ASPProtect v7 comes with working example code of protecting a file download.

This comes with the system as an example folder with some files in it.

(some of the initial purchaser's of the system might not have that directory.. if that is the case please ask)

Here is how it works...

Basically we protect the file download by only allowing a logged in user to download it. The special ".asp" page we use the stream the file is password protected. It also hides the true location of the file so you can keep your files out of your web or keep them in a folder in your web that does not allow file browsing. Under this scenario even if someone looks at the html source they can not tell where the file really came from and they can only download if they are logged in and you offered them the link to the file.

For the file download protection examples to work you may need to edit some values
in the stream_download.asp file that are valid for your setup.

Look at the source. The values you can edit are commented.

Now, you also need to call a valid "download file name" from the download_link.asp file which is an example of how make a download link to the streamed download.

Nobody ever asked me, so i guess npegley sorted it.

The solution is indeed a single line added to your button form code ..

eg :

<input type='hidden' name='return' value='http://www.your-return-url/here.asp'>

This will overwrite any settings you have in your paypal preferences.

I posted this reply for anyone stumbling on here with the same problem. Hope it helps. :)

Dave.

Sorry, there is not any documentation on that.. it is basic asp/database work and customization like that is not supported. I recommended looking at what is already there and using that as a guide to produce more fields. etc etc

I understand the encryption for security, but I am using ASPP for a very low security function and don't want encryption.

Can't I simply delete the code that does encryption?

If not, how can I

take my ASPProtect_access2002.mdb that was opened on my local host, with my own users added with text passwords,

export to a delimited text file, import it into ASPP with my own passwords encrypted, the use that file instead of my old .mdb file? Thanks

You really can not do something like that. You can not use client side code to change a server side session variable.

To make changes server side a form must be submitted or a link clicked on to another page. Then you can do whatever you like but you cant have an onlci event update a session variable like that.

Though I am not sure of exactly what you are trying to do I think you'll need to go about things a little differently.

I assume you mean 500 pixels wide

no.. because you cant reliably tell a pictures image width without an image resizing component to look it up.. asp can not do things like that on its own

serverobjects has a free component called "imagesize" that can do it as well but you need access to the server to install the component
http://www.serverobjects.com/products.htm

so if you cant do that with regular asp code you definetly can not stop the upload proces because the picture is too wide..

heck, that would be nearly imposible to do regardless.. even with the best 3rd party components at your disposal

even with an image resizing component you would have to allow the upload.. then check the pixel width.. then delete it.. tell the user what is going on...etc etc  .. all a very complicated process

Hi all

User activity screen shows history of logged-in users.

Is it possible to view only those users that are currently logged in ? not the all users that have logged in previously

thanks in advance

I have a need for more than the current number of custom fields currently available in the registration form.  Is there a documented method of adding additional fields or am I not able to do so?

Thanks,

Dave

Actually, your whole site is like that.

http://www.bones.myftpsite.net/rfamilystuff/

You should definetly fix that..
I can't help ya with it though. You'll have to figure it out.

I know ya can do it...

later

ok.. Chris.. I am now kicking myself in the butt.  In the setting section, I had to redirect certain urls and directories to the right spot.  I forgot that I renamed the root folder. 

Thank you, thus far for your continued help.  It is greatly appreciate.

Hi Chris,

Our company has a big dilemma on how to manage the database for accounts that are expiring/expired.

We saw the function to email a batch of users who are expiring soon but this doesn't help us to complete the renewal process.

Once the email is sent, what happens afterwards? how can we setup the system so that we can renew their expiry dates or accounts without too much hassle?

The system currently doesn't have any renewal functions or to allow batch changes on multiple accounts at the same time so we have to manually edit one account at a time. This is extremely tedious if we have over 1000 accounts to manage (and we will).

If you have anything to suggest on all this I would appreciate it :)

Thanks alot
Sylvain

(Indemnification Agreement Mod)

This very simple mod will add an Indemnification Agreement Pop-up to the registration signup form which must be agreed to before continuing. This is often done for legal reasons to help cover yourself if something should come up later on.



Instructions:

Download 2006-03-19_212700_Indemnification_Agreement_Mod.zip which contains "terms.js" and put it in your scripts folder. It contains the text that will be displayed in the pop-up. You can of course carefully edit it with a text editor to say whatever you like.

Now carefully edit "users/register.asp" with a text editor. Add this bit of code in blue right after the include to the "footer_inc.asp" file like so. It will be near the bottom of the page.


<!--#INCLUDE FILE="footer_inc.asp"-->

<% If ErrorMessage = "" Then %>
<script language="JavaScript" src="../scripts/terms.js">
</script>
<% End If %>

Your done, that's it. Now when "users/register.asp" is run for the 1st time the pop-up will come up.

