Whenever you are running software that can block scripts from certain things you are going to have issues like this.

I imagine many complex asp scripts you will download will do things like this as well.

A highly doubt it is anything to worry about regarding people that use your site.

ASP code delivers standard html to the browser... nothing weird goes on as far as that goes.

This system has been sold for 6 years and this is just not something to worry about. Trust me.. though you may want to tone down black ice so it doesn't give you issues as it tries to block various things.

If I were you I would do some google searches on black ice and issues with it blocking asp scripts.. etc etc

Now, if you are running black ice right on the server that a whole other story and something you as a server admin need to decide what to do about. I doubt that is the case as black ice is not probably suitable for a commercial webserver but I just thought I would throw that out there.

like I said... you would have to modify the code
(and really I dont think it is possible, how could it be when images uploaded are of all shapes and sizes)

How are pictures of various shapes and size going to resized to a fixed width and height without distortion on either a horizontal or vertical level ? Uness the image uploaded matches the fixed thumbnail ratio you have set there is going to be distortion.

There is no component that is going to make it any easier. You are already using an image resizing component.

I give you two options the way the code ships.

fixed width and height for thumbnails

or

fixed width / dynamic height for thumbnails

The only other possible option would be

fixed height / dynamic width for thumbnails

and that you would have to code on your own because that option is not there

The last thing I will say is this. Sorry, but I do not support custimizations to the code. It's just not easy to explain. Its a lot of code work. Its a lot of time.

If we wanted to user groups, is the "Access Level" in the User setup the same ID as what the group access would be?  Ex. If John had Access Level 4 and the page specified <% GROUPACCESS = "4" %>
<!--#INCLUDE FILE="check_user_inc.asp"-->

I'm asking because there is no Group Access Level in the user setup.  Thanks

It happens at least once per hour or every time a banner is edited in the system by the admin.

Changing its frequency would be somewhat complicated. You'll have to make changes to the code in a few places and you will effect performance adversely by doing it more often as it will mean a lot more database queries which defeats the purpose of doing it once per hour to conserve resources. The reason is when you change the frequency of that you also change the frequency of the entire banner application variable caching system. It difficult to explain but it unlike most banner systems out there it basically fetches banner rotation info every so often instead of every single time your page needs a banner. It stores this rotation and cycling information in ultra fast application variables. The docs actually go over a little bit of how that process actually functions under "using the system / Setting Up Banners
"

Its a customization I just can not support and I do not recommend doing, but if you really want to you should look at the "aspbanner_inc.asp" file

this is the part that makes it happen at least once per hour (requires visitors to your site to happen obviously)... you'd have to cleverly recode it to work slightly more often

' Checks the time the banner data was last updated and basically updates it if an hour or more has passed
If Cint(Application("BannersLastUpdated")) <> Cint(Hour(time)) Then
%>
<!--#INCLUDE FILE="appinfo_inc.asp"-->
<%
End If

There may be more to changing this than that, but this is all I can tell you.

Sorry, there is not any documentation on that.. it is basic asp/database work and customization like that is not supported. I recommended looking at what is already there and using that as a guide to produce more fields. etc etc

I need a point or a little insight please.

I need to get information from a credit card authorization called netbilling. I have been looking at your code for PayPal and 2 checkout. I have a feel for the code flow and the relationships of the "includes" .

I have been doing a lot of reading in my books and am seemingly twisted around the axel. I am not expert in ASP I am better in VB. I am not afraid to write code I am just a little nervous about messing up existing relationships.

My plan is simple: code a page to open the database and populate the database fields from netbilling and convert their field name to yours in the database.

I appreciate your time and insight. As in the past I need your help again.

Thanks

as I look at your installation more I notice that you are using MSSQl as the database type.

chances are that is the source of these problems. Fields in the sql database are most likely not all set correctly

it is very important that the sql tables and fields are set up exactly as described and that the sql script we provide runs without error

http://support.cjwsoft.com/code/moreinfo160-1.htm

if you create the sql database other than the way we tell you to or the sql script doesn't do its job setting all the field types/constraints/primary keys/etc..... for some reason .. then weird things like this can happen

at this time this is my best guess as to what is going on

I would examing the sql script we provide and compare the information set in it for each field and table to your existing SQL database to see if everything got set correctly.. I would start by checking these fields 1st of all as they are very important.... (username,password,expiration_date,admin,active)

in the meantime testing the ASPProtect system with an Access database will prove that all the ASP code is working as it is supposed to if you are interested in doing that

yes, there is upgrade pricing
http://www.aspprotect.com/purchase_v7_upgrade_pricing.asp

and upgrade instructions here in the forums

if you install it in the same directory structure you wont have to make any changes to the pages in your site you have already protected.. because the code to protect a page will be the same

now, anytime you upgrade an application like this there is going to be a lot of work involved especially when there have been so many changes
http://support.cjwsoft.com/code/moreinfo173-1.htm
whether or not you upgrade is up to you

Like I said you can make version 6 work with CDOSYS and a remote email server. You just need to do some research on CDOSYS code and spend the time needed to make the code use it. I however am not going to spend time detailing all of that when I created a new version that does it.

