Sorry, should have added,  if i change the connection string, i can also get this...

[Microsoft][ODBC Driver Manager] Data source name not found and no default driver specified

You edit the web.config file that came with ASPProtect.NET.

You find this tag

  <customErrors mode="RemoteOnly" />

you change it to this

  <customErrors mode="Off" />

If you have a different web.config file in your root I suggest you make sure the tag is set to off there as well for troubleshooting sake

If done correctly you will get a detailed error
It's basic low level ASP.NET stuff really and does not have anything specific to do with ASPProtect.NET.

You also need to make sure your web is set up correctly for ASP.NET and that the correct web.config's are firing..etc etc

More info on the groups session variable.

Session("Groups") will contain the ID numbers of whatever groups the user is a part of.
It does not store the descriptive name of that group. It will show the same data that is actually stored in the "Groups" field in the database.

for example it might hold a value like this

*2*,*5*,*9*

meaning a user is part of groups 2, 5, and 9

so if you wanted to check to see if a user was part of a particular group you would do something like this

<%
If InStr(Session("Groups"),"*9*") Then
     Response.Write("You are a member of group 9")
End If
%>


Taking this even further, if you really wanted to get a particular group's name or description you would have to query the database like so. In this case we ask it the name and description for group 9.

 Group_ID=9
 Set ConnPasswords = Server.CreateObject("ADODB.Connection")
 ConnPasswords.Open ConnectionString
 Set cmdTemp = Server.CreateObject("ADODB.Command")
 Set CmdEditGroup = Server.CreateObject("ADODB.Recordset")
 cmdTemp.CommandText = "SELECT " & tbl_label_groups & ".* FROM " & tbl_label_groups & " WHERE (Group_ID = " & Group_ID & ")"
 cmdTemp.CommandType = 1
 Set cmdTemp.ActiveConnection = ConnPasswords
 CmdEditGroup.Open cmdTemp, , 0, 1
  
 Group_Name = CmdEditGroup("Group_Name")
 Group_Desc = CmdEditGroup("Group_Desc")

when you get back to work.. your   "redirect.asp" needs the password include file at the top of it.. or that wont work either..

and of course those pages you send people to all need to be repaired

How to bring up Banner Calling Code Generators

Simply go to the zones screen.
Select a Zone from the list.
Check the "Show Banner Code" option.

Click on "Display Banners in Selected Zone"

Hi - I am a recent user of your software. I administer it for the owner. I probably missed something in your forums somewhere - but I'd like to know how to stop the software from sending an "accept registration" e-mail (after they fill out the registration page) from going out so fast - usually within minutes.  I'd like to know how to defer the message for 24 hours, more or less, so that our company can go over the registration details and decide whether to allow the person registering to actually have access to our protected website pages.  The program is working very well and we are excited about it.  So far, no problems (knock on wood!).

Thanks so much for your help!

all I can say is try other things...  like

mail.yoursite.com

or

smtp.yoursite.com

etc etc etc

replacing yoursite with the name of your domain of course


the settings for sending email via ASP are no different then the settings you would use in outlook or something... except sometimes on the server level localhost works as the email server because they set it up to allow that

and of course those 3rd party emailing components need to actually be installed on the server

Hi,

No, only ".asp" files can be protected.  It is the nature of Forms Based Authentication when using web based scripting technologies whether those scripts be ".cgi", ".asp", ".php", or whatever.

To protect entire direcotries at once you really need to run your own webserver and use NTFS permissions and user accounts..... or if something special is installed on the server there may be ways to do it as well. That usually isn't going to happen under a shared hosting account but there are special authentication products for such a thing that some hosting companies do purchase and allow their hosting customers to use.

Using aspprotect we do give working examples of ways to stream and partially protect images and downloads while a user is logged in to an ".asp" page.

Also, any ".htm" pages can simply be renamed to ".asp" if you need to protect them. Links to each other need to be updated of course because of the extension change.

In my opinion the truth of the matter is most high end sites use Forms Based Authentication with scripts. Not directory protection as it is fairly primitive/old school as well as sometimes being confusing for the users of the site because of how the login window from the server often gets stuck behind the browser.. etc etc

If you have a lot of pages in a site that you need to add protection code to then if can often be helpful to use a good Multiple file search and replace program to carefully add the protection code to the top of the source code of the pages. There are even multiple file search and replace programs that can rename extensions which can be helpful for large sites.

