Blog Entry: 3/25/2006 4:51:58 PM
Hey, I thought I'd share this tip with the ASPProtect community...
If you'd like to remove, modify, or add fields to the "Users" view in
the password_admin default.asp page, it's really easy to do. Well, at
least it was for me. I'm using an MS Access database, by the way.
For me, I don't need "Company" info, but I do need last access and # of
times accessed displayed. Therefore, I had to change the default page
in three areas:
In /password_admin/default.asp, go to about line 185 or so, where you see stuff like:
[code]<td valign="bottom"><font face="Arial" color="#000000"
size
="2"><b>First Name& lt;/b> </font></td> [/code]
OK, those are the column headings. Each one corresponds to a column
from your USERS table in your database. There are two more areas to
consider, both of which appear immediately after this section.
The next section has statements that look like this:
[code]<td valign="bottom"><a href="<% =THISPAGE
%>?SORTBY=First_Name+ASC&MyPageSize=<% =MyPageSize
%>&Keyword=<% =Server.URLEncode(Keyword)%>"><img
border="0" src="../images/sort_ascending.gif" Alt="Sort
Ascending"></a><a href="<% =THISPAGE
%>?SORTBY=First_Name+DESC&MyPageSize=<% =MyPageSize
%>&Keyword=<% =Server.URLEncode(Keyword)%>"><img
border="0" src="../images/sort_descending.gif" Alt="Sort
Descending"></a></td>[/code]
See the "First_Name" items? The first is for an ascending sort, the
second for a descending. This particular line corresponds to the code
snippet immediately above it. But all this does is handle the sorting.
For the actual data, look lower for this stuff:
[code] <td bgcolor="<% = Cellbgcolor
%>"><font face="Arial" size="1"> <%=
CmdListUsers("First_Name")
%& gt; </font></td> [/code]
It's a good ways down, so don't be impatient if you don't see it in 10
lines from the end of the last mentioned section. This stuff handles
the display of the data from the database (where else ya gonna get
data, anyway?)...
Now, to remove a field, you need to find the three sets that go with
that data. The ascending/descending sort is potentially the trickiest,
because it's the longest set of data and can take a number of lines.
Just clear it from the start td to the end /td and you'll be fine.
To *add* a field, copy and paste the code from an existing field and
modify it. In the first one, the column title, you can type whatever
you want to describe your info. Nobody but you and your admins will see
it. For the next two sections, though, you need to get the correct
column heading from the USERS table and use that to correct the lines
in the copied code you pasted in.
For example, when I added a column to show the number of times a user
logged in, I copied the above snippets and pasted them in where I felt
the column I needed should be. Then, in the first one, I changed "First
Name" to "Logins". In the ascending/descending snippet, I changed
First_Name to Counter. Same for the last snippet.
The result? A new column, showing the number of logins my users were successful with.
Of course, before you experiment, back up your existing default.asp file, JUST IN CASE.
Have fun!
, Sorry, I forgot about that when I got hung up on the install problem.
I'll tackle your explanation now to see if I can get it working. Since I already bought the software I'll keep my fingers crossed.
Thanks
,
There was nothing wrong with the server configuration. It turned out that the problem was that I disabled the email notification of new user registrations that I continually receive. That appears to disable the authorization email to new users as well.
One other issue. It appears that AOL email addressee's are not getting the authorization email. Does AOL have any blocks to CDONT generated emails?
, that would probably work...
any ".aspx" page can grab that data after someone logs in..
Session("Username")
Session("User_ID")
etc etc
anything you see set in the "aspprotectlogin.aspx.vb" file will be there
any data not set there would have to be added and then the project recomplied so that data gets saved...
, I would say that it isn't all that difficult using mySQL for the backend....the main thing is to make sure you set the primary keys for auto-incrementing in your database. Alos need to make sure that any DELETE SQL statements are formatted like this
DELETE FROM tblName WHERE tblField=SomeValue
and not
DELETE * FROM tblName WHERE tblField=SomeValue
The same holds true for using MSSQL
, This issue came up once before and when I investigated I could find no error in the html that aspprotect generates and those files do exist where they are supposed to. We concluded it was a parsing error from the log file system.
