did you fix it because I see all the pictures just fine ?

http://mcintoshcounty.org/real_estate/view_item.asp?Ad_ID=1

Hi,

I can't seem to find the code where it limits the upload file size. I want to limit the upload size to 1.5 mg for all users. Also I've noticed that the 500 pix doesn't seem to work. As in if an image is bigger than 500 pix the script still uploads it. i am using Upload_post_VBSCRIPT.ASP.

Thanks

(User Search & Contact Mod) for ASPProtect Version 7.x

This will allow an individual user to search for other users as well as email or call them.

Notes: This is a down and dirty mod. The users page from the admin area was used as a starting point. I then edited it up real quick to be used as a user search. The way it is it shows the user email as a regular email link. If you want to set it up so emailing is done from the application and emails are not actually shown you will have to do some extra work. If you don't want phone numbers shown you will have to remove that column which is not very difficult.

Directions:
Back up your existing ASPProtect installation.

copy "search.asp" into your "users" folder

2006-03-10_143253_User_Search_Contact_Mod.zip

Direct your users there. They will have to be logged in to view the page.

WARNING: This has not been extensively tested for SQL Injection attacks.
I think it is perfectly fine the way it is by looking it over quickly, but use it at your own risk.

it has been 3 days since I logged myself in under Admin, and all the user information on the User Activiy screen seemed to be gone.

is there any specific length of period it refreshes its user information??

That bit about zones makes perfect sense and seems surpassingly simple for me to integrate due to our categories and page contents being based on the same if/then functionality.

Regarding the user, I guess you mean that I could simply recreate a limited admin interface for users based on the interface you have included for me, is that correct? I realize how subjective the question is, but do you think that this would be a bad idea?

I'm leaning toward your software here. I have a budget that could easily cover a variety of programs, but the UI for advertisers at banmanpro, for example, seems far too complicated for my users. Also, banmanpro doesn't have supporting compatible softare I am interested in, such as your classifieds software.

I guess I am trying to buy a good shell from which I can do my own customization and coding, and into which I can integrate future additions such as your classified ads. Does this seem like the right place to be?

Thanks much for your time!

SQL Server Datareader Datawriter Permissions..

here is a screenshot that shows how to set datareader and datawriter permissions on a database using "SQL Enterprise Manager"

In this example we are making sure the aspbanneruser has those permissions on the aspbanner database in the SQL Server

Hey, I run a business and I will not have things like that mentioned in these forums.

Encountered another issue.  When entering a user name correct but the wrong password get the following error:

Microsoft OLE DB Provider for ODBC Drivers error '80040e14'

[Microsoft][ODBC Microsoft Access Driver] Syntax error in string in query expression '(Username = 'ROBERT') AND (Password = 'ZŁ$'.

/check_user_inc.asp, line 115

Did I do something else wrong?!

Thanks

question 2 is answered best here

http://support.cjwsoft.com/code/code_info.asp?TID=319&KW =paypal

I should also mention that the paypal scenarios used in ASPProtect can not be tested using PayPal's sandbox. Also test using two real PayPal accounts and on a live setup. (You'll allowed two paypal accounts)

then you can log into the other and refund the transctions and of course it makes sense to use low amount like 1 cent and what not.

Also, I'd love to see what you came up with with the integration. I have been working on it here as well and took it in a different direction as I plan to sell directions for it as an add-on for aspprotect. I have it all working here but so far I dont see an easy way to let other people do it as I had to change things in both systems in a lot of places. Utimately if done under a SQL environment triggers should be used at the database level and that is another consideration.

you password protect an asp page in your site "where that is is up to you"

http://support.cjwsoft.com/code/moreinfo171-1.htm

then you link them there from your own pages

thats all there is to it

is that what you are asking?

Additionally...any page you password protect automatically becomes a login page... where you want to start and where you send them after or before login is something you have to handle on your own

Any pages you pasword protect will prompt the user for login info if they are not yet logged in that is.

Then once logged in it returns them to the same page they are showing the page content as it would normally appear.

I purchased and installed the full version ASPProtect 6.0 in Feb 05 (must have been just before 7.0 came out) and have been using CDONTS for email authorization during the registration process.

It was working fine for about three months. Now, after registering, the  email  authorization is NOT delivered to the new registrant. There are no error messages.It just doesn't arrive.

Any thoughts on the subject would be appreciated.

Whein I went by the numbers off of your directions, which work well up to that point, the import would time out.

At that point I tried to import directly into access...and then it hung trying to login.

okay so I've put in a clean database and created a new record for me as admin.

