Blog Entry: 3/25/2006 4:44:23 PM
I really need more information..
SQL or Access database ?
If Access are you using the newest version of the .mdb file
Is this a new item ?
Show me your connection string ?
perhaps the url to the site as well so I can look around?
things like that that will help me troubleshoot.
If any info is sensative send me a PM..
,
ok, here's a test page:
http://www.galvinelectricity.org/download_link.asp
user: test
password: test
Our company just got new computers, so everyone here has the same set-up, all Dells, all about 3 weeks old, all Windows XP.
But I did realize after reading your post that I am using Firefox and everyone else was using IE. When I used IE, I was able to duplicate the error.
But, alas, I am unable to resolve it. Client will be using IE, no doubt.
,
I've downloaded this neat little app, but I'm having troubles understanding what I should be using. Cassinni or IIS, can you help? I've tried to look at the help, but it is very vague on what to use in each situation.
Any help is appreciated.
Cheers
, thanks!, When using this code:
<!------- ASPBanner Ad code ------------->
<script language="JavaScript"> var code = '';
var now = new Date();
var nIndex = now.getTime();
document.write('<s' + 'cript src=" http://www.poconocommuter.com/aspbanner/injectbanner.asp?Ban nerZone=6&nocache=' + nIndex + '">');
document.write('</' + 's' + 'cript>');
</script>
<script language="JavaScript">document.write(jscode);</script& gt;
<!--------- End ASPBanner Ad code --------------->
I receive an error that jscode is undefined. The banner will not display.
Any ideas how to fix this?
, while technically that shouldnt be showing that with two slashes that is actually valid and will not effect whether that feature works or not.
so if you are getting an error that is not the reason.. as far as windows is concerned // is the same as slash in that scenario?
what is your error? I need details. Like some code and an error at a line number ?
99% of the time it is permissions and sometimes it is related to the filesystem object being disabled on the server or script blocking software such as norton antivirus , also, just to show you what happens when a user creates a subscription this is the code. you can see in red where the subscrition is is set and also where the exp date is set to null
If txn_type = "subscr_signup" Then
Set ConnPasswords = Server.CreateObject("ADODB.Connection")
Set CmdEditUser = Server.CreateObject("ADODB.Recordset")
ConnPasswords.Open ConnectionString
SQL = "SELECT " & tbl_label_users & ".* FROM " & tbl_label_users & " WHERE (User_ID = " & User_ID & ")"
CmdEditUser.Open SQL, ConnPasswords, 1, 3
CmdEditUser.Fields("Active") = "1"
CmdEditUser.Fields("Validated") = "1"
CmdEditUser.Fields("PayPal_Subscriber_ID") = subscr_id
CmdEditUser.Fields("Notes") = "Successful PayPal Subscription Signup on " & Date
CmdEditUser.Fields("Expiration_Date") = Null
If Access_Level <> "" Then
CmdEditUser.Fields("Access_Level") = Access_Level
End If
If Groups <> "" Then
CmdEditUser.Fields("Groups") = Trim(Groups)
End If
CmdEditUser.Update
CmdEditUser.Close
Set CmdEditUser = Nothing
ConnPasswords.Close
Set ConnPasswords = Nothing
End If , Hi Chris,
I've got a page with a form that includes an input field with
'type="file"' for uploading an image. The page posts back to
itself to save the info to the database and run the code necessary to
upload and resize the image.
I need to limit this page to a group. So like usual, at the top of the page I put:
<% GROUPACCESS = "1" %>
<!--#INCLUDE FILE="../check_user_inc.asp"-->
This gives me the error: "Cannot call BinaryRead after using Request.Form collection"
I have used ASPUpload and SA-FileUP before and know that this is caused
by the components having their own .form collection. This script
is using "Pure ASP File Upload" from DMXZone for the upload which I'm
not familiar with.
So...my question is, do you know a way around the BinaryRead problem wtih ASPProtect?
Thanks,
Michelle
P.S. PLEASE don't send me to DMXZone for help....they've got notoriously bad support!
, Good Morning - I am receiving an Http 500 internal server error when I go to add a new user via the register.asp page. the url when the error appears is: .../users/add_new_account.asp
I think the error has to do with my email component setting - becuase it works fine otherwise.
I have the email component setting set to CDOSYS (using remote server) with the mail.remote.server set to email.cidra.com - email address set to webmaster@cidra.com
Note: I receive the email notification and the user does get added.