There just really isn't anything I can do about it. I spent a week trying to figure it out. It is just the log parser screwing up under certain circumstances where there is no reason anything is wrong. They have trouble dealing with some of the complex URL/querystrings that the ASPProtect admin area uses. They think there is a 404 eror when there isn't... etc etc
, Attached is a SQL script to create the ASPProtect Database with the Option Pack Changes already applied. This lets you create the database in one step and you wont have to make the option pack changes as they are already there.
This only applies to people using MSSQL and doing a new installation.
This scripts are run via SQL Enterprise Manager.
You make a new database then run this script on it in query manager.
2004-06-14_180056_aspprotect_w_option_pack.zip cwilliams38152.7522569444, Thanks, I figured that out!
I managed to get the gallery running, minimally, on the test server, so now on to the real thing.
Thank you!
- Jason
, that variable comes from the settings acreen in the admin area. If you do not have it set properly things like what you are describing will happen., Hi,
We use ASP Protect 6.0 and the database is SQL Server. Our hosting company is charging a lot for daily and weekly backups for everything. Which directories/folders do we need to backup daily and weekly incase something happenes to the site and we need to restore and get the password-protected are that works with ASP Protect to get working.
, I am converting the email over from CDONTS to CDO so it will run on my host 2003 server.
What files should I be concerned with? Under gallery_admin there is an email_user.asp and under the main gallery folder thier is an email friend. Is there an other email routines I should be concerned with?
Thank You for your Assistance.
Jeromy
, Ok, so I checked to see if ASP is running on the server and it is. then I added code to the top of a page and this is what i can see when 'view Source' on the web browser:
<%@ LANGUAGE="VBSCRIPT" %>
<!-- Begin ASPProtect Code -->
<!-- Groups with access to this page. ( * Admins * ) -->
<% GROUPACCESS = "4" %>
<! #INCLUDE FILE="check_user_inc.asp">
<!-- End ASPProtect Code -->
<html>
<head>
<title>TeamManagers</title>
Yet I get no challenage for a password and no error message!
, Just want to be able to log users in from the home page via a username and password box somewhere say on the left hand side with a login button. Like most sites have.... i cant seem to figure out how to do that with the software.
My other question is..Is there a way to incorporate this software into an event registry? What i mean is this:
Say a company is having a pool party, BBQ, and tennis lessons (just examples)
When a user registers with aspprotect i want him/her to have the option to register for one of the events. Also, I as the admin, would like to be able to view who and how many registered for each event... Here is what i am talking about (and it has a payment option to charge for an event which would be PERFECT if you could do) http://www.cescripts.com/demo/registration/view-events.php
Please let me know if there is a way to add this option or create...
, humm, I see your using the lite version which is technically not supported.
I know you were responding to an existing thread but I really would rather you have posted this in the ASPProtect Lite area or at least mentioned what version you are using. Usually there are big differences in the versions and it helps me help you if I know what is going on.
Regardless, the code for this feature is actually the same and I just tested a fresh install of the lite version and it stored that verify url perfectly and all worked as it should in the verification email.
All I can think of is that you can try manually editing the "users/add_new_account.asp" file.
This part
EmailBody = EmailBody & "New Registration.." & vbCrLf & vbCrLf & "Your registration still has to be validated." & vbCrLf & "Go to " & vbCrLf & VerifyURL & "?u=" & Server.URLEncode(Request("Username")) & "&v=" & ValidateEmailCode & vbCrLf & "to verify your registration." & vbCrLf & vbCrLf
Would need your verify URL hardcoded into it which would pretty much guarantee it would get put in the email.
EmailBody = EmailBody & "New Registration.." & vbCrLf & vbCrLf & "Your registration still has to be validated." & "http://localhost/aspprotectlite/users/v.asp" & "Go to " & vbCrLf & VerifyURL & "?u=" & Server.URLEncode(Request("Username")) & "&v=" & ValidateEmailCode & vbCrLf & "to verify your registration." & vbCrLf & vbCrLf
Of course change the url to be valid for your setup.
Still, the fact that this isn't working means there is something wrong with your installation. It would probably be a good idea to erase everything, do an iisreset, and re-install the application in a different directory... immediatly log and go to the settings page, carefully set everything and save it... then register as a new user and see what happens.
