Blog Entry: 3/25/2006 4:32:14 PM
Is there an easy way to make this work with reoccurring a monthly or yearly subscription?
, OK, I updated the server with the SP 8 Jet updates and this had no effect.
Then I loaded the asptest file and put in the correct path. The results were:
Failed: Database could not be connected to....
Error reported from server:
Error source: Microsoft OLE DB Provider for ODBC Drivers
Error number: -2147467259
Error description: [Microsoft][ODBC Microsoft Access Driver]General error Unable to open registry key 'Temporary (volatile) Jet DSN for process 0x784 Thread 0x854 DBC 0x2101014 Jet'.
,
it is not uncommon for folder permissions to be lost or changed on a server.. a lot of things can cause it
if it was working and now you can not edit or write new data to the database it is most likely permissions
I would triple check permissions... see my articles if there is any doubt on how permissions are set
http://support.cjwsoft.com/code/moreinfo136-1.htm
http://support.cjwsoft.com/code/moreinfo56-1.htm
, I run F-secure on my laptop which has the anti-virus and firewall modules, and the servers aren't running anything like that.
, There are several pages on my website that a user may go to that are not protected (e.g. home page). If the user has indicated that they want to be saved on this computer (until they explicitly log off), and their 1st entry point is to an unprotected page, how do I determine whether they have logged in before, and extract the info from the cookie / session variables without forcing them to log in or making the entry page protected?
, We would like to give a member an opportunity to upload an image when on their profile page. How does this work with the photo option on the settings page? Is this the intended usage? Thank You. , Chris,
Thanks for the reply. It all makes sense.
I have gone with your first option but here is the problem:
I have moved the password protected page from the detail page with the
querystring to the straight .asp page. This obviously fixes the
previous error.
Once someone has logged in they are then presented with a list of links
to the previously protected pricelist detail pages (example -
"somepage.asp?ID=3""). They are then able to access the pricelists.
The problem is that if someone copies the pricelist URL they are then
able to pass it on to someone else and bypass the password protection.
If I also password protect the pricelist pages then someone will have to login twice.
Is there some code that i can add that will simply check that they have
logged in otherwise kick them back out to the protected .asp page.
All code in your documentation tends to open the login page regardless of whether you have previously logged in.
Thanks,
Stuart
, I had a question about user registration and how it works, mainly because I am having a problem.
When a user registers, with the email verification setting, I am assuming that there is supposed to be a new record created in the USERS table in the database. What could cause this not to happen?
Actually, in testing further I found that with the setting at Auto, Manual, or email, the record is not added to the table. And, if I am logged in as admin, the Add User button does not do anything.
I can however edit and delete user records...
Hmmm, adding a Category yields the same thing. And loggin in as a non-admin user still displays some of the menu items for admin, but then gives a page can not be found error if you click on one (ie, approve).
This looks like a db issue to me, I will have to try this with access and on a test server...
Any thoughts?
- Jason
cwilliams38303.8507291667, Understood.... can you point me to a place where there are other methods of calling banners? Do you mean not use Flash? I am new to this and will need some pushing over the cliff!
Thanks
Dave
, the no concurrent login feature is based on IP addresses.. if you logged in again using the same IP address it would let you in regardless. So for example if you were behind a rhome router and logged in to a site on the internet it would nt matter if you had multiple computers at home because they would all have the same external IP address... etc etc
In other words it is tricky to correctly test..
I really need more detailed info on everything going on. I real world scenarios there are no issues with that feature that I know of. At least according to customers so far. , (User Photo Upload Mod) for ASPProtect Version 7.x
This will allow an individual user to upload a user picture instead of just the admin.
Notes: This is a down and dirty mod. The user upload code was copied from the admin area and there are no safeguards. Meaning there is no limit on the file size a user uploads and there is no confirmation process in case something they upload is inappropriate. etc etc etc
If you want that you will have to work on that on your own.
Directions:
Back up your existing ASPProtect installation.
copy these files into your "users" folder
2006-01-24_111305_User_Upload_Mod.zip
, Hello,
While there is no option in the admin area / asp code we give you here is what I can tell you.
You have the source code and we also use an open database structure. (MSAccess or MSSQL) So that means you can really run any query you want on the database whether with ASP code or directly in your database. You can even tie other systems and code into the database via OBDC and manipulate data. The sky is the limit.
In MSSQL you can run queries in SQL enterprise manager or query analyzer. Using Access you can run queries in query view.