For images and graphics you want protect you have to do some work and set up and intelligent system for yourself.

Lastly whether you use https:// or not is no concern to ASPProtect as it works the same under https:// as it does under http://

I'd say that the vendor is right so I've submitted a work order to
create the *****.com/aspnetprotect directory as an application.
If there are any other directories for which this needs to be done,
please let us know. This particular task always needs to be performed
by our staff.


If you need to follow up on this job with one of our on-line or phone
technicians, you can reference ticket id 11860.

With regards

How to set a new users expiration date.

You'll need to edit the "users/add_new_account.asp" with a text editor.

Find this section..

<%
CmdAddUser.Fields("ValidateEmailCode") = ValidateEmailCode
CmdAddUser.Fields("Access_Level") = ""
' PUT YOUR CODE HERE
CmdAdduser.Update
ID = CmdAdduser("ID")
CmdAdduser.Close
Set CmdAdduser = Nothing
ConnPasswords.Close
Set ConnPasswords = Nothing
%>

You'll want to add code like this right between the Acccess_Level  and Updates section

CmdAddUser.Fields("Expiration_Date") = Date + 60

That will give take todays date and add 60 days to it.
You can of course do whatever you want here.

Actually, any database value for the user can be set during registration.

You can also change the default Access_Level to whatever you like.

yes, How can I have fixed size height and width image without distortion. Is there a component that I can use or how can I change the existing code.

yes, unless its ratio matches

how could it not be ?

Please keep questions like this in the forums... thx.
there is no need for this to be a private message

-- Previous Private Message --
Sent by : eeye
Sent : April/29/2005 at 2:19pm


If I choose fixed width and height is the thumbnail image going to be distorted?

-- Previous Private Message --
Sent by : cwilliams
Sent : April/29/2005 at 1:17pm

that is not possible unless you rewrite the code.

You onlyahve the two options we give in the config file for thumbnails

fixed width and height all the time

or

fixed width / dynamic height



-- Previous Private Message --
Sent by : eeye
Sent : April/29/2005 at 1:07pm

Hi William

One more questions for you. is there a way to make sure that all the thumbnails are the same size without distorting the images (in the thumbnails). Or if a picture's height is bigger than its width is there to create the thumbnail such that the height of the orginal becomes the width of the thumbnails and vice versa.

Basically I just want the thumbnail pictures to be in a perfect row with all the picture heights the same and all the pic width the same.

Thanks

Sean

Thanks for the info.  We'll do as you suggest.

NPA

yes, there is upgrade pricing
http://www.aspprotect.com/purchase_v7_upgrade_pricing.asp

and upgrade instructions here in the forums

if you install it in the same directory structure you wont have to make any changes to the pages in your site you have already protected.. because the code to protect a page will be the same

now, anytime you upgrade an application like this there is going to be a lot of work involved especially when there have been so many changes
http://support.cjwsoft.com/code/moreinfo173-1.htm
whether or not you upgrade is up to you

Like I said you can make version 6 work with CDOSYS and a remote email server. You just need to do some research on CDOSYS code and spend the time needed to make the code use it. I however am not going to spend time detailing all of that when I created a new version that does it.

Hello,

Sorry
No, there is not.

not the way the code ships.. The program keeps tracks of everything by the way it ranames files. The system has been tested to work well with as many as 10,000 images files. Any more than that and you need something a little more serious meant for that amount of images.

You could certainly modify it do work that way if you are good with source code. There are actually as many drawbacks as doing doing it that way as there are advantages.
Take Care

Ok, I started the database tables from scratch. I did everything using sql enterprise manager and query analizer..

Same thing happens... certain passwords just do not work.

So I did a lot of testing and I have come to the conclusion that this has something to do with the regional settings of that SQL server.

Here is an example.. see the screenshot below.

Username "admin" password "petepetepete"

The top query done in Enterprise Manager is valid and shows the user.

The bottom query is also valid but it does not show the user.

And that is exactly what is happening from the ASP codes point of view.

Now, this means that even though that encrypted password is getting saved to the databse correctly this particular SQL server just cant deal with it from a QUERY.