I just upgraded from 6.0 to 7.0 primarily because we were limited in the choices of email systems we could use to send an email validation message.

Previously, with 6.0, we were using CDONTS to send an email validation message to new registrants. Unfortunately, AOL email addressee's were not receiving the vaildation email from us. I received a reply to another post I made on this forum that the problem was due to the fact that aCDONTS generated email has no MX record and AOL blocks non-MX record containing emails.

Well, I upgraded to 7.0, switched to CDOSYS (Using SMTP Virtual Server) with SMTP Authentication and it appears that AOL is still blocking the validation email.

Any suggestions, comments?

I am trying to find out where I can enter the ttle for the application.

There is a variableor field called App_Name into which it would be good to insert a generic name. Can this be edited?

I have searched high and low but cannot find anything to do with it.

(FREE) Nov 23 2005 Update Files

If you purchased ASPProtect Version 7.x before Nov 23 2005 then you can download these Update Files.

(These are non-critical updates.. only update if you want the described changes below)

These updates do the following..

• Make the Tabs in the Admin area move up and down as you navigate around so they look more like tabs used in a file cabinet.
  
• Updates the import/export process so the tab delimited text files created now store the passwords in plain text instead of encrypted. I have been thinking about this one for a while now and I think it is better this way as it was confusing a lot of people. If can also kill the whole process if by chance the encrypted output of a password contains a line break of sorts. There is no way to deal with that scenario so this is way the import/export process is going to work from now on. This also means you should be VERY carfeful about leaving export files lying around as they will have the passwords in them.
  
• Updates the "expected_paths.asp" in the data folder because the paths it was generating had an extra "data/" in it.
  
• Updates the users page so it will not show the import/export link if you have not entered a path for the export files in the settings.
  
• Adds an Activity Tab if using the Activity Tracking features instead of the links it used to put on the users page that most people didn't see.

To install these just copy them in over the old files.

Now of course back up your existing files so can revert back if there is a problem or you do not like the changes. If you made any custom changes to any of your pages use your head and realize that copying these in over your existing files will overide any custom changes you made. (that is your business, I am just warning you)

2005-11-23_163025_ASPProtect_v7_11-23-2005_update.zip

I am not sure totally understand your question.
I need you to explain it differently.

Any ".asp" page that is protected is going to automatically prompt them for a login box or log them in automatically depending on if they set that option.. In the end returning them to that same page.

So, it really all takes care of itself for the most part.. It doesn't even matter if the bookmark a protected page deep in your site. The system is smart enough to keep them at that page as well as handle their access.

Now of course if they are at an unprotected page of your site and navigate to a protected page they get a loin prompt or are allowed in if they already logged in...

Also.. when you say unprotected page ? do you mean ".htm" or ".asp"

Why all the pages at the directory .../password_admin/ are very slow to open online?

Christopher

I have gone back to your original files and uploaded them to another server folder and instead of using a DSN I have tried this with a DSN less connection and changed the database to MS Access 2002.

This has corrected the problem.
I will check this out again using the DSN with access 2002 to see if this was the problem. It may be something to do with an older format of database on this particular server.

I will let you know what I find.

Thanks for your  quick reply.

Both the NET and Classic ASP versions of this application are designed for fine granularity protection of individual apsx extension files. ASPProtect.NET is not designed or intended to protect sub directories, or non aspx content such as Adobe Acrobat .pdf files etc etc.

I completely disagree with your statement that “most sites” have a login box on the left hand side of the page. I suspect you thinking of the ever popular php based forums and “Nuke” type CMS systems which are set up that way but if you look at any site written entirely using .NET that’s rarely if ever the case. (Granted I cant say for sure because I personally haven’t looked at >50% of the estimated 18 billion +  web pages on the internet) Just off the top of my head www.CafePress.com come to mind as a pure .NET site. If you take a look the login button it takes you to its own login page there is not global login form used throughout the site. Reason being that .NET introduced this thing called a “view state” which is used to store things like your session ID (and way more) and must be posted back to the server in order to keep track of visitors. This technology comes in especially handy when you have a web farm in place and your content is being spit out out by more than one server at the same time

I can think of loads of scenarios where the web servers need to know who you are even though you are never directly contacting them via http. This approach is a very smooth and actually very clever solution for enterprise level websites that simply can’t be handled with a single web server.

