it is not uncommon for folder permissions to be lost or changed on a server.. a lot of things can cause it

if it was working and now you can not edit or write new data to the database it is most likely permissions

I would triple check permissions... see my articles if there is any doubt on how permissions are set

http://support.cjwsoft.com/code/moreinfo136-1.htm

http://support.cjwsoft.com/code/moreinfo56-1.htm

Sorry Chris,

It didn't fix it.  Looks like I had the current code.  I bought the system in mid-April.  The version says 3-10-2005.

I do know that in the database, the password shows as " éG"  but in the error code, it shows as " éG".  The square character is missing. 

Thanks,
Mick

Edit: well heck.  It skips the square box here too.  The password in the database puts a square box in front of the éG

no, its part the concurrent login checking system.

currently when that is on logging off does not come into play..
(pretty much because it is such a complex system I wasnt able to make it quite that intelligent this time around)

when concurrent login checking is enabled the only way to log in again at another system with the same username and with a different IP is to wait till that time period is over

sorry

as you may recall it was rush feature at the last moment before I got version 7 finished. Hopefully I can improve on the feature in the next version but I dont really see it as being a big issue at the moment. Sometimes when you want maximum security you have to make some tradeoffs and that is why the feature is optional.

How to bring up Banner Calling Code Generators

Simply go to the zones screen.
Select a Zone from the list.
Check the "Show Banner Code" option.

Click on "Display Banners in Selected Zone"

You edit the web.config file that came with ASPProtect.NET.

You find this tag

  <customErrors mode="RemoteOnly" />

you change it to this

  <customErrors mode="Off" />

If you have a different web.config file in your root I suggest you make sure the tag is set to off there as well for troubleshooting sake

If done correctly you will get a detailed error
It's basic low level ASP.NET stuff really and does not have anything specific to do with ASPProtect.NET.

You also need to make sure your web is set up correctly for ASP.NET and that the correct web.config's are firing..etc etc

Hi,

That is not enough to go on. I need details in order to help.

Hi,

I only just purchased the product and I would be very keen to

a) is the upgrade available very soon as I don't want to spend the time developing one and than find the other released shortly & 

b) would I only need to pay the difference for the upgrade or have I already downloaded the upgrade already.

I cant see what version I current have.

I look forward to your response.

I am trying to find out where I can enter the ttle for the application.

There is a variableor field called App_Name into which it would be good to insert a generic name. Can this be edited?

I have searched high and low but cannot find anything to do with it.

ahhh ok.. I was going to wait till morning to answer this one..

glad ya figured it out

again I will ask you what is the real error??

see the link above when I asked you the 1st time.
(I need the error details and line number.. etc etc)

and what kind of a server are you trying to run it on ?
you mention xp pro but in a confusing way ?

Is there any way to extend the limit multiple login feature to a certain number instead all or none?  In other words, i need to have a user be able to use the same login for x number of people.  My customers are institutions and want to be able to have a single login for however many users they purchase for.

lmao ... ya that has never happend to me before....

A very common and extremely bothersome error encountered when running ASP apps that connect to a database is the "80004005" error. It comes in many varieties.

These articles cover it.


(an article I wrote)
http://www.powerasp.com/content/hintstips/permissions.asp

(more articles)
http://www.aspfaq.com/show.asp?id=2009

http://support.microsoft.com/default.aspx?scid=kb;en-us;3065 18

http://www.aspfaqs.com/aspfaqs/ShowFAQ.asp?FAQID=115

http://www.macromedia.com/support/ultradev/ts/documents/8004 005_cannot_open_unknown.htm

I am using ASPProtect's password program, which has been very successful, for managing over 1,500 military veterans' memberships at http://www.vspa.com.  What I am trying to do now is utilize the "Groups" code, as generated by the Admin page, to prevent members with expired accounts (and non-members) from accessing restricted "members only" .ASP pages they may have bookmarked, or found via web search. The code generated and used is as follows:

<%@ LANGUAGE="VBSCRIPT" %>
<!-- Begin ASPProtect Code -->
<!-- Groups with access to this page. ( * ADMIN * Member Current * Member Life * Officer/Staff * ) -->
<% GROUPACCESS = "10,12,14,19" %>
<!--#INCLUDE FILE="check_user_inc.asp"-->
<!-- End ASPProtect Code -->

The above is placed over the <html><head> statements on the page.