It works fine on two different SQL servers that I have. It's just got to be something regional related like unicode characters not being dealt with correctly or something odd like that.

I tried changing the collation data for the "Password" field type on that SQL server and it looks right. I don't know what else to do but it is something about that SQL server. There may be a way to change the regional setting through the connection string but I cant find any articles on that right now.

One solution I have for you to get this working there is to eliminate the encryption factor then I dont think you will have these issues.

It's either that or find another SQL server with US type settings or use MSAccess. ASPProtect runs nearly as fast on Access as long as you do not have over 10,000 users or whatever. The system hardly ever accesses the database so it performance under MSAccess is always good.

Let me know what you want to do. I can shows you how to eliminate the encrypytion factor if you want to try that. I think if I make you a custom version of the RC4 function you can just replace that and then the system will use plain passwords.

Your call..

This may be an old question ??? If it is please point me to the post or documentation where I can find the answer please.

When creating protected pages I am using the following to protect them:

<%@ LANGUAGE="VBSCRIPT" %>

<!--#INCLUDE FILE="/aspprotect/check_user_inc.asp"-->

But that is not working. I get the following error when I try to access the members logon page in the directory that I wish to add the pages to:

Active Server Pages error 'ASP 0130'

Invalid File attribute

/filelocation/filename.asp, line 3

File attribute '/aspprotect/check_user_inc.asp' cannot start with forward slash or back slash.

However if I create the pages in the root of the AspProtect directory and use a link to the same page that exists in the AspProtect directory and the following include:

<%@ LANGUAGE="VBSCRIPT" %>

<!--#INCLUDE FILE="check_user_inc.asp"-->

The pages work fine.

I really do not want to put all of my protected pages in the root of the AspProtect directory.

 I would like to mix protected and unprotected pages throughout the site in order to #1 make it easier to administer. #2 keep the AspProtect directory solely for authentication. And, #3 keep any user authentication pages out of the AspProtect directory.

TIA

After understanding how the count works i checked the IP in the db.  They are all set to the same IP (my web server) no matter what ip is doing the viewing.  This is probably due to my ISA2004 firewall that is posting the ip address of the web server with each log on.  So, can you help me with where the code would be to modify so the db does not get updated?  I risk the refresh problem, don't think it is an issue with me.

Thanks,

You might just learn something and actually get your project finished before 2010

your over there hacking away on your virus infested WaReZ machine

LOL thanks for the good laugh-- i guess its time to do some reading and making my own mods to the program..

btw i never insulted cafrepress.. not sure where you got that from- just advised that what they have is exactly what i want to have done. How much for your service?

Anyone have any experience configuring PhotoGallery to use a backend mySQL database?

The application connects successfully for Read operations, but no amount of troubleshooting can get it to Write records to the tables.

http://www.marc-lisa.com/photos/default.asp

UPDATE:  read whole thread..
Version has been delayed




These are my personal notes on the new version of ASP Photo Gallery that should be out sometime in May/June 2004. Please ingore any typos.

This version may be more expensive than the current pro version as this is a major re-write and there will be a ton of new features.

Regardless, special pricing will be offerered to existing users.

If you see any features not listed that you think would be nice please post them here. We will of course consider them.

ASP Photo Gallery Version 4

------------------------------------------------------------ --------------------------------------------

Finished Improvements:

new setup page makes setting up the data connection easier than ever
it attempts to determine the possible data paths and makes suggestions for what to try
when you finally get the data connection working it gives you a link to the admin area of the application
so you can get started using the application

all database table names can be specified in the config_inc.asp file for advanced users that they may need
to change the table names in the database.. helpful for sql installation where one sql database must be
shared by many applications

new data folder is the only folder that needs permissions set
before multiple folders needed permissions
now everything can be put in this folder... database,logfiles,configuration files,picture upload folders...
eventually all cjwsoft applications will do this allowing multiple cjwsoft applications to use that same folder
therefore making it easier than ever to setup more applications without asking your host to set more permissions

new text based config file makes it easier to add new options to the program without making changes to
the database structure... therefore the need for the configuration table in the database has been eliminated
this also reduces system resources needed to load the config data for each page because it eliminates calls to the
database for config data

added voice effects for data connection page, intro users page, and settings page

made it so ratings color was an option (red or blue)

fixed minor bug that wasn't showing fixed category heights when that was selected and am image wasn't originally sized that way during initial upload

changed logfiles dates so they always show up in the proper order 09 vs 9

added config option to change bit query value to 1 or -1
default it to 1.... this is a technical thing

added the extra options currently in the config file to the settings page so people do not have to manually edit that
file any longer...