There is no reason that variable shouldn't get set. I mean I tested it just now with a fresh install of the version you are using and not only that... 1000's of people have been using that same code for over a year in the full version and no one has had this problem except the guy who started this thread who never populated the value.
My guess is still a problem with your "IIS application" for that web. It is not doing it's thing for some reason. When the settings page is saved and application variable gets set telling the config file to reload the variables as it doesn't do it every time to conserve resources.
If that isn't getting triggered and that variable isn't getting set who knows what else isn't getting set and it's not pratical going around hardcoding 15 important variables., Hi,
We use ASP Protect to password protect the pages in the member area ( http://www.pti.org/members.asp )
Of late Once or twice every month our whole site goes down and it gives us a "Microsoft VBScript runtime error 800a006 Overflow: Clnt //global.asa line 33 " error message (with the friendly message turned off). When we reboot the web server things are up as normal.
But this is happening too frequently and creates a bad impression.
Any suggestions on how we could prevent this would be greatly appreciated.
, Okay, hopefully I'm posting in the correct area this time.
Currently we are utilizing ASPProtect 7.x
When using the Newsletter function, many members are indicating they are not receiving email. No evidence of email in SPAM folders. Also, when checking with email provider, they insist it is not being filtered prior to delivery to member's email address.
The following message does appear when a newsletter is sent.
error '8004020f'
/newsite/ASPprotect/scripts/emailing_subs_inc.asp, line 124
Line 124 is the line of code to 'send' the emails. We have approx. 860 members who are on the list to receive the newsletter emails. I have no way of knowing how many are not getting the email. Based on anecdotal evidence, I'm guessing it could be as high as 20%.
We are using CDOSYS / SMTP authentication with a real external email with MX records. Our website is hosted by Cbeyond. They insist it isn't at their end. (for what it's worth)
Thanks for your assistance.
NPA
,
Error when click on banner. (I remove on error resume next in config_inc.asp)
The conversion of a char data type to a datetime data type resulted in an out-of-range datetime value.
banner_redirect.asp, line 36
Database - MS SQL Server.
Gignutyi38368.5403935185, I think I've found the problem..
The password "abcdefgh" works
The password "abcdefghi" does not
(username "ace45")
Passwords can obviously only contain up to and including 8 characters... By some coincidence I only used short passwords with MS Access.
, ITS WORKING
...I have earned a beer (dont tell anyone im underage) 
, Yes, as long as each installation is in in it's own web site.
(or at least in it's own application in IIS)
Meaning you could have 5 directories in your site each with the app installed as long as each directory got set as an application in IIS.
Remember, a license must purchased for each running install except for development reasons on local machines.
cwilliams38400.5162384259, Probably not... javascript calling complex javascript is not a good thing and is often a problem.
I would try one of the other methods such as the xml parser if possible.
, Our webhost changed converted all sites from c: to d:, and without us doing anything else, our customers now get the following error message when trying to access our Classifieds site:
***********
Microsoft][ODBC Microsoft Access Driver] Not a valid password.
This means there is most likely a problem with the "ConnectionString" info that you specified.
If you are using a DSN-Less Connection with MSACCESS.
Check that the physical path to the database has been specified correctly.
It has to be perfect and correct. It cannot be specified using "http://" or by using "server.mappath".
It has to be specified like the following example.
ConnectionString = "DBQ=D:\Inetpub\wwwroot\advpass_pro\_database\passwords.mdb;Driver={Microsoft Access Driver (*.mdb)};UID=admin;PASSWORD=Xpass"
If this is running on an NT server or Win2000 Server make sure that permissions have been set on the database.
Only the server admins can do this. If you are not the admin you will have to ask for this to be done.
If you are using a System DSN
It is not set up correctly. Again, make sure the permissions have been set for the database and that the system DSN has been set up correctly by the server admins.
************************************************************ *********************
We did everything the web host asked us to do, that is, changed all references to the C drive to new references to the D drive, but the error is still there. We also never changed any passwords (as far as we can remember). Can someone please tell us where to look (also which file might tell us what the correct password is in case it has in fact been changed.