When I am logged in the code works perfectly! When I log off and try the URL again, the page appears in its entirety but with a Login box for Username and Login Password at the top of the page. You may view the problem at: http://www.vspa.com/aspprotect/vspa-password-enter.asp .

What I would like to have happen is expired members and non-members would be sent (or Redirected) to a Login page. I do not want the Login password box to merely be inserted above the page that I am trying to keep them from visiting.

Don Poss,
VSPA Webmaster

I have a user who is trying to login. However, I am getting a error that I can't seem to find.
Username: executive.barcheski
Password: executive@amcpc.com

Encrypted Password: Û?=�`Ù…Ü

Error on check_user_inc.asp line 114

If (Request.Cookies("PASSWORDSYSTEMCOOKIE")("KEEPMESIGNEDIN") = "True") And (Request.Cookies("PASSWORDSYSTEMCOOKIE")("COOKIE_USERNAME") <> "") And KeepSignedInOption And Status <> "Checkem" Then
CheckUserSQL = "SELECT " & tbl_label_users & ".* FROM " & tbl_label_users & " WHERE (Username = '" & RC4(Request.Cookies("PASSWORDSYSTEMCOOKIE")("COOKIE_USERNAME "), CookieEncryptionKey) & "') And (Password = '" & Replace(RC4(RC4(Request.Cookies("PASSWORDSYSTEMCOOKIE")("COO KIE_PASSWORD"), CookieEncryptionKey), PasswordEncryptionKey),"'","''") & "')"
Else
CheckUserSQL = "SELECT " & tbl_label_users & ".* FROM " & tbl_label_users & " WHERE (Username = '" & Username & "') AND (Password = '" & Replace(RC4(Password, PasswordEncryptionKey),"'","''") & "')"
End If

CmdCheckUser.Open CheckUserSQL, ConnPasswords

error received: unclosed quote after 'Û?=�

Any ideas

Jason Johnson

SQL Database Creation (NEW INSTALL)

If you are creating a new database do so using SQL enterprise manager.
Create a new database called whatever you like and keep all the default settings. If using an existing sql database skip that step.

Now open up SQL Query Analyzer

unzip the following sql script and open it in query analyser.
2005-02-20_132116_aspprotect_v7_sql_script.zip

VERY IMPORTANT
On the drop down box at the top right make sure your intended database is selected. Otherwise your changes may effect the wrong database in your SQL server.

Then load the script  into the Query Analyzer.  Click the green play button at the top. If everything goes well the response should read something like this.

******************************************************
(1 row(s) affected)
******************************************************

If so the tables have been created in your existing database.

Now make sure an existing or new SQL user has (public / datareader / datawriter) permissions for the new tables. You will be referencing this user in the asp code connection string so this user must be set up correctly. You may need your SQL server admins or hosting company to help you on this step as you may not have access to do this. You may not need to create a user and set permissions as the sql user you were logged in as to use query analyzer may by default get the correct permissions on anything you create.

Regardless, as you can see from this screenshot I made a SQL user called "aspprotectuser" and proceeded to set the permissions for that user. Under database access giving him (public,datareader, and datewriter permissions).


Now, in the ASP files provided with ASPProtect edit "dataconn_inc.asp" with a text editor and modify the connection string info. Be sure to change the info to match your server,username, and password.

Below is an example of valid connection string.

ConnectionString = "Provider=sqloledb;Data Source=poseidon;Initial Catalog=aspprotect;User Id=aspprotectuser;Password=temp;"

The  "Data Source" setting is either the Network Name for the SQL Server or the IP Address. For local servers you can sometimes use an IP of "127.0.0.1" or the name of the local server.

"Initial Catalog" is the name of your database.

Now, in the ASP files provided with ASPProtect edit "dataconn_inc.asp" with a text editor and set the DatabaseType variable to SQL like so.

DatabaseType = "SQL"

Upgrade from V6 to v7.x with an MSSQL SERVER DATABASE

1st of all, backup your existing ASPProtect files and database before performing this upgrade. Please be really careful while performing this upgrade. Version 7.x  is a highly advanced application compared to any previous versions. CJWSoft under no circumstances is responsible if you lose information or have website downtime.

