Blog Entry: 3/25/2006 4:23:48 PM
Sorry Chris,
It didn't fix it. Looks like I had the current code. I bought the system in mid-April. The version says 3-10-2005.
I do know that in the database, the password shows as " éG" but in the error code, it shows as " éG". The square character is missing.
Thanks,
Mick
Edit: well heck. It skips the square box here too. The password in the database puts a square box in front of the éG
, Alternate Method to call banners from non ".asp" pages.
<iframe src ="http://localhost/aspbanner/aspbanner/aspbanner_inc.asp?Ban nerZone=4" width="468" height="60" frameborder="0" marginwidth="0" marginheight="0" scrolling="no"></iframe>
Be sure to delete the space in the BannerZone variable above. I am not sure why it is doing that in this post.
You can try calling the banners in an simple iframe like so.
This method should work much better than the javascript method because users with javascript turned off will still see the banners. You also will not have any of the limitations the javascript method has. Iframe is now supported by most recent browsers so it is now a good solution. Here is a chart that shows which browser versions support iframe.
Be sure however to edit the height and width values accordingly as that is very important.
cwilliams38105.8437384259,
This user has notified me that the issue has been resolved based on what I told him., If you have messed up the admin account or forgotten the admin password you generally should open up the database manually and add a new account or see what the old account is.
In version 7 however you have another option. Go through the installation instructions again. Specifically the part where you use the "get_me_in.asp" page to get back into the admin area by pasting in the password encrpytion keye you are using from your config file. , I am not sure. I can tell you that I run windows 2003 server and I have never had any issues setting permissions for ASP.NET files and folders. This very server is 2003 and the ASPProtect.NET demo runs on this server as well.
Course, I can't say that I have specifically tried to remove ASP.NET READ permissions on the database folder as it's just not something I would not have a reason to do. Why are you trying to do that? The ASP.NET account needs that permission. If you are trying to stop file browsing and downloading in that folder that is not how you do that. The best way to do that is by keeping the database somewhere else on the server that is not part of the http web. , Please Note : ASPProtect v7.x has a new feature called groups that is much more powerful than access levels. Access Levels were left in the product primarily for existing customers that upgrade to the new version so they do not need to make a lot of changes to their site if they were using Access Levels.
More On Access Levels
Again, Examples of managing Access Levels are provided in the "multiple_access_levels" folder included in the root of the Password System. Look at the source code of the ASP pages in that folder with a text editor to see the working code.
Access Levels and how they work can be re-coded to work in many different ways. However, you have to be a good ASP developer to make changes to it. Here is some information on how they work by default.
In the "check_user_inc.asp" that comes in the root of this system Access Levels work as follows.
Level 1 has Access to - Level 1
Level 2 has Access to - Level 1,2
Level 3 has Access to - Level 1,2,3
Level 4 has Access to - Level 1,2,3,4
Level 5 has Access to - Level 1,2,3,4,5
Level 6 has Access to - Level 1,2,3,4,5,6
Level 7 has Access to - Level 1,2,3,4,5,6,7
Level 8 has Access to - Level 1,2,3,4,5,6,7,8
ADMIN has Access to - Level 1,2,3,4,5,6,7,8,ADMIN
Here is some additional info..
If the access levels are too restrictive you can ignore them all together and create your own totally custom solutions.
Here is a quick rundown of some of the things you can do.
Ok... so if you want to be really specific about what each user can see and
can't .. here's an example of what you can do
Don't use the access levels before the include file..
Don't worry about what you set a user to in the admin area since the access levels won't be used.
Do something like this..
Every time a user logs in session variables are set that you can access at
any time.. thus allowing you to know who they are.
So you could do something like this...
<%@ LANGUAGE="VBSCRIPT" %>
<!--#INCLUDE FILE="check_user_inc.asp"-->
<%
If Session("USERNAME") = "bob1267" or Session("USERNAME") = "carl45" or Session("ADMIN") = "True" Then
Session("PASSWORDACCESS") = "Yes"
Else
Session("PASSWORDACCESS") = "No"
Response.Redirect(Request.ServerVariables("script_name"))
End If
%>
The following URL explains what Redirects are.
http://www.powerasp.com/content/code-snippets/redirects.asp
That would in effect create totally custom access levels.. but you would
have to do it manually for each user.
