is checked as well.
Now of course if you edited the code in any way it is possible all this is not working correctly ?
cwilliams38164.8059143519, I purchased two site licenses for ASP Protect a while back and am now trying to implement the application.
The connection to the database is fine, because it recognizes the user and displays the user name. However, there must be a problem with the permission because I get the DNS error information from the On Error in the check_user_inc.asp file.
I set the permissions on my PC as you indicated, both on the folder and the database file. But get the error and cannot access the database to view or modify. I also uploaded the file to my web server and set the permissions as well, but get the same problem.
You mention on your forum that it is not the code, but I don't understand if the code is correct and if it finds the database and the permissions have been set as you indicate, why doesn't the code work?
, 
Much thanks, the duplicate incl's I spaced on and should have caught. The hidden form variable was a key issue. Thanks for the syntax and the help. Now I get this page together. j As a note - I got faster results by dropping my timeout to 3 minutes temporarily while progging and cleared browser cache between tests. Thanks again.
, it's ok
one step at a time and at each step testing things.. then when you mess something up you can figure it out a lot easier
cwilliams38456.1106018519, We have no add-ons for anything but accepting payments through paypal and 2checkout... if you want to accept payments through some other setup you have make a payment directory addon and write code to do it based on the system you are using..
We provide the ASP source code so that is doable for someone that is good with ASP. If not then it won't be doable.
, MySQL Database Setup
Use of MySQL is 100% unsupported as you can see from the site.
http://www.aspbanner.com/mysql.htm
Even still I recently had an encouter with an extremely Jerky person (read the thread above for more on that) and because of him I am adding this tutorial showing one way to set things up on a windows server using the official MySQL tools available.
Let me just say as well that there are 100's of 3rd party tools to work with MySQL databases and many ways to create the database and apply the database creation script. In the past it had to be done via the command line, but now there are a lot of visual tools you can do it with. Furthermore all hosting companies set MySQL up differently and give you access to varius interfaces to manage it which are all different, and that is primarily why I do not support it. How the hell could I support all those different interfaces many of which are totally custom?
The fact is 99% of the people that purchased ASPBanner to use with MySQL have done so without issue and love how it runs. Regardless here is how I set up a working MySQL database on a windows server proving it does indeed run with a MySQL database.
1st of all if you are setting up the server you need to download some things from http://www.mysql.com/
(btw: you local developers can install this on XP Pro as well if you like.)
For this article we are going to download the current non beta windows version of MySQL which is 5.0. ALso known as the Windows Essentials (x86) download. It's about 17 meg.
Because ASPBanner uses the MyODBC drivers (now called Connector/ODBC) to connect to the MySQL database you need to download those as well. (Our site flat out says this is required for MySQL use)
So I download those from here. http://dev.mysql.com/downloads/connector/odbc/3.51.html
Version 3.51 has been the current version for a couple years now.
You want the windows driver install which is about 2 meg.
The two downloads should look like this.
Now, on the webserver you run the version 5 setup (mysql-essential-5.0.19-win32.msi) I will guide you through it step by setp.
Hit Next
I am going to choose typical for the sake of this article.
Hit Next
Hit Next
Wait for a bit
I skipped this part.
Choose to configure the MySQL Now
Hit Finish
Hit Next
I am going to choose Detailed Configuration
Since I am on a development machine for this install I am going to choose Developer Machine. For a Real Server choose one of the server options.
For this article I am going to choose Multifunctional Database: You may want to pick one of the other options. That is up to you. ASPBanner will work under any of the scenarios.
I am going to leave the location at its default
Hit Next
Since this is a development machine these options are fine.
Hit Next
These options are fine as well.
Hit Next
Standard is fine for my development machine.
Hit Next
I am going to choose both of these options. The 1st one is Important and should be enabled on a real server so MySQL always runs. The 2nd is not so important.
Hit Next
Set the "root" password and do not forget it. You will need it to manage your MySQL server. I do not advise creating an anonymous account unless it is a development server and you just do not care. Whether you enable root access from remote machines or not is up to you so do some research on that. For this articles needs I am not choosing it.
Hit Next
Hit Execute and wait
If all goes well you will see this. (I actually got an error message about not being able to connect... I went to to Administrative tools/services and restarted the MySQL service and hit retry which cured that... it probably only did this to me since I have installed this before.. new installs probably will not have any trouble)
Hit Finish
Your done.. You just installed the MySQL Server (TIP: its usally a good idea to reboot and make sure the MySQL servce is running by default)
Now, moving on..
Lets install the MyODBC drivers.. (now called Connector/ODBC)
This one is a bit of a no-brainer so I am not going to go into detail.
Just run (mysql-connector-odbc-3.51.12-win32.msi) and run through all the defaults until it is done.. Choose typical when that comes up.
Your done setting up MyODBC on the server. If its not your server I guess you don't need to worry about installing all of this as its your hosts job to do that.
, Not really. The way I thought activity would work is that I would always see the last 50 users. Not sure what controls that and why I wasn't seeing it, but it sounds like it is an IIS thing and since my site is not all that busy, it will not show the users if some process has reset the numbers. Not a big deal.
As for the log files, I think it is related to my other question regarding the export directory. I have the ISP looking into things at thier end to see if they are doing anything that could cause the directories to disappear.
Thanks,
Dave
,
Ok, set up a new web.config in root, with just the suggested code.
that worked to get this....
Configuration Error
Description: An
error occurred during the processing of a configuration file required
to service this request. Please review the specific error details below
and modify your configuration file appropriately.
Parser Error Message: It
is an error to use a section registered as
allowDefinition='MachineToApplication' beyond application level. This
error can be caused by a virtual directory not being configured as an
application in IIS.
Source Error:
Line 409:
Line 410:
Line 411: <authentication mode="Forms">
Line 412:
Line 413: <!-- DO NOT CHANGE UNLESS INSTRUCTED TO DO SO -->
|
Source File: D:\hshome~aspnetprotect\web.config Line: 411
any ideas?
Andy
, I do not have any programming knowledge and have what might be a simple question.
I am having a hard time getting my hosting company to modify the rights on the data folder. They state they support ASP and access databases however this is the response I got when I requested the modify permissions set for the internet guest account:
Were the rights changed on the data folder?
Thank you for the feedback.
I would like to point out the requirements of the application however as this is something I am aware of and do address.
Is there a way to make the person's email address their default username... or force it in somehow instead of allowing them to create their own?
, you can not limit image size using the pure code upload method. Its not possible using a pure asp method that I know of.
You would have to be using one the supported commercial upload components and edit the upload code accordinly to limit upload sizes (you would do this by looking through their documentation and samples) I didnt include any support for upload file size limitations with the supported 3rd party upload components because in my testing I found it problematic with all but aspupload from persits software. (I have example coe for that component I can provide that limits the upload size and seems to do it well) I am sure it could work with safileup and dundas as well but I gave up trying.
As for image resizing..
Image resizing requires the use of one of the supported 3rd party image resizing components. You didnt mention if you are using one or not. If you dont have one available image resizing is just not possible as asp can not do that on its own.
, 