BOTTOM LINE: (PERFORM THIS UPGRADE AT YOUR OWN RISK)

To do this upgrade you're going to need to have SQL Enterprise Manager and SQL Query Analyzer

That being said, on with the upgrade..

Open your SQL database in SQL Enterprise Manager

Regarding the following Tables

Rename "Users" to "ASPP_Users"
Rename "Groups" to "ASPP_Groups"

If you do not have a "Groups" table do not worry about it right now.

Now right click and DELETE the Config Table.
Yes, delete it..

Now, go into Design View for the "ASPP_Users" Table.

Rename the "Password" field to "Old_Password"
Be sure to spell it perfectly using the Underscore

If you have a "Groups" Field... leave it alone
If you do not have a "Groups" Field add one and make it a "nvarchar" field with a lengh of 255.

Now, we are going to add a few more new fields.

Add a field called "Redirection_URL" make it a "nvarchar" field with a lengh of 150.
Add a field called "PayPal_Subscriber_ID" make it a "nvarchar" field with a lengh of 100.
Add a field called "Newsletter" and make it a "bit" field
Add a field called "Password" and make it a "nvarchar" field with a lengh of 100.

Now close that window and save the changes..

Download these scripts.
2005-02-23_171110_aspprotect_v7_sql_upgrade_scripts.zip

Now open up SQL Query Analyzer
Connect to your SQL server.

Then load the script  "aspprotect_v7_config_table.sql" into the Query Analyzer.  Click the green play button at the top. If everything goes well the response should read something like this.

******************************************************
(1 row(s) affected)
******************************************************

Now, if you had a Groups Table your done with the database changes.

If you didnt have a groups table.

Then load the script  "aspprotect_v7_groups_table.sql" into the Query Analyzer.  Click the green play button at the top.

Now, go back to your database in Enterprise Manager and make sure all 3 tables are there and look ok. You might need to do a refresh or two to see them.

Now make sure an existing or new SQL user has (public / datareader / datawriter) permissions for all three tables. You reference this user in the asp code connection string so this user must be set up correctly. You may need your SQL server admins or hosting company to help you on this step as you may not have access to do this. You may not need to create a user and set permissions as the sql user you were logged in as to use query analyzer may by default get the correct permissions on anything you create.

Regardless, as you can see from this screenshot I have a SQL user called "aspprotectuser" and proceeded to set the permissions for that user. Under database access giving him (public,datareader, and datewriter permissions).


Now, you are done upgrading your SQL Server Database.

The existing passwords still have to be encrytped and moved from the "Old_Password" to the "Password" field

To that we have a special page we run in the application that will take care of that.

So, for now... go install the application, but using the database we just created.
Follow these instructions for the most part...
http://support.cjwsoft.com/forum/forum_posts.asp?TID=181& ; ;PN=1

When you get to the part where you finally get into the admin area and need to make an admin account you will notice that your existing user database is there but none of the users have passwords if you look at them in the edit screen.

That is normal. Simply do what the instructions say and create and admin account using a username that does not exist..

Then log off... then back in as that new admin account. If that works you are ready to convert the passwords.

This part is very easy.

You want to run a special page via the browser.

http://www.mysite.com/password_admin/convert_to_encrypted.asp

Replacing the part in blue with your website info.

Once you get the page running you will see a login prompt and one form field just like before with the "get_me_in.asp" page

You will need to paste the "PasswordEncryptionKey" value that you used in the "config_inc.asp" file in the form field and hit enter.

If all goes well you will see a page telling you to click here to encrypt the passwords and copy them over.

So do what it says... dont click more than once and wait.

Eventually it should say it is finished. So go log in to the admin area of the system using the new admin account.

Now edit some users but dont save... you want to see if the passwords are showing up. If they are the conversion worked. If you see nothing or a garbled mess it did not work and you made a mistake during this whole process.

If things went well backup and delete the conversion file below.

http://www.mysite.com/password_admin/convert_to_encrypted.asp

You do not need it anymore.

Once you are positive every thing is running smoothly and everyone's passwords are ok you can go in and delete the "Old_Password" field as well.



If things didnt go well.. try again from scratch and go slowly.
If they still dont go well get ahold of us for help.

We are here to help, but if you really want us to we can be hired to do the conversion.

I'm all set - after thinking about your replies - i checked a bit more and changed the email component type -- thanks again for all your help.