 On a practical level I know what you are saying but that application sets up all sorts of things when a protected page is accessed and the user is not yet authenticated. That’s the entire reason you need to put that snippet of code at the top of a page you want to protect. That code snippet calls the ASPProtect.NET class and runs through all the logic to see if you are able to access the page. If you are the subroutine exits and the server continues to process the remaining logic on the page. AKA you are able to access its content. If you are NOT authenticated ASPProtect will setup all the proper session and viewstate info and redirect you to the login page for authentication. You may have also noticed a parameter on the login page called ReturnURL. The application looks for that info and if you do have a user ID and password the application automatically redirects you to the page you were trying to access in the first place.

Really I have no idea what you are trying to do, but there is a world of difference in how something looks verses how it works. Lets just say there was a simple way to do what your thinking, what are you going to do with that login form after the person logs in? Just keep displaying it on the entire site so people get confused and don’t know if they are logged in or not? Just that little part of the equation will require making some changes to either ASPProtect.NET or your application will have to have some logic built into it to stop displaying the login forum.

It sounds to me like your basically looking for a super simple 101 type deal that allows people to sign up for an event and you the admin can see that information? I’m guessing they can also log in again and check out their details and see what event they signed up for?

If that’s the case you’re trying to take a very sophisticated protection application and downgrade it into something that would be one heck of a lot easier to write all from scratch in about an hour.

Your not going to be able to “plug and play” a simple form into a page and turn that application as a magic universal login solution for a website, while its 100% possible to use the application that way if you choose, you need to check out the source code and plan your custom integration accordingly.

5300 users honetly wouldn't even phase the database or the code... even with MSAccess...you got other problems and I can say that with 150% certainty

my guess is permissions on the database folder are not quite right or the odbc drivers have issues.. something along those lines..

access databases act up when full modify permissions are not given to the folder they are in.... they can also act up if the odbc drivers are very new and you are not using a newer version of the access database such as 2002 version as opposed to a 97 or 2000 version

using a system dsn as opposed to a dsn-less connection can also cause BIG issues. always use a DSN-LESS connection

you can also have big problems if just the database file is given permissions instead of the whole directory it is in

also, the script timeout has nothing to do with it.. if that is happening something is wrong with the data connection like I said... no amount of changing timeouts is going to cure it...

how permissions are correctly set
http://www.powerasp.com/content/new/windows_2003_server_and_ permissions.asp

why system dsn's with access databases are bad news
http://support.cjwsoft.com/code/moreinfo9-1.htm

I know it worked at 1st but it can still be related to all of this because when permissions are not perfect databases will work ok for a while and then act up. it all has to do with the temporay lock files that access creates and deletes on a regualr basis

The conversion of a char data type to a datetime data type resulted in an out-of-range datetime value.

banner_redirect.asp, line 36

Database - MS SQL Server.

Is it possible to set the user account time limits when they register? I am using email verification and am trying to have their accout expire 32 days after their initial login.

Also I have an issue with the email notification not notifying me when a new user logs in. It does a beautiful job notifying the new user.  I do not understand why my server will send to one and not the other, I ahve searched the links but none seem to answer this.

Thank you for your help and insight

well, so far one other guy found one..

his, was some sort of weird character that was causing a line break or something though in my testing I just couldnt figure out what was going on

now for me to reproduce any error someone find with a password I need to know the key used and the password used

which make it real hard to troubleshoot

AUGUST 12th 2004

NEW VERSION OF ASPBANNER IS BEING RELEASED THIS WEEK

ASPBanner Unlimited Version 8.0

It is completely finished.

http://www.aspbanner.com/

This new version has more features and is selling for $99.95

Unlimited Version 7.3 is now named "ASPBanner Standard"

Owner's of Unlimited Version 7.3 can get an upgrade to Unlimited Version 8 for the difference in price (based on current pricing)

It is available now for purchase at the following link .

http://www.aspbanner.com/purchase_unlimited_v8.1_classic_upg rade.asp


The new version can use your existing database so it is a fairly easy upgrade.

