Blog Entry: 3/25/2006 4:42:40 PM
ASPProtect protects ".asp" pages only.
That is your problem.
, The code is ok..
Your getting an error because no banners are showing up in that zones rotation.
run this directly in the browser and you will see that there are no banners being generated for that zone ID
http://www.poconocommuter.com/aspbanner/aspbanner_inc.asp?Ba nnerZone=6
As a matter of fact I dont see any banners showing up for any zones previous to 6 which tells me either you dont have valid banners in there or the application variable info got corrupted do to a server crash / power off or something.
http://support.cjwsoft.com/code/moreinfo95-1.htm
,
I have been having some display issues with the .NET version of ASPBanner. I set the size of the image, and I set the size of the banner and there is still white space above and below the image. I am not using a text link below the banner, so I have it set to blank.
Here is a link to my page.
http://www.nababaseball.com
Two of the three banners in the rotation on the main page have non-white backgrounds so it's easy to see the issue I'm talking about.
Is there a way to tighten up the formatting so that the image fits onto the page in the size specified?
JDooley
, Thanks for the install. After many hours I finally got part of the
system working. I can log in and log out as a user. My problem is I
want the pages
accesses by Members ONly. The database will contain the names of
the members and only they are allowed access, and no one else. I
tried Joe Blow to log in and it worked, the only thing is Joe was not
in the database and he should have been locked out and a page come us
saying something like "you are not a registered user, please complete
the membership application" and then link back to the root web,
application page.
I am also afraid of breaking the codes you provided thus far. I also
want the password protected pages in a sub-web of the root web.
This may sound like elementary stuff, but this newbie is having
constant trouble. I am also referencing books on ASP and Access
and VB and still come up with a dead end. Search the net and come up
with a few codes which are described as something I am looking for, but
dont want to add any thing like that for fear of breaking the whole
thing.
Any suggestions?
, so, on control_pics.asp where you see
<% =TempDesc %>
you could try doing this instead
<% =Replace(TempDesc," ","") %>
, The file check_user_inc.asp as the lines: (which include Session("groups")
Here we set some valus about the user into session variables
Session("PasswordAccess") = "Yes"
Session("Access_Level") = CmdCheckUser("Access_Level")
Session("Admin") = CmdCheckUser("Admin")
Session("Active") = CmdCheckUser("Active")
Session("Expiration_Date") = Expiration_Date
Session("User_ID") = CmdCheckUser("User_ID")
Session("Groups") = CmdCheckUser("Groups")
Session("Redirection_URL") = CmdCheckUser("Redirection_URL")
Session("Password") = RC4(CmdCheckUser("Password"), PasswordEncryptionKey)
Session("Username") = CmdCheckUser("Username")
, btw: who is this hosting company anyway ?
and did they give you access to a control panel that lets you manage your site ? sometimes that is where you manage those permissions if their interface supports it
lastly, are frontpage extensions installed in your web so it can be connected to via frontpage ?
, ya it should have uploaded that no problem...
what about something blocking the use of the filesystem object and causing these timeouts ?
Your not running anything like Norton Script Blocker are you ?
Its part of Norton Antivirus or Internet Security and causes all sorts of problems with ASP when it is running on a server. Especailly when using the filesystem object to deal with text files and when uploading via pure asp.
It could be the cause of the all these problems or something like it ?
It will cause a timeout like your getting and give no real reason why.
More info on that.
http://www.aspfaq.com/show.asp?id=2180, I know what is happening.. its the old single quote thing messing up the query string..
but it shouldnt be happening with the newer code as I fixed it.
If you like I can go in and reproduce/fix the issue. I can not think of any other way I can help you as other users have not reported the issue.
Chances are if it is happening in one situation it will happen again in the future.. it really all depends on the passwords being used and your encyrption key... other passwords may produce the issue even if the password is correct
basically once the password gets encrypted it by chance has a single quote in it... then it messes up the query
I take care of the situation by replacing the single quote with a double quote but it looks like you found a situation where that didn't work out
cwilliams38453.8921990741, If a picture does not show after uploading it is one of the following things.