I have a solution for asp already but thanks anyway. Is there a good book or other learning tool I can purchase that you might know about? I would know where to start about how create a timed subscription in .NET.

Microsoft VBScript compilation error '800a03f9'

Expected 'Then'

/aspprotect/password_admin/upload_post.asp, line 6

If Session("Admin") <> "True"



If I upload the text file by FTP and then try to import it it only tends to import the first two existing rows.

All collumns match but not sure if I need to add "User_ID". I have added it and created consequecutive numbers.

Any assistance would be appreciated.

Thanks

import/export feature WARNING !!

I just want to warn everyone that the built in import/export feature can be a little dangerous.
The reason being is when you import users they get new "Users_ID"s in the database.

The "User_ID" field is an autonumber field and that is why and there is nothing you can do about it.

So, if you are using a user's current "User_ID" to keep track up something important NEVER export the users and re-import them. Because their "User_ID" will change and you will be in trouble.

The PayPal signup features of ASPProtect actually use the "User_ID" like this and that is the main reason this warning is here.

now, that being said

If you are importing new users into ASPProtect

or

simply exporting existing users to another system

then this is nothing to worry about.


Basically, the moral of this story is dont think of the built in Import/Export feature as backup system because it is not. It is not a substistute for backing up your database.

It is a just a tool that can come in handy for various things.

it is an email server/setting issue most likely

your email server probably requires outgoing authentication or something like that and that is why internal emails can be sent to but nothing else

its something along those lines

this will help you see the real error instead of the generic 500
http://support.cjwsoft.com/code/moreinfo11-1.htm

Christopher

Found this but I dont really know what to do with it or even if its the right thing.

<%
'=========================================================== ==================='

' Application:     Utiity Function
' Author:          ; John Gardner
' Date:         & nbsp;  20th December 2004
' Description:     Used to check the validity of a postcode
' QueryString:     None
' Version:         V1.0

' Required routines:        &nb sp; None
                    
'----------------------------------------------------------- -------------------'

function Check_Postcode (byRef strPostcode)

' This routine checks the value of the form element specified by the parameter
' for a valid postcode.

' The definition of a valid postcode has been taken from:
' http:'www.royalmail.com/docContent/other/Downloadable_Files/ PAF_Digest_Issue_5_0.pdf

' If the element is a valid postcode, the function value is returned as TRUE
' and the postcode is returned in uppercase with the separating space in the
' right place.

  Dim strPostcodeRegExp(2)   ' holds the regular expressions for valid postcodes
  Dim intCount        &nbs p;      ' For loop counter
  Dim strPostcodeCopy        ' Copy of postcode
 
  ' Variables used to hold regular expression object  
  Dim objRegExp, objMatches, objMatch
 
  ' Expression for postcodes: AN NAA, ANN NAA, AAN NAA, and AANN NAA
  strPostcodeRegExp(0) = "^([a-z]{1,2}[0-9]{1,2})([0-9]{1}[abdefghjlnpqrstuwxyz]{2})$"

  ' Expression for postcodes: ANA NAA, and AANA  NAA
  strPostcodeRegExp(1) = "^([a-z]{1,2}[0-9]{1}[a-z]{1})([0-9]{1}[abdefghjlnpqrstuwxyz]{2})$"
 
  ' Exception for the special postcode GIR 0AA
  strPostcodeRegExp(2) = "^(gir)(0aa)$"

  ' Copy the parameter and convert into lowercase
  strPostcodeCopy = Lcase(strPostCode)
 
  ' Assume we're not going to find a valid postcode
  Check_Postcode = false
 
  ' Strip out spaces
  strPostcodeCopy = Replace (strPostcodeCopy, " ", "")
  Check_Postcode = False
 
  Set objRegExp = New RegExp
 
  ' Check the string against valid types of post codes
  For intCount = 0 to Ubound(strPostCodeRegExp)
 
    ' Check next pattern in list
    objRegExp.Pattern =  strPostcodeRegExp(intCount)
    If objRegExp.Test (strPostcodeCopy) Then
   
      ' Post code found. Ensure input parameter is in correct format.
      Set objMatches = objRegExp.Execute (strPostcodeCopy)
      Set objMatch = objMatches(0)
      strPostcodeCopy = Ucase (objMatch.subMatches (0)) & " " &  Ucase (objMatch.subMatches (1))
     
      ' Show that we have found the postcode
      Check_Postcode = True
    End if
  Next
 
  ' Ensure that the uppercase postcode gets returned if valid
  If Check_Postcode Then strPostcode = strPostcodeCopy
 
End Function
%>

regards

John

The main root of your web site needs a "aspnet_client" folder for .NET apps like ASPProtect.NET to run.

