Chris,

I have had a couple of users log out of the system as they are supposed to, move to another computer and not be allowed to login because of "they are currently logged in using another IP address" when in fact they logged off properly.  Is there anything that they should be doing differently?

Thanks,

Jess

If you bought ASPBanner Unlimited Version 7.3 Before August/10/2004 this file needs to be updated.

It fixes a bug where the JavaScript method is not properlly closing an html Image tag. It can cause other hyperlinks on your web page to link to the same place the banner links to. This does not always happen but this fix is the way the code should be so it is best to update it.

Copy this file into your ASPBanner folder over the existing file of the same name.

2004-08-10_125304_injectbanner.zip

When that link is clicked on it will then track the click and redirect the user to the “link url” specified for that banner. 

The system actually generates the necessary ASPBanner URL for you. That link is shown on the banner edit screen.(you must save the banner at least once and come back to that screen to see the link though) 

Really the best way to show it is with an example as seen below.

Basically the flash banner file "powerasp.swf" highlighted in green needs to be edited to link to the banner redirect url which is highlighted in red.... the banner redirect url will then track the click and ultimately send the user to the Link_URL highligthed in blue.

All banners systems work this way when it comes to flash files.
It’s the nature of flash and the web browser, 

The flash source code must be edited to link to the redirect url in the ASPBanner system. There is no possible way any banner system can track a flash click unless the flash file links to the banner system 1st.... because that click is handled by Flash and the web browser. 

In some cases if you do have the original source file for the flash banner then you are out of luck as far as tracking clicks goes.



On a side note... if you create flash banners the way this article says you can actually feed a .swf flash file a link for it to click to. Instead of it being hardcoded.

http://www.macromedia.com/resources/richmedia/tracking/desig ners_guide/index.html

This is really the way everyone should design their flash banners from now on because the url it links to can be easily changed at any time without editing the flash file source code. 

ok, I moved this thread..

The code in the ASP application handles all encryption and un-encrpytion of passwords in the database. I uses the vbscript RC4 function and the password encryption key specific to your installation to do this.

The whole idea is that if someone gets your database and opens it up that they will not get the passwords (utilitiies to crack access databases are common and work well so they can easily get by the main password)

That being said when you open the database manually your not supposed to see clear text passwords. Your also not supposed to have an easy way to make them clear text. It's a security thing. 

Though I am not officially supporting it I will tell you what I think would be the easisest way to make an export file with clear text passwords in it.

Use the export fire creator in the admin area of aspprotect.
Mosdify "export.asp"

change

Password = CmdDataExport("Password")

to

Password = RC4(CmdDataExport("Password"), PasswordEncryptionKey)

Then make an export file and see if that worked.
you can then import the export file into and access database or do whatever you like with it.

That would be great.

I am sure you know that many virus that are sent via email have the same property. (double extension). The code can be executed even though Windows identifies them as simple text files etc.

Thanks again

Hi-

Thanks for the quick response to my previous posts.

This is my issue:

I have read over all the docs and installation instructions and can't find a way to do this:

my default page in my root dir will be a log in page which will take the user once his level is validated to a "home page". Is there a page in your examples that will perform the function of this log in page? or should I rename check_user_inc.asp as the default and change it's html output to make it look like my log in page?

I also looked within the code for check_user_inc.asp and did not see where to specify where the user will go once he signs in.

Your help is appreciated

Things have now changed I found out godaddy has persitis aspUPload and aspjpeg as value added products, I have the aspjpeg working but have been unable to upload when using aspUPload, everything works fine with the vbscript method so I think my permissions are correct. Whenever you get a chance, any help would be appreciated.

Thanks

Mark

We have been using ASP Protect for a while now and are big fans of the program.  We received ASP Banner 8.2 with our puchase which we now have a need for.  I went to put the files on our webpage, and doing nothing else other than locating the directory there, I noticed differences with how ASP Protect operates.  We have customized it a bit and want to keep the 2 programs separate.  the login screen for one showed up on the other, and some ASP Protect pages appeared altered so i immediately deleted ASP Banner.  did I do something wrong, and how can i ensure the 2 programs work completely independant of each other?  We can't risk braking what we're now using but would really like to add banner functionality to some of our pages.  maybe an update to the program before we install?  puchase new software?  Thanks for your help-

I'll send you something..

Weird

Hi,

Sorry, but the way the system works you can not call an individual banner like that. It just not something the system was meant to do.

If you wanted a specific banner to show up at all times you would have to make an individual banner and a zone just for that.

After looking at your site since you have so many banners there I dont know if that is the greatest option for you. It would also put a lot of stress of the Version 7 software because it is not really meant to call so many banners zones at one time on one page.