The upload method chosen is not supported on the server
or
The physical path specified to the pictures folder is not correct.
or
The URL to the Pictures folder is not correct.
or
Permissions to the pictures folder have not been set properly
Here is more information on how permissions are set.
http://support.cjwsoft.com/code/moreinfo136-1.htm
http://support.cjwsoft.com/code/moreinfo56-1.htm
Without more information and the settings you have entered and chosen that is all I can offer for now.
, My ISP uses ASPSmartMail. The email confirmation works except when I try to register an AOL user the server returns an error 500.
, I am using v7 with other software written in ASP.NET. When I include the the "checkfor" and include file, I'm receiving a compliation error.
Here is the include I have on the .aspx file:
<% CHECKFOR = "4" %>
<!--#INCLUDE FILE="../../ASPProtect/check_user_inc.asp"-->
Here is the error:
Compilation Error
Description: An error occurred during the compilation of a resource required to service this request. Please review the following specific error details and modify your source code appropriately.
Compiler Error Message: BC30689: Statement cannot appear outside of a method body.
Source Error:
Line 15: <%
Line 16: ' This is part of the too many login attempts lockdown code which sets a cookie to block login attempts for a certain amount of time
Line 17: If LoginLockDown Then
Line 18: If Request.Cookies("PASSWORDSYSTEMCOOKIETRIAL")("LoginTries") <> "" Then
Line 19: If Cint(Request.Cookies("PASSWORDSYSTEMCOOKIETRIAL")("L oginTries")) = Cint(LoginLockDownAttempts) Then
Source File:
D:\Sites\resadmin\NetOptions\testsite.com\www\ASPProtect\che ck_user_inc.asp Line: 17
, I dont know. Perhaps a fresh installation in a new folder would be a good idea as well if possible..
for troubleshooting sake..
, Still not ready... I have no time to finsih it at the moment..
release date is unknown...
, One problem that is appearing is that in the admin section, in the users.aspx page, only one user is showing up when there are in fact 9 users. Also, when I click the edit user or email icon, the page does not go to the edit screen, it remains on the same page.
Also, I’ve been trying to modify the code to adapt it for our application -- by removing fields that we do not need such as address, city, state, phone, but I am having trouble getting visual studio to compile. It could be due to the fact that the rest of the project is in C#. Or it could be due to some other factor in ASP Protect.
, Hi
I downloaded the .chm format installation documentation but when I open it I get the index but can't see any of the pages so am a bit stuck.
,
- What kind of encryption do you use with version 7?
- If I purchase version 7 and use it on my site with a new SQL database then migrate the old records from version 6 so I can by-pass the issue with my home-grown Base 64 encryption, do you forsee other issues with the upgrade?
, the reason being is because when I do installs I do not touch any of your existing content. I only install the base application and make sure everything in it working correctly and also that the example protected pages are working. I do not integrate it with your existing site or edit any of your existing web content. That is up to you
sorry about that, but it would be way too time consuming and editing people's existing pages is a good way to cause a lot of headaches for me and the customer if something goes wrong. Not only that but everyone uses the system differently and it wouldnt make sense for me to be the one doing that based on access levels, groups.. etc etc which will all be custom to how you want things set up.
more on installation policies here.
http://www.cjwsoft.com/installation_service.asp
, That's because when the page rebuilds, it uses the default number of
users per page setting. You'd have to modify that default setting to
have it do things differently. I used to have mine set to 500
users, until I got past 300... then it wasn't fun to show all users on
the page anymore. I now like 10 per page and searching for
specific users as needed.
But that's me. If you hack a COPY of your default.asp file (with the
original backed up as above), you can get the value set to one you
prefer.
If you want me to find the value, post and I'll look for it later on.
If you want to find it yourself, happy hunting! Just be sure to have a
backup in case you do the wrongest thing possible in your haxxoring.
, Need to know more about ASP ?