added new persits email option and authentication options to the settings page

added new CDOSYS emailing option

added support for dundas emailer

added support for ASPSMARTMAIL

fixed word filter so if it is empty it doesn't mess up
also make editing it part of the main settings

made email functions include file and edited all page that email to use it

added css/style sheet support and removed a lot of the old font tags

seperated the settings page into sections because it was too big and confusing

added ability for text watermarking when using the ASPImage component

made the picture upload error message no longer mention browsers that do not support picture uploading
as that is confusing people... and the problem is never that anymore

Made the ASPImage test page delete the bar graph before creating it so if it is already there they will
not think it is working

added crystal ball feature to admin users screen... shows additional user info when you hold the mouse over it

Made search function highlight search word in results.
Made the search function search the image description text files as well

Eliminated the guestbook directory as there was no need for the guestbook to be in it's own directory. This also simplified the menu.asp file as the guestbook section could be removed.

------------------------------------------------------------ --------------------------------------------

Possible Improvements:

eventually make new and much better directions/documentation... html based for multiple reasons

Eliminate the need for parent paths to be enabled on the web server.
(THIS MAY NOT BE POSSIBLE)
Many hosting companies disabled parent paths and will not enable them for their users.
On Windows 2003 Server Parent Paths are disabled by default.

make it so users ability to upload pics can be optionally disabled

possibly make some of the special functions in the extras folder built in to the admin area

Make the category picture uploader smarter because of the jpg gif issue when reuploading cat icons
A jpg loaded over a gif.. doesn't delete the old gif graphic and vice versa

Reduce number of ".asp" pages in general.

Use more functions for redundant tasks.

Optimize all instances of the old filefound function which is using more resources than are necessary

option.explicit the entire application and get all the variables dimmed once and for all

possibly incorporate the new category system I am working on which allows for unlimited categories and levels
also simplifies the heck out of the pages that call the categories

possibly add some cool image manipulation functions such as rotation for the various image components supported

possibly add the ability to move pictures around in an album. and maybe between albums
I must also remember to move the ratings and desc as well for that image.

possibly add the ability to make individual pictures require approval

possibly add the streaming image ability (asp page called from image tag) I came up with as an option for
people that can use it. this will better secure images in password protected albums and also possibly make
it so images can only be viewed from certain urls.. and maybe make an interface for a list of allowed urls

improve the .net support to also resize the larger images.. currently it does not

possibly add a feature to store 3 versions of images uploaded
thumbnail, medium res, and high res/original
this will appeal to professionals or people that may want to sell prints
storing a large version will be optional

possible support for multimedia content other than gif and jpg images

fix... url to link to..   problem on control pics page when both a jpg and a gif are present... which also relates to a another slight
bug that needs to be taken care of

make interface in admin to listen to installed midi files
and also to upload / delete them

possibly make per album guestbook... or call it something else like disussion or comments

add option to store the images orginal name in the images description area during upload
may be helpful to people that name their images in a somewhat descriptive way

change approval settings so they work on a per user basis
eliminate access levels from edit user screen and get rid of the level 4 stuff mentioned
possibly add a per user option for individual pic approval as well if I get that feature implemented

add support for the ibulc bulk upload client that I recently discovered
it is very cool

I have an asp page that includes other asp pages via an include.  for example:

snippet code: file name: collaboration.asp

 <table bgcolor="#bed1e4" border="0" cellspacing="0" cellpadding="10" marginwidth="0" marginheight="0" leftmargin="0" topmargin="0"> 
    <tr>
    <td>     
     <!--#include file="../../../filetransfer/directory_listing2.asp" -->
    <BR><BR>
     <!--#include file="../../../filetransfer/upload.asp" -->
    </td></tr>
   </table>

I can add the code below to collaboration.asp and it seems to work,but I cant seem to figure out how to protect the other files such as upload.asp at the same time. -- can you help?  - Note: as soon as I add the code below (and adjust the path) - I cant bring up the page.

