Blog Entry: 3/25/2006 4:56:29 PM
well, I think John just told you what the deal is. He knows more about ASP.NET than anyone else I know.
If you are going to run a non-standard setup then you are going to have big problems like you are having. , Oh snap. Tried the blank database and got the same errors. Fixed THE
FILE PATHS to conform to the AspProtect 7 setup, and it worked like a
champ. I still need to copy and paste the info, but it's working just
fine with the ones I add manually.
Moral of the story: FOLLOW INSTRUCTIONS TO THE LETTER. 
,
ok, glad it is working, In addition to that I just noticed the </href> you have in there.. man that is some scary stuff you came up with.. that may appear to work and make a link but it is not correct. Each link will work but never truly be closed.
That is just not valid proper use of the anchor tag.
You make a link in html like so
<a href = "somepage.htm">somepage.htm</a>
http://www.w3schools.com/tags/tag_a.asp
Then your surrounding each link with <span lang="en-us"> </span>
Not sure why ? , Yea.. that error is totally because the asp pages are looking for fields in the database that are not there.. and causing a nasty loop.
if using the option pack you must go over the directions very carefully...
Make sure everything works step by step..
After upgrading to option pack code you either need to upgrade the database from the base system or use the newer database provided with the option pack.
Then.. you want to test every function of the groups.. if pages act slow and seem odd... especially the groups page and edit users page..
Then your not using a valid database. Either you didnt upgrade the old one, are not using the new one, or your connecting to an older verison by accident and not realizing it.
That's pretty much it... cwilliams38300.5555671296, Does emailing work under the simplest scenario ? (directly from the users screen)
Thats the way to test it..
All that error means is whatever reason the settings you have chosen are not working. It could be the server. It could be what you chosen. (and yes I realize your pop info from outlook should probably work with the settings you chose)
Whenever I do installs I often have to try 3-5 different emailing scenarios before I come across one that works.
Each time making some changes and sending out test emails from the users screen until I get somewhere. Often time getting a working example of how your Hosting Company wants you to send email from ASP is the info to get your hands on. (what method and settings)
In this case they may have blocked the usee of a remote server and want you to use some other settings for sending email from asp. A lot of times they put that info in their help system.
If I were you I would start by trying the other two CDOSYS options for starters, and then try the remote server option again but using "localhost" as the server, if none of those work consult your host for example code and settings to send email from asp. If you still have no luck I can help for sure.
Realize too when testing the emails may take a bit to arrive. A delay of sorts. Best to type in a quick note about which method you are trying in the email text. That way when you finally get one delivered you'll know which method worked. , Yes, that worked...  , What application you talking about ? I'll assume ASPProtect. In the future please specify what application you are talking about.
ASPProtect 7 already has protection that is quite effective. The no concurrent login feature which will not let the same username under a different ip log in at the same time. Meaning if someone gives out their info they will screw themslves over because eventually they won't be able to log in. Only one unique ip at a time can log in so even of 100 people know the info it won't really do anyone much good except the lucky one that logged in 1st and stayed logged in. The username/password will eventually become more and more useless as more and people know it.
In addition to that is is a good idea to monitor the daily logs and single out a user you see logging in a lot. The more ips you see for that user the more chance it is multiple people logging in and you should take action. , I've had an error I saw described here, couldn't figure out what it
was. My SQL statement was being cut off, though a bit differently
because it was created on multiple lines with the amper-underscore
string construction design; my statement had no UPDATE, only started
with the junk screen characters of the encrypted password.
So, from what you said above about the vbNullChar, Chris, it looks like
I've hit the same problem, maybe from an old version (downloaded March
22, 2005). Could I request a copy of the updated logic?
Thanks a lot.
, Personally, I really wouldnt worry about. Personal Client virus software like that is not really meant to run on servers anyway. That software is meant for client machines, not web servers.
Any Server designed virus product will not incorporate script blocking features because servers often need to run scripts when dealing with ASP, PHP, CFM, etc etc
That article I link to has more on all of that.
