Blog Entry: 3/25/2006 4:56:50 PM
Chris,
When I set up a test user name it does accept name and passwords and the passwords are encrypted, no problem there.
All I want to do is to restrict access to the protected pages to the members only. Only those users will be accepted and allowed to view.
I have entered all of thier names, address, phone number, email and company in the database, which is still named ASPProtect_access2002.mdb and in the fpdb directory of wwwroot. To get it there I uploaded via FTP. I hope I expained the situation well enough. , Can ASPClassifieds display the ads by city?
I have a web directory that lists websites and companies by city. Is it possible to have specific ads shown to the user depending on what city they click on? For example, only ads in New York would be shown to users that have already clicked on that city in my directory.
thanks, ,
Humm, Did you make any changes to the code ?
Solid Black is not the default so it must have changed at least once.
Otherwise it might be some sort of application variable problem.
I would make sure the web is and "application" in the IIS console.
, I apologize if I've missed this, but I would love to see the ability to auto-e-mail the advertiser at some randomly set interval before the banner expires. Ideally, I would also be cc'd on this e-mail so I can stay in touch. If the advertiser wants to renew, I can receive payment and change the expiration date without their banner ever falling out of service.
Since e-mail is already built into the program, would it be difficult to add a routine that checks for expiring banners at some daily interval, and contacts the advertiser?
To get really fancy, the e-mail could include the ability for me to add a button for paypal, allowing the advertiser to easily click and send off another payment.
Best,
Wayne , Are there any problems with modifying the default database fields.
I need to have an update from net billing and they use different settings in the database than the default.
Will the interface still be functional?
, Yes, as long as each installation is in in it's own web site.
(or at least in it's own application in IIS)
Meaning you could have 5 directories in your site each with the app installed as long as each directory got set as an application in IIS.
Remember, a license must purchased for each running install except for development reasons on local machines. cwilliams38400.5162384259, I already gave execute permissions to the stored procedures and that
cleared up the first error, but the second one I still can't figure out., I assume so you can clean up users that register, but then never pay ?, I've downloaded this neat little app, but I'm having troubles understanding what I should be using. Cassinni or IIS, can you help? I've tried to look at the help, but it is very vague on what to use in each situation.
Any help is appreciated.
Cheers , do you have the url path to the registration page set correctly in the settings cause not having it there would do that ? , when I go to that url is seems fairly fast and somewhat normal.. even when I try to log in it pops right back up asking for login info again..
I would check to make sure you are not running anything that might be effecting your web browsing.. software firewalls.. ad blockers.. script blockers... norton internet security.. zone alarm... anything like that
they can all effect a lot of things regarding how web browsers act. , It probably is. You would have to look at the paypal documentation for IPN and see what needs to be changed in the form code.
You can get all that info from PayPal's website.
There are tons of variables and options you can use with all of their code.
They have detailed PDF files full of information on all of them.
cwilliams38459.9550925926, It runs on either... I used IIS
I dont remember much about installing it except it went pretty smoothly / no issues,
Thanks for the quick reply.
I will consider editing the code. , Chris,
D'oh! How completely obvious! 
I got it now. (In Step 4, by the way, you need to click on the web site, not the directory. The directory has its own Properties menu, which is competely different than the Properties menu for the web site.)
Thanks for the fast response!
Robert
, Hallo,
Can I change the number of the access levels?
I want to have about 20 levels...
, You cannot use server mappath in the connecting string of the application. If you want to know why read my article.
http://www.powerasp.com/content/hintstips/physical-path.asp
Make your connecting string just like in my example.. do not use the oledb connection string either as it will cause other problems.
If you need to find out the path to the mdb file you can use server.mappath to get that info but do not put server mappath in the connecting string. See my article again.
then if the database folder has proper permissions and the path to the mdb file is valid it will work... otherwise you get useless errors, its really that simple.
You also may want to download ASPTest from www.cjwsoft.com it is designed to show a person how to setup a working data connection., also.. every once in a while I get some nervous person concerned about security... and the pros and cons of having parent paths enabled.
etc etc etc
so let me add this bit of info..
I don’t know what your hosting company will say because it is an iffy topic and those that understand it have a hard time explaining it to someone who doesn't. Also usually the hosting company doesn't have a clue except they heard it was a security risk.