If this isnt quite right one of two things can happen.

1.) You'll get a pop-up error like this.
'Unable to find script library WebUIValidation.js'

2.) The ASPProtect login screen will come up but just not let you log in.

This folder only goes in the root. Not in subfolders and subwebs.

If you dont have this folder in the root of your web.

Read this article to learn how to properly create the folder.
http://msdn.microsoft.com/library/default.asp?url=/library/e n-us/cpguide/html/cpconconfiguringaspnetapplicationforaspnet version.asp

If the app is installed on a hosted server you'll need to ask them to do that for you.

You can also try copying a the folder from your own machine after creating it the way the article above says.

or

here is a copy of my "aspnet_client" folder created under the latest framework at the time of this writing. v 1_1_4322

2004-11-03_134912_aspnet_client.zip

I am not sure if copying it in is as good as having created by the server as I haven't had time to really test all of that but it should work. Ultimately all this does is put some files .net needs in the web.

Same here.  Thinking it might be server load or the bandwidth to the server.

Thanks for checking!
Lance

I would highly suggest setting up a DSN-LESS connection.

That system dsn is most likely the source of your trouble It is probably that or permissions are still not correct.

I can't tell you how many people have had trouble with system dsn's and finally set up a dsn-less connection and everything then worked as it should.

The location of your database is fine as long as permissions are truly set correctly like I mentioned.

Also, be sure you are setting the database type correctly in the dataconn_inc.asp file. That can cause problems as well as some people have been known to delete that line.

See my articles...

http://support.cjwsoft.com/code/moreinfo9-1.htm

http://support.cjwsoft.com/code/moreinfo136-1.htm

http://support.cjwsoft.com/code/code_info.asp?TID=40&KW= system+dsn

humm

expiration dates in the aspprotect system are not used at all when using paypal subscriptions.. all date handling is done on their end actually

and they of course send notices from their system to the user regarding their subscription and when it renews,cancels, etc etc

so I am pretty sure any errors with that would have more to do with the info you used for the subscription setup and possibly any paypal settings associated with it

its hard to say at this point

The smart thing to do I think.. would be to sign up someone using another PayPal account (your allowed 2)... and while doing it be very careful about the subscription setup data.. and then as soon as the subscription is created review all the info in the paypal system and see if the length of the subscription / expiration.. etc etc in the paypal system info looks right..

at least then you can begin to troubleshoot what is going on...

Hello

I have a strange problem with the thumbnails in the ASPClassifieds.
If i upload some pictures in an ad, the 2nd picture always shows with an x, as the picture doesn´t exists. But if i click on the 2nd thumbnail, the picture shows okay. I haven´t changed enything from the original code.
Does anyone have any idea, where it goes wrong ?

With best regards, Erling Larsen

I was able to get it all figured out.  Thanks a lot for your help, I really appreciate it.  I ended up copying the database with the password to the directory and used the user/password connection code and it works great.  I believe it was related to that but I cannot be sure.  Thanks again!

Sorry, not really.. not without a lot of changes to the code.
the recent activity info recycles.. it is not meant to be day by day

My suggestion there would be to look at both the log files and the user activty screens...

Is there a possibility to build in a option that the administrator will be notifed when a banner expired.

Good Morning - I getting errors in my system log that says "404 file not found" for a number of files - Here are a few examples:

/aspprotect/password_admin/ drop1.gif http://cidra.easycgi.com/ aspprotect/password_admin/edit.asp? User_ID=181	4	0.28%
/aspprotect/password_admin/ drop2.gif http://cidra.easycgi.com/ aspprotect/password_admin/edit.asp? User_ID=181	4	0.28%
/aspprotect/password_admin/ left1.gif http://cidra.easycgi.com/ aspprotect/password_admin/edit.asp? User_ID=181

I ideas on how to fix this?  Note: The system seems to be working fine, but I want my log files as clean as possible. 

