Hello,

VBScript is the most popular ASP scripting language, and has the most support available. I estimate that less than 5% of the ASP coders out there use anything other than vbscript

That being said it specifically says on the aspprotect site ASPProtect is only for use in protecting asp using "vbscript" as the language.

http://www.aspprotect.com/more_info_full_v7.asp

http://www.aspprotect.com/comparison.asp

it is something I specified very clearly for this very reason.

Sorry, but you can not use ASPProtect to protect pages using Language="Javascript". The code is too complex to be mixed with server side Javascript.

To password protect asp pages written using "Javascript" you really need a an application specifically written in and designed to work with ASP pages written using "Javascript". And then of course that application would not be able to protect ".asp" pages written using "vbscript." (I mean never say never, but it would be a ton of work to get both working and I doubt you will ever see a commercial application that does both)

as for switching back and forth between vbscript and javascript you really can't except with very simple code. Doing so with anything complex can be extremely problematic because the order of execution sometimes gets all mixed up because of the complexity of the code being used.

That doesn't mean it can not work....

You would really want to do something like this.


do not specify a default language at the top

surround the aspprotect include file with this

<SCRIPT Language="vbscript">

</script>

surround your javascript code with this

<SCRIPT Language="JavaScript">

</script>

then make sure none the code including the aspprotect include file has any <% or %> tags in it

that means you have to remove that sort of thing everywhere... that means a lot of work if you used a lot of that sort of thing instead of response.writes to write out html type stuff

and again... I don't know if you would ever get it all working

Hope the wedding went well.  I have one this weekend.

I was successful at performing an upload.  The free upload software was either not configure properly (probably) or not working.  I downloaded the trial version of softartisan's upload (which is like over $300) and it started working. 

Can more than one photo be uploaded at one time (like a whole folder full of photos) or does each have to be done individually?

do you have the smtp part of iis installed on your machine

cdonts needs that

then again I am not sure you can even use cdonts on a xp box without making some changes...

cdonts has kinds died out and as of windows 2000 basically got replaces by cdosys

Hello,

I need to see if this is possible. I want to create a browsing system such that, the user selects a Province from a drop down list on the main page. Based the selection, the username of all the users in that province will be shown. Then the user can click on a specific username and his/her portfolio (photo album) will be displayed.

is this possible? If so, How can I do this, please help.

Thanks

Sean

Hi, I have not gotten anything from you about it.

click on the PM button below and send it that way through the forums.

Thanks

The only major usability issue I've found to date is multi-zone banners. Cloning is helpful to a point, but then if you have a change to that banner, you have to make the change 6 times or what have you. I think, even at the expense of speed, multi-zone capability for a single banner would be excellent addition. Of course, that supposes I haven't just missed it and it's already there.

The main root of your web site needs a "aspnet_client" folder for .NET apps like ASPProtect.NET to run.

If this isnt quite right one of two things can happen.

1.) You'll get a pop-up error like this.
'Unable to find script library WebUIValidation.js'

2.) The ASPProtect login screen will come up but just not let you log in.

This folder only goes in the root. Not in subfolders and subwebs.

If you dont have this folder in the root of your web.

Read this article to learn how to properly create the folder.
http://msdn.microsoft.com/library/default.asp?url=/library/e n-us/cpguide/html/cpconconfiguringaspnetapplicationforaspnet version.asp

If the app is installed on a hosted server you'll need to ask them to do that for you.

You can also try copying a the folder from your own machine after creating it the way the article above says.

or

here is a copy of my "aspnet_client" folder created under the latest framework at the time of this writing. v 1_1_4322

2004-11-03_134912_aspnet_client.zip

I am not sure if copying it in is as good as having created by the server as I haven't had time to really test all of that but it should work. Ultimately all this does is put some files .net needs in the web.

Hi,

How do you know permissions are ok in that folder ?
Please tell me more on how they were set.

Please read through my article on how they are set correctly.
http://support.cjwsoft.com/code/moreinfo136-1.htm

Often times they are not set correctly or people thingk they set them somehow but in fact did not do it the correct way.

I would also suggest using the "test_physical_path.asp" page in the "extras" folder to verify if the path you are using to the database mdb file is in fact correct. That page should work whether permissions are set or not. At least then you will know if the path is correct or not and you can go from there.

UPDATE

Version 8.1 has code generators for these new methods built in...