You can also do things like this after a person logs in
Show custom html to any specific user based on either their username or
access level ... like so
say there was a menu and a certain link should only show up to username
"paully67"
you could do something like this
<HTML>
<HEAD>
<TITLE></TITLE>
</HEAD>
<BODY>
<br>
<a href="main.asp">Home Page</a>
<%
If Session("USERNAME") = "paully67" Then
%>
<br>
<a href="paullys_page.asp">Pauls Stats Page</a>
<%
End If
%>
<br>
<a href="links.asp">Links Page</a>
</BODY>
</HTML>
Or you can show custom HTML or links based on Access Levels or any other info.
You can do just about anything with if-then statements and
using the built in vbscript functions..
Hopefully this info will help to give you some ideas...
Bottom line is you have to do some work within your site to make the Access Level system really come alive.
cwilliams38403.6781481481, Hi there,
Well, that is why we added the PayPal subscription pack where all of that is taken care of and customers get put under a recurring billing cycle.
The more people you get to pay that way the less you have to do.
We also have routines for the two other supported payment methods so people can look up their account and add time to it whether it is active/expired or not.
Other than that, yes it is something you need to sort out on your own based on how you want to run your system. You have the source code and the sky is the limit on how you want handle all of that. You send out an email to users about to expire. Whether they come back to the site/look up their account and add more time to it is up to them. I really just do not see any way ASPProtect could handle that whole process automatically.
As for batch changing to users in the database. We give you the source code and we also use an open database structure. You can run any query you want on the database whether with ASP code or directly in your database using the tools that come with it, You can write any code you like to do whatever you like to the database. You can even tie other systems and code into the database via OBDC and manipulate data. The sky is the limit like I said. I also don't really see how batch changes to the database relates to individual users paying again for access or not especially since we include payment pages were a users can look up their accounts and pay for and add more time to it automatically ? At least not regarding the payment routine we provide support for.
ASPProtect can not handle everything every person would need to do. It is meant as a solid starting point for any project, but there are going to be times when more functionality will need to be added by the customer based on their specific needs.
, humm,
thats a new one.. something is very wrong.
Please show me screenshots of exactly what happens and what you see. It does not make any sense so I need more info or I least need it described in more detail., You can't unless you plan on editiing and custimizing the code.
The application is only designed to have one kind of admin and that kind has full access to the admin area.
You can of course give any user access to stats for their banners via the bannerstats page.
That is how it works. There are no other levels of admin access.
, Hi - I am a recent user of your software. I administer it for the owner. I probably missed something in your forums somewhere - but I'd like to know how to stop the software from sending an "accept registration" e-mail (after they fill out the registration page) from going out so fast - usually within minutes. I'd like to know how to defer the message for 24 hours, more or less, so that our company can go over the registration details and decide whether to allow the person registering to actually have access to our protected website pages. The program is working very well and we are excited about it. So far, no problems (knock on wood!).
Thanks so much for your help!
, Sorry, I can not provide a date.. I am last person that is organized enough to give any sort of release date on anything.
Could be next week, could be 2 years from now. I made two add-ons this week and they came out of no where. I had no plans to make them. etc etc.. they just happened.
If I told you 2 months from now I know it would not be done and you would be disappopinted so I am not saying anything. I will say if it turns out to be anything complex it will not be a free mod or it will be a feature of a new version., Just got back 10 minutes ago..
Missed plane yesterday because of traffic and the flight today was 3 hours plus 4 hours of driving
The fact that you are using Server 2003 is not relevant. I am very familiar with it and all my sites run on it.
The ASPNET account will be there by default once the .NET framework is installed. It won’t just show up in the list, you have to search for it like my article mentions.
http://www.powerasp.com/content/new/windows_2003_server_and_ permissions.asp
That error really means exactly what it says. You have to give that account permissions correctly. , I sent you a PM, Hi,
I don't see any good reason to rename any of those files.
Changing them though may involve changes to the code recompiling, etc etc... it is not something I support.
, ok, well that should not be a problem then.. its meant to be able to be put in a folder like that.. just make sure the folder is not a subweb or anything like that... meaning dont set the folder up to have its own application in IIS. Just use a regular folder of course that is part of the root iis application.
