Blog Entry: 3/25/2006 4:27:33 PM
you would have to edit the application in visual studio.net.. change some things around and recompile the application... in the process figuring out how you want to handle all of that (probably combining the username and email fields just on the registration form then saving both values to the database)
very doable.. just not anything documented or supported as it is custimization
I do have a very nice article on the forums on how to set up a project in visual studio.net with the application.. it is in the forums, Sounds great, Sold!
Thanks Christopher!
,
This relates to a part of the new documentation that wasn't ready yet.
I just made a thread about it though.
Here you go.
http://support.cjwsoft.com/forum/forum_posts.asp?TID=198& ; ;PN=1&TPN=1 cwilliams38419.5353587963, You really should check out the documentation regarding the config file before you go any farther.
If the server supports ASP.NET you do not have to spend any money to have real fast loading thumbnails.
Also, licenses of ASPImage only cost 69.95 and regardless any quality host supporting ASP should have one of the 3 supported resizing components installed or else you should consider a better host like www.alentus.com Places like that have good hosting prices and give you access to 3000.00 worth of 3rd party asp components.
, Thanks very much for the tip. I'm a beginner with all this stuff so forgive me for the inate stupidity!
By the way, I think the system is great and I am very pleased my purchase.
cwilliams38317.5552662037, Hi,
I don't fully understand what you are explaining ... the part about showing a user but not working???? but if you PM me the details I will glady go into your live webserver and see if I can get it working.
, Thank you!!
Yippee!
Laura
, thanks.. it was not taken as a complaint.
I just wanted to explain
When you said you tried using the web version of sql manager. Did you use the microsoft one I link to here "just curious"
http://support.cjwsoft.com/code/moreinfo127-1.htm
, Hey CJWSoft,
We're helping out some clients of ours in a server transfer and we
really need some assistance from you guys. We've got everything
transfered and running, except for the ASP.NET banner. Do you
have any directions on how to go about moving the install from one
server to another? We've sent a couple emails through the site
but haven't gotten any responses back.
Please help.
-Tony Valenti
, also, from looking at your site your ideal scenario would be a system that allows you to show all banners in one zone at any given time but in a different order.
ASPBanner is just not that sort of system. It is only designed to show one banner at a time from a given zone in random order., I am having problems with a password a user wants to use. He wants HANNAH. When he (or I) try to log in with his username and password, I get a syntax error -
Syntax error in string in query expression '(Username = 'changedforsecurity') AND (Password = ' éG'.
pathOnComputer../1protect/check_user_inc.asp, line 114
I've obviously changed the username and the server path in the info above for security.
I have not messed with the encryption.
What is it that the system doesn't like in the word HANNAH as a password? I would just change his password for him but this guy has enough trouble just turning the computer on! Confusing him with a new password would take weeks to set him straight.
Thanks,
Mick
, Your actually confusing me with the whole "joe bloe" thing and user access. I just do not get what you are trying to tell me. Perhaps you can explain in a less confusing way. Your just not technically explaining it andand thats what I need to know to possibly help.
As for the subweb thing you just can not do that. Subwebs have their own sets of application and session variables. An ASPProtect installation and any pages you protect with it are required to be in the same "application" in IIS. Sicne subwebs have their own "applications" in IIS that won't work. It is the nature of "forms based authentication" A sub web is alo considered by our licensing to be a seperate web site and ASPProtect is licensed per web site.
As for breaking pages.. you really shouldnt be editing any pages in the admin area as you will break them unles you are very good with ASP. (does not sound like you are..no offense meant at all)
Pages in the "users" folder are less complex and it is usually ok to edit them carefully.
http://www.powerasp.com/content/hintstips/common_sense.asp
Pages of your own that you password protect can still be edited in your usualy way though without effecting anything.
Truth is if you back things up before you start editing how can you go wrong ? That's how you learn.