If you are not an existing ASPBanner Customer you can use the following link to purchase the application normally.

http://www.aspbanner.com/purchase_unlimited_v8.1_classic.asp


Notes on the new version:

ASPBanner Unlimited Version 8

Improved graphics and some new icons

New reports screen... 4 reports total   3 of which are new

New Iframe Banner Calling method with built in auto refresh feature so banners can rotate at a specified interval on their own

New Zone Order Informaion Page
Visually shows you what the current rotation looks like for a zone

Banners can now be stopped at a certain date and at an impression limit
Whichever is hit 1st.. before it was just one or the other

New "data" folder... this new directory is the only directory that needs permissions
this should make setting up the system and permissions a breeze.. all cjwsoft applications will
eventually use this same folder

New configuration text file... eliminates config table in the database and allows us to easily
add more config options in the future without changing the database.. means easier upgrades down the road
and faster loading of the configuration data

New application data connection wizard
makes setting up the data connection a no brainer

more overall emailing methods supported

CDONTS
CDOSYS
ASPEMAIL
ASPMAIL
ASPSMARTMAIL
DUNDASMAILER
JMAIL
SASMTPMAIL
Bamboo Mail
Simple Mail
ASPQMail
QuickSoft EasyMail Objects
OCXMail

Persists ASPEMail now supports outgoing SMTP authentication.
Simple Mail now supports outgoing SMTP authentication.
It is becoming popular for ISP to use this.

Emailing code now uses functions so we can easily add more email component support down the road

Flash files (.swf) can now be previewed and used in new banner right from the upload page
before this could only be done with image files

Users page now has a notes popup feature
when you hold the mouse over the icon you see all info on a user without needing to edit that user

Edit banner page now shows the color of the banner status in the dropdown menu

New clone banner feature.. allows you to easily create similar banners

Banner application page has been optimized to be even more efficient

Javascript popup calendar date selectors

Ton of misc little things & Improvements...


Some Screenshots

I dont know. Perhaps a fresh installation in a new folder would be a good idea as well if possible..

for troubleshooting sake..

I used Dreamweaver4 to make my site is there anything I can do to make it work?

Version 7 uses.. RC4

The upgrade process is described here in detail including a procedure to convert existing clear text passwords to the encrypted versions. (Your passwords will need to be clear text as the system shipped of course for the conversion to do its thing)

http://support.cjwsoft.com/code/info24.htm

It is also covered in the downloadbale docs
http://support.cjwsoft.com/code/moreinfo221-1.htm

Many people have done the upgrade without any issues and Version 7 is getting great feedback.

Should you decide to go with it there is upgrade pricing.
http://www.aspprotect.com/purchase_v7_upgrade_pricing.asp

it is not uncommon for folder permissions to be lost or changed on a server.. a lot of things can cause it

if it was working and now you can not edit or write new data to the database it is most likely permissions

I would triple check permissions... see my articles if there is any doubt on how permissions are set

http://support.cjwsoft.com/code/moreinfo136-1.htm

http://support.cjwsoft.com/code/moreinfo56-1.htm

ASPProtect v7 comes with working example code of protecting an image from being downloaded and also protects the true file location of the image on your server..

This comes with the system as an example folder with some files in it.

Basically we protect the image in 2 ways.

All in all this is should be very effective protection. Yes, there are still ways to get the images like doing screen captures, but this will ensure that people viewing images are logged in to your site. This will in most cases keep them from right clicking and saving the images. This will ensure that people can not tell other people the image's url location and it will ensure other sites can not leach your images and bandwidth.

For the image protection examples to work you may need to edit some values
in the stream_pic.asp file that are valid for your setup.

Look at the source. The values you can edit are commented.

Now, you also need to call a valid "image file name" from the call_pic.asp file which is an example of how you protect a page with javascript and call a streamed image using an image tag.

Lasty, here is a great article I found on image protection and some of the things you can do about it and some of things you cannot.

http://pubs.logicalexpressions.com/Pub0009/LPMArticle.asp?ID =41

Thanks

It wasn't a complaint. I just bought it last night and installed it today. But, I must have missed the part about requiring Enterprise Manager for installing it on SQL.

If you want it the link to the Web Based SQL Manager is : http://www.aspenterprisemanager.com/ which is free and the Trialware that I tried is EMS SQL Manager.

Maybe that will help a little in not requiring that people have an MS SQL license to access their hosted MS SQL to install the software.

Thanks

I would check out this article for starters... aspprotect is very similar to asp photo gallery and so are a lot of the page names.

http://support.cjwsoft.com/forum/forum_posts.asp?TID=49& PN=1

Jeromy, You should have access to that page.

let's try this... edit that page with a text editor like notepad...

Carefully replace any instance of "Cint" with "CDbl".. I may have missed some of those when testing the last time I edited the code.

If things are not perfect there will be no log files and no errors.. it can only be one of these things really
http://support.cjwsoft.com/code/moreinfo313-2.htm

You may also want to make your the filesystem on the server is working and not disabled by norton script blocking or anything random like that. Testing the filesystem object is best done by writing a simple text file to a folder. Plenty of examples of doing that can be found at www.aspin.com

Recent activity is temporary and admin activity in the admin area is not tracked. If your application in IIS has reset or there has been no activity in the users area or in pages you protected there will be nothing there. The busier your site the more chance something will be there. For example usually our online demo has something there except right after 4am when my server does an iisreset.