Turning that off is nothing to worry about. I been running IIS servers for 8 years. , Anyone have any experience configuring PhotoGallery to use a backend mySQL database?
The application connects successfully for Read operations, but no amount of troubleshooting can get it to Write records to the tables.
http://www.marc-lisa.com/photos/default.asp , Hello,
As I have my site hosted by a web hosting company (1and1.com), I want to make sure the ASP Photo Gallery software runs correctly before I buy. I am not sure about whether or not they support parent paths because I can find nothing in the online faqs. But, I have two other ASP apps (Forum and News from Web Wiz) running on the site, both connecting to Access databases. I remember having problems initially setting these up because I kept trying to use paths like ../db/wwforum.mdb like I would normally do when referencing images or pages in other folders.
Anyway, here are the database connection strings for the two apps. The first is for the Forum, which is at /forum/common.asp connecting to a database in /db/wwForum.mdb. The second is for the News, at /news/common.asp accessing /db/news.mdb.
'Virtual path to database
strDbPathAndName = Server.MapPath("/db/wwForum.mdb")
'Database connection info and driver
strCon = "DRIVER={Microsoft Access Driver (*.mdb)}; DBQ=" & Server.MapPath("/db/news.mdb")
Thanks for your help, hopefully I'll be setting up my new galleries this weekend!
- Jason , The protection code for my group3 is:
<!-- Begin ASPProtect Code -->
<!-- Groups with access to this page. ( * GP03 * ) -->
<% GROUPACCESS = "3" %>
<!--#INCLUDE FILE="check_user_inc.asp"-->
<!-- End ASPProtect Code -->
btw - sorry but I am using v7
and thanks for the assistance , Hi Chris
After turing off the delayed stats feature the internal errors have stopped and it still serves banners, although I havent checked the logs yet. I will and post any errors.
I left my test page up last night at say 11pm serving 4 banners of different sizes rotating every 15 seconds, now at 9am the page is just displaying 1. If I refresh the page they all reappear.
Regards
Colin , UPDATE
Version 8.1 has code generators for these new methods built in... , re-edit the banner to ensure your change was saved..
if it has been written to the database thats good.. if not it is a data connection issue most likely..
if it did get saved... though it usually should not take time to apply it make take up to an hour for the change to take effect in the actual banner rotation.. give it a little time, Hi,
I am using the upload_post_VBSCRIPT.asp to upload the pictures. My concern is the security of this. For instance I've seen some sites get hacked by a user uploading a file (going through the same process) and ending up crashing the entire server.
I tried adding .jpeg to the end of a text file (filename.vbs.jpeg) and then uploading it, and the file was actually uploaded. Is this a potential problem?
Thanks
S eeye38447.0388541667, That carrot doesn't really exist in the file, so I'm not sure.
I did download and place the ASPTEST file in www.drsweisberg.com/asptest and when I try to load the 2 pages it fails to load. I have another site on the same server and I uploaded the same exact set of files and the asp pages load. www.klarman.com/asptest
http://www.drsweisberg.com/asptest/server_info.asp
http://www.klarman.com/asptest/server_info.asp
This is how I set the connection:
ConnectionString = "DBQ=D:\clients\rklarman\klarman\asptest\_database\asptest.m db;Driver={Microsoft Access Driver (*.mdb)};UID=Admin;Password=temp"
ConnectionString = "DBQ=D:\clients\rklarman\drsweisberg\asptest\_database\aspte st.mdb;Driver={Microsoft Access Driver (*.mdb)};UID=Admin;Password=temp" , yup. that is correct... they can't log in so they can't see any pages you protect
its the nature of forms based authetication , Hello -
Believe it or not I finally can access the photogallery. You were right Chris regarding the unzipping of the files.
Now onto the next challenge! I have set up three categories and proceeded to create a test album. I uploaded a couple of pictures (yeah that worked!!!) but the album does not show up on the default.asp page under the category.