The redirection feature isn't working as I exected.

If I clear a user's redirection_URL, they can navigate to any protected page on my website as expected.

However, if I set the user's redirection_URL to a protected page, they cannot login. More specifically, their browser just keeps displaying the login form while the browser's progress bar just increments ad infinitum.

If I set the user's redirection_URL to a NON-protected page, the user is directed to that non-protected page, but if they then try to navigate to a protected page, they are redirected back to the redirection_URL.

Is this the way the redirection feature is supposed to work?

My application requires that a user is directed to a protected page and from there, they can navigate to any page that they are allowed to go to.

What can I do?

CJWSoft offers a mutually beneficial partnership program for resellers of our Active Server Pages Based Web applications.

The program is very simple.

• You offer our products to your customer's as Ready-to-Run Web Site Applications.
• We sell your company our software at a 50% discount allowing you to re-sell if for the same price we sell it for or slightly higher.
• Your company installs the application in the customer's web site and configures it for the customer.
• Your company is in charge of installation support and general usage issues. We handle other more complex issues as usual.

Each time a customer purchases an application from you, you are required to purchase a license from us.
These must be purchased online via PayPal. You will be give a special password protected URL where these purchases can be made. You are in charge of setting up a system for your customers to purchase the software from you. You are also responsible for purchasing a license from us within 7 days of a license being purchased from you.

Below are the applications currently eligible for the program.
They have been chosen because of their popularity and reliability.
You must resell all three applications below.
The details and pricing of this program may change at any time.

	ASPBanner Standard sells for 99.95 (You pay 49.95) ASPBanner Standard is a high end Banner Rotation system. Web Based Administration for managing the users and banners in the database. Advertisers can monitor online statistical reports via their web browsers.
	ASPProtect Version 6 with Option Pack sells for 99.95 (You pay 49.95) Easily Password Protect any ".asp" page within your web site.  Easily integrates with your current website or project design. Web Based Administration for managing the users in the database.
	ASP Photo Gallery Pro sells for 49.95 (You pay 24.95) ASP Photo Gallery allows anyone to have their very own online photo album. Upload an unlimited amount of albums. Set up categories however you like. Allow others to upload photos. Optional image resizing and thumbnail creation.

We are looking for Web Hosting Companies and ISP's who can sell an average of 2 applications per month.
If you are not a serious company with a professionally done website you need not apply.
We are not looking for mom & pop operations.

To be very clear:
We are looking for experienced ASP Development/Hosting Companies that are serious about being a reseller and ready to go.
We need knowledgeable resellers that are experienced with ASP and will be able to install the application for the customers and handle some of the general installation issues that may come up.

To qualify for the program:

Please send us a brief overview of your company, Website URL, and your expectations for the program. After looking over your information we will get back to you with a response.

Contact us

Additional Info:

Our applications run on NT based servers only with true Microsoft ASP support. They do not run under Chilisoft. Our applications are licensed per website. That means one running installation of the database and scripts. Qualified resellers will be reviewed every quarter to see if they are meeting the 2 application per month quota.

The redirection at 1st login feature is supposed to work like I explain in this thread.

http://support.cjwsoft.com/code/moreinfo385-1.htm

Though what you just said is a bit confusing it sounds like you have some sort of browser problem and it is doing the redirect every single time. ?

I would suggest reseting all your browser settings to normal and making sure cookies are enabled because forms based authentication uses session variables and cookies must be enabled for session variables to work correctly. If not something like this could happen as the redirection at 1st login would happen over and over every time.

So try it on other computers and try with firefox as well as IE. Many people go nuts with their browser settings and way too much stuff blocked which can cuse all sorts of issues. Also some script blocking and firewall software can cause problems so disable all of that when testing.

You may also have created some sort of endless loop. (I really need to know way more information on what you did to know that for sure)

You may also want to consider doing your redirects manually meaning you protect a a page and right after the protection you use regular ASP redirect statements to redirect the user whevever you like based on their session info which is available to easily check immediatly after someone gets through the authentication.

I still stand behind my statements that redirection is not good site design. You really really need to understand and plan your ASP pages as well as have a very good understanding of the session and how all of that works if you use redirection with a password authentication scenario. You should never be redirecting someone to an ".htm" pages except during testing because you wont be able to stop users who are not supposed to go there from going there directly.