Check out these links.
| |
15 Seconds
Free resource for developers working with Microsoft Internet Solutions. 15 Seconds is the biggest IIS and ASP development resource in the world. |
| |
ASP FAQ
Have a question about ASP? Check the ASP FAQ site. They've probably got the answer. |
| |
ASP Free
Your 1st source for free ASP and ASP.NET live demos, downloads and more!!! |
| |
ASP Connections
ASP Connections Conference for the ASP Developer features sessions on ASP Performance, IIS 5.0, ASP 3.0, XML, ADO, E-Commerce, VID, COM, COM+, MTS, DHTML, load balancing, and more. Speakers include Mike Amundsen, Wayne Berry, Charles Carroll, Michael Corning, Jeff Niblack, & Ken Spencer. |
| |
4GuysFromRolla
4GuysFromRolla: Web Technology, Programming, Humor... All this and it counts as work! |
| |
CoverYourASP.com
A great new site. It's got some great stuff and is using JScript! A must see! |
| |
askASP
Promising new site! Check out the question archives! |
| |
CodeHound
CodeHound ASP - The ASP Developer's Search Engine! |
| |
CodeAve.com
A neat ASP reference with some interesting features. Check out their "Script Writers" |
| |
ASPZone
The website for advanced ASP developers. |
| |
DevASP
A relatively new ASP site. Straight forward and informative. |
| |
www.LearnASP.com
This in another site maintained by Charles Carroll, and it specializes in Active Server Pages programming issues. Contains links to a wide range of resources and articles. |
| |
ASPin.com
The ASP Resource Index. Here you will find the stuff you need to take advantage of ASP and make your website an interactive mecca. |
| |
ASP Sites
A great place to go to find ASP resources fast! |
| |
Macromedia - DevNet
While much of the content is Dreamweaver MX-centric, they also have a fair amount of plain vanilla ASP.NET content as well. |
cwilliams38431.8787152778, Hello,
I need some help with the following code. Please look at the area in red. I need to be able to set someting up to where the variable eval1 (a yes/no field in my database) is set to false after the associated link is pressed.
Thank you
="vbscript" %>
<!--#INCLUDE virtual="/irp/check_user_inc.asp"-->
<html>
<head>
<title>Administrator Evaluations</title>
<style>
<!--
div.MsoNormal
{mso-style-parent:"";
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman";
margin-left:0in; margin-right:0in; margin-top:0in}
-->
</style>
</head>
<body background="../images/1.gif" bgcolor="#C0B59A" vlink="#FF0000" alink="#FF0000" link="#0000FF">
<p><map name="FPMap1">
<area href="http://www.utb.edu/" shape="rect" coords="627, 66, 670, 81"></map>
<span lang="en-us"> & ; ; ; ;nbsp; & ; ; ; ;nbsp; & ; ; ; ;nbsp; & ; ; ; ;nbsp; & ; ; ; ;nbsp; & ; ; ; ;nbsp;
</span>
<img border="0" src="https://blue.utb.edu/irp/Inst-Research&Plan.jpg" usemap="#FPMap1" width="675" height="82"><br>
</p>
<h2 align="center"><span lang="en-us">Administrator Evaluations</span></h2>
<p align="center"> </p>
<p align="left"><span lang="en-us"> <b>Welcome, </b> </span> <b> <% Response.Write(Session("FIRST_NAME")) %>
</b>
</p>
<p align="left"><b><span lang="en-us">On this page, you will see a list of names
that represent the persons that you will be evaluating this year.
