ok.. so we got an NT server with a 486 with 256 meg of ram. 

hehe  sorry

anyway.. I have the system running without doing any importing and WOW is it chugging.. I mean it takes a while even to edit/save a user

good news is the filesystem object works as I wrote to a text file

this may end up being a simple case of lack of horsepower..

we may need to do the importing on a faster system and then take the database over cause everthing I see on your server looks correct

even so aspprotect is running so slow.. I have never seen it chug like this

I even tried connecting to a 2000 version of the database and no difference.

I am not totally sure what is going on but the server resources available are scaring me... however this could be something new in the code that I never got a chance to try on NT server.. I dont think so though

how does your other stuff run ?

static pages that do not access a database seem to serve up quickly.

are you running any other dynamic code ?

I got ya. Well hey, that's what's great about the iframe right?

Why all the pages at the directory .../password_admin/ are very slow to open online?

Hi Chris,

Thank you for your prompt response.

Our current project requires alot of customization.

Yes, the error is probably a data problem and not due to your code, because we needed to make modifications to the database.  But that's why debugging would be helpful.

Basically our intent to modify the asp protect code stems from the fact that our client doesn’t want certain fields to be recorded or to appear: address, city, state, zip etc…

We are happy to be able to modify the HTML, but we also want to modify some other default behavior, such as which page opens when the "cancel" button is hit in the editaccountinfo.aspx page.

Access Database Password

By default all of the Access Databases we give out have a default password of "temp"

The Default username that and Access database uses is "Admin" but you should not be concerned with that except in your connection strings.

The default password for the Access Database can only be changed using Microsoft Access to do so. If you have security concerns it would make sense to change the password. The help system built into Microsoft Access best explains how to do that.

If you have found out that parent paths are disabled on the web server you can still use the application.

Before you continue.

If it is your server consider enabling parent paths to solve the problem.

If it is not your server consider asking them to enable parent paths for your web site to solve the problem.

If that is not possible please download this zip file.
2005-02-20_150703_aspprotect_v7.x_alternate_include_file_pat hs.zip

This zip file contains 3 sets of alternate files depending on your situation. You simply replace your existing aspprotect v7.x files with these new ones.

The zip file contains the following folders and files.

Below is the contents of the readme.txt file which explains everything.

The following folders each have a version of all the files in the ASPProtect system that might need to be edited in case you need to change the paths for the server side include files. There are 3 different scenarios.

(parent paths enabled) - This is the way the application comes.
The files in this folder have FILE server side includes containing "../" information. While these includes will work when the applicaion in is any location of a website they will not work if parent paths are disabled on the web server. Generally you will want to use these on your xp development machine. You can of course use them on your real server if parent paths are enabled. Parent Paths are now disabled on II6 by default and some hosting company will not enable them.

(domain root)
The files in this folder have VIRTUAL server side includes in them.
These includes only work when the applicaion is installed in the root of your web domain. For example if your domain was called "www.somedomain.com" the following aspprotect files and folders would end up like this
"http://www.somedomain.com/check_user_inc.asp"
"http://www.somedomain.com/password_admin"
"http://www.somedomain.com/users"

(domain directory)
The files in this folder have VIRTUAL server side includes in them.
These includes only work when the applicaion is installed in a directory called "aspprotect" in the root of your web domain. For example if your domain was called "www.somedomain.com" the
following aspprotect files and folders would end up like this
"http://www.somedomain.com/aspprotect/check_user_inc.asp"
"http://www.somedomain.com/aspprotect/password_admin"
"http://www.somedomain.com/aspprotect/users"
You can change the name of the "aspprotect" directory but you will will have to edit the includes in the files.

Lastly, if you are on a local machine and insist on using the VIRTUAL INCLUDES you would also use the (domain directory files) even though you dont have a domain on your local machine most likely
For example if your site was installed like so.
"http://localhost/aspprotect/check_user_inc.asp"
"http://localhost/aspprotect/password_admin"
"http://localhost/aspprotect/users"

Thanks for that. The upload size is just as effective and possibly a better solution to maintain server space.