It's really not that hard if you do some research on SQL Statements and how to use them. You can do some very powerful queries and save yourself a lot of time. , When I go to set up a new user, my user name and password are already in the window. And I am un-sure why. I start a new browser, and again that my same user name and password is in that window., Also, I found this page which specifically talks about hidden IPN form values to change currencies
https://www.paypal.com/us/cgi-bin/webscr?cmd=p/acc/ipn-info
| mc_currency |
For payment IPNs, this is the currency of the payment. For non-payment subscription IPNs, this is the currency of the subscription. |
| "USD" |
The currency of the payment is U.S. Dollars. |
| "CAD" |
The currency of the payment is Canadian Dollars. |
| "GBP" |
The currency of the payment is Pounds Sterling. |
| "EUR" |
The currency of the payment is Euros. |
| "JPY" |
The currency of the payment is Yen. |
cwilliams38459.9616087963, In a way your questions are confusing to me, but here is some information regardless.
Using Active Sever pages you can not protect entire folders. It is simply not possible. ASPProtect is Active Server Pages scripts so it can only protect individual ".asp" files.
If you are concerned about customers downloading the access database..
best practive is to store it in different folder name than it came in
best practive is to give the database .mdb file itself a different name
best practive is to change the password on the access database
best practice is to store it in a directory that is not part of your web if possible.. many of the better hosting companies have it set up so you actually can do that
the more of these things you can do the better..
And if you are really worried about security you should use a SQL Server database which nobody can download from your website under any conditions because your data lives in the sql server and unless they get the username/password to it they can not access it.
cwilliams38306.6367708333, ok, I am home.. missed flight.. just got home an hour ago.
lets see.. I really need more info...
For starters are you using the delayed stats feature ? that is expirmental and could cause that problem
, ya,
any variation of a site url is going to have its own set of application and session variables.. soy you have to be consistant with your navigation links
example (for anyone that comes across this thread)
http://www.examplesite.com/somepage.asp
is going to have a different set of application and session variables then
http://examplesite.com/somepage.asp
even though they are basically the same page
, its one or the other... you cant protect upload.asp at the same time if upload.asp is included in another page..
I mean sure you can protect upload.asp from running when another page calls it by password protecting the page calling it.
And sure you can protect upload.asp by itself if it also runs all by itself. But you can not include the "check_user_inc.asp" more than once in any order of execution scenario. That includes pages being included.
Generally anytime a page is included in another that included page is not meant to run by itself and wouldn't produce any outcome if run by itself so this would never be an issue.
if you don't want "upload.asp" to ever be run by itself in that scenario put it somewhere in your web site that is not web browser accessible.
I would also suggest you look into using Virtual includes. It will save you a lot of time figuring out this sort of thing "../../../../../" becuase once you figure out the virtual include path you can use the same server side include from any directory level.
http://www.powerasp.com/content/code-snippets/includes.asp
, yes, dont worry about that. It is not checkking permissions just explaining things.
and dont worry about the extra slash it seems to be adding at the end of the path. That is normal. I guess I need to fix that so it does not add that extra slash., So do I just replace the four folders that came with aspprotect with the four (in my case domain directory) folders in the patch or just move the files?, Turn off "Show Friendly HTTP error messages"
If you are getting errors with your ASP application go to Internet Explorer and make sure this setting is unchecked. Having this checked can cause a generic error to be displayed in you web browser when ASP code encounters an error. This generic error message doesn't really help you fix the problem. Having this setting unchecked will usually result in a more detailed error message and the line number the error is occurring at, thus giving you a good clue as to where the problem is within the ASP code. If detailed ASP error messages have been disabled at the server level this setting will make no difference.
cwilliams38084.7513773148, I post new ads , can view it in admin area
but when go to first page no ads show
all categories show (0)
How solve this problem ?
PS: I set default auto approved ads
, Once you have the LANGUAGE = VBSCRIPT and Checkfor = 1 on your page,
you'll have it secured. I've got over 1600 pages secured in such a
manner, thanks to ASPProtect!
, I checked through the code and could not find anything as well.
However, I do think it may be related somehow to the code as I get the messages popping up in the error log only after I have edited a banner.
If there is nothing obvious, I may just set my error log to filter and automatically delete this type of error. Not something I prefer to do.
Thanks for the quick response.
Otherwise the program is working very well and I'm happy with it.
, Let me put it this way.
My home page (default.asp) is an unprotected page.
When a user that has signed in on another (protected pages) and has the remember me checkbox checked closes the browser cookies should be set for the next time they return.
When the user opens their browser and returns to my home page (default.asp), I'd like to put a message saying:
Welcome back <%Session ("Username")%>
How is this done?
, Yes, you are right. That was the problem. Sorry 
Cheers
Roy
, Hi, I haven't heard anything from you.
