Blog Entry: 3/25/2006 4:46:12 PM
If you have messed up the admin account or forgotten the admin password you generally should open up the database manually and add a new account or see what the old account is.
In version 7 however you have another option. Go through the installation instructions again. Specifically the part where you use the "get_me_in.asp" page to get back into the admin area by pasting in the password encrpytion keye you are using from your config file. , Please be aware folks..
This file is not provided by CJWSoft. Though this may work very well use of it is not supported in any way. We have not tested it.
This user is not using the option pack so this file will not be compatible with anyone using that because it does not have support for groups and some of the other new features.
Regardless..we appretiate users sharing ideas and solutions that they have come up with.
cwilliams38313.499837963,
It looks like your product is perfect for my new site, but I have one question. One of the pages I want to protect on my site will be called by an application running on a remote server every 15 seconds. The application can include the username and password in the URL it is calling. Will your product allow access to the protected page on my server? , ok.. so we got an NT server with a 486 with 256 meg of ram.
hehe sorry
anyway.. I have the system running without doing any importing and WOW is it chugging.. I mean it takes a while even to edit/save a user
good news is the filesystem object works as I wrote to a text file
this may end up being a simple case of lack of horsepower..
we may need to do the importing on a faster system and then take the database over cause everthing I see on your server looks correct
even so aspprotect is running so slow.. I have never seen it chug like this
I even tried connecting to a 2000 version of the database and no difference.
I am not totally sure what is going on but the server resources available are scaring me... however this could be something new in the code that I never got a chance to try on NT server.. I dont think so though
how does your other stuff run ?
static pages that do not access a database seem to serve up quickly.
are you running any other dynamic code ?
, Hello,
While there is no option in the admin area / asp code we give you here is what I can tell you.
You have the source code and we also use an open database structure. (MSAccess or MSSQL) So that means you can really run any query you want on the database whether with ASP code or directly in your database. You can even tie other systems and code into the database via OBDC and manipulate data. The sky is the limit.
In MSSQL you can run queries in SQL enterprise manager or query analyzer. Using Access you can run queries in query view.
It's really not that hard if you do some research on SQL Statements and how to use them. You can do some very powerful queries and save yourself a lot of time. , Its one of the drwbacks of the encyrption.. sometimes.. VERY RARELY it will produce things that cause a problem and will not work.
It is something I am doing more research on .., After I approve someone's username and password, then go to send them the default e mail telling them of the approval, the e mail never goes through. The e mailing used to work well for many months, but it stopped working. Any thoughts?
Spider
, Aggh.. I put passwords instead of password. Sorry to have bothered you, works fine now. , I'lll try to look at it this weekend. I have to leave the office now.
There must be something wrong with the last build of the code. I dont think that upload export file thing is a feature too many people use or I would have heard of this sooner.
For now just upload you export files to the export folder manually using ftp or frontpage explorer and you can accomplish the same thing.
, ok, 1st we need to rule out the #1 reason people sometimes think that is not working.
Is is set up never to allow the same IP to increment the count more than once in a row so when testing it is real easy to think the count isn't working because unless you can change your ip you can not increment the count more than once per album
It's a poor mans spam abuse type of deal..
For the most part it will keep some Joker from hitting refresh 100 times and inflating the count of an album.
Do you think that is possible what is happening ?
Also, here is an older thread about the same issue?
http://support.cjwsoft.com/code/moreinfo54-2.htm
, I have activated both activity and log files. The directories exist on my server and don't give any errors.
When I check the activity tab, some times there are a number of items in it. Other times, there is only my login info. From what I can see, it is supposed to show the last 50 items of activity at all times. Am I missing something?
Also, when I click on the log file tab, there is no file or information to see. Is there something I need to do beyond activating it in the settings area and making sure the directory has write permissions?
Thanks.
, In addition to that I just noticed the </href> you have in there.. man that is some scary stuff you came up with.. that may appear to work and make a link but it is not correct. Each link will work but never truly be closed.
That is just not valid proper use of the anchor tag.
You make a link in html like so
<a href = "somepage.htm">somepage.htm</a>
http://www.w3schools.com/tags/tag_a.asp
Then your surrounding each link with <span lang="en-us"> </span>
Not sure why ?
, "get_me_in.asp" just hangs during a new install. Nothing happens no matter how long you wait and IIS may temporarily hang up as well.
You may very well be running something like norton antivirus with norton script blocker on your server? Or something similar?
It can cause issues when ASP uses the filesystem object and cause never ending page hangs like you are having.