New Features added to 7.x

1. Entire application gone through and updated.
2. New graphics, new look and feel
3. Passwords and Cookies are now encrypted using separate keys individual to each customer install.
4. Groups Feature... powerful way to protect pages based on group access
5. Ability to upload a picture for each user.
6. New printable profile user screen.
7. Supports 13 email components as well as outgoing authentication for a few of the email components
8. New Lockout option. "However many" try’s to login and you are locked out for a certain amount of time.
9. PayPal signup routines for both single payments and subscriptions integrated into the application. Everything is handled automatically. Charging for membership couldn't be easier. 
10. New Newsletter Feature allows you to send newsletters to those subscribed. 
11. New ability to Email users soon to expire
12. HTML emailing for people using CDOSYS. This includes an inline html editor so you can send out some really professional looking emails.
13. Ability to redirect a user anywhere on 1st login
14. Option to turn off Login Remember Me Feature
15. Login Form now very easy to edit
16. All paths for places that need permissions can be easily changed.
17. Works with Parent Paths Disabled on the web server.
18. Company Name is now an optional field
19. Handy javascript popup date selectors
20. All date functions now internationl date friendly
21. Password conversion routine to upgrade existing users to the password encryption
22. Import / Export of user database built in
23. Protection Code Generators
24. Notes Feature. Javascript Popup on users screen that allows you to quickly see information without going to their edit screen
25. Mass email users incuding ability to send them usernames and passwords all at one time.
26. Option to not allow concurrent logins by the same username
27. Optional feature to keep track of recent users that have logged in as well as allow you to view the information.
28. Optional feature to keep track of recent users that have logged in, what pages they accessed, and when, as well as allow you to view the information.
29. Ability to protect other files types other than just protecting the viewing of the ".asp" pages. We provide working example code showing you how to protect images and file downloads in your protected ".asp" pages. You can protect nearly any type of file from downloading and viewing. (gif, bmp, jpg, zip, exe, pdf, rar, mp3,etc..)

FYI:

The articles you references were read over by me like 3 hours ago... way passed that and prob. in deeper sh*t than i was since im trying everything possible without knowing the true reason this is not working.

Whenever you are running software that can block scripts from certain things you are going to have issues like this.

I imagine many complex asp scripts you will download will do things like this as well.

A highly doubt it is anything to worry about regarding people that use your site.

ASP code delivers standard html to the browser... nothing weird goes on as far as that goes.

This system has been sold for 6 years and this is just not something to worry about. Trust me.. though you may want to tone down black ice so it doesn't give you issues as it tries to block various things.

If I were you I would do some google searches on black ice and issues with it blocking asp scripts.. etc etc

Now, if you are running black ice right on the server that a whole other story and something you as a server admin need to decide what to do about. I doubt that is the case as black ice is not probably suitable for a commercial webserver but I just thought I would throw that out there.

Need to know more about ASP ?
Check out these links.

	PowerASP This site was started on October 8th, 1998 and is a great resource.
	ASP101 This site has been around a long time.
	ASPSchools Intro to ASP Good intro to asp

15 Seconds Free resource for developers working with Microsoft Internet Solutions. 15 Seconds is the biggest IIS and ASP development resource in the world.

ASP FAQ Have a question about ASP? Check the ASP FAQ site. They've probably got the answer.

ASP Free Your 1st source for free ASP and ASP.NET live demos, downloads and more!!!

ASP Connections ASP Connections Conference for the ASP Developer features sessions on ASP Performance, IIS 5.0, ASP 3.0, XML, ADO, E-Commerce, VID, COM, COM+, MTS, DHTML, load balancing, and more. Speakers include Mike Amundsen, Wayne Berry, Charles Carroll, Michael Corning, Jeff Niblack, & Ken Spencer.

4GuysFromRolla 4GuysFromRolla: Web Technology, Programming, Humor... All this and it counts as work!

CoverYourASP.com A great new site. It's got some great stuff and is using JScript! A must see!

askASP Promising new site! Check out the question archives!

CodeHound CodeHound ASP - The ASP Developer's Search Engine!

CodeAve.com A neat ASP reference with some interesting features. Check out their "Script Writers"

ASPZone The website for advanced ASP developers.

Programmer's Resource This site is geared towards Activer Server Pages and Access developers.

Planet Source Code Search over half a million lines of free code!