Thanks.  shirley

<!-- Web.Config Configuration File -->

<configuration>
    <system.web>
        <customErrors mode="Off"/>
    </system.web>
</configuration>

<!-- Web.Config Configuration File -->

<configuration>
    <system.web>
        <customErrors mode="RemoteOnly" defaultRedirect="mycustompage.htm"/>
    </system.web>
</configuration>

Also, I found this page which specifically talks about hidden IPN form values to change currencies

https://www.paypal.com/us/cgi-bin/webscr?cmd=p/acc/ipn-info

mc_currency	For payment IPNs, this is the currency of the payment. For non-payment subscription IPNs, this is the currency of the subscription.
	"USD"	The currency of the payment is U.S. Dollars.
	"CAD"	The currency of the payment is Canadian Dollars.
	"GBP"	The currency of the payment is Pounds Sterling.
	"EUR"	The currency of the payment is Euros.
	"JPY"	The currency of the payment is Yen.

Please Note : ASPProtect v7.x has a new feature called groups that is much more powerful than access levels. Access Levels were left in the product primarily for existing customers that upgrade to the new version so they do not need to make a lot of changes to their site if they were using Access Levels.


More On Access Levels

Again, Examples of managing Access Levels are provided in the "multiple_access_levels" folder included in the root of the Password System. Look at the source code of the ASP pages in that folder with a text editor to see the working code.

Access Levels and how they work can be re-coded to work in many different ways. However, you have to be a good ASP developer to make changes to it. Here is some information on how they work by default.

In the "check_user_inc.asp" that comes in the root of this system Access Levels work as follows.

Level 1 has Access to - Level 1
Level 2 has Access to - Level 1,2
Level 3 has Access to - Level 1,2,3
Level 4 has Access to - Level 1,2,3,4
Level 5 has Access to - Level 1,2,3,4,5
Level 6 has Access to - Level 1,2,3,4,5,6
Level 7 has Access to - Level 1,2,3,4,5,6,7
Level 8 has Access to - Level 1,2,3,4,5,6,7,8
ADMIN has Access to - Level 1,2,3,4,5,6,7,8,ADMIN

Here is some additional info..

If the access levels are too restrictive you can ignore them all together and create your own totally custom solutions.
Here is a quick rundown of some of the things you can do.

Ok... so if you want to be really specific about what each user can see and
can't .. here's an example of what you can do

Don't use the access levels before the include file..
Don't worry about what you set a user to in the admin area since the access levels won't be used.

Do something like this..

Every time a user logs in session variables are set that you can access at
any time.. thus allowing you to know who they are.

So you could do something like this...


<%@ LANGUAGE="VBSCRIPT" %>

<!--#INCLUDE FILE="check_user_inc.asp"-->

<%
If Session("USERNAME") = "bob1267" or Session("USERNAME") = "carl45" or Session("ADMIN") = "True" Then
Session("PASSWORDACCESS") = "Yes"
Else
Session("PASSWORDACCESS") = "No"
Response.Redirect(Request.ServerVariables("script_name"))
End If
%>

The following URL explains what Redirects are.
http://www.powerasp.com/content/code-snippets/redirects.asp

That would in effect create totally custom access levels.. but you would
have to do it manually for each user.

You can also do things like this after a person logs in

Show custom html to any specific user based on either their username or
access level ... like so

say there was a menu and a certain link should only show up to username
"paully67"

you could do something like this


<HTML>
<HEAD>
<TITLE></TITLE>
</HEAD>
<BODY>


<br>
<a href="main.asp">Home Page</a>
<%
If Session("USERNAME") = "paully67" Then
%>
<br>
<a href="paullys_page.asp">Pauls Stats Page</a>
<%
End If
%>
<br>
<a href="links.asp">Links Page</a>

</BODY>
</HTML>

Or you can show custom HTML or links based on Access Levels or any other info.

You can do just about anything with if-then statements and
using the built in vbscript functions..

Hopefully this info will help to give you some ideas...

Bottom line is you have to do some work within your site to make the Access Level system really come alive.

I have been using this solution for over a year now and think its great, however I recently logged on to add a banner and when I clciked on the link that opens a window, displaying all the gifs in the directory../images/banners/, now images showed up, however they do exist in that directory.

I recently upgraded my computer and am now using windows XP...could that be the problem?

Thanks