Read this..
http://www.aspfaq.com/show.asp?id=2180, [QUOTE=cwilliams]actually, passwords can be up to 75 characters long in ASPProtect.
the only requirement when entered from a non admin user is that they are at least 4 characters long.
what does MSAccess have to do with this ? Are you trying to convert and old system or something? I noticed you created and "old password" field in there ? Is there something I do not know about as far as what you are trying to do?
Passwords in version 7 are encrypted so I hope you understand all of that and realize you can not enter or change passwords right from SQL server. Also if you import info you must handle that accordingly and convert the passwords to encrypted format. [/QUOTE]
First off, I haven't imported anything from MS Access.. The only reason I mentioned it is cuz I thought initially it worked with Access and not SQL server.
I am not converting nor entering any data manually into the db, nor have I changed anything in the way the registration is made (don't know where the "Old password" has come from? thought it was a function you made?)
, right..
I had to open up the permissions to get it to work. I now have to go back and uncheck each one for directory listing.. :)
, Will do!
, But can you guess as to why the following might be happening:
1) The password is still "temp", and we verified that by checking dataconn_inc.asp ; 2) People are able to place new ads, etc. ; 3) We then download the DB. Sometimes we are able to open up the DB just downloaded with the password "temp", but only see the USERS table. At other times, we cannot open the same DB with any password, and get a "password not valid" message even when using the password "temp".
So what can the problem be?
, This isn't going to help you much but here is the deal.
The 2checkout support in ASPProtect actually is not supposed to work with 2checkout subscriptions and therefore does not need to use an item number.
It is intended to be used for single payments only with 2checkout as explained in this thread.
http://support.cjwsoft.com/code/moreinfo212-1.htm
Single payments with 2checkout use their shopping cart which allows for dynamic payments without needing an item number.
I agree with you that 2checkout's interface is confusing. It's actually about the worst system I have ever seen. I could not make a 2Checkout subscription system because their system is just too limited and I couldn't make it work the way it really needed to.
, It turns out that I never enabled ASP.net on the site. After doing that the skins work much better. I'll have to poke around and see what other functionality is now available.
Thanks!
Al
, I dont understand why I would get an error? -- I'm not sending the email from internal - so why would it try to validate?
I'm trying to send an email to an independent place - just like I would send an email to you
Am I using the wrong email setting - should I be doing something other than using "remote server"
, If you are developing using Windows 2003 Server and running the NTFS file system setting proper permissions on a folder in your website is done like so.
using "my computer" browse to the folder in your web that you need to set permissions on.
Right click on that folder and then choose the "security" tab.
Give the "Internet Guest Account" Modify Permissions
This will check all the boxes under modify as well.
You can also give permissions to the everyone account and accomplish the same thing.
Other things to note:
If you are using ASP.NET you need to give permissions to an account called ASPNET. It wont show up in the user list. You'll need to click "add" and then type in "ASPNET"
In some cases you may want to go into the advanced tab and check both checkboxes shown in order to make sure the permissions you need get set. It really all depends on the situation.
cwilliams38342.7343981481, Version 7 uses.. RC4
The upgrade process is described here in detail including a procedure to convert existing clear text passwords to the encrypted versions. (Your passwords will need to be clear text as the system shipped of course for the conversion to do its thing)
http://support.cjwsoft.com/code/info24.htm
It is also covered in the downloadbale docs
http://support.cjwsoft.com/code/moreinfo221-1.htm
Many people have done the upgrade without any issues and Version 7 is getting great feedback.
Should you decide to go with it there is upgrade pricing.
http://www.aspprotect.com/purchase_v7_upgrade_pricing.asp
, Okay, so I copied the txt file into the export file and tried the import users option and it timed out on me as well.
Would it be easier to figure out if you were able to look at the iis server?
, Christopher,
Thanks for the reply. I think I've found my problem, but can't test until later in the evening as it is on a live site.
Darrell
, It's custimization work. and just not something I can support.
Basically it is basic ASP/Database work.
Something you kind of need to figure out on your own. It's not difficult work for a good asp coder but there is no easy way and it is time comsuming.
I wouldn't use the custom fields though. I would make your own.
It's simpler that way.
cwilliams38437.0929282407, I just moved servers and now my "code" ads are giving me errors...
"google_ad_width" is undefined.
I have tried adding the width and height... taking it out.. all the basic stuff.
Any ideas?
TIA 
, we ended up resolving it...
the physical path being used was invalid, No problem. I get it now.
I added a Session Variable for "Counter". Then wrote an If statement around that. When the user logs on for the first time they see a window pop, after that the normal start page.