Is this the full version 7.
Did you make any changes to the code ?
Is the User_ID field still an autonumber field in the Access database ?

I do not see how this could happen unless somehow the autonumber field setting for User_ID was changed in the database?

Is there a possibility to build in a option that the administrator will be notifed when a banner expired.

UPDATE:  read whole thread..
Version has been delayed




These are my personal notes on the new version of ASP Photo Gallery that should be out sometime in May/June 2004. Please ingore any typos.

This version may be more expensive than the current pro version as this is a major re-write and there will be a ton of new features.

Regardless, special pricing will be offerered to existing users.

If you see any features not listed that you think would be nice please post them here. We will of course consider them.

ASP Photo Gallery Version 4

------------------------------------------------------------ --------------------------------------------

Finished Improvements:

new setup page makes setting up the data connection easier than ever
it attempts to determine the possible data paths and makes suggestions for what to try
when you finally get the data connection working it gives you a link to the admin area of the application
so you can get started using the application

all database table names can be specified in the config_inc.asp file for advanced users that they may need
to change the table names in the database.. helpful for sql installation where one sql database must be
shared by many applications

new data folder is the only folder that needs permissions set
before multiple folders needed permissions
now everything can be put in this folder... database,logfiles,configuration files,picture upload folders...
eventually all cjwsoft applications will do this allowing multiple cjwsoft applications to use that same folder
therefore making it easier than ever to setup more applications without asking your host to set more permissions

new text based config file makes it easier to add new options to the program without making changes to
the database structure... therefore the need for the configuration table in the database has been eliminated
this also reduces system resources needed to load the config data for each page because it eliminates calls to the
database for config data

added voice effects for data connection page, intro users page, and settings page

made it so ratings color was an option (red or blue)

fixed minor bug that wasn't showing fixed category heights when that was selected and am image wasn't originally sized that way during initial upload

changed logfiles dates so they always show up in the proper order 09 vs 9

added config option to change bit query value to 1 or -1
default it to 1.... this is a technical thing

added the extra options currently in the config file to the settings page so people do not have to manually edit that
file any longer...

added new persits email option and authentication options to the settings page

added new CDOSYS emailing option

added support for dundas emailer

added support for ASPSMARTMAIL

fixed word filter so if it is empty it doesn't mess up
also make editing it part of the main settings

made email functions include file and edited all page that email to use it

added css/style sheet support and removed a lot of the old font tags

seperated the settings page into sections because it was too big and confusing

added ability for text watermarking when using the ASPImage component

made the picture upload error message no longer mention browsers that do not support picture uploading
as that is confusing people... and the problem is never that anymore

Made the ASPImage test page delete the bar graph before creating it so if it is already there they will
not think it is working

added crystal ball feature to admin users screen... shows additional user info when you hold the mouse over it

Made search function highlight search word in results.
Made the search function search the image description text files as well

Eliminated the guestbook directory as there was no need for the guestbook to be in it's own directory. This also simplified the menu.asp file as the guestbook section could be removed.

------------------------------------------------------------ --------------------------------------------

Possible Improvements:

eventually make new and much better directions/documentation... html based for multiple reasons

Eliminate the need for parent paths to be enabled on the web server.
(THIS MAY NOT BE POSSIBLE)
Many hosting companies disabled parent paths and will not enable them for their users.
On Windows 2003 Server Parent Paths are disabled by default.

make it so users ability to upload pics can be optionally disabled

possibly make some of the special functions in the extras folder built in to the admin area

Make the category picture uploader smarter because of the jpg gif issue when reuploading cat icons
A jpg loaded over a gif.. doesn't delete the old gif graphic and vice versa

Reduce number of ".asp" pages in general.

Use more functions for redundant tasks.

Optimize all instances of the old filefound function which is using more resources than are necessary

option.explicit the entire application and get all the variables dimmed once and for all

possibly incorporate the new category system I am working on which allows for unlimited categories and levels
also simplifies the heck out of the pages that call the categories

possibly add some cool image manipulation functions such as rotation for the various image components supported

possibly add the ability to move pictures around in an album. and maybe between albums
I must also remember to move the ratings and desc as well for that image.

possibly add the ability to make individual pictures require approval

possibly add the streaming image ability (asp page called from image tag) I came up with as an option for
people that can use it. this will better secure images in password protected albums and also possibly make
it so images can only be viewed from certain urls.. and maybe make an interface for a list of allowed urls

improve the .net support to also resize the larger images.. currently it does not

possibly add a feature to store 3 versions of images uploaded
thumbnail, medium res, and high res/original
this will appeal to professionals or people that may want to sell prints
storing a large version will be optional

possible support for multimedia content other than gif and jpg images

fix... url to link to..   problem on control pics page when both a jpg and a gif are present... which also relates to a another slight
bug that needs to be taken care of

make interface in admin to listen to installed midi files
and also to upload / delete them

possibly make per album guestbook... or call it something else like disussion or comments

add option to store the images orginal name in the images description area during upload
may be helpful to people that name their images in a somewhat descriptive way

change approval settings so they work on a per user basis
eliminate access levels from edit user screen and get rid of the level 4 stuff mentioned
possibly add a per user option for individual pic approval as well if I get that feature implemented

add support for the ibulc bulk upload client that I recently discovered
it is very cool

OK, thanks.