If you could live with tracking clicks on the home page but not displays I would suggest making banners for the home page in one zone. Then hard coding the banner images into your homepage like you already do but linking to the tracking part of aspbanner instead of where they would usually link to. That way you could at least track clicks and there owuld be no performance issues.

for example.. one of the images might link to
http://www.poconocommuter.com/aspbanner/banner_redirect.asp? Banner_ID=4

which would track clicks for you.. and then send then wherever they are supposed to go

Ya, you must have tried to upgrade from a really really old version like you said which wouldnt really work out because those instructions are specifically for upgrading a version 6 database to version 7.

That line error you had was looking for the User_ID field and I bet the version you had was so old that you didnt have a field named that as a few years ago the field "ID" got renamed to "User_ID"

As for all the cool stuff... yup there is a lot of cool stuff in this version... glad ya like it so far

Hello,

I think you’ll definitely like aspbanner. It's very easy to setup and use and it should work great with your portal. 

You’ll have banners rotating in no time. All you have to do is add banner calling code in your pages where you want the banners to show. There are enough methods that you will definitely find a few that work well for you. 

BTW, there are actually 7 methods now as we have a new one.
Information about it can be found in our ASPBanner support forums

But can you guess as to why the following might be happening:

1) The password is still "temp", and we verified that by checking dataconn_inc.asp ; 2) People are able to place new ads, etc. ; 3) We then download the DB.  Sometimes we are able to open up the DB just downloaded with the password "temp", but only see the USERS table.  At other times, we cannot open the same DB with any password, and get a "password not valid" message even when using the password "temp".

So what can the problem be?

CJWSoft offers a mutually beneficial partnership program for resellers of our Active Server Pages Based Web applications.

The program is very simple.

• You offer our products to your customer's as Ready-to-Run Web Site Applications.
• We sell your company our software at a 50% discount allowing you to re-sell if for the same price we sell it for or slightly higher.
• Your company installs the application in the customer's web site and configures it for the customer.
• Your company is in charge of installation support and general usage issues. We handle other more complex issues as usual.

Each time a customer purchases an application from you, you are required to purchase a license from us.
These must be purchased online via PayPal. You will be give a special password protected URL where these purchases can be made. You are in charge of setting up a system for your customers to purchase the software from you. You are also responsible for purchasing a license from us within 7 days of a license being purchased from you.

Below are the applications currently eligible for the program.
They have been chosen because of their popularity and reliability.
You must resell all three applications below.
The details and pricing of this program may change at any time.

	ASPBanner Standard sells for 99.95 (You pay 49.95) ASPBanner Standard is a high end Banner Rotation system. Web Based Administration for managing the users and banners in the database. Advertisers can monitor online statistical reports via their web browsers.
	ASPProtect Version 6 with Option Pack sells for 99.95 (You pay 49.95) Easily Password Protect any ".asp" page within your web site.  Easily integrates with your current website or project design. Web Based Administration for managing the users in the database.
	ASP Photo Gallery Pro sells for 49.95 (You pay 24.95) ASP Photo Gallery allows anyone to have their very own online photo album. Upload an unlimited amount of albums. Set up categories however you like. Allow others to upload photos. Optional image resizing and thumbnail creation.

We are looking for Web Hosting Companies and ISP's who can sell an average of 2 applications per month.
If you are not a serious company with a professionally done website you need not apply.
We are not looking for mom & pop operations.

To be very clear:
We are looking for experienced ASP Development/Hosting Companies that are serious about being a reseller and ready to go.
We need knowledgeable resellers that are experienced with ASP and will be able to install the application for the customers and handle some of the general installation issues that may come up.

To qualify for the program:

Please send us a brief overview of your company, Website URL, and your expectations for the program. After looking over your information we will get back to you with a response.

Contact us

Additional Info:

Our applications run on NT based servers only with true Microsoft ASP support. They do not run under Chilisoft. Our applications are licensed per website. That means one running installation of the database and scripts. Qualified resellers will be reviewed every quarter to see if they are meeting the 2 application per month quota.

ahh, I see..

that is not really something you should change.. it is pretty much always going to say read for any folder

It's hard to say, but adjusting settings like that could inadvertently change folder permissions in a way that could cause problems and be hard to correct. I really don't know that for sure but it is very easy to totally mess up permissions when trying different things. In the past I had to reinstall iis just to get things back to normal. I eventually over time learned what to do and what not to do and have never had a problem since. I am not saying you are one of those people but a lot of people have problems because they play around with things they shouldn't or they go nuts trying to give every account permission starting from root folders... overwriting important default permissions instead of just making changes to a few specific folders.. not understanding the importance of what they are doing..... etc etc

Sometimes you practically have to be a NT expert just to fully understand permissions. I know a lot and I can handle my own server but it's hard to explain the low level basic of NT permissions to others as there is a lot to it under the scenes. A lot of hard core NT/2000 users do all the permissions from the command prompt because there is a lot more control at that level.

