IMPORTANT UPDATE - READ THIS
http://support.cjwsoft.com/forum/forum_posts.asp?TID=205& ;PN=1


The IPN Subscription Pack which is built in to ASPProtect 7 contains all the pre-built scripts you need to implement PayPal IPN Subscriptions with ASPProtect. IPN stands for (Instant Payment Notification). It allows you to set up scripts on your server so whenever a PayPal payment is processed the PayPal server sends info to your server regarding the transaction and vice versa. This is a fully automated process and allows you to charge users for access by the month or however long you like.

The Subscription feature of PayPal handles recurring billing automatically. The PayPal server will communicate with the ASPProtect system and keep everything up to date with users and their subscriptions.

This Support Pack basically gives you an additional signup and registration directory "paypal_sub_signup" and it should not interfere with any changes or customizations you have made to your ASPProtect setup. New users can register in this directory and sign up for a subscription at the same time. Existing users whether active or expired can be sent to this directory where they can lookup their account and start a subscription. You can also assign various Access and Group Levels during signup and you can set up various prices for various amounts of time as well. This is a real-time setup for the most part. As soon as a user pays via PayPal your system is updated and they will have access.

To use this all you need to do in ASPProtect 7 is enter your PayPal account name into the settings screen. It will be an email address. You'll need a business or premier account with PayPal and you will need log into your PayPal account and turn on IPN in you profile. They make you enter a default IPN URL. We do not use that so if you already have something there leave it there. If you dont have something there you can type in any the full url to any page on your server. It's probably best to send it to an empty ".asp" page or something.

Changing Payment Options

In the "paypal1.asp" file there are some sample payment options set up.

They look like this and you can have as many as you like.

<!-- Begin Payment Option Code -->
<form action="https://www.paypal.com/cgi-bin/webscr" method="post" target="_blank">

<% Label = "Membership (1 Month) $9.99 Recurring" %>
<!-- Begin Form Fields You Can Edit.. See PayPal Subscription Manual For Details -->
<input type="hidden" name="no_shipping" value="1">
<input type="hidden" name="no_note" value="1">
<input type="hidden" name="a3" value="9.99">
<input type="hidden" name="p3" value="1">
<input type="hidden" name="t3" value="M">
<input type="hidden" name="src" value="1">
<input type="hidden" name="sra" value="1">
<!-- Field Below must have 2 commas First two values are optional (access level,groups,user ID)-->
<input type="hidden" name="custom" value=",,<% =User_ID %>">
<!-- End Form Fields You Can Edit.. See PayPal Subscription Manual For Details -->

<!--#INCLUDE FILE="form_data_inc.asp"-->
<input type="image" src="https://www.paypal.com/images/x-click-but20.gif" border="0" name="submit" alt="Make payments with PayPal - it's fast, free and secure!">

</form>
<hr>
<!-- End Payment Option Code -->
 

To really understand what these form values mean it is best to look through the PayPal Subscriptions Manual which is a PDF file you can get from the PayPal Site.

This link was valid the last I checked...
Subscriptions and Recurring Payments Manual

It also may be helpful to use their wizard to create some subscription buttons with different settings and then look at the code generated.

Bascially these are the important ones..

a3 - amount to billed each recurrence t3 - time period (D=days, W=weeks, M=months, Y=years) p3 - number of time periods between each recurrence

The custom field is something we are using to send info from ASPProtect to PayPal.
it allows you to set the access_level or groups access (groups support require the ASPProtect Option Pack)

<input type="hidden" name="custom" value=",,<% =User_ID %>">

or this example where we are setting the access_level to (2) and also giving the user access to groups (3 and 4)

<input type="hidden" name="custom" value="2,*3*4*,<% =User_ID %>">

Here is how it works.
The value setting (red) is essentially and array that can be made up 3 elements separated by comma's

access_level,groups,User_ID

If you do not want to set the access_level or groups access.. then you don't even need to edit the setting.

Values must be separated by a comma even if there is no value and there can be no spaces.  If you didn't want to set an access level or groups there would still be 2 commas at the beginning.  etc etc
Basically there must always be 2 commas but you only have to set last values which is the User_ID from the ASPProtect system.