Scaramouche38306.4845833333, Here is an example of a query I made in MSACCESS that deletes all users that belong to Group ID of 3. I used the graphical query designer in MSACCESS to do this. Took a few minutes.
DELETE
FROM ASPP_Users
WHERE (((InStr([ASPP_Users]![Groups],"*3*"))>"0"));
Because of the way groups are stored in the Groups fields you have to use the InStr function to determine if the user is part of a particular group
We are deleting all users that of Group ID of 1 so we look for *3* in this example
The SQL statement for a MSSQL database may be slightly different but the general Idea is the same
The SQL statment used in an ".asp" page will be very similar as well.
SQL Statements are the TRUE POWER of working with databases. They are something everyone should learn to work with because they allow you to do some very powerful things., "do you know a way around the BinaryRead problem with ASPProtect?"
Let me rephrase:
Do you know a way in which ASPProtect can be modified to get around the BinaryRead problem?
Thanks,
Michelle
, I am not sure. I can tell you that I run windows 2003 server and I have never had any issues setting permissions for ASP.NET files and folders. This very server is 2003 and the ASPProtect.NET demo runs on this server as well.
Course, I can't say that I have specifically tried to remove ASP.NET READ permissions on the database folder as it's just not something I would not have a reason to do. Why are you trying to do that? The ASP.NET account needs that permission. If you are trying to stop file browsing and downloading in that folder that is not how you do that. The best way to do that is by keeping the database somewhere else on the server that is not part of the http web. , All can say right now is take a break and get away from it for a bit. All your going to do is stress yourself out more if you keep working on it.
There is probably a way to make it work but it may require days of fiddling around and reading articles and trying things and even then you may not get it working AND THEN ITS JUST A BAD IDEA ANYWAY. Like John says you are better off running it on a server that is not a domain controller.
, humm, I dont know then..
If you want PM me your site info and I will go in and troubleshoot.
Frontpage or frontpage access, either way
and also the site URL
, ok, 1st we need to rule out the #1 reason people sometimes think that is not working.
Is is set up never to allow the same IP to increment the count more than once in a row so when testing it is real easy to think the count isn't working because unless you can change your ip you can not increment the count more than once per album
It's a poor mans spam abuse type of deal..
For the most part it will keep some Joker from hitting refresh 100 times and inflating the count of an album.
Do you think that is possible what is happening ?
Also, here is an older thread about the same issue?
http://support.cjwsoft.com/code/moreinfo54-2.htm
, I really need more information..
SQL or Access database ?
If Access are you using the newest version of the .mdb file
Is this a new item ?
Show me your connection string ?
perhaps the url to the site as well so I can look around?
things like that that will help me troubleshoot.
If any info is sensative send me a PM..
, Is it possible to set the user account time limits when they register? I am using email verification and am trying to have their accout expire 32 days after their initial login.
Also I have an issue with the email notification not notifying me when a new user logs in. It does a beautiful job notifying the new user. I do not understand why my server will send to one and not the other, I ahve searched the links but none seem to answer this.
Thank you for your help and insight
, far as I can tell it does... that session abandon thing called in the logoff page should be enough to cover everything
once thing to be careful about
If you log in.. then log off... then go back to a page and do a refresh... you may in fact be reposting the username and password from before.. thus logging yourself right back in
Perhaps not.. all depends on what your doing... but it is something to be careful of when testing
cwilliams38341.7390509259, and when I go to your now.. its very fast again.., okay thanks, There are problems with your sql server database then. It was not set up correctly.
The 1st problem relates to having "used stored procedures" checked in the settings page.. but not actually giving those stored procedure execute permissions which they need to run. That is something that must be done on the SQL enterprise manager side of things either by you if you are allowed or your hosting company.
If you can not get the execute permissions set on the stored procedures for the sql database user you are using then turn off that option in the settings page and try things without it.
The 2nd error I am not sure of at this point so correct the 1st issue and we will go from there. It could be another sql database issue (not created correctly) or it could be an asp code issue of some sort though I doubt that or other people would have had problems on that page as well. I also just tested it out and looked the code over and I did not have any issues here. , thats intertesting.. I have never heard of the concept until now..