Thanks
, I would also double check that you changed the field size correctly and on the correct database that is being used in the connection string
, Can you please elaborate on this? I have a flash banner that is on my site. All of the info is in the code banner section. In the banner link section, I have nothing. Do I need to actually edit the swf file with redirect URL? How do I edit the swf file? Once that is edited, do I put the URL of the site in the Link URL space? Thanks. , whether you use SSL or not really does not effect aspprotect in any way
I say, the smart thing to do there is too not start them off at a http:// url
one way to do it is put a simple ASP redirect on that default page and send them to an SSL version of the page instead...
http://www.powerasp.com/content/code-snippets/redirects.asp
another way would be not start them off on a protected page right off the bat and offer links to the the protected area...
in my opinion thats pretty odd to be starting them off on a protected page anyway
SLL maybe, but protected right from the time they hit the default page of the site.. thats just odd.. usually you want o say a little something about the site your at and then link people to protected areas or give them a login form which posts to a protected area.
Regardless if you always want users at your site under https:// you should have code on every single page in your site checking the url info at every page load. Then if someone ever hits a page and is not using the https:// you can do something about it like redirect them to the SSL home poge or redirect to that same page but with the https:// in the url..
, Please Note : ASPProtect v7.x has a new feature called groups that is much more powerful than access levels. Access Levels were left in the product primarily for existing customers that upgrade to the new version so they do not need to make a lot of changes to their site if they were using Access Levels.
More On Access Levels
Again, Examples of managing Access Levels are provided in the "multiple_access_levels" folder included in the root of the Password System. Look at the source code of the ASP pages in that folder with a text editor to see the working code.
Access Levels and how they work can be re-coded to work in many different ways. However, you have to be a good ASP developer to make changes to it. Here is some information on how they work by default.
In the "check_user_inc.asp" that comes in the root of this system Access Levels work as follows.
Level 1 has Access to - Level 1
Level 2 has Access to - Level 1,2
Level 3 has Access to - Level 1,2,3
Level 4 has Access to - Level 1,2,3,4
Level 5 has Access to - Level 1,2,3,4,5
Level 6 has Access to - Level 1,2,3,4,5,6
Level 7 has Access to - Level 1,2,3,4,5,6,7
Level 8 has Access to - Level 1,2,3,4,5,6,7,8
ADMIN has Access to - Level 1,2,3,4,5,6,7,8,ADMIN
Here is some additional info..
If the access levels are too restrictive you can ignore them all together and create your own totally custom solutions.
Here is a quick rundown of some of the things you can do.
Ok... so if you want to be really specific about what each user can see and
can't .. here's an example of what you can do
Don't use the access levels before the include file..
Don't worry about what you set a user to in the admin area since the access levels won't be used.
Do something like this..
Every time a user logs in session variables are set that you can access at
any time.. thus allowing you to know who they are.
So you could do something like this...
<%@ LANGUAGE="VBSCRIPT" %>
<!--#INCLUDE FILE="check_user_inc.asp"-->
<%
If Session("USERNAME") = "bob1267" or Session("USERNAME") = "carl45" or Session("ADMIN") = "True" Then
Session("PASSWORDACCESS") = "Yes"
Else
Session("PASSWORDACCESS") = "No"
Response.Redirect(Request.ServerVariables("script_name"))
End If
%>
The following URL explains what Redirects are.
http://www.powerasp.com/content/code-snippets/redirects.asp
That would in effect create totally custom access levels.. but you would
have to do it manually for each user.
You can also do things like this after a person logs in
Show custom html to any specific user based on either their username or
access level ... like so
say there was a menu and a certain link should only show up to username
"paully67"
you could do something like this
<HTML>
<HEAD>
<TITLE></TITLE>
</HEAD>
<BODY>
<br>
<a href="main.asp">Home Page</a>
<%
If Session("USERNAME") = "paully67" Then
%>
<br>
<a href="paullys_page.asp">Pauls Stats Page</a>
<%
End If
%>
<br>
<a href="links.asp">Links Page</a>
</BODY>
</HTML>
Or you can show custom HTML or links based on Access Levels or any other info.
You can do just about anything with if-then statements and
using the built in vbscript functions..
Hopefully this info will help to give you some ideas...
Bottom line is you have to do some work within your site to make the Access Level system really come alive.
cwilliams38403.6781481481, I am running Windows 2000 server. I do believe asp.net IS installed as I have the .NET 1.1 framework installed.
Funny about the bounce backs. I am at about 10% of my limit, which I control as I am the network admin. I'll check into that.
, Hello..
I actually noticed something was up with your install earlier...