Can you help please? Shirley
UPDATE...I just figured out that it only errors when the email address I use for the user is NOT from cidra.com -- Any idea why?
, As an update to this thread I fixed the "upload_post.asp" page quite some time ago but forgot to post the updated file here.
So here it is.
2005-09-16_165913_upload_post.zip
, "save_pic_desc.asp"
in both the admin and users area needs to be edited
You'll see something like this...
If Len(Image_Description) > 250 Then
just change 250 to something higher.. I wouldn't go much over 500 though as it may cause problems.. I am really not sure.. Changing it higher is done at your own risk.
cwilliams38300.5727314815, My Admin user got corupted, and I need to reset the password and user, what is the defualt password for this database, as I do not think I have changes this (hopefully) as of yet.
Regards,
Paul
, No, because ASPProtect.NET is licensed per and only runs in One website (one iis application)
That error however probably has more to do with parent paths being disabled on the server., Different Versions of the Access Database
Below is a zip file with many alternate versions of the Access Database provided to help with installation and general usage.
2005-02-20_155310_ASPProtect_Database_Versions.zip
ASPProtect.mdb is saved as an Access97 database (password "temp")
ASPProtect_access2000.mdb is saved as and Access 2000 database (password "temp")
ASPProtect_access2000.mdb is saved as and Access 2002-2003 database (password "temp")
ASPProtect_access2002_no_password.mdb is saved as and Access 2002-2003 database with no password set on it
Try to use the newest version as server odbc drivers sometimes have to use the newest version for everything to work correctly. No password version is provided because sometimes there are issues connecting to a database with a password set on it.
Default username for access databases is of course "admin" but you really dont use that except in the data connection information.
cwilliams38403.6840277778, I use the group feature and would like to know if it is possible to change or delete members from a group in bulk. For example if I have 200 users registered for group 1 and 3 how could I delete all members from group 3 in one pass rather than editing 200 individual members?, no, its part the concurrent login checking system.
currently when that is on logging off does not come into play..
(pretty much because it is such a complex system I wasnt able to make it quite that intelligent this time around)
when concurrent login checking is enabled the only way to log in again at another system with the same username and with a different IP is to wait till that time period is over
sorry
as you may recall it was rush feature at the last moment before I got version 7 finished. Hopefully I can improve on the feature in the next version but I dont really see it as being a big issue at the moment. Sometimes when you want maximum security you have to make some tradeoffs and that is why the feature is optional.
, Version 7 uses.. RC4
The upgrade process is described here in detail including a procedure to convert existing clear text passwords to the encrypted versions. (Your passwords will need to be clear text as the system shipped of course for the conversion to do its thing)
http://support.cjwsoft.com/code/info24.htm
It is also covered in the downloadbale docs
http://support.cjwsoft.com/code/moreinfo221-1.htm
Many people have done the upgrade without any issues and Version 7 is getting great feedback.
Should you decide to go with it there is upgrade pricing.
http://www.aspprotect.com/purchase_v7_upgrade_pricing.asp
, The PayPal feature that is in ASPClassifieds has always been labeled as experimental and has never been supported as the documentation says. About a year ago I stopped even mentioning the feature on the product pages or in the live demo because I didn't like how it worked and I decided I would just market the application as a free based classifieds. It’s just not something I can support or talk about. To work really well it really needs to be coded to use PayPal IPN and a credit system. Where ads and various extra features cost so many credits and people have to buy credits before they can post any ads.
That’s about all I can tell you. It's just not something I support.
, I checked through the code and could not find anything as well.
However, I do think it may be related somehow to the code as I get the messages popping up in the error log only after I have edited a banner.
If there is nothing obvious, I may just set my error log to filter and automatically delete this type of error. Not something I prefer to do.
Thanks for the quick response.
Otherwise the program is working very well and I'm happy with it.
, Really awesome, thanks..
If possible please be sure to respond to the email they send so the review ends up authenticated
, Regarding hosting companies..
Now.. obviously if you are hosting on someone elses server you may not be able to set permissions like this.
Ultimately, if you are hosting somewhere and ASP and Database connectivity is part of your hosting plan. It is the hosting company's responsibility to set these permissions for you when asked or to give you a special interface to do so on your own. If they are not helping you do this then maybe it is time to get a hosting company that is serious about your ASP Hosting Needs.