Please click on a name to select that persons evaluation form. Once you have completed
and submitted that persons evaluation, you will be returned back to this page to
continue with the next person on your list. Once you have completed all your
evaluations, you can log off the system using the link below.</span></b></p>
<p align="left"><b><span lang="en-us">Please note: Only <u>1</u> submission per
person will be accepted, any additional submissions will not be accepted.</span></b></p>
<p align="left"><span lang="en-us"><b>If you have any questions please feel free
to contact us at the number below.</b></span></p>
<hr color="#FF9933" width="80%" size="3">
<p align="center"><span lang="en-us"><b>Please click on a name below to begin
the evaluation process.</b></span></p>
<div align="center">
<table>
<%If Session("Link1_Name") <> "" Then %>
<table border="1" width="28%" id="table1" bordercolor="#000080">
<tr><td bgcolor="#FFFFCC" style="float: left"> <b><span lang="en-us"> <a href="https://<% Response.Write(Session("Link1"))%>" onclick="<%=Session("eval1")="true"%>;return true" </href> <font color="#000000"><span style="text-decoration: none"><%Response.Write(Session("Link1_Name"))%>< /span></font></a></span> </td>
</tr>
<%End If%>
<%If Session("Link2_Name") <> "" Then %>
<table border="1" width="28%" id="table1" bordercolor="#000080">
<tr>
<td bgcolor="#FFFFCC" style="float: left"> <b><span lang="en-us"> <a href="https://<% Response.Write(Session("Link2"))%>" </href><font color="#000000"><span style="text-decoration: none"><%Response.Write(Session("Link2_Name"))%>< /span></font></a></span></td>
</tr>
<%End If%>
<%If Session("Link3_Name") <> "" Then %>
<table border="1" width="28%" id="table1" bordercolor="#000080">
<tr>
<td bgcolor="#FFFFCC" style="float: left"> <b><span lang="en-us"> <a href="https://<% Response.Write(Session("Link3"))%>" </href><font color="#000000"><span style="text-decoration: none"><%Response.Write(Session("Link3_Name"))%>< /span></font></a></span></td>
</tr>
<%End If%>
POST EDITED / SOME CODE REMOVED TO KEEP IT SHORTER ..
This went to Link3_Name
</table>
<p> </p>
<p><span lang="en-us"><b>If you have completed all your evaluations and wish to
log out please click <a href="log_off.asp">here.</a></b></span> </p>
<p> </div>
<div class="MsoNormal" align="center" style="text-align:center">
<hr size="3" width="80%" noshade color="#ff9933" align="center"></div>
<p align="center" style="text-align:center"><b>Institutional Research and Planning
<br>
Tandy 270<br>
80 Fort Brown<br>
Brownsville, TX 78520</b></p>
<p align="center" style="text-align:center"><b>Phone: 956-544-8816 &nbs p; &nbs p;
Fax: 956-983-7652<br>
E-Mail:
<a style="color: blue; text-decoration: underline; text-underline: single" href="mailto:iresearch@utb.edu?subject=Administrators%20Evaluation">
iresearch@utb.edu</a></b></p>
, yes, PM me the encryption and cookie keys if you don't mind.
I can add it to my combinations that cause trouble.
it might help me to figure this problem out.
, who knows, thanks for your input, I am further than I was when I started talking to you!, Please Note : ASPProtect v7.x has a new feature called groups that is much more powerful than access levels. Access Levels were left in the product primarily for existing customers that upgrade to the new version so they do not need to make a lot of changes to their site if they were using Access Levels.
More On Access Levels
Again, Examples of managing Access Levels are provided in the "multiple_access_levels" folder included in the root of the Password System. Look at the source code of the ASP pages in that folder with a text editor to see the working code.
Access Levels and how they work can be re-coded to work in many different ways. However, you have to be a good ASP developer to make changes to it. Here is some information on how they work by default.
In the "check_user_inc.asp" that comes in the root of this system Access Levels work as follows.
Level 1 has Access to - Level 1
Level 2 has Access to - Level 1,2
Level 3 has Access to - Level 1,2,3
Level 4 has Access to - Level 1,2,3,4
Level 5 has Access to - Level 1,2,3,4,5
Level 6 has Access to - Level 1,2,3,4,5,6
Level 7 has Access to - Level 1,2,3,4,5,6,7
Level 8 has Access to - Level 1,2,3,4,5,6,7,8
ADMIN has Access to - Level 1,2,3,4,5,6,7,8,ADMIN
Here is some additional info..
If the access levels are too restrictive you can ignore them all together and create your own totally custom solutions.
Here is a quick rundown of some of the things you can do.
Ok... so if you want to be really specific about what each user can see and
can't .. here's an example of what you can do
Don't use the access levels before the include file..
Don't worry about what you set a user to in the admin area since the access levels won't be used.
Do something like this..
Every time a user logs in session variables are set that you can access at
any time.. thus allowing you to know who they are.