(I saw you in my log files when you clicked to cjwoft from the docs)
I need more info... like what uploading method your using.. what image resizing component, what widths yoru resizing things to... etc
have you tried it while telling it to delete the pics and also while not telling it not to delete them from the import folder
I might have to take a look tommoro as well to really figure it if that is ok
I have to go the bar to meet some friends so I wont be of much more help tonight :)
I been working steady all week and need a few.
CJW
, [QUOTE=afifm]
I was actually able to do similar thing by allowing our dedicated search engine to access the site unchallanged.
<%
If Trim(Left(Request.ServerVariables("HTTP_USER_AGENT"),11)) = "MYPASSWORD" Then
SearchFlag = True
End If
If SearchFlag <> True Then
If Session("Access_Level") > CHECKFOR or Session("Access_Level") = "" Then
%>
<!--#include virtual="/Auth/check_user_Code.asp" -->
<head>
<title>My Title</title>
</head>
<body>
My Protected stuff here
</body>
</html>
For this to work, the search engine must pass the PW to the web site. I just was not sure how to do the same thing with IPs. I will play with the code and see what happens. If it works, I will post it here to help others, if this is OK with forum rules.
Thanks,
Mo
[/QUOTE]
I just added couple of lines and it works fine
If (Request.ServerVariables("REMOTE_ADDR")) = "xxx.xx.xxx.xxx" Then
' Session("PasswordAccess") = "Yes"
SearchFlag = true
End If
, Larry,
I have a new computer up and running and am back on the Internet full time. I am here to help when you are ready to continue with this.
I went to your site to look around and "try it" like you mentioned but I can not really try anything as the admin username/password seems to be something other than the default
, IFRAME is just an client side html thing...
has nothing to do with .NET
will work with any page extension or server side technology
As you see from that compatibilty chart I posted a link to.
Nearly every modern browser supports it.
cwilliams38155.4462847222, I have seen that happen before though it usually just happens once and then after that it doesn;t show up. It's the asphttp component doing it. The ASPBanner system is not doing it. I would try using banner calling method such as the xml parser method. It's usually installed by default on 200 and 2003 servers.
cwilliams38248.6400115741,
Ok, set up a new web.config in root, with just the suggested code.
that worked to get this....
Configuration Error
Description: An
error occurred during the processing of a configuration file required
to service this request. Please review the specific error details below
and modify your configuration file appropriately.
Parser Error Message: It
is an error to use a section registered as
allowDefinition='MachineToApplication' beyond application level. This
error can be caused by a virtual directory not being configured as an
application in IIS.
Source Error:
Line 409:
Line 410:
Line 411: <authentication mode="Forms">
Line 412:
Line 413: <!-- DO NOT CHANGE UNLESS INSTRUCTED TO DO SO -->
|
Source File: D:\hshome~aspnetprotect\web.config Line: 411
any ideas?
Andy
, Humm, Did you make any changes to the code ?
Solid Black is not the default so it must have changed at least once.
Otherwise it might be some sort of application variable problem.
I would make sure the web is and "application" in the IIS console.
,
Timecard Entry: 3/25/2006 4:46:13 PM
worked the booth went to reception party, Working on screens for the admin to be able to manage things like... Cities, Schools, Townships.... etc etc etc, design CD artwork for Ken Mills, Kept an eye on modems, and I worked on getting the Modem Maintenance Log to make sense, and also got the checklists for the modems put together., Drive to Watertown, Email/Voice Mail/Newsgroups, CHR conference call, return calls and emailss, Answered tech related calls. Checked rad log, voice mail, and email., CHR conf. call - Nortel conf. call
Meeting minutes
PO's
, chow, Voice-Mail, E-Mail, talk w/ Randy re: my day., Created and printed 5 tab lables for Amy, also printed 5 more Project Profilers for her., Talked to Steve/Chris about Realtor.com., Break, Sick Day, Voice Mail, E-Mail, payroll to Carol finally!, Ribbon cutting ceremony and business after hours, radlog, dial up issues, email, voicemail, Meet with Cortland Board, printed, reviewed and mailed invoices; cancellations for nonpayment; answered phone; created batch; made copies of installation booklet, did some new users. had a few billing questions, Meet with Channel Partner Jammed MM
, Traveled to Riveredge for PC Bundle Meeting, Put together Andrea's cabinet piece, Reading and responding to email, There weren't any phone calls. Everything was taken care of. Techsupport emails, personal emails and online issues. I cleaned up my area and other than that, I browsed the Internet looking for useful information. , updates and emails for missing bullets, Researching Compaq modem pools, double and tripple checking procedures on flashing modems.,