What about individual gallery permissions. So only 1 member can post in only 1 gallery. I have a forum of 500 plus members so if they want to add a gallery than setting a permission would be idea for each gallery.

What am i supposed to do now... i do have another member server that is not a domain controller-

However, i have like 5 websites running on this domain controller already. I have thought about this before how its a HUGE security risk but it will take too long to configure everything on the other computer :(

Thanks for your rapid responses, your support is excellent!

It may be best that I stick with html then. You mention that is stresses the Version 7 software, would the unlimited version perform any differently if I use multiple zones?

Also, if I do go with a single zone, would either program be able to make sure each banner is unique, or would there by duplicates for each page view?

Sorry to post so many questions in one day.

and the permissions, how exactly were they set ?
I find a lot of customers think they are setting permissions correctly when they really are not. That's why I wrote that long article on the subject.

As you probably know a data connection is a very low level thing. It is the foundation of any ASP application that communicates with a database. Unfortunatly it sometimes takes a while to get the hang of setting them up without issue.

Everything must be perfect.. the ODBC drivers must be up to date, folder permission are critical, sometimes you must use a new version of the access database.. etc etc etc  The errors and things that happen when all these things are not perfect and not helpful as you have found out.

I would suggest you download and get ASPTest from CJWSoft running before you go any further. It is designed to be as simple as possible and helps get a hang of the database setup process.

On the banner rotation order screen it says:

"The Order Of These Banners Will Change Randomly From Time To Time"

Can you tell me the function that does this? I'd like to increase the frequency with which the rotation order changes.

Thanks!

As an update to this thread I fixed the "upload_post.asp" page quite some time ago but forgot to post the updated file here.

So here it is.

2005-09-16_165913_upload_post.zip

Tell tell me some info about your install?

How am I supposed to know what is going on when you are not showing me what you have in your web config file and also the directory structure of the install or what you are putting in a page you are trying to protect ? It almost sounds like you are not editing the paths correctly in the various places.  I mean yes you told me something about the "map" folder but what I saying is tell me more detail.

BTW: this is a very important setting in the web.config file and must be edited accordingly so the path is right.

<forms name=".aspprotect~net" loginUrl="/aspprotectlogin.aspx" protection="All" timeout="60" path="/" />

Basically your showing me random errors and posts left and right and I honestly have no idea what your doing ?

Ulitmately though I am trying to help you in this situation like the web site says.

We offer tech support for installation of the base application purchased in it's native form. In some cases in order to receive proper tech support your application will be need to be installed on a live server on the Internet. We simply cannot troubleshoot all issues when the application is only installed on your local machine.

Meaning I am not going to keep this up if you keep asking question after question after question regardign your local XP Pro installation. There is only so much I can assume or guess when you are running this on a local development server. I know you got all sorts of problems getting a decent live server to run this on but that just isn't my problem. Get this up and running on a professionaly and correctly setup live server and when these random configuration errors pop up atl least I can go run the pages and look at them. Right now I am just confused by nearly everything you have posted today. Half of looks like basic ASP.NET path issues that you need to sort of on your own based on where you installed the application on the machine and what you have in the web.config file.. etc etc etc

It is sounding more and more like ASP.NET is way over your head. If you want a copy of the classic ASP version of ASPProtect you are welcome to it. I think you will be a lotter better off sticking to classic ASP unless you really start reading up on ASP.NET and learning more about how forms based authentication and the web.config file work.

When did you download the ASPProtect Version 7 zip file ?

what did you enter as a wrong password to make that happen ?

does it it do it when other wrong passwords are entered ?

More Upgrade Info

To upgrade an existing ASPBanner system please follow these steps.

Back up your old system completely before starting.

Install the new system per the installation instructions that came with it.

Once it is running simply use your old ASPBanner database with the new system.