Please advise -
Rhona (rookie) , Actually quite well. I have this problem worked out and it
actually isn't to bad. But now I am getting some strange
error messages. I will start another post.
Cheers
Roy
, I hear ya.. problem is it just does not fit into the banner rotation logic.
I know it sounds like a simple thing, but it is not because ASPBanner does it's rotation logic in a totolly unique way that no other system I know of does. It basically does everything in memory.
I just don't see anyway to do add what you are asking about without totolly re-writing how it works. The system would have to rely totally on complex (SQL queries / stored procedures) to do the banner rotation like every other poorly performing system out there.
It's really hard to explain, but I just no way I see to add it to the high performance application variable banner logic. If I changed the system to not use those application variables there would be a tremendous performance loss because the database would be doing about 90% more work than it currently does.
As I have said before sacrificing performance is just not something I am willing to do.
http://support.cjwsoft.com/code/moreinfo144-1.htm
I built ASPBanner for performance and speed and that has always been it's main intention.
I leave the bloated features to the competition. If I lose sales because of it that is just unfortunate. I want the best performing system. The system I can be proud of. The system that can handle millions of impressions per day under a MSSQL or MYSQL installation and not even flinch. That is what ASPBanner is all about.
The other thing is pricing. The price is kept low partically because the feature set is low.
Maybe someday there will be a version with more features and less performace. I really do not know. Right now it's just not something I plan on doing.
, I would kile to see more support for the groups function:
1. on the password_admin/default.asp page have a coulmn listing groups
2. ability to change groups in bulk eg change the expiry date for all group x members
Cheers , ok.. Chris.. I am now kicking myself in the butt. In the setting section, I had to redirect certain urls and directories to the right spot. I forgot that I renamed the root folder.
Thank you, thus far for your continued help. It is greatly appreciate.
, New Features added to 7.x
- Entire application gone through and updated.
- New graphics, new look and feel
Passwords and Cookies are now encrypted using separate keys individual to each customer install.
- Groups Feature... powerful way to protect pages based on group access
- Ability to upload a picture for each user.
- New printable profile user screen.
- Supports 13 email components as well as outgoing authentication for a few of the email components
- New Lockout option. "However many" try’s to login and you are locked out for a certain amount of time.
- PayPal signup routines for both single payments and subscriptions integrated into the application. Everything is handled automatically. Charging for membership couldn't be easier.
- New Newsletter Feature allows you to send newsletters to those subscribed.
- New ability to Email users soon to expire
- HTML emailing for people using CDOSYS. This includes an inline html editor so you can send out some really professional looking emails.
- Ability to redirect a user anywhere on 1st login
- Option to turn off Login Remember Me Feature
- Login Form now very easy to edit
- All paths for places that need permissions can be easily changed.
- Works with Parent Paths Disabled on the web server.
- Company Name is now an optional field
- Handy javascript popup date selectors
- All date functions now internationl date friendly
- Password conversion routine to upgrade existing users to the password encryption
- Import / Export of user database built in
- Protection Code Generators
- Notes Feature. Javascript Popup on users screen that allows you to quickly see information without going to their edit screen
- Mass email users incuding ability to send them usernames and passwords all at one time.
- Option to not allow concurrent logins by the same username
- Optional feature to keep track of recent users that have logged in as well as allow you to view the information.
- Optional feature to keep track of recent users that have logged in, what pages they accessed, and when, as well as allow you to view the information.
- Ability to protect other files types other than just protecting the viewing of the ".asp" pages. We provide working example code showing you how to protect images and file downloads in your protected ".asp" pages. You can protect nearly any type of file from downloading and viewing. (gif, bmp, jpg, zip, exe, pdf, rar, mp3,etc..)
cwilliams38413.5933680556, Can we get access to the source project files for ASPProtect.net since we'd like to put in some of our own branding on the pages and not everything can be done in HTML.
Thanks , Oh, I just remembered something..