I did a search for ASP examples or ASP components that can help with the process and just couldn't find anything about it., UPDATE
Version 8.1 has code generators for these new methods built in...
, You edit the web.config file that came with ASPProtect.NET.
You find this tag
<customErrors mode="RemoteOnly" />
you change it to this
<customErrors mode="Off" />
If you have a different web.config file in your root I suggest you make sure the tag is set to off there as well for troubleshooting sake
If done correctly you will get a detailed error
It's basic low level ASP.NET stuff really and does not have anything specific to do with ASPProtect.NET.
You also need to make sure your web is set up correctly for ASP.NET and that the correct web.config's are firing..etc etc
cwilliams38454.4368055556, You shouldn't be renaming or moving anything... unless you really really understand what you are doing and are at an expert level expert as far as ASP coding goes.
like I said earlier..
http://support.cjwsoft.com/code/code_info.asp?TID=354&ge t=last#1130
redirecting with version 6 is not supported but this thread tells you exactly how to set it up (I showed you this thread in an that earlier post)
http://support.cjwsoft.com/code/code_info.asp?TID=17&KW= redirect
This thread below may also help in case the page you want to start on with a login form should not be password protected..
http://support.cjwsoft.com/code/moreinfo18-2.htm ,
If you want to have a login form on a non protected page that posts
to a protected ".asp" page use code like this.
Change the action of the form to the page you want them to log into.
Make sure to page you send them to is protected by the "check_user_inc.asp" file.
<center>
<table border="0" width="400" height="200" bgcolor="#000000">
<tr>
<td bgcolor="#F4F4F4">
<form method="POST" action="memberarea.asp">
<input type="hidden" name="Status" value="Checkem">
<p align="center"><font face="Arial">ASPProtect Login</font></p>
<div align="center">
<center>
<table border="0" bgcolor="#C0C0C0">
<tr>
<td bgcolor="#EBEBEB"><strong><small><font face="Arial">Username</font></small></stro ng></td>
<td><input type="text" name="Username" size="10"></td>
</tr>
<tr>
<td bgcolor="#EBEBEB"><strong><small><font face="Arial">Password</font></small></stro ng></td>
<td><input type="Password" name="Password" size="10"></td>
</tr>
<tr>
<td bgcolor="#EBEBEB" colspan="2"><font face="Verdana, Arial, Helvetica" size="-1"><input type="checkbox" name="KEEPMESIGNEDIN" value="True">Keep
me signed in on this computer unless I log off.</font></td>
</tr>
</table>
</center>
</div>
<div align="center">
<center>
<p> <input type="submit" value="Login"></p>
</center>
</div>
</form>
</td>
</tr>
</table>
</center>
, Thanks dude, I'll figure it out. I've been ripping apart pieces
of the code to get it. I'm in the process of pulling some things
out to make functions that do specific tasks based on your code.
I actually had a lot of luck yesterday with it.
,
Timecard Entry: 3/25/2006 4:51:58 PM
slowing down, check and reply to e-mail, Amy - Discussing ''Golf With Your Buddies". Checking status of Sunandshield.com virtual email accounts., Coding for WDT Sports Pix DB project!, Folder corrupted in wwnytv.net/72k site. Redirected to temp sub-folder until problem can be fixed., Took general tech calls, Watched RADLOG - ,checked Voice mail., *ISO Analysis, General, a lot of customers, PSI Net contract, partners.gisco.net, met with Bill, Vermont., tried to get a modem working, YELLOW PAGES, SWNS Mail server, signed up a new user. had a customer upset about his bill. helped a user with netscape, Add ''waiting'' to DSL signup database. Testing, all set., billing reconciliation, w/o close outs/postings, rad-log - logins, picking up a bit, not too busy, Travel to Clayton, Watertown - 60 miles, steady....techcalls, E-mail, vac, Lunch, Travel to Clayton Office
, Picked up mail and opened. Posted accounts, ans. phone, creit card authorization, coupon referrals and customer inquiries., like all week....going in spurts, answered calls, mailing, did expired users and had tech calls and as well did ask us a questions pretty steady time, More Costguard phone calls & e-mails, answering phone, taking sign ups, checked emails, incident report, callabcks from voicemail. , GiSCO, Craig Sys Party,