, I purchased the photo upload software and it all works fine, except when I
try to click the categories I've created on the home page they don't show
any of the albums I've created and designated as that category. I went to
one of the example sites at http://www.minnessota.com/users/
place_new_album.asp?CatAdValue=
and it works fine. When you click Photos(40) it takes you to the 40
photos. I'm sure it's some setting I missed or something simple. Could
you email me back soon and let me know what to do/try? Thanks. , What application you talking about ? I'll assume ASPProtect. In the future please specify what application you are talking about.
ASPProtect 7 already has protection that is quite effective. The no concurrent login feature which will not let the same username under a different ip log in at the same time. Meaning if someone gives out their info they will screw themslves over because eventually they won't be able to log in. Only one unique ip at a time can log in so even of 100 people know the info it won't really do anyone much good except the lucky one that logged in 1st and stayed logged in. The username/password will eventually become more and more useless as more and people know it.
In addition to that is is a good idea to monitor the daily logs and single out a user you see logging in a lot. The more ips you see for that user the more chance it is multiple people logging in and you should take action. , question 2 is answered best here
http://support.cjwsoft.com/code/code_info.asp?TID=319&KW =paypal
I should also mention that the paypal scenarios used in ASPProtect can not be tested using PayPal's sandbox. Also test using two real PayPal accounts and on a live setup. (You'll allowed two paypal accounts)
then you can log into the other and refund the transctions and of course it makes sense to use low amount like 1 cent and what not.
Also, I'd love to see what you came up with with the integration. I have been working on it here as well and took it in a different direction as I plan to sell directions for it as an add-on for aspprotect. I have it all working here but so far I dont see an easy way to let other people do it as I had to change things in both systems in a lot of places. Utimately if done under a SQL environment triggers should be used at the database level and that is another consideration.
, Yes, I created it using the scripts.
, Is it actually possible, with your product, to password-protect the folder that has the actual database without having to require customers browsing the listings to enter a password, or will password-protecting the database folder prevent customers from browsing the classifeds listings?
, Hi, I haven't heard anything from you.
Has this issue been resolved ?
Thanks
, I am also getting the "Unspecified Error" message. I just transferred my site to IIS 5.0 and I get that error now. However it does not happen everytime. I can click on a page and it opens fine and then I hit refresh in the browser and I get the "Unspecified Error" message. What could be causing this?
, no worries from me. As with most software projects, i tweak the
heck out of them and then have to make a big decision about whether or
not i even want/need to upgrade.
KT
, If logfiles do not get created it is most likely one of 3 things
- invalid physical path specified
- permisssions
- filesystem object is disabled on the server
that path doesn't look correct to me for a live professionally set up server but only you or your server admins can know that for sure
you will not get any errors when things arent perfect.. just no physical logs
RecentActiveUsers and RecentPageRequrests are not related to the stored logfile feature.. Recent Activity is a different thing
, Well I have the web hosting tech looking into the memory issues at this point. Unfortunately I don't have another machine to be able to run the asp on that would run it correctly so that I can just publish it over.
, Hello,
Again, enspecified error are not very helpful.
An error usually tells you at least a line number and page or something.
Please read this as it might help do tell me more.
http://support.cjwsoft.com/forum/forum_posts.asp?TID=11& PN=1
As for only happening once in a while. It could be a lot of things.
Version being used (when did you purchase.. what name/email was it under and I can look) ?
What banner method being used?
Access or MSSQL ?
How busy the site is ?
Server Resources ?
cwilliams38414.6114930556, if you use our existing User_ID they are going to get new ID's. There is nothing you can do about that.
You could very easily though stick your exisisting User_ID's in one of the custum fields so you dont lose that info for each member., I know what is happening.. its the old single quote thing messing up the query string..
but it shouldnt be happening with the newer code as I fixed it.
If you like I can go in and reproduce/fix the issue. I can not think of any other way I can help you as other users have not reported the issue.