Also... JUST TO BE PERFECTLY CLEAR
The permissions we are talking about cannot be set via FTP or Frontpage access to your web site. They must be set like shown above or via a special interface meant to set the permissions correctly. For all you people out there messing with the permissions you see in FTP and Frontpage.. you are wasting your time and possibly creating problems in your web.
All ASP scripts that communicate with an Access Database, Upload Pictures, Modify Text files.... are going to need these permissions set in some way or another. We have no control over that fact.
cwilliams38360.69125, Just to put an end to this thread here is the solution for anyone reading.
The permissions were ok.
The data connection string never got edited in the "dataconn_inc.asp" file so it was invalid the whole time.
Once that was corrected the application ran.
So really this whole thread was over not following the directions and not editing the data connection string...
, Using just ASP (Form Based Authentication) you can only protect the actual content of the ".asp" files.
You can however use some ASP tricks to stream other types of files to the users.
That way the actual file locations are never known and they can only get them/see these files when they are logged in as you would be streaming files to them after they logged in.
Below are informative links I have collected on the subject in an email I sent to another customer a while back.
Using Active Server Pages you can only protect ".asp" pages.
You can however password protect ".asp" pages that stream files to the user using code like in these examples therefore keeping the actual file name a secret.
And from another email I sent...
ASPProtect only protects the content of ".asp" pages. Directory protection is not possible using just ASP.
Other file extensions can not be protected using just ASP.
There are ways to get around this.
You'd want to do a technique like this to stream non ".asp" files to the users.
The safileup component from softartisans can actually do something similar as far as streaming the files go.
Then use something like ASPProtect to protect the ASP files that streams the files.
The actual location of the files is never known to the users and of they don't have access to the asp pages they can not see or get those other types of files.
Very doable, but nothing ASPProtect takes care of automatically.
This info above should get ya on track.
cwilliams38344.8751736111, Aggh.. I put passwords instead of password. Sorry to have bothered you, works fine now. , That's excellent!
I did learn that parent paths were disabled on my test 2003 server...
But on the hosted server, it looks like parent paths are supported as I change the file location of the language file in the forum common.asp as such, and obviously moved the file as well:
from:
<!--#include file="language_files/language_file_inc.asp" -->
to:
<!--#include file="../language_file_inc.asp" -->
Everything seems to work fine and I thank you very much for you quick response!!!
Ok, time to buy...thanks again!
- Jason
, you can not limit image size using the pure code upload method. Its not possible using a pure asp method that I know of.
You would have to be using one the supported commercial upload components and edit the upload code accordinly to limit upload sizes (you would do this by looking through their documentation and samples) I didnt include any support for upload file size limitations with the supported 3rd party upload components because in my testing I found it problematic with all but aspupload from persits software. (I have example coe for that component I can provide that limits the upload size and seems to do it well) I am sure it could work with safileup and dundas as well but I gave up trying.
As for image resizing..
Image resizing requires the use of one of the supported 3rd party image resizing components. You didnt mention if you are using one or not. If you dont have one available image resizing is just not possible as asp can not do that on its own.
, "I can login for the first time."
when you say that what exactly does that mean, because in this version you do not just log in for the 1st time.
What I am saying is there are steps where you run a special page to intially get into the system, then you setup a new user, then you make them an admin, and then you can log in as them.
You left all of that out of your story...
I really need all details in order to help.. is this an upgrade or a new install, etc etc etc
I would also advise very carefully comparing the fields in your sql database to the sql creation scripts to make sure all the field settings are correct.
Lastly, please tell me what name/email you ordered the product under so I can check your purchase.
Thanks, 1st: try it with a normal dsn-less connection like we show in the example.. dont use that OLEDB.4.0 connection string.. connecting like that can cause a lot of problems and is not as great as everyone thinks it is and it can sometimes be difficult to get it working when the database has a password set on it
For the sake of troubleshooting just connect like so: (fixing the path of course)
ConnectionString = "DBQ=C:\Inetpub\wwwroot\aspprotect\data\database\ASPProtect_ access2002.mdb;Driver={Microsoft Access Driver (*.mdb)};UID=Admin;Password=temp"
ASPProtect will generate the actual connection string you should use when you run this page
http://www.mysite.com/data/setup_info.asp
Replacing the part in blue with your website info.