The 1st value is the access level you want to user assigned to.
The 2nd option is the groups you want the user assigned to. (requires option pack)
The 3rd option is the User_ID which the system takes care of. Do not edit this option. Leave it as <% =User_ID %>
 

New Features added to 7.x

1. Entire application gone through and updated.
2. New graphics, new look and feel
3. Passwords and Cookies are now encrypted using separate keys individual to each customer install.
4. Groups Feature... powerful way to protect pages based on group access
5. Ability to upload a picture for each user.
6. New printable profile user screen.
7. Supports 13 email components as well as outgoing authentication for a few of the email components
8. New Lockout option. "However many" try’s to login and you are locked out for a certain amount of time.
9. PayPal signup routines for both single payments and subscriptions integrated into the application. Everything is handled automatically. Charging for membership couldn't be easier. 
10. New Newsletter Feature allows you to send newsletters to those subscribed. 
11. New ability to Email users soon to expire
12. HTML emailing for people using CDOSYS. This includes an inline html editor so you can send out some really professional looking emails.
13. Ability to redirect a user anywhere on 1st login
14. Option to turn off Login Remember Me Feature
15. Login Form now very easy to edit
16. All paths for places that need permissions can be easily changed.
17. Works with Parent Paths Disabled on the web server.
18. Company Name is now an optional field
19. Handy javascript popup date selectors
20. All date functions now internationl date friendly
21. Password conversion routine to upgrade existing users to the password encryption
22. Import / Export of user database built in
23. Protection Code Generators
24. Notes Feature. Javascript Popup on users screen that allows you to quickly see information without going to their edit screen
25. Mass email users incuding ability to send them usernames and passwords all at one time.
26. Option to not allow concurrent logins by the same username
27. Optional feature to keep track of recent users that have logged in as well as allow you to view the information.
28. Optional feature to keep track of recent users that have logged in, what pages they accessed, and when, as well as allow you to view the information.
29. Ability to protect other files types other than just protecting the viewing of the ".asp" pages. We provide working example code showing you how to protect images and file downloads in your protected ".asp" pages. You can protect nearly any type of file from downloading and viewing. (gif, bmp, jpg, zip, exe, pdf, rar, mp3,etc..)

Well. fontpage publishing is evil. That you have found out.

Do not use it. It usually wont work right when running asp code locally and also at the server because of differences with the paths and virtual directory structure. etc etc etc

You can definetly use frontpage to connect to the web site live and drag and drop files into it/edit them... but the sooner you stop using the publishing feature the better off you will be.

The company that hosts our business web site has been impossible to deal with in assisting me in getting asp protect to work. Getting the rights set correctly took 6 days and then getting parent paths enabled has been impossible. There last response was simply this:

The includes were changed so that if your server does not support "parent paths"
' and the "../" that you could easily change a few files like this and make the
' includes virtual includes instead of file includes. We didnt make them virtual
' includes by default because depending on where in your site you put the application
' the virtual include path would be different. They are also much different on a local
' development server than they would be on your real server
'
' Here are some examples of what you might change these includes to
'
' If you put the aspprotect folder in the root of your domain at your server
' example: www.mydomain.com/aspprotect
' then you would probably use
'
' #INCLUDE VIRTUAL="/aspprotect/dataconn_inc.asp"
' #INCLUDE VIRTUAL="/aspprotect/config_inc.asp"
' #INCLUDE VIRTUAL="/aspprotect/scripts/emailing_subs_inc.asp"
'
' Or if you didnt use the aspprotect folder and just put the contents of it in the root
' of your domain
' then you would probably use
'
' #INCLUDE VIRTUAL="/dataconn_inc.asp"
' #INCLUDE VIRTUAL="/config_inc.asp"
' #INCLUDE VIRTUAL="/scripts/emailing_subs_inc.asp"
'
' It really all depends on what works for your situation
' If you want more information on server side includes read this article at PowerASP
'
' http://www.powerasp.com/content/code-snippets/includes.asp

I am assuming that they will not enable parent paths and I need to modify some code. I do not know asp. WHere do I modify the code for a server that will not enable parent paths?

Thanks,

D

I Dont know... it shouldnt do anything like that.

if it ever asks to download a aspx or asp page its generally a server configuration issue not related to the actual code

provided you arent trying to grab the injectbanner page through an iframe call which is only for use with the javascript method of calling banners

Hi Chris,

Thanks for the answer. No, I am not using Paypal since these are employees and sales reps. I guess i'm on my own on this one. :)

Thanks
Sylvain

I am using VS 2005, when i go to new project in visual basic folder asp.net web application is not there..

Can i add it somehow?

I purchased and installed the full version ASPProtect 6.0 in Feb 05 (must have been just before 7.0 came out) and have been using CDONTS for email authorization during the registration process.

It was working fine for about three months. Now, after registering, the  email  authorization is NOT delivered to the new registrant. There are no error messages.It just doesn't arrive.

Any thoughts on the subject would be appreciated.

No rush, I have it out on the internet, but have not gone live with the site yet.

Thanks for responding,

Enjoy your well deserved break

Christopher,

Thanks for the reply. I think I've found my problem, but can't test until later in the evening as it is on a live site.

Darrell

I'll send you something..

Hi - When I try the mass email feature, I get an error that says:

ODBC Microsoft access driver) too few parameters expected 1

/aspprotect/password/admin/send_mass_email.asp line 280

Oddly...this feature works fine when I use the original admin user that you setup. 