Perhaps you just didnt edit the paths in the settings like I mentioned., The sql script creates aspgalleryuser
dataconn_inc.asp out of the box indicates aspgallery as the user.
GalleryConnectionString = "Provider=sqloledb;Data Source=127.0.0.1;Initial Catalog=aspgallery;User Id=aspgallery;Password=temp;"
, Using just ASP (Form Based Authentication) you can only protect the actual content of the ".asp" files.
You can however use some ASP tricks to stream other types of files to the users.
That way the actual file locations are never known and they can only get them/see these files when they are logged in as you would be streaming files to them after they logged in.
Below are informative links I have collected on the subject in an email I sent to another customer a while back.
Using Active Server Pages you can only protect ".asp" pages.
You can however password protect ".asp" pages that stream files to the user using code like in these examples therefore keeping the actual file name a secret.
And from another email I sent...
ASPProtect only protects the content of ".asp" pages. Directory protection is not possible using just ASP.
Other file extensions can not be protected using just ASP.
There are ways to get around this.
You'd want to do a technique like this to stream non ".asp" files to the users.
The safileup component from softartisans can actually do something similar as far as streaming the files go.
Then use something like ASPProtect to protect the ASP files that streams the files.
The actual location of the files is never known to the users and of they don't have access to the asp pages they can not see or get those other types of files.
Very doable, but nothing ASPProtect takes care of automatically.
This info above should get ya on track.
cwilliams38344.8751736111, Well, I had no more trouble after I read the instructions.
The PayPal integration is really neat stuff! WOW! And the email
users function got up and running in a snap... this is an awesome
package!
The coolest thing with the user registration is that the account
username and password are selected by the user. That is very very nice.
Much less typing for me to do.
, Ok time for some more questions!!!
Is there a way to make the person's email address their default username... or force it in somehow instead of allowing them to create their own?
, I do not think it it anything to do with the Application.
You most likely have some sort of ad blocking software that is doing it.
It is seeing the word "banner" or "ad" and blocking the images in your browser.
I doubt it is anything built into xp doing it. XP with SP2 has built in pop-up blockers but no ad blockers like that really. It is norton ad blocker or something of that nature.
, as far as permissions are concerned I wrote two large articles about permissions that cover everything in detail on how to properly set them
http://support.cjwsoft.com/code/info11.htm
see the windows 2003 and windows xp permission threads
From things you are saying I assume this is your server. My comments about the path looking funny are because very few commercial hosts would use the "c:\inetpub\wwwroot\" directory. If you are using that and that is correct info then that is fine.
as for knowing whether or not the filesystem object is working the best thing to do is to try to write a text file somewhere in your web and see if it works. Testing something under the most basic scenario is the key to troubleshooting asp issues.
http://www.devasp.com/samples/writetofile.asp
, I have noticed that during the file import, that some of the pictures get messed up. I can import aroun 150 pictures into different albums, say 3 albums with 50 each.
I have noticed however that some of the get messed up. What is happening is...the thumbnail will be correct, but after you click it the picture that shows up is one form a different album.
Any cure for this?
, ok.. so we got an NT server with a 486 with 256 meg of ram.
hehe sorry
anyway.. I have the system running without doing any importing and WOW is it chugging.. I mean it takes a while even to edit/save a user
good news is the filesystem object works as I wrote to a text file
this may end up being a simple case of lack of horsepower..
we may need to do the importing on a faster system and then take the database over cause everthing I see on your server looks correct
even so aspprotect is running so slow.. I have never seen it chug like this
I even tried connecting to a 2000 version of the database and no difference.
I am not totally sure what is going on but the server resources available are scaring me... however this could be something new in the code that I never got a chance to try on NT server.. I dont think so though
how does your other stuff run ?
static pages that do not access a database seem to serve up quickly.
are you running any other dynamic code ?
, I've had an error I saw described here, couldn't figure out what it
was. My SQL statement was being cut off, though a bit differently
because it was created on multiple lines with the amper-underscore
string construction design; my statement had no UPDATE, only started
with the junk screen characters of the encrypted password.
So, from what you said above about the vbNullChar, Chris, it looks like
I've hit the same problem, maybe from an old version (downloaded March
22, 2005). Could I request a copy of the updated logic?