Chances are if it is happening in one situation it will happen again in the future.. it really all depends on the passwords being used and your encyrption key... other passwords may produce the issue even if the password is correct
basically once the password gets encrypted it by chance has a single quote in it... then it messes up the query
I take care of the situation by replacing the single quote with a double quote but it looks like you found a situation where that didn't work out
cwilliams38453.8921990741,
IMPORTANT UPDATE - READ THIS
http://support.cjwsoft.com/forum/forum_posts.asp?TID=205& ;PN=1
The IPN Subscription Pack which is built in to ASPProtect 7 contains all the pre-built scripts you need to implement PayPal IPN Subscriptions with ASPProtect. IPN stands for (Instant Payment Notification). It allows you to set up scripts on your server so whenever a PayPal payment is processed the PayPal server sends info to your server regarding the transaction and vice versa. This is a fully automated process and allows you to charge users for access by the month or however long you like.
The Subscription feature of PayPal handles recurring billing automatically. The PayPal server will communicate with the ASPProtect system and keep everything up to date with users and their subscriptions.
This Support Pack basically gives you an additional signup and registration directory "paypal_sub_signup" and it should not interfere with any changes or customizations you have made to your ASPProtect setup. New users can register in this directory and sign up for a subscription at the same time. Existing users whether active or expired can be sent to this directory where they can lookup their account and start a subscription. You can also assign various Access and Group Levels during signup and you can set up various prices for various amounts of time as well. This is a real-time setup for the most part. As soon as a user pays via PayPal your system is updated and they will have access.
To use this all you need to do in ASPProtect 7 is enter your PayPal account name into the settings screen. It will be an email address. You'll need a business or premier account with PayPal and you will need log into your PayPal account and turn on IPN in you profile. They make you enter a default IPN URL. We do not use that so if you already have something there leave it there. If you dont have something there you can type in any the full url to any page on your server. It's probably best to send it to an empty ".asp" page or something.
Changing Payment Options
In the "paypal1.asp" file there are some sample payment options set up.
They look like this and you can have as many as you like.
<!-- Begin Payment Option Code -->
<form action="https://www.paypal.com/cgi-bin/webscr" method="post" target="_blank">
<% Label = "Membership (1 Month) $9.99 Recurring" %>
<!-- Begin Form Fields You Can Edit.. See PayPal Subscription Manual For Details -->
<input type="hidden" name="no_shipping" value="1">
<input type="hidden" name="no_note" value="1">
<input type="hidden" name="a3" value="9.99">
<input type="hidden" name="p3" value="1">
<input type="hidden" name="t3" value="M">
<input type="hidden" name="src" value="1">
<input type="hidden" name="sra" value="1">
<!-- Field Below must have 2 commas First two values are optional (access level,groups,user ID)-->
<input type="hidden" name="custom" value=",,<% =User_ID %>">
<!-- End Form Fields You Can Edit.. See PayPal Subscription Manual For Details -->
<!--#INCLUDE FILE="form_data_inc.asp"-->
<input type="image" src="https://www.paypal.com/images/x-click-but20.gif" border="0" name="submit" alt="Make payments with PayPal - it's fast, free and secure!">
</form>
<hr>
<!-- End Payment Option Code -->
To really understand what these form values mean it is best to look through the PayPal Subscriptions Manual which is a PDF file you can get from the PayPal Site.
This link was valid the last I checked...
Subscriptions and Recurring Payments Manual
It also may be helpful to use their wizard to create some subscription buttons with different settings and then look at the code generated.
Bascially these are the important ones..
|
a3 - amount to billed each recurrence
t3 - time period (D=days, W=weeks, M=months, Y=years)
p3 - number of time periods between each recurrence |
The custom field is something we are using to send info from ASPProtect to PayPal.
it allows you to set the access_level or groups access (groups support require the ASPProtect Option Pack)
<input type="hidden" name="custom" value=",,<% =User_ID %>">
or this example where we are setting the access_level to (2) and also giving the user access to groups (3 and 4)
<input type="hidden" name="custom" value="2,*3*4*,<% =User_ID %>">
Here is how it works.