It's been a while since I did this... :)
Nevermind what I said above as that is a different sort of "debug"
When you want to debug like your talking about find this section in the "web.config"
<compilation defaultLanguage="vb" debug="false" />
change it to this
<compilation defaultLanguage="vb" debug="true" />
When you run the code in a production environment change it back though
More Info
http://support.microsoft.com/default.aspx?scid=kb;EN-US;3061 56
,
I have switched to Alentus and have the permissions set correctly and Parent paths turned on. I cannot figure out how to connect to the database. Should I have the database in the aspprotect/data/database folder, or in the data folder that Alentus has in my root directory? once that is determined, how do I decide what the path to that database is? I have tried many things, but this is what the setup page tells me to enter in the data_conn file DBQ=D:\Websites\www.mysite.com\aspprotect\data\database\ASPP rotect_access2002.mdb;Driver={Microsoft Access Driver (*.mdb)};UID=Admin;Password=temp
Thank You , That helped very much. Thank you. Hope you enjoyed your dinner.,
Thanks for the quick reply.
I will consider editing the code. , I am trying to understand how/where the "Log_Off_URL" variable is set
I have searched the forum for that string but don't get real good
results...I think the _'s are replaced with spaces for the search.
I am learning how to use the groups options and have modified some of
your example access level examples to test out group stuff. At the
bottom of the default.asp page I see a "LOG OFF SYSTEM" link that is
filled with a link stored in the Log_Off_URL variable and it looks
like that is being set back to the default.asp file somehow. So when
I click on it it just refreshes the page and appears to keep my user
logged in.
Seems like it should log out the user and redisplay the
login page. Is there a way to log totally off and have the login page
show up again? I am sure I am missing some obvious thing
somewhere...I can see where the Log_Off_URL variable is being created
in the config_inc.asp file but did'nt know where to look for more
info. Can you point me to an existing forum link?
Thanks!!
, Actually, I think I just found my answer...
I will take out the StrToFix = Replace(StrToFix," "," ") bit of code and see what happens...
- Jason
Jawa38406.4721412037, The ASP error on the home page has been solved -There was aproblem with the path that was including the home page file and we fixed it.
However the error on the member page remains - any ideas/suggestions would be appreciated. This is the error:
Microsoft OLE DB Provider for ODBC Drivers error '80004005'
[Microsoft][ODBC Microsoft Access Driver]General error Unable to open registry key 'Temporary (volatile) Jet DSN for
process 0x748 Thread 0xad8 DBC 0x214734c Jet'.
/aspboard/forum/global.asp, line 15
, that really does not make any sense...
I dont know what else to tell you as this really shouldn't be anything too difficult to sort out...
redirection based on criteria is not something aspprotect does by default... I try to help a bit... I've shown everyone how to do it in this thread...I know plenty of people doing it... I've done it myself... I know it works
let me ask you this... are you using ASPProtect 6 with the Option Pack ?
I assume you must be or you would not have the Groups feature ?
And you asked this question in the ASPProtect 6 section.
but then maybe your using 7.. I do not know
this should all work the same either way , also.. every once in a while I get some nervous person concerned about security... and the pros and cons of having parent paths enabled.
etc etc etc
so let me add this bit of info..
I don’t know what your hosting company will say because it is an iffy topic and those that understand it have a hard time explaining it to someone who doesn't. Also usually the hosting company doesn't have a clue except they heard it was a security risk.
Here is the low down from someone that really understands it...
(well, at least I think I do)
The only real security risks are from YOU and possibly other people hosting on the same server if they have parent paths enabled that is.
Meaning your site visitors can't possibly do anything with it unless of course you let them upload and run their own asp files to the server.
Anyway.. if YOU run malicious asp scripts you could potentially attack other sites on the server and look at things you shouldn't. As could other sites on the same server do to you I suppose.
So, unless you plan on doing that or some other site admin on the server does it to you its not really a concern. Just an advantage in coding abilities.
If you attack someone elses site on the server or lurk where you shouldnt then you are probably violating your hosting agreement.