You may also want to keep your banner images folder from before in the same location so your existing banners still link to valid image urls because the new system stores banner images in a new location.

Since the config table in the database is no longer used you will need to go to the settings screen of aspbanner again and configure things. The config table in your old database can be deleted or left alone. It won't be used anymore so it does not matter either way.

That is all there is to it. If you have any issues please ask in the forums and we will help you out.

[QUOTE=spider]At the bottom of my "users" list page, it asks the question "number of users displayed per page"?  After hitting a larger number than the default of 1-25, it increases the number of users per page to that number.  But as soon as I leave that page, it goes back to the default.  Any thoughts?[/QUOTE]

That is how it is supposed to work. It is not supposed to remember that info after you leave. If you want it to always start at some default number simply copy the URL info after picking a number. You'll see the querystrings that tell the page what to do in the address field of your browser. Take that entire URL and  edit the button in the admin area to link to that. The links for the buttons are in the "header_inc.asp" file and you should edit that file with a text editor.

That's the easy non technical way to set a default on the users page and that applies to anything including doing a sort or whatever.

example...

you might change this

<a href="default.asp"><img src="../images/users.gif" border="0" alt="Users"></a>

to something like this

<a href="http://www.yoursite.com /aspprotect/password_admin/default.asp?SORTBY=Email+DESC& ;MyPageSize=500="><img src="../images/users.gif" border="0" alt="Users"></a>

I am successfully using ASP protect on our site. I have one question:

The file Check_user_inc.asp looks a bit bland as I can't seem to use the sites Dreamweaver template. If I apply a template to this page, it is duplicated on other pages with this template.

How can I apply a template to this page?

Thanks

Clark

I think this addresses your question

http://support.cjwsoft.com/code/moreinfo144-1.htm

Chris.

After I had you install ASPProtect I added the ASP protecting code to the top of my home page:

<%@ LANGUAGE="VBSCRIPT" %>

<% CHECKFOR = "1" %>
<!--#INCLUDE FILE="../../check_user_inc.asp"-->

Then I made my index.html page my login page buy using the script "Login form on a non protected page" on that I changed <form method="POST" action="memberarea.asp"> to <form method="POST" action="home.html">. 

When I try to log on to that page I get en error page HTTP Error 405 - The HTTP verb used to access this page is not allowed. Internet Information Services (IIS). I checked with my hosting company GoDaddy.com and they informed me that due to the fact that they do not have ASPProtect instaled on there systems they can not support it.  In recent conversations you told me that you have customers that do use godaddy and you products. 

Can you please tell me what I can do to get this working?

Thank you for your time and help.

ok, I moved this thread..

The code in the ASP application handles all encryption and un-encrpytion of passwords in the database. I uses the vbscript RC4 function and the password encryption key specific to your installation to do this.

The whole idea is that if someone gets your database and opens it up that they will not get the passwords (utilitiies to crack access databases are common and work well so they can easily get by the main password)

That being said when you open the database manually your not supposed to see clear text passwords. Your also not supposed to have an easy way to make them clear text. It's a security thing. 

Though I am not officially supporting it I will tell you what I think would be the easisest way to make an export file with clear text passwords in it.

Use the export fire creator in the admin area of aspprotect.
Mosdify "export.asp"

change

Password = CmdDataExport("Password")

to

Password = RC4(CmdDataExport("Password"), PasswordEncryptionKey)

Then make an export file and see if that worked.
you can then import the export file into and access database or do whatever you like with it.

thanks!! the file took care of the extra slash. I also fixed the problem by modifying the permissions.

dazed

That being said, ASPIN has a lot of problems with anonymous reviews so if you can please sign up with them and post an Authentic review as they carry a lot more weight. Authentic reviews involve responding to their validation email so when doing so use a real email address that you regularly check.