This is the protection code I am using.

<!--#INCLUDE FILE="../../../../aspprotect/check_user_inc.asp"-->

Shirely

I need a point or a little insight please.

I need to get information from a credit card authorization called netbilling. I have been looking at your code for PayPal and 2 checkout. I have a feel for the code flow and the relationships of the "includes" .

I have been doing a lot of reading in my books and am seemingly twisted around the axel. I am not expert in ASP I am better in VB. I am not afraid to write code I am just a little nervous about messing up existing relationships.

My plan is simple: code a page to open the database and populate the database fields from netbilling and convert their field name to yours in the database.

I appreciate your time and insight. As in the past I need your help again.

Thanks

Additional Information.

A set of these variables get created for every user that logs in to your site.
For performance and memory conservation reasons some of them can be turned off and are optional.

If you look in the "check_user_inc.asp" file or the "check_admin_inc.asp" file you will see a section of code like this


   ' Start of optional session variables to be set
   ' Recommended that you remark out any of the session variables below that you don't really need to use
   ' This will save a lot of server resource because every user logged in has a set of these
   
   ' I added some code here to not create these if they are empty
   If CmdCheckUser("First_Name") <> "" Then Session("First_Name") = CmdCheckUser("First_Name")
   If CmdCheckUser("Last_Name") <> "" Then Session("Last_Name") = CmdCheckUser("Last_Name")
   If CmdCheckUser("Company_Name") <> "" Then Session("Company_Name") = CmdCheckUser("Company_Name")
   If CmdCheckUser("Email") <> "" Then Session("Email") = CmdCheckUser("Email")
   If CmdCheckUser("Address") <> "" Then Session("Address") = CmdCheckUser("Address")
   If CmdCheckUser("City") <> "" Then Session("City") = CmdCheckUser("City")
   If CmdCheckUser("State_Province") <> "" Then Session("State_Province") = CmdCheckUser("State_Province")
   If CmdCheckUser("Zipcode_Postal_Code") <> "" Then Session("Zipcode_Postal_Code") = CmdCheckUser("Zipcode_Postal_Code")
   If CmdCheckUser("Phone") <> "" Then Session("Phone") = CmdCheckUser("Phone")
   If CmdCheckUser("Custom1") <> "" Then Session("Custom1") = CmdCheckUser("Custom1")
   If CmdCheckUser("Custom2") <> "" Then Session("Custom2") = CmdCheckUser("Custom2")
   If CmdCheckUser("Custom3") <> "" Then Session("Custom3") = CmdCheckUser("Custom3")
   If CmdCheckUser("Custom4") <> "" Then Session("Custom4") = CmdCheckUser("Custom4")
   If CmdCheckUser("Custom5") <> "" Then Session("Custom5") = CmdCheckUser("Custom5")
   If CmdCheckUser("Custom6") <> "" Then Session("Custom6") = CmdCheckUser("Custom6")
   
   ' End of optional session variables to be set

If you do not need a particular variable to be set as a session variable simply comment that line out with single quote.

If you have an extremely busy site with a lot of users this is a good idea. If not, you probably don't need to bother doing this. I added some code in there so they will not be created if they are empty and that alone helps out a lot.

I think this addresses your question

http://support.cjwsoft.com/code/moreinfo144-1.htm

This is a great article for newbies..

Hints & Tips when working with ASP
http://www.powerasp.com/content/hintstips/common_sense.asp

and the permissions, how exactly were they set ?
I find a lot of customers think they are setting permissions correctly when they really are not. That's why I wrote that long article on the subject.

As you probably know a data connection is a very low level thing. It is the foundation of any ASP application that communicates with a database. Unfortunatly it sometimes takes a while to get the hang of setting them up without issue.

Everything must be perfect.. the ODBC drivers must be up to date, folder permission are critical, sometimes you must use a new version of the access database.. etc etc etc  The errors and things that happen when all these things are not perfect and not helpful as you have found out.

I would suggest you download and get ASPTest from CJWSoft running before you go any further. It is designed to be as simple as possible and helps get a hang of the database setup process.

Change the action of the form to the page you want them to log into.
Make sure the page you send them to is protected by the "check_user_inc.asp" file.