(Password Expiration Mod) for ASPProtect Version 7.x

This Advanced Mod requires decent knowledge of Databases and working with ASP. I originally wrote something like this for a customer on a custom project. I then took the time to re-write all the code from scratch so it could easily be plugged in to the current version of ASPProtect as an option. All in all this mod took me over 15 hours of time to develop and will save you a ton of time & money if you were planning on writing something like this on your own. Some parts of this were so difficult to get working that I would never have written this code if I was not paid to do so. (The encrypted array that rotates through the last 12 passwords was quite frustrating to get working)


 
The price on this is 19.95. I am not incorporating this into the base product because it makes things more complicated and isn't for everyone.

Purchase Page

Security is a big concern and making your users change their password every so often is a good idea. Keeping track of previous passwords they used and making them choose something they haven't used before takes the concept even further.

This Mod will add a password expiration date to the application. When the password expiration date is hit the user must confirm their old password as well as pick a new one before they can log in again.

There is a new password expiration directory where they must choose a new password that has not been used before. The new password must be confirmed during this process. (It remembers 12 old passwords the way it is coded) The old passwords are stored in the database in an encrypted array.


Directions:
Back up your existing ASPProtect installation.

Add two new fields to the "ASPP_Users" table in your database.

For an MSAccess Database

Password_Expiration_Date (Date_Time Field)
PreviousPasswords (Memo Field)

For a MSSQL Database

Password_Expiration_Date (smalldatetime)
PreviousPasswords (nvarchar 160 characters)

once that is done

Copy all the new ".asp" pages into your site.


Edit the "PasswordExpirationURL" variable in the "check_user_inc.asp" file

It needs to be the full URL to to the "change_password/default.asp" file


Now edit the "change_password/processchange.asp" file

There are 3 variables you can edit.

PageSentToAfter = "http://localhost/aspprotectmods/password_admin/default.asp"
PassMinLength = 4
PassMaxLength = 8

The "PageSentToAfter" is where you want them sent to after they change the password. It can be whatever you like.
If it is a protected page they should automatically get logged in with the new password they just changed to which is nice.

The other two values should be obvious.

That's it...

Just remember the password change thing is not used in the admin area...
You could easily add code for that on your own though by looking at the the password expiration code I added to the publics "check_user_inc.asp" file

Also:
You will see a new field to edit on the user edit screen for the Password Expiration of course. 

I noticed that is grabbing the wrong URL for some reason. Even when i mouse over the URL its somehow getting the users sub directory. How.. i dont know... when i erase that users in the url it works perfectly.

I am looking at the code in the .vb file and i dont see anything that could be causing it to do that... but then again i am no programmer LOL

Its obviously kicking in that users subdirectory somehow... what are your thoughts?

Is there a way to set various members to upload a limit of photos. So, one member can only upload 5 photos in 1 album and another can upload 30 photos in 2 albums. Even if you just set a permission for the number of uploads for each member.

Thank you

I'm using the groups protect feature on my pages. None of them seem to close the session after clicking 'logoff'. I can tell because if I hit the back button and return to the group-protected page, hit 'refresh', the page refreshes, I'm not asked to log in again.

On the other hand, when I open a page that's protected by an access level and click 'logoff' (uses same logoff asp file to logoff), it seems to work fine - if I go back a page and refresh, it asks me to log in.

Just wondering - is anybody else having problems like this? Maybe I screwed something up in the few adjustments I made a while back. Any idea what it might be?

Hi,

1. Two months ago, we have set up to use the Subscription services exclusively for all new members and renews. and removed the regular payment service, a carry-over from v6.
2. Many from the "pre-subscription" service have yet to expire, thus have a populated expiry field.
3. With a 10 month bridge before we get all the members onto the Subscription service the "Send email to users that are soon to expire."
is used to remind these.
3. When members RENEW using the subscription service, the Expiry Field is not Nulled and they become targets for future reminders although they have renewed as Subscribers.

XYZ signed up on Nov. 05 2004, we send him a reminder in Oct 2005 and he renews as a SUBSCRIBER. His expiry date field is not nulled and he will keep getting notices although he has paid for another year.

Hope this is clearer... Thanks

We would like to use some of the variables from the user account in our web pages after they log in (something like, 'hello <user>"), but for professional printout reports using company name and user.

Could you offer some help as to what variable string we use to print that information on logged in pages?

By the way,  the program is working great!!!

I just installed the software, but I can't find any place where I can see when users logged in, can someone please tell me where I can do this?

Thanks

The default database password is "temp"

This is noted in the docs. You can also see the current password by looking at your connection string.