The value setting (red) is essentially and array that can be made up 3 elements separated by comma's
access_level,groups,User_ID
If you do not want to set the access_level or groups access.. then you don't even need to edit the setting.
Values must be separated by a comma even if there is no value and there can be no spaces. If you didn't want to set an access level or groups there would still be 2 commas at the beginning. etc etc
Basically there must always be 2 commas but you only have to set last values which is the User_ID from the ASPProtect system.
The 1st value is the access level you want to user assigned to.
The 2nd option is the groups you want the user assigned to. (requires option pack)
The 3rd option is the User_ID which the system takes care of. Do not edit this option. Leave it as <% =User_ID %>
cwilliams38421.7141782407, Your probably talking about "Session.Timeout" which is a feature of the IIS webserver. Please do a google search on it for more information.
In the meatime if you look at the top of the "check_user_inc.asp" file you should see a section like this where you can try to change the value.
' Minutes you want before the session times out.
' This is set on the server to be default to 15 or 20 minutes depending on the server version
' You can change it there or override it here.
Session.Timeout = 30
Specifying it like that is supposed to overwrite the value for your web in the IIS console which is usualy 20 minutes.
, Yes, you are right. That was the problem. Sorry 
Cheers
Roy
, the no concurrent login feature is based on IP addresses.. if you logged in again using the same IP address it would let you in regardless. So for example if you were behind a rhome router and logged in to a site on the internet it would nt matter if you had multiple computers at home because they would all have the same external IP address... etc etc
In other words it is tricky to correctly test..
I really need more detailed info on everything going on. I real world scenarios there are no issues with that feature that I know of. At least according to customers so far. , Hi,
We use ASP Protect 6.0 and the database is SQL Server. Our hosting company is charging a lot for daily and weekly backups for everything. Which directories/folders do we need to backup daily and weekly incase something happenes to the site and we need to restore and get the password-protected are that works with ASP Protect to get working.
, Please try this URL www.telepedia.net/pages/chem_periex.asp
It is protected by GROUPACCESS "6" and the username:dimitris and password:tele
In the administration area, I have arranged this username as member of the group 6.
Thank you in advance for your help
, One last thing..
This is bad
http://www.bones.myftpsite.net/rfamilystuff/pictures/
there are .asp files in there people can run that you dont want people running..
u should delete the asp files in there or turn off directory listing...
take care,
CJW
, The version of aspbanner you have should not matter.
What you are doing here is wrong.
<PARAM NAME=movie VALUE=" http://www.innovationtools.com/aspbanner/aspbanner/banner_re direct.asp?Banner_ID=25">
PARAM NAME=movie is supposed to link to your ".swf" file.
And thats why all you see is black.
I don't think you quite understood all of that information fully.
Your ".swf" files needs to be coded in FLASH to link to the aspbanner redirect url. You don't change that flash calling code like that.
The ".swf" file links to the aspbanner redirect url which tracks the click and then redirects the user to the Link URL
You basically need to code your ".swf" flash file to go to that aspbanner URL or code your flash file so it can take a parameter for the url it clicks to (like the macromedia article talks about. This has to be done when editing the flash file in the flash editor before the file is saved.
If you dont have access to the original ".swf" to edit it and re-save it.. your out of luck as far as tracking clicks goes
, (Password Expiration Mod) for ASPProtect Version 7.x
This Advanced Mod requires decent knowledge of Databases and working with ASP. I originally wrote something like this for a customer on a custom project. I then took the time to re-write all the code from scratch so it could easily be plugged in to the current version of ASPProtect as an option. All in all this mod took me over 15 hours of time to develop and will save you a ton of time & money if you were planning on writing something like this on your own. Some parts of this were so difficult to get working that I would never have written this code if I was not paid to do so. (The encrypted array that rotates through the last 12 passwords was quite frustrating to get working)
The price on this is 19.95. I am not incorporating this into the base product because it makes things more complicated and isn't for everyone.