Has this issue been resolved ?
Thanks
, that really does not make any sense...
I dont know what else to tell you as this really shouldn't be anything too difficult to sort out...
redirection based on criteria is not something aspprotect does by default... I try to help a bit... I've shown everyone how to do it in this thread...I know plenty of people doing it... I've done it myself... I know it works
let me ask you this... are you using ASPProtect 6 with the Option Pack ?
I assume you must be or you would not have the Groups feature ?
And you asked this question in the ASPProtect 6 section.
but then maybe your using 7.. I do not know
this should all work the same either way
, it is by design actually and something that can be improved
(I just never thought of it when I 1st designed the system and it is actually planned to be added in Version 8)
The trick would be to reset those session variables anytime someone edits and saves their information... not very hard at all
you would do it on the save code page for when a user edits themself.
you want to grab the info posted from the form and reset each session variable at the same time everything is re-saved to the database
example
Session("Company_Name") = Request("Company_Name")
, Even if I try to upload the test file that was included with the system I still get the same error.
My host is using Windows 2003 Server.
Will send you a private email to see if the issues can be sorted out.
Thanks
, Ok, for starters what is the real error ? Please read this.
http://support.cjwsoft.com/code/moreinfo11-1.htm
2nd I always recommend using CDOSYS before any other email component. All servers have it running by default and ASPProtect supports some a html editor if you use that component. I would give that a try as well. It's the best emailing option.
, Something very strange is happening. Some users can't see the classified ads in their browser. This is specific to the user's computer, and they can check other computers and see it fine.
In each case, the user is using windows explorer 6.0 browser with windows xp.
they can't see the ads listed on the ads page, but they can see the categories.
also, they can't see the place ad link on some pages.
Do you think that their browser is blocking the javascript for the mouseover message?
thanks.
, how you connecting... lets see the connection string...
could be permissions related too.. if they are not set correctly
(always give them to the folder, never just the mdb file)
Some of this might help...
http://support.cjwsoft.com/code/moreinfo11-1.htm
http://support.cjwsoft.com/code/moreinfo136-1.htm
http://support.cjwsoft.com/code/moreinfo56-1.htm
you may want to download some of the different versions of the access database from the support area and try connecting to them as you may have older odbc drivers on the server
You may also want to try to get ASPTest from our website working before you go any further
, also, just to show you what happens when a user creates a subscription this is the code. you can see in red where the subscrition is is set and also where the exp date is set to null
If txn_type = "subscr_signup" Then
Set ConnPasswords = Server.CreateObject("ADODB.Connection")
Set CmdEditUser = Server.CreateObject("ADODB.Recordset")
ConnPasswords.Open ConnectionString
SQL = "SELECT " & tbl_label_users & ".* FROM " & tbl_label_users & " WHERE (User_ID = " & User_ID & ")"
CmdEditUser.Open SQL, ConnPasswords, 1, 3
CmdEditUser.Fields("Active") = "1"
CmdEditUser.Fields("Validated") = "1"
CmdEditUser.Fields("PayPal_Subscriber_ID") = subscr_id
CmdEditUser.Fields("Notes") = "Successful PayPal Subscription Signup on " & Date
CmdEditUser.Fields("Expiration_Date") = Null
If Access_Level <> "" Then
CmdEditUser.Fields("Access_Level") = Access_Level
End If
If Groups <> "" Then
CmdEditUser.Fields("Groups") = Trim(Groups)
End If
CmdEditUser.Update
CmdEditUser.Close
Set CmdEditUser = Nothing
ConnPasswords.Close
Set ConnPasswords = Nothing
End If , I will actually explain how to set access_levels and/or groups...
in "users/add_new_account.asp"
carefully edit with a text editor
find this part
CmdAddUser.Fields("Access_Level") = "4"
that is where the acess level gets set...
you can change the level or remove that line all together if you dont want one set
now for groups you would add this line in the same area
CmdAddUser.Fields("Groups") = "*3*"
or
CmdAddUser.Fields("Groups") = "*1*,*2*,*3*"
Groups access for a user is stored in one field in the database like you see above. If you are confused what you should be saving in that field I suggest simply setting a user to whatever groups you want via the admin area and then looking in the database to see what got saved in that field. It's pretty simple really how they are stored.
*1*,*5*,*9*
that user would be a member of groups 1,5, and 9
, sorry for the confusion. I completely forgot about that flag setup, and how different it is between the two databases., I have no idea of what kind of 'stuff' to try. I'm running other asp apps that use there own Access databases with no problem whatsoever., I would like to create a login form on the home page which will not be password protected to the site for members so that they can login right from the home page and not a password protected page like many sites have. And every portal I have seen.