This is great FREE SQL Server Web Data Administrator App from Microsoft..

http://www.microsoft.com/downloads/details.aspx?FamilyID=C03 9A798-C57A-419E-ACBC-2A332CB7F959&displaylang=en

It is an ASP.NET web application that you install locally on your development server and then use to connect to a SQL database whether remote or local.

It can do nearly everything enterprise manager can do.

I have tested it and it works great for me.

Trying to make sense of this.  I am still confused.  In the file config_inc.asp.  I found the setting for "uploaddirectory".  That entry looks like this [UploadDirectory = CmdGetConfiguration("UploadDirectory")].  I assume there is a config file where the value of upload directory is located. 

The settings in the config_inc.asp file have not been changed.  they are set to the way it was delivered.  Is there a document that gives instructions as to what and where the config settings are to be changes?

1) Does everything, i.e. every user, every category, every product, etc., get stored in just one single database, or are there multiple databases at work and are linked to one another?  I am asking because there is only one table in the DB, and it is the "Users" table.  So I am presuming that there must be other databases that are linked to the DB.  Is this correct? 

2) Are user-level security permissions utilized in the sample Access DB that is shipped with the software?  I am asking because we cannot seem to remove the "temp" password no matter what we try, and this is the only reason I can think of. 

ASPProtect and PayPal are fully automated and ready to go.
Accounts will automatically get activated after payment.

We actually do not tell you to put nothing in the PayPal system for the IPN URL. Something has to be there or PayPal will not let you enable IPN. We actually tell you in you PayPal settings to turn on IPN and make up an IPN url because something has to go there. (I think we suggested making a blank asp page on you're site to send it to) It really doesn't matter where you send that but it might as well be a valid page on your site to avoid any 404 errors in your logs when a non ASPProtect payment comes in.

You see, we dont set that IPN url set in the PayPal system because each ASPProtect signup script directory (single payment and subcription) uses it own IPN url and that all gets set on the fly by the aspprotect system. There is a way to overide the defaul IPN url is what I am saying.

Also:
A  lot of people already have something there and we didn't want the ASPProtect system to interfere with things they already had going on.

Have you thought about language file so users dont have to go into the code to put it in their language??

humm, I dont know.

If you want me too I would be glad to go into your web site and troubleshoot. If so PM me the info I need and I will take a look and see if I can figure it out.

CJW

My hosting company uses ASPEMAIL - and I am trying to setup the mailing settings on ASPPROTECT - but cant seem to get it to work.   I've tried many different options - here are two that are the closest - but have issues:

1. If I use the settings:

email component: aspemail

Mail remote server: my internal server name

*no smtp authentication

email mail notification - my email address on my internal server

***I get the following results:

       I can get get notified when a new user logs in, email a user from aspprotect user screen if they are in my company and have a valid email -- but I can not send to the outside world - I get an relay prohibited error.

2. If i try to change the setting to use the Hosting Website email server - I get the following results:  I dont get notified when a new user registers, I cant send to internal company people - but I can send to the outside world.

**any suggestions on what to do? I'm trying to work with the people who manage the mail servers - but since I dont know anything about them - its a bit difficult.

[/QUOTE]

The relay error is because when you send emails outside your email domain smtp authentication is required.

I suggest trying to use CDOSYS with the smtp authentication option. CDOSYS is on all servers by default and is really the way to go. Use a real email account and password to send the emails through the server.  Be sure to check smtp authentication for cdosys and to specify all that info for your email account and password in the settings screen.

If you want to know about CDOSYS read my article.
http://www.powerasp.com/content/new/sending_email_cdosys.asp

You have old code I think.

It's probably because his password used with your encryption key by chance creates a single quote and messes up the database query

A notice went out about this. I will PM you the latest download with the updated files.

At one point I was using CDONTS_Installed but since I moved to a new Windows 2003 server I was told by my ISP that either one of these will work

actually  I just went to it again and it was somewhat slow coming up this time..

perhaps you have some issues with the sql database.

it should be instant.. like this one I run on my server
http://banserver.powerasp.com/aspbanner/

I suppose it could also have something to do with sql server resources but its hard to say..

Hi

I downloaded the .chm format installation documentation but when I open it I get the index but can't see any of the pages so am a bit stuck.

I am not sure totally understand your question.
I need you to explain it differently.

Any ".asp" page that is protected is going to automatically prompt them for a login box or log them in automatically depending on if they set that option.. In the end returning them to that same page.

So, it really all takes care of itself for the most part.. It doesn't even matter if the bookmark a protected page deep in your site. The system is smart enough to keep them at that page as well as handle their access.

Now of course if they are at an unprotected page of your site and navigate to a protected page they get a loin prompt or are allowed in if they already logged in...

Also.. when you say unprotected page ? do you mean ".htm" or ".asp"