99% of the time everyone gets all nervous over nothing.. half the people nervous about this have sites nobody would ever want to hack anyway.
Many people with a really important/busy sites are going to have a dedicated server somewhere so the setting is not relevant..
The hosting companies of course have to warn you.
This setting was enabled by default for years on IIS4-IIS5. I never once heard one single real story about anyone attacking anything because of this setting. That doesn't mean it doesn't happen but I am just telling you what I know.
This is all my opinion so take it for what it is...
If you are a Hosting Company your better off turning it on at the customers request, giving them a warning about it, and in turn having happy customers.
The big hosting companies like Alentus and MaximumASP do it...
There are far worse things than this to let people do after all.
Beleive it or not I have actually been in servers where they gave the anonymous webserver acount modify permissions EVERYWHERE yet they disabled parent paths ???? cwilliams38391.6024189815, It should be released sometime late May 2004 or early June 2004 but no gurantees as I am pretty busy right now with some projects.
There will be upgrade instructions and it should be a fairly easy upgrade. , Christopher,
When viewing a list of albums with the navigation option 1, is there a way to get the Time Created sort to list Newest to Oldest, instead of Oldest to Newest.
Looking at the code in albums_navigation1_inc.asp, I can not determine how this works.
Thanks for your help!
- Jason
p.s. I always forget how addicting this stuff can be...lol.
, Verison 8 is superior in every way and the code is much more optimized so yes I think it would handle it better. It is still a lot of banners on one page though which means a lot of hits to the database if you call them all individually with zone calling code. SQL server would make sense more than MSACCESS.
Now, the only reason I said make one zone for all those banners on the home page is because a banner has to be associated with a zone. It would make sense to put them all in one because if you just tracked the clicks like I mentioned you really wouldnt be using the zone except for maybe when you go to view stats. , I'll send you something.. , 1) Does everything, i.e. every user, every category, every product, etc., get stored in just one single database, or are there multiple databases at work and are linked to one another? I am asking because there is only one table in the DB, and it is the "Users" table. So I am presuming that there must be other databases that are linked to the DB. Is this correct?
2) Are user-level security permissions utilized in the sample Access DB that is shipped with the software? I am asking because we cannot seem to remove the "temp" password no matter what we try, and this is the only reason I can think of. ,
Timecard Entry: 3/25/2006 4:56:29 PM
logins / setup / email issues., Work on MBOs, travel to nnybe, Help w/ Doldo circuit w/ IMC, Reinmans - with Bill - gave him copy of site
and and other pertinent information- will get back to me in a week or two weeks, Don/seth/CG/Mel etc..., Finished calling channel partners about bundle. Seem to be getting a good response thus far. Could not reach them all. Called Racheal at SHBC with final count for tonight., Went back to taking phone calls because the queue light was on again. , TEAM, daily modem checks on IMC-Net modem pools and servers, Same as before., Email and VM, Nortel meeting at Best Western, travel to Caskinette auto- for changes, Had trouble with the 2360 toward the end of the night. Also I wasn't feeling the best. Phones kept busy, finished up what I had with e-mail and so on., Answered tech related phone calls., WDT Sports Pix, SenatorJimRight.Com - Campaign 2000 changes complete., ST. LAWRENCE COUNTY, Unloading Web Tom Dunning townofclayton.com 8.:30am Tom is trying to upload this website to this domain and is unable to do so. Could you please check into this and get back to me and Tom. Thank you 8:45am Is he using the correct username & password? The 0 in his password is the number 0. Is he opening it from the web or locally?
E-mail gurupat iveshill.com 11:56am Mail is not being forwarded from gisco account to hotmail 12:42pm resetup the mailbox & forward. , st. Lawrence federal credit union- website propsoal by monday, meeting with NYSAR , Traveled with Seth to Boston for ASR training, Vermont Internet public site design, lunch, To Watertown - 70 miles, meeting with bob nelson, Sent out some emails and made some phone calls, IIS Security audit / Network Docs for Ben, E-Mail, Voice-Mail, Setup,
|