Plus the login form looks really pretty and proffesional on the home page 
...
I can't find anything in the documentation that says how to do this or if it's even possible. Everything I have found says to password protect a page and then direct them there which isn't what I would like to do.
Here is the code of the login page which is an asp include file on the main page:
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1252">
</head>
<body>
<td><img src="images/a026.jpg" alt="" width="187" height="21"></td>
</tr>
<tr>
<td bgcolor="#EBEBEB"><table width="100%" border="0" cellspacing="0" cellpadding="3">
<tr>
<td><table width="180" border="0" cellpadding="0" cellspacing="0" bgcolor="#AAAAAA">
<tr>
<td><img src="images/spacer.gif" alt="" width="1" height="1"></td>
<td><img src="images/spacer.gif" alt="" width="178" height="1"></td>
<td><img src="images/spacer.gif" alt="" width="1" height="1"></td>
</tr>
<tr>
<td><img src="images/spacer.gif" alt="" width="1" height="1"></td>
<td bgcolor="#FFFFFF"><form name="form_login" method="post" action="">
<table width="100%" border="0" cellspacing="5" cellpadding="0">
<tr>
<td width="53%"><input name="textfield" type="text" class="style-01" value="username"></td>
<td width="47%"><a href="#" class="link-02">Forgot pass?</a> </td>
</tr>
<tr>
<td><input name="textfield2" type="text" class="style-01" value="password"></td>
<td><a href="#" class="link-02">Not registered?</a> </td>
</tr>
</table>
</form></td>
<td><img src="images/spacer.gif" alt="" width="1" height="1"></td>
</tr>
<tr>
<td colspan="3"><a href="#"><img src="images/a027.jpg" alt="" width="180" height="15" border="0"></a></td>
</tr>
</table></td>
</tr>
</table></td>
</body>
</html>
Does anybody know what values I would put in the form to send the correct login to AspProtect. And, if I would have to add any extra includes or code to it.
TIA 
, ok.. so we got an NT server with a 486 with 256 meg of ram.
hehe sorry
anyway.. I have the system running without doing any importing and WOW is it chugging.. I mean it takes a while even to edit/save a user
good news is the filesystem object works as I wrote to a text file
this may end up being a simple case of lack of horsepower..
we may need to do the importing on a faster system and then take the database over cause everthing I see on your server looks correct
even so aspprotect is running so slow.. I have never seen it chug like this
I even tried connecting to a 2000 version of the database and no difference.
I am not totally sure what is going on but the server resources available are scaring me... however this could be something new in the code that I never got a chance to try on NT server.. I dont think so though
how does your other stuff run ?
static pages that do not access a database seem to serve up quickly.
are you running any other dynamic code ?
, check the connection string in the dataconn_inc.asp file. If using MSAccess it will show the location. If using SQL Server it will show the SQL Server details in which case there is no physical database file.,
Timecard Entry: 3/25/2006 4:32:14 PM
Answered phones and checked RadLog intermittently, kinda busy at times., break, Chad Edwards, Funk Software re: Proxy port settings, Manager's meeting, Bell and CHRs, Nic took setup crew to lunch, Downstate mailer, surgical group-add visitor counter and check on domain name, Entered deposit and filed, went to the post office, Helping Dave get info to Dan River BOR. Traded phone calls and numerous emails., misc. work on ksp with Kris allen, E-Mail, Voice-Mail, Packup, travel from Syracuse to Watertown 80 miles, check e-mail, talked to jeff at hi tech and tb and jw. email to eh. called syracuse resellers about program, hear about dreamscape. reviewed database with kv, to revise. talked with jg about schedule for monday to get things ready for burlington and km about what he needs., meet with Atkinson realty in gouverneur to go over with him how we can create an mls for the county. , train with Mary W. on Emerald, Accounts receiveable Training with Jackie, Feeling sick so didnt get here till 10:30 am
Steve and I are working on form field validation... custimizable property type features... and all the logic behind it all.., posted accts, did a detail of checks to to deposit., ans. phone. customer inquiries, CHRISTENSEN REALTY ABOUT CHANGES TO THEIR SITE , *Agfa NDT, inventory supplies to get Staples order ready, travel to Wtn for meeting, Removing a pucbundle advertisement off from our invoices., Carol - setting up TICC in QB, Checking and responding to emails, timecard, wireless web sites and reading a few articles, Went to the Herald building roof and moved the antenna from the position it was in to test some other areas. Hooked up the 110 directional to test it out again. , GA database,