Here is the low down from someone that really understands it...
(well, at least I think I do)
The only real security risks are from YOU and possibly other people hosting on the same server if they have parent paths enabled that is.
Meaning your site visitors can't possibly do anything with it unless of course you let them upload and run their own asp files to the server.
Anyway.. if YOU run malicious asp scripts you could potentially attack other sites on the server and look at things you shouldn't. As could other sites on the same server do to you I suppose.
So, unless you plan on doing that or some other site admin on the server does it to you its not really a concern. Just an advantage in coding abilities.
If you attack someone elses site on the server or lurk where you shouldnt then you are probably violating your hosting agreement.
99% of the time everyone gets all nervous over nothing.. half the people nervous about this have sites nobody would ever want to hack anyway.
Many people with a really important/busy sites are going to have a dedicated server somewhere so the setting is not relevant..
The hosting companies of course have to warn you.
This setting was enabled by default for years on IIS4-IIS5. I never once heard one single real story about anyone attacking anything because of this setting. That doesn't mean it doesn't happen but I am just telling you what I know.
This is all my opinion so take it for what it is...
If you are a Hosting Company your better off turning it on at the customers request, giving them a warning about it, and in turn having happy customers.
The big hosting companies like Alentus and MaximumASP do it...
There are far worse things than this to let people do after all.
Beleive it or not I have actually been in servers where they gave the anonymous webserver acount modify permissions EVERYWHERE yet they disabled parent paths ???? cwilliams38391.6024189815, Well, I assumed I'd be able to tweak this thing but it is all so intertwined it doesn't pay to mess with any of the files. Hence, I'm going to have buy a different system only a week or two after buying the unlimited version here.
As I leave I want to give you some impressions here. While the system is low-cost, the 99 dollar version is missing a few pieces that I think would bring the value to 99. It is one thing to talk about the speed/performance, but to a degree that's hard to measure, and to anyone with web advertising on their site, performance will always run second to potential site income.
It definitely needs a user interface and registration for advertisers, and it definitely needs a single variables file for changing the hundreds of variables for which there is no control. I had to search on my own just to change the look and feel.
Lack of multi-zone support is a serious drawback. I would submit that anyone with a serious website needs it, and will gladly pay you 139 over 99 for just that one feature.
Take them or leave them, they are just suggestions. , Is there an easy way to make this work with reoccurring a monthly or yearly subscription? , Where is the system getting the random user name and password, and why does it keep selecting the same user name and password every time?
, I'm in the process of incorporating the ASP Gallery functionality within my current site design.
To begin this process I'm taking each page and I'm wrapping the ASP
Gallery code with my site design [essentially I'm allocating this
application the center of the page]. When I pull in the
default.asp into the site the contents of this page make the entire
page too wide. I can't see where ASP Gallery assigns itself a
width.
I'm working on this as a side project so I'm not terribly far along
since I need to change all of the font assignments within the system to
style assignments and it's a slow go.
Any insight would be a great help, there's a lot of re-write in what I'm doing and i don't want to affect functionality.
if you want to see the page and what happens -- http://www.iphotosite.com/galleryapp/default.asp
Don't go to www.iphotosite.com because I havent moved it to its own location yet.
, okay thanks, thanks.. it was not taken as a complaint.
I just wanted to explain
When you said you tried using the web version of sql manager. Did you use the microsoft one I link to here "just curious"
http://support.cjwsoft.com/code/moreinfo127-1.htm
,
I am having difficulty properly securing pdf's using 7.x
I used the example file and have been able to secure images and word
docs, but the pdf's give users the error "There was an error opening
this document. The file cannot be found."
The kicker -- it works fine on my computer, just not anyone else's. I
put a link up to the same file without any security and that works on
everyone's computer. The word file links and redirects work too. I've
tried my log-in on other computers, then attempting to download the pdf
and that doesn't work.
The client wants a site where users must register before downloading
pdf's. They should be able to view all the pages without registering.
I don't know what I'm doing wrong. But I can't complete the site until this issue is resolved.
Help appreciated.