But I setup another one with my username and password (not test) - because I was afraid anything with "test" could get deleted. 

Any ideas on why the new admin userid would not work?  Note: I have not change any code from the original installation.

also.. the log out page shouldnt really need this
but you can try adding this to it where all the other ones are set to nothing..

<% Session("Groups") = "" %>

ok, I am home.. missed flight.. just got home an hour ago.

lets see.. I really need more info...

For starters are you using the delayed stats feature ? that is expirmental and could cause that problem

Okay Chris, I wold like to get rid of the encryption then if it's not too much trouble.

I have no option of running the production server against an ms access db, since the db needs to be online and accessible from another system.

One is for paypal subscriptions (recurring billing) and the other is for single payments

http://support.cjwsoft.com/forum/forum_posts.asp?TID=185& ; ; ;PN=1

http://support.cjwsoft.com/forum/forum_posts.asp?TID=186& ; ; ;PN=1

You can delete any of the 3rd party payment directories you are not using including the the 2checkout one... (all those folders really are is a copy of the users folder specially modified to handle a certain payment processor)

Just Don't delete the "users" folder though as there are things you do there that you can not do anywhere else..  quite a few things..  editing existing account info, looking up passwords... etc etc

Yeah, its working great witht he Access database. Now I just need to get it all set up. I like how the config file is set up with all the comments, it really helped allieviate the 40k thumbnails, .

Perfect. Thanks buddy :)

To be honest I just can't remember what happens. It has been a long time since I did a real live test of that. I know it seemed like a pretty smooth process to me. Right now I can not test it out as I am on a road trip with my motorcycle and I am sending this email from my PDA.

I would ask Dave at this website.
http://www.davephoenix.com/

Or via this username in the forums
PhoenixUK

He can tell you what happens as he has been using the IPN stuff for about a month now.

Perhaps another user could chime in here as well and let us know. I know there are a lot of people using the IPN stuff.

Is there any way to extend the limit multiple login feature to a certain number instead all or none?  In other words, i need to have a user be able to use the same login for x number of people.  My customers are institutions and want to be able to have a single login for however many users they purchase for.

I'll try to help when I get back tues night,, see the contact page for info on where I am .
http://www.cjwsoft.com/contact/default.asp?Subject=CJWSoft+G eneral+Inquiry

My hosting company uses ASPEMAIL - and I am trying to setup the mailing settings on ASPPROTECT - but cant seem to get it to work.   I've tried many different options - here are two that are the closest - but have issues:

1. If I use the settings:

email component: aspemail

Mail remote server: my internal server name

*no smtp authentication

email mail notification - my email address on my internal server

***I get the following results:

       I can get get notified when a new user logs in, email a user from aspprotect user screen if they are in my company and have a valid email -- but I can not send to the outside world - I get an relay prohibited error.

2. If i try to change the setting to use the Hosting Website email server - I get the following results:  I dont get notified when a new user registers, I cant send to internal company people - but I can send to the outside world.

**any suggestions on what to do? I'm trying to work with the people who manage the mail servers - but since I dont know anything about them - its a bit difficult.

Good Morning, any suggestions on how to best "fake out the system" -- I would like to try to keep this clean so I can see the real errors?

My thought was to try to just move those .gif files to the directory that it thinks it should be in -- do you have any better suggestions? Or reasons why I really wouldnt want to do that?

Hi Chris,

I have a small problem, I have installed asp photo gallery pro on a hosted site, and after eventually getting them to modify permissions on directories it is essentially working, except that it won't delete pictures from an album. If I delete an album the pictures are left in the pictures directory, but the album is no longer displayed. If I then make a new album it is labelled incrementally... ie I had one album "album_ID_1", deleted it created a new album it is labelled "album_ID_2". I would have thought that the new album would be called "album_ID_1" ie taking the place of the deleted one. It seems to me that the delete album function isn't fully working either. My hosting comppany swears that the permissions on the pictures directory are set to full access for everybody. What have I done wrong?

Thank you

Nigel

It a generic error that means something is wrong with your data connection.

http://support.cjwsoft.com/code/moreinfo27-1.htm

http://support.cjwsoft.com/code/moreinfo136-1.htm

I would look on the pictures folder on the server and see what is there for pictures. Also, when you see a broken X on the site right click and see where it is trying to get the picture from and what the pictures name should be.

I would also be sure to clear out your temporary internet files in IE. clost and restart all browsers..

maybe show me the site ? so I can see this happening ?

This first one may be an obvious one, but is it only .asp files that I can protect as in no HTML files.

Can the program be set to protect my whole https directory contents (though the answer to the last question may have bearing here - there are html files as well as .asp in there) as in http://secure.mydomain.com

Thanks in advance

Thank you for the response to my question. In the mean time if I can figure any workaround I will post it here.