So you could do something like this...
<%@ LANGUAGE="VBSCRIPT" %>
<!--#INCLUDE FILE="check_user_inc.asp"-->
<%
If Session("USERNAME") = "bob1267" or Session("USERNAME") = "carl45" or Session("ADMIN") = "True" Then
Session("PASSWORDACCESS") = "Yes"
Else
Session("PASSWORDACCESS") = "No"
Response.Redirect(Request.ServerVariables("script_name"))
End If
%>
The following URL explains what Redirects are.
http://www.powerasp.com/content/code-snippets/redirects.asp
That would in effect create totally custom access levels.. but you would
have to do it manually for each user.
You can also do things like this after a person logs in
Show custom html to any specific user based on either their username or
access level ... like so
say there was a menu and a certain link should only show up to username
"paully67"
you could do something like this
<HTML>
<HEAD>
<TITLE></TITLE>
</HEAD>
<BODY>
<br>
<a href="main.asp">Home Page</a>
<%
If Session("USERNAME") = "paully67" Then
%>
<br>
<a href="paullys_page.asp">Pauls Stats Page</a>
<%
End If
%>
<br>
<a href="links.asp">Links Page</a>
</BODY>
</HTML>
Or you can show custom HTML or links based on Access Levels or any other info.
You can do just about anything with if-then statements and
using the built in vbscript functions..
Hopefully this info will help to give you some ideas...
Bottom line is you have to do some work within your site to make the Access Level system really come alive.
cwilliams38403.6781481481, no, that only applies to random pictures and stats..
The issues you are talking about usually relate to issues created by switching back and forth between a local install and a live server install and not being careful about changing the paths in the settings depending on where you are running it from.
For example.. it trying to use a url at the server level that is only valid when you are running it locally
cwilliams38394.7554976852, when you get back to work.. your "redirect.asp" needs the password include file at the top of it.. or that wont work either..
and of course those pages you send people to all need to be repaired
, We would like to use some of the variables from the user account in our web pages after they log in (something like, 'hello <user>"), but for professional printout reports using company name and user.
Could you offer some help as to what variable string we use to print that information on logged in pages?
By the way, the program is working great!!!
cwilliams38446.6302083333, We are using this photo gallery to manage galeries of all the prodcut
lines we carry, we have no use for users to be able to sign up so i hid
that part of the pages, what i am wondering is how can i hide the rest
of the navigational links and still be able to get logged in to
admin. Here is a link to the unfinished demo site.
http://www.scs-cases.com/photogallery/
, Upgrade from V6 to v7.x with an MSSQL SERVER DATABASE
1st of all, backup your existing ASPProtect files and database before performing this upgrade. Please be really careful while performing this upgrade. Version 7.x is a highly advanced application compared to any previous versions. CJWSoft under no circumstances is responsible if you lose information or have website downtime.
BOTTOM LINE: (PERFORM THIS UPGRADE AT YOUR OWN RISK)
To do this upgrade you're going to need to have SQL Enterprise Manager and SQL Query Analyzer
That being said, on with the upgrade..
Open your SQL database in SQL Enterprise Manager
Regarding the following Tables
Rename "Users" to "ASPP_Users"
Rename "Groups" to "ASPP_Groups"
If you do not have a "Groups" table do not worry about it right now.
Now right click and DELETE the Config Table.
Yes, delete it..
Now, go into Design View for the "ASPP_Users" Table.
Rename the "Password" field to "Old_Password"
Be sure to spell it perfectly using the Underscore
If you have a "Groups" Field... leave it alone
If you do not have a "Groups" Field add one and make it a "nvarchar" field with a lengh of 255.
Now, we are going to add a few more new fields.
Add a field called "Redirection_URL" make it a "nvarchar" field with a lengh of 150.
Add a field called "PayPal_Subscriber_ID" make it a "nvarchar" field with a lengh of 100.
Add a field called "Newsletter" and make it a "bit" field
Add a field called "Password" and make it a "nvarchar" field with a lengh of 100.
Now close that window and save the changes..
Download these scripts.