And sorry I made you use the forums, but as you can see this is exactly the sort of thread that will help someone else later on.. and that is why I require people to use the forums now instead of just email support. That way the conversations are out in the open where they can help everyone instead of buried in my outlook where no one will ever see them. And of course if information is sensitive you can always do a Private Message as you did earlier.

It is all about creating a knowlegebase of valuable information.

Actually, your whole site is like that.

http://www.bones.myftpsite.net/rfamilystuff/

You should definetly fix that..
I can't help ya with it though. You'll have to figure it out.

I know ya can do it...

later

Got it working.    Had purchased a long time ago and forgot about needing to run the userreg.exe.  All is well and thanks for the follow up.

Lance

ASPProtect v7.x has a new feature called groups.

Groups are meant as a replacement for using the access levels as they are much more powerful. Support for pages protected using access levels is left in tact for backward compatiability for a customer that was using them.

A customer recently told me groups could not be used like access levels and that 8 access levels was not enough. This is how I explained that groups can do everything access levels can do.



Groups can honestly do everything access levels can do if you really think about it.
Using groups and protecting pages accordingly you could actually create a system that basically worked identically to the way the access levels works.

For example..

You make 8 groups and assign users to them accordingly

Protection code on page allows access to groups 1-8
The aspprotect system generates this code for you…

<% GROUPACCESS = "1,2,3,4,5,6,7,8" %>
<!--#INCLUDE FILE="check_user_inc.asp"-->

In this case a user assigned to any one of those groups would have access..

Protection code on page allows access to groups 2-8
The aspprotect system generates this code for you…

<% GROUPACCESS = "2,3,4,5,6,7,8" %>
<!--#INCLUDE FILE="check_user_inc.asp"-->

In this case a user assigned to any group between  2-8 would have access..

Protection code on page allows access to groups 3-8
The aspprotect system generates this code for you…

<% GROUPACCESS = "3,4,5,6,7,8" %>
<!--#INCLUDE FILE="check_user_inc.asp"-->

In this case a user assigned to any group between  3-8 would have access..

and so on... I think you should get the picture by now

It a generic error that means something is wrong with your data connection.

http://support.cjwsoft.com/code/moreinfo27-1.htm

http://support.cjwsoft.com/code/moreinfo136-1.htm

Hi,

I wanted to see if you had any suggestions for converting from Access to SQL sever database. I attempted this earlier today performing the following steps.

1) Create SQL Tables using Enterprise Manager / SQL Scripts
2) Use DTS to move all of the existing table data to the sql tables.
3) Update dataconn_inc.asp to use SQL and the required connection string.

When these steps were complete I was able to login to ASPProtect as an admin and search / find both groups and users. However, any attempt to edit or create users resulted in a "the page ... had a problem ... " type problem. It seems that I can read from the db fine but and getting errors writing to the tables. The user id that is being used to connect to the db is the [dbo].

Any additional hints for this procedure?

Thanks

Darrell

Need to clarify something..

Your talking about the page where a new user registers right ?
Your not talking about adding a new user from the admin area ?

Either way under no circumstances do I see anything like you are saying happening nor has any other ASPProtect user ever mentioned this probem.

I am going to need to see your site and see this happening. It just makes no sense the way you are describing it.

Also. did you edit the registration page code in any way. If so please revert back to an original copy to ensure this is not some sort of problem introduced by editing the code.

Hi Chris,

Alright.  We figured out how to work with both C# and VB, by creating a separate VB web project in VStudio, and then passing the aspprotectnet.dll to the C# project.

Ok.  I have another question:

How can our code determine the identity and user_id of the currently logged in user:

Is it Session["User_ID"].ToString() and Session["Username"].ToString()?

thank you

Hope the wedding went well.  I have one this weekend.

I was successful at performing an upload.  The free upload software was either not configure properly (probably) or not working.  I downloaded the trial version of softartisan's upload (which is like over $300) and it started working. 

Can more than one photo be uploaded at one time (like a whole folder full of photos) or does each have to be done individually?