Purchase Page
Security is a big concern and making your users change their password every so often is a good idea. Keeping track of previous passwords they used and making them choose something they haven't used before takes the concept even further.
This Mod will add a password expiration date to the application. When the password expiration date is hit the user must confirm their old password as well as pick a new one before they can log in again.
There is a new password expiration directory where they must choose a new password that has not been used before. The new password must be confirmed during this process. (It remembers 12 old passwords the way it is coded) The old passwords are stored in the database in an encrypted array.
Directions:
Back up your existing ASPProtect installation.
Add two new fields to the "ASPP_Users" table in your database.
For an MSAccess Database
Password_Expiration_Date (Date_Time Field)
PreviousPasswords (Memo Field)
For a MSSQL Database
Password_Expiration_Date (smalldatetime)
PreviousPasswords (nvarchar 160 characters)
once that is done
Copy all the new ".asp" pages into your site.
Edit the "PasswordExpirationURL" variable in the "check_user_inc.asp" file
It needs to be the full URL to to the "change_password/default.asp" file
Now edit the "change_password/processchange.asp" file
There are 3 variables you can edit.
PageSentToAfter = "http://localhost/aspprotectmods/password_admin/default.asp"
PassMinLength = 4
PassMaxLength = 8
The "PageSentToAfter" is where you want them sent to after they change the password. It can be whatever you like.
If it is a protected page they should automatically get logged in with the new password they just changed to which is nice.
The other two values should be obvious.
That's it...
Just remember the password change thing is not used in the admin area...
You could easily add code for that on your own though by looking at the the password expiration code I added to the publics "check_user_inc.asp" file
Also:
You will see a new field to edit on the user edit screen for the Password Expiration of course. , I am getting the same error looking at the previous post, I looked in settings and my Registration-URL is pointing at the correct location.
Is there any other thoughts on this issue
Thank you!
Matt2112
, Hi,
Sorry, but the way the system works you can not call an individual banner like that. It just not something the system was meant to do.
If you wanted a specific banner to show up at all times you would have to make an individual banner and a zone just for that.
After looking at your site since you have so many banners there I dont know if that is the greatest option for you. It would also put a lot of stress of the Version 7 software because it is not really meant to call so many banners zones at one time on one page.
If you could live with tracking clicks on the home page but not displays I would suggest making banners for the home page in one zone. Then hard coding the banner images into your homepage like you already do but linking to the tracking part of aspbanner instead of where they would usually link to. That way you could at least track clicks and there owuld be no performance issues.
for example.. one of the images might link to
http://www.poconocommuter.com/aspbanner/banner_redirect.asp? Banner_ID=4
which would track clicks for you.. and then send then wherever they are supposed to go
, SQL server hotel ehh ? Humm that sounds bad whatever that is ?
Is that a real term or just something you named it cause they have like a zillion people using that SQL server? I have never heard of that name ?, huh? I think I just covered that as that is the way it must be done., Say, I just thought of one last thing.
Your not by any chance running something like norton antivirus with norton script blocker on that server are you ?
It can cause issues when ASP uses the filesystem object and cause never ending page hangs like you are having.
There are other apps as well that can cause it to hang.
http://www.aspfaq.com/show.asp?id=2180
And ASPProtect does use the filesystem object., sorry.. you just said above you were using XP SP2 so that is the article I referred you to as I just assumed you were talking about your local web server
here is my article on permissions regarding server 2003
http://www.powerasp.com/content/new/windows_2003_server_and_ permissions.asp
I can look at your installation monday if you like. In about an hour I leave for a wedding thingie and I wont be around again untill monday around noon
Try the uploading using VBSCRIPT method just for the heck of it. Perhaps there is an issue with the installation of the dundas component.
CJW
, 