2nd: any IIS server setup to have the access database over the network path like that has a poor setup... and that can cause all sorts of problems as well, access is not designed to run over the network like that.. for more on that read this thread - Start 5 posts down
http://support.cjwsoft.com/code/code_info.asp?TID=479&KW =OLEDB%2E4%2E0
3rd: If the app does not run using the connection string like I say to use then the problem is 100% on their end and is either related to permissions or the fact they are keeping the access database on a network path which is BAD BAD BAD... no quality host that knew what they are doing would set it up that way.. ultimately you don't want to host asp with a place that has a setup like that
4th: If you want to try some other stuff out we have a free guestbook, asptest, and a free version of aspbanner you can try out as well... www.cjwsoft.com
5th: If you need a quality asp host that knows what they are doing and offers great asp support www.alentus.com is the place
6th: Your right, it is not the code, its the data connection
, it probably means the page you are trying to protect is (not in an iis application or not in the same iis application) which it needs to be
for a situation like using ASPProtect you really want your root of your virtual directory set up as one big application in IIS. (after you inquired about it your hosting company probably went and set the ASPProtect folder as an application in IIS which means any pages you protect need to be in there as well. (truth is they should have had your entire web starting from the root set as one in the 1st place..... its standard practice for any experienced hosting company) cwilliams38456.9306828704, Well, thats not normal.
(it should work just like our online demo does)
Do you have everything turned on in the settings ?
Uploading needs to be enabled and you also have to pick a valid upload method.
, that's they way it should be done..
the only other thing would have been to test everything with sql before trying to import any data.. and make sure all was fine at that stage
more info on the errors would be helpful.
Id' also carefully visually compare the SQL tables and fields with the SQL scripts and make sure all field types and settings got set correctly.
Also, make sure the user accessign the database has datareader and datawriter permissions of course.
, Ohhh...
I was thinking it worked like this; A user goes to that page and logs in.. and from there they can then browse the site and do what they want..
So in order for it to work i need to edit a page say... members.aspx (i assume it needs to be an asp.net page) and in the header put that protect code and when a user accesses it, it will prompt them for their un and pw and then if correct will allow them to view the page... and likewise if they are still logged in will be able to use the page?
If that is how to works as i mentioned above thats great...
I understand the redirect principle...but say i have a log in box on the main page... you know like most pages have a user log in on the left hand side... i wanted to do that. But i cant obviously protect the main home page or else normal users will not be able to view it without logging in or registering
, Attached is a SQL script to create the ASPProtect Database with the Option Pack Changes already applied. This lets you create the database in one step and you wont have to make the option pack changes as they are already there.
This only applies to people using MSSQL and doing a new installation.
This scripts are run via SQL Enterprise Manager.
You make a new database then run this script on it in query manager.
2004-06-14_180056_aspprotect_w_option_pack.zip cwilliams38152.7522569444,
Ok, set up a new web.config in root, with just the suggested code.
that worked to get this....
Configuration Error
Description: An
error occurred during the processing of a configuration file required
to service this request. Please review the specific error details below
and modify your configuration file appropriately.
Parser Error Message: It
is an error to use a section registered as
allowDefinition='MachineToApplication' beyond application level. This
error can be caused by a virtual directory not being configured as an
application in IIS.
Source Error:
Line 409:
Line 410:
Line 411: <authentication mode="Forms">
Line 412:
Line 413: <!-- DO NOT CHANGE UNLESS INSTRUCTED TO DO SO -->
|
Source File: D:\hshome~aspnetprotect\web.config Line: 411
any ideas?
Andy
, 1st off, what application is this in reference too?
This question should be under that application's area in the forum.
2nd, really need more information and details. There are many ways and methods to send emails and they can all effect what gets delivered and what does not. All on an email server side of things. (I always recommend using the CDOSYS option using SMTP authentication with a real external email that has valid MX records) see my article...
http://www.powerasp.com/content/new/sending_email_cdosys.asp
3rd, your not telling me how many users we are talking about. ASP is not a very efficient way to send emails and extremely large amounts of users should be sent emails in a different way then from an asp application. It is just the nature of the technology being used. Some of different emailing methods the application supports may or may not give you better results. It is really best to experiment though honestly the option I mentioned above is always the best in my experience.
4th, if you are not getting a timeout or a scripting error than the ASP part of things is making it through the amount of users. You have to remember that often time emails that get sent out from web sites end up in junk filters for whatever reason. That is just another fact and why it it is usually best to send out serious newletters using a stand alone application like WorldCast or something.
I am doing a lot of guessing here because you really did not tell me much. I also still am not sure what application this is in reference to as 3 of my apps have newsletter features of sorts.