Like I said earlier, what you showed me looks right but this isn't a complex issue and the error means what it means. Something isn't right with the permissions.

I would start from scratch if I were you. Perhaps consider doing an install in a new web instead of in your root like you showed me. Or try installing it on another machine for troubeshooting sake.

I am sorry I can't think of some amazing answer on this one, but I think this is just one of those weird situations that requires starting from scratch or trying it on another machine.

This article from my old powerasp.com site explains what Server.MapPath is and also why you can't use it to specify the data connection in any of the CJWSoft applications.

Use ASP to determine the Physical Path Of Your Virtual Website

As this article mentions you can still use it to determine the path, but you can't use it in our data connection strings because the data connection page is an include file and server.mappath will report back different paths for the different directories....... meaning it will work in one directory level but not another as the path will be different.

ASPProtect v7.x runs on Microsoft IIS servers only.
That means Windows XP Pro, Windows 2000 server and Windows 2003 server. The web server must have ASP support enabled and support Data Connections. 99% of them do as it's a pretty normal thing, but you should ask and make sure your hosting plan supports it.


Before you even start please read this thread and do what it says.
If any errors show up it is important you see the real error instead of a useless HTTP 500 internal server error.
http://support.cjwsoft.com/forum/forum_posts.asp?TID=11& PN=1

Once doing that make sure to use Internet Explorer as you follow along with these directions.

Now, unzip your installation zip file that you downloaded from CJWSoft.
Use a program like winzip and be sure you have it set up to unzip the directories as well. You can also use windows xp's built in folder compression tools to unzip the archive.

When you unzip the application you should have all of the following folders and files. (more or less, it depends on the version)

Now, you can copy all of these files into the root of your website or if you like you can make a folder called "aspprotect" and put all of these folders and files in that folder. Either way it really does not matter.

Now, contact your web hosting company and instruct them that you need permissions set on the data folder that you copied into your website. This folder and all of its child folders need modify permissions set on it for the anonymous webserver account. It is very important that they set the permissions correctly and on all the child folders as well.

Here are some threads on exactly how these permissions are set.
If you run your own server or are developing locally you can do this yourself. If not most likely you need to put in a request to your hosting company as you CAN NOT set these permissions via Frontpage or FTP.

Windows 2003 Server and permissions
http://support.cjwsoft.com/forum/forum_posts.asp?TID=136& ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ;PN=1

Windows XP Pro and permissions
http://support.cjwsoft.com/forum/forum_posts.asp?TID=56& PN=1

Once permissions are set.. run this page via your web browser

http://www.mysite.com/data/setup_info.asp

Replacing the part in blue with your website info.

When this page is run it will report back a screen like so:



Now, take the connection string info it shows you.
Edit the "dataconn_inc.asp" file in the root of the ASPProtect system and use that data connection information. It should be valid for the server.

If you are using MSSQL server instead of Access please see the SQL database creation directions as you will need to create the MSSQL database and use a special connection string for that.
http://support.cjwsoft.com/forum/forum_posts.asp?TID=160& ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ;PN=1

Now, take the CookieEncryptionKey and PasswordEncryptionKey info that it gives you and enter it into the "config_inc.asp" file in the root of the ASPProtect system. These will be the unique keys that your encryption will be based off of.

Ok...

The files have been copied to your website, the permissions are set on the data folder, and the database connection is ready.

Now.. run this page

http://www.mysite.com/password_admin/get_me_in.asp

Replacing the part in blue with your website info.

This is a special page we use to get into the system for the 1st time.

If you get a nasty error when you run that page similar to this.

Error Type:
Active Server Pages, ASP 0131 (0x80004005)
The Include file '../dataconn_inc.asp' cannot contain '..' to indicate the parent directory.

Then parent paths are disabled on the webserver and you need to do an extra step to deal with that. Follow this link.
http://support.cjwsoft.com/forum/forum_posts.asp?TID=162& ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ;PN=1&TPN=1

If you get any other variery of "80004005" error then there is a problem with your data connection.
http://support.cjwsoft.com/forum/forum_posts.asp?TID=27& PN=1

Those errors are usualy related to database folder permissions or an imcorrect physical path to the database file specified though they can mean a lot of things.