, I just told you a lot of different things to try... and I doubt you have tried them in the time since I mentioned them , how you connecting... lets see the connection string...
could be permissions related too.. if they are not set correctly
(always give them to the folder, never just the mdb file)
Some of this might help...
http://support.cjwsoft.com/code/moreinfo11-1.htm
http://support.cjwsoft.com/code/moreinfo136-1.htm
http://support.cjwsoft.com/code/moreinfo56-1.htm
you may want to download some of the different versions of the access database from the support area and try connecting to them as you may have older odbc drivers on the server
You may also want to try to get ASPTest from our website working before you go any further , Come on the threats are not necessary- i got the point the first time you said it.. i thought i made a friend thru this and felt comfortable to say something like that... i am not a big online chatter just do the web stuff as a hobby... i am a network / computer hardware guy (yet i work for a mortgage co. go figure...), Chris,
Thanks for the reply. It all makes sense.
I have gone with your first option but here is the problem:
I have moved the password protected page from the detail page with the
querystring to the straight .asp page. This obviously fixes the
previous error.
Once someone has logged in they are then presented with a list of links
to the previously protected pricelist detail pages (example -
"somepage.asp?ID=3""). They are then able to access the pricelists.
The problem is that if someone copies the pricelist URL they are then
able to pass it on to someone else and bypass the password protection.
If I also password protect the pricelist pages then someone will have to login twice.
Is there some code that i can add that will simply check that they have
logged in otherwise kick them back out to the protected .asp page.
All code in your documentation tends to open the login page regardless of whether you have previously logged in.
Thanks,
Stuart
, Hi Chris,
We installed our key onto the live server.
However, since our temp key has expired, we can't access our application on our development machine because the login won't work anywhere except on the live server.
Of course we can access the application on dev, if we remove the aspprotect tags, but if we need to log in to do something unique to the user, then we have a problem.
Can we get another temp key from you? And would there be a better long term solution to this debug/maintanence issue?
--JP , I get the following message when trying to look up the sysdiag.aspx and the default.aspx files. Why? I have followed all the install instructions.
Server Error in '/' Application.
Runtime Error Description: An application error occurred on the server. The current custom error settings for this application prevent the details of the application error from being viewed remotely (for security reasons). It could, however, be viewed by browsers running on the local server machine.
Details: To enable the details of this specific error message to be viewable on remote machines, please create a <customErrors> tag within a "web.config" configuration file located in the root directory of the current web application. This <customErrors> tag should then have its "mode" attribute set to "Off".
<!-- Web.Config Configuration File -->
<configuration>
<system.web>
<customErrors mode="Off"/>
</system.web>
</configuration> |
Notes: The current error page you are seeing can be replaced by a custom error page by modifying the "defaultRedirect" attribute of the application's <customErrors> configuration tag to point to a custom error page URL.
<!-- Web.Config Configuration File -->
<configuration>
<system.web>
<customErrors mode="RemoteOnly" defaultRedirect="mycustompage.htm"/>
</system.web>
</configuration> |
cwilliams38454.4276388889, ok, I just sent you a private message with download information.
replace you existing
"check_user_inc.asp"
"admin/check_admin_inc.asp"
"admin/email_user.asp"
with the new versions in the download
Do some testing to make sure that HANNAH password works ok for you.
Hopefully this cures the issue...
If it works ok for you for a while I will offer the fixes to everyone and start using this code from now on
BTW:
"admin/email_user.asp" had an unrelated bug in it that only happened if its error handling got triggered... it was posting back to the wrong page when that happened and causing an error , hello,
There is no built in option. You would have to add code to do that.
Its not difficult but custimization like that is not something I support. ,
I have switched to Alentus and have the permissions set correctly and Parent paths turned on. I cannot figure out how to connect to the database. Should I have the database in the aspprotect/data/database folder, or in the data folder that Alentus has in my root directory? once that is determined, how do I decide what the path to that database is? I have tried many things, but this is what the setup page tells me to enter in the data_conn file DBQ=D:\Websites\www.mysite.com\aspprotect\data\database\ASPP rotect_access2002.mdb;Driver={Microsoft Access Driver (*.mdb)};UID=Admin;Password=temp
Thank You , I post new ads , can view it in admin area
but when go to first page no ads show
all categories show (0)
How solve this problem ?
PS: I set default auto approved ads , humm, I dont know.