DevASP A relatively new ASP site. Straight forward and informative.

www.LearnASP.com This in another site maintained by Charles Carroll, and it specializes in Active Server Pages programming issues. Contains links to a wide range of resources and articles.

ASPin.com The ASP Resource Index. Here you will find the stuff you need to take advantage of ASP and make your website an interactive mecca.

411ASP.NET The ASP.NET Resource Directory

ASP Sites A great place to go to find ASP resources fast!

Haneng.com A different ASP site.

Macromedia - DevNet While much of the content is Dreamweaver MX-centric, they also have a fair amount of plain vanilla ASP.NET content as well.

The Web Developer's Virtual Library The WDVL is part encyclopedia and part e-zine dedicated to covering all sorts of information about developing web sites... including ASP.

 

Please be aware folks..

This file is not provided by CJWSoft. Though this may work very well use of it is not supported in any way. We have not tested it.

This user is not using the option pack so this file will not be compatible with anyone using that because it does not have support for groups and some of the other new features.

Regardless..we appretiate users sharing ideas and solutions that they have come up with.

When I enter www.vickerylightning.com/aspgallery/dataconn_inc.asp on the screen it says "Not a valid bookmark"

as far as that goes I have no idea.. I have never seen that message before but you are not suppose to run that page by itself regardless.. it is an include file not meant to run on its own

There are 8 Access Levels by default.. they work like this.
http://support.cjwsoft.com/forum/forum_posts.asp?TID=166& ; ; ;PN=1

Access Levels exist in ASPProtect Version 7 for backward compatibilty for customers using previous versions.

Truth is Groups are the replacement for Access Levels and they are much more powerful and flexible. You can also make as many of them as you want in the admin area.
http://support.cjwsoft.com/forum/forum_posts.asp?TID=167& ; ; ;PN=1

On a side note:
We also coded ASPProtect Version 7 so there could technically be as many access levels as you wanted. It's not supported but if you really wanted more Access Levels you would carefully add more Access Levels to the drop down choices when you edit a user. "edit.asp"

I don't know why anyone would want to use Access Levels however when they can use Groups.

The way the application ships there are no password confirmation areas anywhere ? Please be more specific as to what you have done and if any mods are involved ?

If you are talking about one of the MODS please realize they are not supported. http://support.cjwsoft.com/code/moreinfo459-1.htm

Even though they are not supported I look them over pretty closely and I know of no issue like you mentioned so I would suggest re-downloading the MOD. Perhaps you got a corrupt download or file.

It's real easy actually if ya sniff around the source code.
ASP is so easy to (work with/edit) even if you dont know any code.


edit   "save.asp" with a text editor

change

If Request("First_Name") = "" Then
  ErrorMessage = ErrorMessage & Server.URLEncode("You must enter a First Name.\n\n")
End If

to

If Request("Company_Name") = "" Then
  ErrorMessage = ErrorMessage & Server.URLEncode("You must enter a Company Name.\n\n")
End If


From looking at that save code I dont see where Last_Name was required. The only name I saw required was a 1st name.

Also.. making the First_Name not required may break something somwhere else. I dont think it will but it might. You are warned.

Hi,

I did some layout customizing on the register page on my site. ( http://www.lonestaricon.com/aspprotect/paypal_sub_signup/reg ister.asp)

Now when I tried to register, it seems like it goes to the next page, but it is blank.
( http://www.lonestaricon.com/aspprotect/paypal_sub_signup/add _new_account.asp)

If I log in under administration, it shows that I have registered. I can't seem to figure out what part of the code is wrong, so that the new account page will not load.

I'd would greatly appreciate any help with this.

Thanks,

Allison

this error really does not mean anything specific

Your browser must support a standard called RFC 1867. Please check with your browser vendor for support of this standard"

If you get an error its real weird that the file is being uploaded.
Generally if you get an error during upload it is because of one of these 3 things

Invalid physical path specified

Unsupported upload method chosen

Permissions

See my article on XP and permissions
http://www.powerasp.com/content/new/windows_xp_pro_and_permi ssions.asp

many people dont do their permissions right on XP Pro and that article covers everything

Sounds cool.. post info when you get it sorted out

thx

hopefully someday I'll get the new version finished.. I just never seem to have time. Lately ASPProtect takes up all my time and now aspclassifieds seems to be in need of a new version more so than asp photo gallery

Hi,

We use ASP Protect to password protect the pages in the member area ( http://www.pti.org/members.asp )

Of late Once or twice every month our whole site goes down and it gives us a "Microsoft VBScript runtime error 800a006 Overflow: Clnt //global.asa line 33 " error message (with the friendly message turned off). When we reboot the web server things are up as normal.