Once you get the page running you will see a login prompt and one form field

You will need to paste the "PasswordEncryptionKey" value that you used in the "config_inc.asp" file in the form field and hit enter.

If all goes well you will see the admin area of ASPProtect.

Now that you are in the system you need to create an admin account.

Click on "ADD NEW USER".. fill out the info and add a user.
You really only need to fill out (first name,last name,email,username,and password)

Now save that user.

You should see a new user listed in the admin area. Click on Edit user to the left of the new account. On the edit screen check the "admin" checkbox and save the user.

You just created an Admin account.

Now click on the "log off" button on the top menu and click yes to log off.

Now close the browser. Then run this URL

http://www.mysite.com/password_admin/default.asp

Replacing the part in blue with your website info.

You should now be able to in to the admin area of the system using the new admin account you created.

You are now ready to go to the settings page so click on the settings tab in the menu. There are a lot of options and paths that need to be set on this page. Every setting is described in detail on this page. You need to go through the page and set things up properly. Anytime the page asks for a path to a url or file the page will auto generate what should be the path to use. (expected path) If your server has parent paths disabled a few of those auto generated paths will not show up. If that is the case run this url from your server and it should tell you the paths to use for those settings.

http://www.mysite.com/data/expected_paths.asp

Replacing the part in blue with your website info.

Once your all done and the system seems to be running fine you should go back and delete the following pages as they are no longer needed and pose a potential security risk.

http://www.mysite.com/data/setup_info.asp
http://www.mysite.com/data/expected_paths.asp
http://www.mysite.com/password_admin/get_me_in.asp

You should back up the original zip archive you got from CJWSoft in case you ever need those files again.

VERY IMPORTANT: The user passwords from now on will be encrypted using the "PasswordEncryptionKey" you specified in the "config_inc.asp" file.

If you ever change that key all of your passwords will be invalid and you can not get them back unless you know the key and put it back, so plan on never changing that key unless you really know what your doing and know how to decrypt/re-encrypt the passwords using a new key. (something we do not cover at the moment but probably will when we have time to make a tutorial) 

thanks... a review at aspin is always appretiated ...no one ever seems to do a review and they help me out a lot.. the aspprotect admin area header has a link

thanks...

<%@ LANGUAGE="VBSCRIPT" %>
<!--#INCLUDE FILE="check_user_inc.asp"-->
 
<%
    Response.Write(Session("Groups"))
%>

We can't seem to find the purchase emails for this install of ASPProtect.

It would have been in May 2004 for NetOptions LLC or CareerMatrix.com

We noticed it should have been v6 of ASPProtect.

Can you resend the download links?

Below is the email I received when testing the self-registration. Does anyone know what setting I configured incorrectly?

I received the email to confirm the registration but the link to activate is invalied.

Thanks!

Your registration still has to be validated.
Go to
?u=bubbaj&v=4579
to verify your registration.

• What kind of encryption do you use with version 7?
• If I purchase version 7 and use it on my site with a new SQL database then migrate the old records from version 6 so I can by-pass the issue with my home-grown Base 64 encryption, do you forsee other issues with the upgrade?

It probably is. You would have to look at the paypal documentation for IPN and see what needs to be changed in the form code.

You can get all that info from PayPal's website.

There are tons of variables and options you can use with all of their code.
They have detailed PDF files full of information on all of them.

Hello..

I actually noticed something was up with your install earlier...
(I saw you in my log files when you clicked to cjwoft from the docs)

I need more info... like what uploading method your using.. what image resizing component, what widths yoru resizing things to... etc

have you tried it while telling it to delete the pics and also while not telling it not to delete them from the import folder

I might have to take a look tommoro as well to really figure it if that is ok

I have to go the bar to meet some friends so I wont be of much more help tonight :)

I been working steady all week and need a few.

CJW

Hi,

I only just purchased the product and I would be very keen to

a) is the upgrade available very soon as I don't want to spend the time developing one and than find the other released shortly & 

b) would I only need to pay the difference for the upgrade or have I already downloaded the upgrade already.

I cant see what version I current have.

I look forward to your response.

It is refered to as the internet guest account but that isn't the actual username. The username is different for every machine. It usually starts off with "IUSR_" and then your machine name. "Internet Guest Account" is always the account's full name as labeled by IIS when it is installed.

Regardless,

If an account isn't listed you have to add it.

Click (add-advanced-find now) and it will list off all the user accounts on the machine

You can also click (add-advanced) and simply type in the account name or part of it.

Some more tips:

If on a local machine you always just give the "everyone" account full control which is pretty much going to make anything work.

You can also go to computer management in your server's administrative tools and view all of the accounts  and groups there under "Local Users and Groups".