2005-02-23_171110_aspprotect_v7_sql_upgrade_scripts.zip
Now open up SQL Query Analyzer
Connect to your SQL server.
Then load the script "aspprotect_v7_config_table.sql" into the Query Analyzer. Click the green play button at the top. If everything goes well the response should read something like this.
******************************************************
(1 row(s) affected)
******************************************************
Now, if you had a Groups Table your done with the database changes.
If you didnt have a groups table.
Then load the script "aspprotect_v7_groups_table.sql" into the Query Analyzer. Click the green play button at the top.
Now, go back to your database in Enterprise Manager and make sure all 3 tables are there and look ok. You might need to do a refresh or two to see them.
Now make sure an existing or new SQL user has (public / datareader / datawriter) permissions for all three tables. You reference this user in the asp code connection string so this user must be set up correctly. You may need your SQL server admins or hosting company to help you on this step as you may not have access to do this. You may not need to create a user and set permissions as the sql user you were logged in as to use query analyzer may by default get the correct permissions on anything you create.
Regardless, as you can see from this screenshot I have a SQL user called "aspprotectuser" and proceeded to set the permissions for that user. Under database access giving him (public,datareader, and datewriter permissions).
Now, you are done upgrading your SQL Server Database.
The existing passwords still have to be encrytped and moved from the "Old_Password" to the "Password" field
To that we have a special page we run in the application that will take care of that.
So, for now... go install the application, but using the database we just created.
Follow these instructions for the most part...
http://support.cjwsoft.com/forum/forum_posts.asp?TID=181& ; ;PN=1
When you get to the part where you finally get into the admin area and need to make an admin account you will notice that your existing user database is there but none of the users have passwords if you look at them in the edit screen.
That is normal. Simply do what the instructions say and create and admin account using a username that does not exist..
Then log off... then back in as that new admin account. If that works you are ready to convert the passwords.
This part is very easy.
You want to run a special page via the browser.
http://www.mysite.com/password_admin/convert_to_encrypted.asp
Replacing the part in blue with your website info.
Once you get the page running you will see a login prompt and one form field just like before with the "get_me_in.asp" page
You will need to paste the "PasswordEncryptionKey" value that you used in the "config_inc.asp" file in the form field and hit enter.
If all goes well you will see a page telling you to click here to encrypt the passwords and copy them over.
So do what it says... dont click more than once and wait.
Eventually it should say it is finished. So go log in to the admin area of the system using the new admin account.
Now edit some users but dont save... you want to see if the passwords are showing up. If they are the conversion worked. If you see nothing or a garbled mess it did not work and you made a mistake during this whole process.
If things went well backup and delete the conversion file below.
http://www.mysite.com/password_admin/convert_to_encrypted.asp
You do not need it anymore.
Once you are positive every thing is running smoothly and everyone's passwords are ok you can go in and delete the "Old_Password" field as well.
If things didnt go well.. try again from scratch and go slowly.
If they still dont go well get ahold of us for help.
We are here to help, but if you really want us to we can be hired to do the conversion.
, Suprising I started this tread off on ASPImage, but I resolved my issue and forgot to change the thread topic. I will try your suggestion.
Thank you again Sir. Your quick responses and helpful demeanor add greatly to the value of your software.
, I already gave execute permissions to the stored procedures and that
My guess is that this is an issue with the fact that I'm in a shared hosting environment that is restricted by CAS. Before I move to a dedicated server, I'd like to verify that this is the issue. I'd appreciate your input.
Version 8.1 has code generators for these new methods built in...
, humm, those are some very big images to be starting off with but I am not sure that would cause a problem under the importing scenario
what width are you having the system resize them to ?
That did the trick. Once again a quick very helpfull reply.
Thanks.
, The way the application ships there are no password confirmation areas anywhere ? Please be more specific as to what you have done and if any mods are involved ?
If you are talking about one of the MODS please realize they are not supported. http://support.cjwsoft.com/code/moreinfo459-1.htm
Even though they are not supported I look them over pretty closely and I know of no issue like you mentioned so I would suggest re-downloading the MOD. Perhaps you got a corrupt download or file.
, 