Thanks a lot.
, download the free version...
check out this tutorial...
http://support.cjwsoft.com/code/moreinfo169-1.htm
If your application can post to the page and provide all the form variables needed to log in it may work out for you..
You'll have to try it out... all the form variables needed are in that login form example.
Basically you'd be posting to a protected (.asp) page..
and providing the following for the most part.. how your app creates it post data is on your end...
<input type="hidden" name="Status" value="Checkem">
<input type="text" name="Username" value="Yourusername">
<input type="Password" name="Password" value="YourPassword">
As an alternate scenario...
Now, by default the "check_user_inc.asp" file is looking for posted form data... for security reasons it is not looking for querystring info..
If you change this bit of code in that file
from
Username = Replace(Request.Form("Username"),"'","''")
Password = Request.Form("Password")
to
Username = Replace(Request("Username"),"'","''")
Password = Request("Password")
It will then grab either form or querystring data...
Meaning you wouldn't necessary have to create a true post to the page with form data. You could just access the page via a querysting like so
http://www.mysite.com/somepage.asp?Status=Checkem&Userna me=Yourusername&Password=Yourpassword
Of course that introduces security risks as the username and password would be passed in plain text over the net
Another option is...
You can also make a copy of the "check_user_inc.asp" page called whatever with those modifications just to use in pages you need your little application to post to... thus reducing the security concerns a a bit as the rest of yoru site could still have its pages protected under the normal scenario.
I hope this answers your question... I havent really ever tried any of this but that is how I think it would work... , I do not really know a lot about but it is basically code that lets you specify however many number of images and links... and then display a certain number of them at once.
You'd have to search google for it.. there are 1000 of sites that offer free javascript code and that is where you find scripts like that.
You could certainly set up all the images and links for each banner in aspbanner but if you used them with code like that you be limited to tracking clicks on banners. Tracking page impressions would not be possible because the javascript would be handling what images get displayed at any given time. Basically each link for each image would be going through aspbanners tracking url feeding it the banner id and therefore tracking the click and sending the user to the desirec URL.
Regardless, it is not something I would support. You would have to sort it out as it is nothing ASPBanner was designed to do and not something I want to deal with because client side javascript code is not something I am NOT very good with. , That is by design, removing and deleting are two different things as far as the classifieds system goes.
A regular user can only remove an ad from the category index. (which makes the ad inactive)
An admin however can truly delete an ad from the system.
, Hello,
I have ASPprotect 7 installed on my remote server. I am able to go to the examples/default.asp page and login in without any difficulties. If I copy the code from that page and paste it in a new page called the same thing but in a different folder, I get this error; (Keep in mind that this is essentially the same exact page in a different location of the website)
Error Type:
Active Server Pages, ASP 0126 (0x80004005)
The include file '../../check_user_inc.asp' was not found.
/aspprotect/Pages/default.asp, line 3
I get the same error if I paste the "protection code" I have generated into the top of a current (.asp) page in my site.
Basically, the only pages that work are the ones that came with the program as examples. Thats great, but now I need to make it work for my pages. Any thoughts?
, one thing to note... the time period we are talking about is going to to be whatever you have the session timeout set at in the settings.
perhaps making that value lower like 10 minutes is an option for you.. and might help to deal with situation
, Not the way it ships. You would have to add that functionality by editing the source code and database., I downloaded v7 3/7/2005
I entered a password that was supposed to be all caps with only first letter caps.
it is odd, if I go to other user and enter wrong password that does not come up. it apprpriately goes to a screen that says Access Denied.
thx
, Hi,
Could you please advise what may be causing this error:
Microsoft OLE DB Provider for ODBC Drivers error '80004005'
[Microsoft][ODBC Microsoft Access Driver]General error Unable to open registry key 'Temporary (volatile) Jet DSN for process 0x57a4 Thread 0x5474 DBC 0xf03a704 Jet'.
/ASPProtect/check_user_inc.asp, line 292
Funny thing is that if I refesh the page with the above error it gives me the following eror:
/ASPProtect/check_user_inc.asp, line 292
and after few times of refreshing the page it shows me the page I am after.
Is this my promlem or ISP's.
Thank you
, Sorry, I guess you did say you finally found them.