, Thanks Chris.
Yes i never actually considered that they should log in twice.
The site uses two main url and the cookie was being stored for only one
of them. I have fixed the double login issue by making changes to
menu to ensure that they are always logging only via the url stored in
the cookie.
Thanks for your hep,
Stuart
, I am having difficulties importing new Users.
I have exported the existing list and then copied in the additional users and save the file as text (tab delimited) in Exel.
When I go to import the file (browse then upload) I get the following error:
Microsoft VBScript compilation error '800a03f9'
Expected 'Then'
/aspprotect/password_admin/upload_post.asp, line 6
If Session("Admin") <> "True"
If I upload the text file by FTP and then try to import it it only tends to import the first two existing rows.
All collumns match but not sure if I need to add "User_ID". I have added it and created consequecutive numbers.
Any assistance would be appreciated.
Thanks
, ok.
sorry then..
I just had a series of fraudulant orders this past week including today and the whole thing has me on edge. (foreign people getting my code for free and doing who knows what with it) When you mentioned calling the cc company it pushed all the right buttons.
Merry Christmas, Can I have the logon be in a top frame while having the protected pages displayed in a main frame?
Using frames with forms based authentication is not the best thing to be doing. Your much better off not using frames and using includes files to do a virtual frames sort of thing (search google) but if you are going to use frames I would suggest password protecting the frameset page as well as any pages it contains.
If you want to have a login form in a non protected top frame all the time.. that posts to a lower frame that is password protected.. you would do this
http://support.cjwsoft.com/code/moreinfo169-1.htm
but change the target of the form to one of your frames
personally though I think that would be a somewhat goofy setup to have going on
Also, how will it behave if a user moves in between a protected page to a public page and back to the protected page again?
As long as they have cookies enabled which is required for session variables to work... then you will have no issues because once they come back to a page they have permission to they will just be allowed in without login.. at least while that session is still active.. or for a longer time if they choose the remeber me option which keeps track of them with a cookie .
Really, the best thing to do is expirment and see how things behave.
, Terribly sorry, but we are not software-technical. So can you please tell us exactly which folder the database would be in.
Thanks in advance.
,
Timecard Entry: 3/25/2006 4:44:23 PM
Business/Education Forum at BOCES, did callbacks. had a user call with billing question. and one user that couldn't connect, Team meeting, Getting PC Anywhere working the way it should on the main web server., Travel to Watertown, re-create Cisco logo for Ken Mills, Amy - Fix punctuation on McLears.Com. Discussing new school site and use of upload manager for posting news., payroll, 185 Miles : Plattsburgh - Sackets Harbor, general site design and research: research meta tags, At home working on errors I am still getting when saving property type configuration info for the ST LAwrence Board of realty., Record a personal task list, review phone bills, complete more network diagrams., Time spent thoughout day tracking down Roger Morgan's order, talking w/ Roger, w/ Bell, and e-mailing., mcdonalds....i watched ben eat more mcdonalds food than i have ever ingested in a week for fear of causing my heart to stop....he's one crazy mofo, Posted acct and did a detail of checks and cash for deposit. Customer inquiries and ans phones., did a dial up issue from last night. ask us a question. couple general questions, Went through a couple changes on the phones system with Norm. Worked with custommer on BA Bill. Went through goals with Ben. Set-up bulletin board (physical). Ran tech reports. , Golfwithyourbuddies.Com - Completed public and administrative areas for managing and displaying location map listings., Printed timecards, talked with ef on users group-to invite resellers and banks. lm for mb at wsb on users group and corp program signups. called apcomp, stocker, bdell and jnewman to invite tuesday. met with tb on suggestions from jw this am on pprogram and pricing of materials., email voice mail etc, In Watertown-to AMF to pick up raffle envelopes., Call from WPBStv.org guy about changes to their shopping cart, technical support supervisor. emonitor, radlog, dial up issues, ask us a questions, incoming calls, emails, took mostly incoming calls ... helped techs as needed ..covered incoming calls and tech issues , Read Meridian phone manual, set-up options and voice mail, answering some email a customer had fired off to me about frontpage...and some other misc. emails i had recieved throughout the day, as well as doing my timecard..., TIITC DB project., Pick up Labels Staples, Sent e-mail to Jim Crowley and Sithe Energies with order information, prepared their paperwork for work order, backed up my laptop, redesigned Renzi bros. proposal, dr appt,