If you want me too I would be glad to go into your web site and troubleshoot. If so PM me the info I need and I will take a look and see if I can figure it out.
CJW
, Even if I try to upload the test file that was included with the system I still get the same error.
My host is using Windows 2003 Server.
Will send you a private email to see if the issues can be sorted out.
Thanks
,
 |
Don't want to install the application ?
Having trouble doing it ?
Don't think you can ? |
No problem, have us install it for you.
PLEASE READ ALL OF THIS
Installation service is generally available Mon - Fri during the hours of 10 am - 7 pm EST.
We may very well be around to do installs at other times but we do not guarantee that.
To do an install we generally need FrontPage Explorer or FTP access to your site.
We also need a way to set permissions on any necessary directories, etc etc.
To do a SQL Server install we need to access your SQL server via Enterprise Manager.
Some installs may require access to other things not mentioned.
The server must be a properly set up NT/2000/2003 server running IIS 4-6 for ASP 3.0 applications.
(with support for ASP scripts and database connectivity.) Parent Paths must be enabled on the server.
Please Note:
These ASP scripts do not run under Chillisoft ASP. That means they do not run under Unix, Linux, Apache, etc etc.
We do not install our applications on free ASP Hosting solutions. Why, because they are more trouble than they are worth. Free hosts like that are usually zero help if we need something changed. There is a reason they are free.
We install the software in it's base configuration. We make sure it is running correctly. If you break the installation you will have to pay to have it fixed. We do not integrate it with your existing site or edit any of your existing web content. That is up to you. Installation fees are non refundable as is the digital source code we sell. When you purchase anything from us you agree to this.
We do not do installs for IPNFulfill and Color Sequence Protection as they are simple scripts and do not even use a database.. We also do not install the IPN Support Pack as it is just a folder you copy into your web and some configuration files that you must decide how to configure based on your needs and your PayPal account info.
|
Installation Service Pricing
Any CJWSoft ASP 3.0 application
(Access Database Installation) |
25.00 |
 |
Any CJWSoft ASP 3.0 application
(SQL Database Installation) |
40.00 |
|
Contact us if you have any questions.cwilliams38165.5615277778, Windows 2000 server you said ? Just checking on that one ?, ConnectionString = "DBQ=C:\TradersReportsCom\aspprotect\data\database\ASPProtec t_access2002.mdb;Driver={Microsoft Access Driver (*.mdb)};UID=Admin;Password=temp"
I have already set the folder permissions as indicated in the documentation. ,
Timecard Entry: 3/25/2006 4:56:50 PM
worked with Dave on Dynoport, CP Hospital, Ontario Place Hotel, Misc, general tech support rad logs call backs really it was a slow night so i helped nate in the other room, a few general qestions. had a user askign about dsl, readied money for Clayton, filed customer paperwork, answered phones, took signups, cancellations, reactivations, did a brief supply inventory and order., Terminating Cat5 cable for Charlie and Kris and running the cables on the patch panel for the new phones, travel to bennoit /reed funeral home 69324-69330 6 miles, WWW.TSF.COM/NCSB
NORTHCOUNTRYSAVINGS.COM
DELETE INFOR AT OLD SITE AND PUT LINKED TO NEW SITE , Meeting with the Mcnallys, Draft/review wireless antennae contract, web billing and reports, Conference call with Carrie mcNally, lunch, Lunch, TIMECARDS, contact Bill Martin w/Communicating Arts site update, Setting up odmls still.. new board, Go to Watertown Office for pick up and delivery (nothing to pick up), Helping Randy, Tara, and Carol w/ on-line ordering on Tech Data, Trying to figure out which Boards still need help setting up realtor.com contracts, sent a bunch of notes to realtor.com and to Boards., working on channel partners page, updated schedule, helped techs w/questions, with darrell and howard., worked on chatauqua database, *everydaydad.com development, phone conference with Nortel, Drive to Watertown, general site design research, training in Nortel Raeigh NC, watertown animal hospital consultation- hosting, search engine and so forth., cancellaton of invoices, cc report, incident report, trained Joanne on cc report, and incident report, taking signups, callbacks from voicemail, checked emails, answering phone. quality checked sign ups, , 30 Miles - Hannawa Falls - Canton,
|