Regardless, sorry then, I tried
I dont know what else to tell ya.. except to search www.aspin.com
Perhaps you will find something you can use there.
, yes, like it says it is expirimental
turn it off.. the banner system will run just as fast for the most part
or leave it on and an occasional user will see a permission denied error where a banner will be, Ok I used the following for the sql string.. is this correct?
SELECT COUNT(Album_ID) AS Alb_Count FROM " & tbl_label_albums & " WHERE (User_ID = " & CmdListUsers("User_ID") & " AND Album_Active = '-1'" & ")"
, Of course ASP.NET is and HAS been installed. I have been running asp.net scripts for years on it. I am not new to asp.net nor setting up the server or anything. ASP.NET is properly installed and works perfectly.
You are missing the fact i mentioned it is a DOMAIN CONTROLLER.
I have come across MANY articles ONLINE via GOOGLE that mention if it is a domain controller, for some reason the aspnet account is not there or gets deleted.
IN ITS PLACE GOES THE IIS_WPG ACCOUNT. IS YOUR SOFTWARE NOT COMPATIBLE WITH THIS ACCOUNT?
Is it possible to run ASP.NET scripts without ASP.NET not being installed? Because I have been running asp.net pages without any problem.
, upgrade pricing is here
http://www.aspbanner.com/purchase_unlimited_v8.1_classic_upg rade.asp
what is different
http://www.aspbanner.com/v8_notes.asp
the changes to make it work with MySQL were vast to say the least
more on that from an old thread
http://support.cjwsoft.com/code/code_info.asp?TID=37&PN= 1&TPN=1
just please remember use of MySQL is just not supported
http://www.aspbanner.com/mysql.htm
I can assure you it works well as I have people using it
, Yeah, its working great witht he Access database. Now I just need to get it all set up. I like how the config file is set up with all the comments, it really helped allieviate the 40k thumbnails,
.
One quick question though, and I haven't looked through all the code yet... Is there a quick way to have pic_window.asp open full screen by default? I just want to minimize having to either scroll through, or maximize, the screen
Thanks!!!
- Jason
, Can I copy the file into the export folder and then the import user function?, Larry,
I have a new computer up and running and am back on the Internet full time. I am here to help when you are ready to continue with this.
I went to your site to look around and "try it" like you mentioned but I can not really try anything as the admin username/password seems to be something other than the default
,
Timecard Entry: 3/25/2006 4:23:48 PM
Slower than before., Go over St. Lawrence Chamber web site proposal and set up meeting for Tuesday at 1:00, phones, invoices, manuals, etc., answered phones, not busy chris showed me a few websites that would be helpful., GraysFlowerShop.Com - Converstion of web from static to active server pages. Creation of dynamic store pages. (billable), help seth and ed on printing for ksp / kni, did a sign up cancellation and reactivation. also did one who could not surf, TICC payroll & tax deposit, Manning NOC. Checking e-mail. Checking voice mail. Working with Amy on carthagesavings.com and carthagebank.com. Working on virtual mail domains., NEXTCOMCS.COM, Working on a problem with Tracker INET., Prepare for Sonnenfeldt meeting., worked on backing up, reformatting and reinstalling Windows2000 and all applications and files, couldnt creat work order//for charlie webber
install/configure&test mac sofware on os7.5 no charge, Took in 5 calls in this time fram. Plattsburg T-1 went red and Andy was called. Signed up a new user from the albany area. Read from my A+ book., DEFERIET CONTINUING DESIGN, Ogdensburg/Remington Museum Meeting, Posted accounts and did a detail of checks and cash for a deposit. Customer inquiries, cc authorizations, and coupon referrals. Ans phone. , Manning NOC. Resetting modems. Watching network. Setting up domains. Answering e-mail. Answering voice mail., BALWIN CHAMBER , Read through the wireless book some more. , Salting & shoveling sidewalks, finishing shelf & cleaning up the mess that was made while building, invoice review, John Meyers, about SUNY Potsdam RFP, Assembled info for Fisher Cast, sent email to customers
I dealt with previously, Fx Carprara- go over proposal, Had Steve fix a few drivers on my laptop that I was having trouble setting up correctly, general wireless duties, EveryDayDad,