<center>
  <table border="0" width="400" height="200" bgcolor="#000000">
    <tr>
      <td bgcolor="#F4F4F4">
        <form method="POST" action="memberarea.asp">
          <input type="hidden" name="Status" value="Checkem">
          <p align="center"><font face="Arial">ASPProtect Login</font></p>
          <div align="center">
             <center>
             <table border="0" bgcolor="#C0C0C0">
               <tr>
                 <td bgcolor="#EBEBEB"><strong><small><font face="Arial">Username</font></small></stro ng></td>
                 <td><input type="text" name="Username" size="10"></td>
               </tr>
               <tr>
                 <td bgcolor="#EBEBEB"><strong><small><font face="Arial">Password</font></small></stro ng></td>
                 <td><input type="Password" name="Password" size="10"></td>
               </tr>
               <tr>
                 <td bgcolor="#EBEBEB" colspan="2"><font face="Verdana, Arial, Helvetica" size="-1"><input type="checkbox" name="KEEPMESIGNEDIN" value="True">Keep
                   me signed in on this computer unless I log off.</font></td>
               </tr>
             </table>
             </center>
          </div>
          <div align="center">
             <center>
             <p>&nbsp;<input type="submit" value="Login"></p>
             </center>
          </div>
       
        </form>
      </td>
    </tr>
  </table>
  </center>

If they changed the paths they moved the site.

That means permissions for the database folder must be set again.

If permissions are not set and you are not using the correct new path info then you will still get errors.

Those errors the server reports back and quite generic and do no mean exactly what they say. They just mean everything is not perfect.

And everything just has to be perfect..

You really can not do something like that. You can not use client side code to change a server side session variable.

To make changes server side a form must be submitted or a link clicked on to another page. Then you can do whatever you like but you cant have an onlci event update a session variable like that.

Though I am not sure of exactly what you are trying to do I think you'll need to go about things a little differently.

you do not run "check_user_inc.asp" by itself

Pages you protect include that file at the top.. when they someone goes  to a protected page if not logged in a user then sees a login prompt..

after loggin in they see that same page as normal

its an automated process..

now, that being said if you really want to you a specify a page to be redirected to after the 1st login when you edit a users info. You can also redirect anyone anywhere like using a simple ASP redirect statement in your code.

Personally I feel that redirecting people all over the place is poor site design. ASP is all about dynamic code and ASPProtect is all about dynamically tailoring pages to the current logged in users... so why redirect people all over the place.. it justs complicates things because you still need to password protect the places you send them to.... which means twice the work and twice the confusion.


Also, here is a Version 6 thread about redirecting manually that still applies to version 7.

http://support.cjwsoft.com/code/moreinfo17-1.htm

If you want to have a login form on a non protected page that posts
to a protected ".asp" page use code like this.

Change the action of the form to the page you want them to log into.
Make sure to page you send them to is protected by the "check_user_inc.asp" file.

<center>
  <table border="0" width="400" height="200" bgcolor="#000000">
    <tr>
      <td bgcolor="#F4F4F4">
        <form method="POST" action="memberarea.asp">
          <input type="hidden" name="Status" value="Checkem">
          <p align="center"><font face="Arial">ASPProtect Login</font></p>
          <div align="center">
             <center>
             <table border="0" bgcolor="#C0C0C0">
               <tr>
                 <td bgcolor="#EBEBEB"><strong><small><font face="Arial">Username</font></small></stro ng></td>
                 <td><input type="text" name="Username" size="10"></td>
               </tr>
               <tr>
                 <td bgcolor="#EBEBEB"><strong><small><font face="Arial">Password</font></small></stro ng></td>
                 <td><input type="Password" name="Password" size="10"></td>
               </tr>
               <tr>
                 <td bgcolor="#EBEBEB" colspan="2"><font face="Verdana, Arial, Helvetica" size="-1"><input type="checkbox" name="KEEPMESIGNEDIN" value="True">Keep
                   me signed in on this computer unless I log off.</font></td>
               </tr>
             </table>
             </center>
          </div>
          <div align="center">
             <center>
             <p>&nbsp;<input type="submit" value="Login"></p>
             </center>
          </div>
       
        </form>
      </td>
    </tr>
  </table>
  </center>