But this is happening too frequently and creates a bad impression.

Any suggestions on how we could prevent this would be greatly appreciated.

SQL Database Creation (NEW INSTALL)

If you are creating a new database do so using SQL enterprise manager.
Create a new database called whatever you like and keep all the default settings. If using an existing sql database skip that step.

Now open up SQL Query Analyzer

unzip the following sql script and open it in query analyser.
2005-02-20_132116_aspprotect_v7_sql_script.zip

VERY IMPORTANT
On the drop down box at the top right make sure your intended database is selected. Otherwise your changes may effect the wrong database in your SQL server.

Then load the script  into the Query Analyzer.  Click the green play button at the top. If everything goes well the response should read something like this.

******************************************************
(1 row(s) affected)
******************************************************

If so the tables have been created in your existing database.

Now make sure an existing or new SQL user has (public / datareader / datawriter) permissions for the new tables. You will be referencing this user in the asp code connection string so this user must be set up correctly. You may need your SQL server admins or hosting company to help you on this step as you may not have access to do this. You may not need to create a user and set permissions as the sql user you were logged in as to use query analyzer may by default get the correct permissions on anything you create.

Regardless, as you can see from this screenshot I made a SQL user called "aspprotectuser" and proceeded to set the permissions for that user. Under database access giving him (public,datareader, and datewriter permissions).


Now, in the ASP files provided with ASPProtect edit "dataconn_inc.asp" with a text editor and modify the connection string info. Be sure to change the info to match your server,username, and password.

Below is an example of valid connection string.

ConnectionString = "Provider=sqloledb;Data Source=poseidon;Initial Catalog=aspprotect;User Id=aspprotectuser;Password=temp;"

The  "Data Source" setting is either the Network Name for the SQL Server or the IP Address. For local servers you can sometimes use an IP of "127.0.0.1" or the name of the local server.

"Initial Catalog" is the name of your database.

Now, in the ASP files provided with ASPProtect edit "dataconn_inc.asp" with a text editor and set the DatabaseType variable to SQL like so.

DatabaseType = "SQL"

I'm using version 6 upgrade and recently some of the users complained that their passwords are no longer working. I was able to replicate the problem as I also experienced the same thing with my account.

Once I reset the password thru e-mail (Forgotten your password?), I am able to login but it fails later. This is weird as I have an identical copy of the code running flawlessly  on my test server.

The only change which I made to the original downloadable code is by adding password encryption using Base 64 encryption.

Any ideas what might be the problem

been working on this for about 5 hours today.. I think I found the problem and it involves a vbNullChar that the encryption process is creating only during login attempts

it then messes up during ASPProtect authentication because it blows up the SQL Statement to the database

like I mentioned before the chances off this happening are slim but possible as two people so far have been able to create the situation

I seem to have the HANNAH password working now using your encrption key

I need a little bit more time to clean up the files I have been working on. Then I will give you new "check_user_inc.asp" and "check_admin_inc.asp" files to try out

When using the ASPProtect admin panel. My firewall software is going crazy or Blocking it on the Mass E-Mail, Newsletter, and other pages.

Here are some of the messages:

[Unauthorized Access Attempt] This signatures detects an attempt by a web server to deliver a malicious HTML page to a browser client, in an

[Suspicious Activity] This signature detects HTML documents attempting to spoof a link destination in the browser's status bar.

I am using Black Ice...

Will users also get this kind of activity from the pages ??? Or is it only because of using the Admin Interface of the software ???

Thanks

Not really sure how to do this.... i think you know what i am looking to do.. is there anyway you can show me or create that solution for me? It would prob. take you minutes as its been taking me hours

If we wanted to user groups, is the "Access Level" in the User setup the same ID as what the group access would be?  Ex. If John had Access Level 4 and the page specified <% GROUPACCESS = "4" %>
<!--#INCLUDE FILE="check_user_inc.asp"-->

I'm asking because there is no Group Access Level in the user setup.  Thanks