Nick

The random password is generated during signup and the function that creates it is located on this page of code.

users/register.asp

it looks like this

Function RndStr(Length, UseChrs)
 If IsNull(UseChrs) OR (UseChrs = "") Then UseChrs = "0123456789abcdefghijklmnopqrstuvwxyz!@#$%^&*()_+=-"
 NewStr = ""
 Randomize(CByte(Left(Right(Time(),5),2)))
 For gpIndex = 1 To Length
  NewStr = NewStr & Mid(UseChrs, Int((Len(UseChrs)) * Rnd + 1), 1)
 Next
 RndStr = NewStr
End Function

For example go to this page and hit refresh and watch the password change.

http://www.aspprotect.com/demo2/users/register.asp

Yes, sometimes if you hit refresh quickly over and over you'll get the same password, but not generally. Also that is not something that would happen normally as a user isnt going to sit at that screen and hit refresh over and over.

Anyway... when signing up the new user of course has the option to change that password to something they would like better...

As far as... "selecting the same user name and password every time"

I need more information. That does not make sense for a lot of reasons.

Most importantly because usernames are not generated. The are inputed by the user during signup. They are then checked to ensure they do not already exist before the user is allowed to complete their signup.

So under normal circumstances there can never be duplicate usernames in the system or even users with duplicate emails as that is checked as well.

Now of course if you edited the code in any way it is possible all this is not working correctly ?

It appears there is an auto logout after inactivity for a period of time.  How does one change the default time allowed for inactivity?

thx

you actually dont touch any of those
UploadDirectory = CmdGetConfiguration("UploadDirectory")
They get set from the config table in the database which gets edited in the admin area.

so...

I am talking about the settings area in the admin area of the applicaton.
Every setting there is descibed in detail. You get there and change serttings there via the web browser and by logging in as the admin.

Log in to the online demo as admin and check out the settings area if you are confused.
http://www.aspphotogallery.com/demo_pro.asp

Hi Chris,

The password is HANNAH.  If you're into trouble shooting mode and would like the key, I can send it to you.  If not, no big deal, I've email the guy a new password.  We'll see how many rounds it takes him to get it right. 

Thanks,
Mick

Also, I found this page which specifically talks about hidden IPN form values to change currencies

https://www.paypal.com/us/cgi-bin/webscr?cmd=p/acc/ipn-info

mc_currency	For payment IPNs, this is the currency of the payment. For non-payment subscription IPNs, this is the currency of the subscription.
	"USD"	The currency of the payment is U.S. Dollars.
	"CAD"	The currency of the payment is Canadian Dollars.
	"GBP"	The currency of the payment is Pounds Sterling.
	"EUR"	The currency of the payment is Euros.
	"JPY"	The currency of the payment is Yen.

Hi,

Actually that is not a feature at this time. Only the admin can add an image for user. If you look at the code for that you could adapt it for individual user use fairly easily provided you are decent with ASP.

That feature will probably be added some day, but there was no time to add it to into the current version and I can not give you a time on when it will be added. The complicated part is making some sort of approval process in case a user adds something undesirable and also limited file sizes which is hard to do without somesort of 3rd party uplaod component being involved.

Not a problem.  Have a good time at your wedding.

thanks!

No worries

then..

is there any way I can get rid of those information shown on User activity screen, so I can at least know who logged in current day?

thank you in advance

Hi Chris,

I have a small problem, I have installed asp photo gallery pro on a hosted site, and after eventually getting them to modify permissions on directories it is essentially working, except that it won't delete pictures from an album. If I delete an album the pictures are left in the pictures directory, but the album is no longer displayed. If I then make a new album it is labelled incrementally... ie I had one album "album_ID_1", deleted it created a new album it is labelled "album_ID_2". I would have thought that the new album would be called "album_ID_1" ie taking the place of the deleted one. It seems to me that the delete album function isn't fully working either. My hosting comppany swears that the permissions on the pictures directory are set to full access for everybody. What have I done wrong?

Thank you

Nigel

This user is talking about preparing more than 100 pics at a time for an album that already exists and doing it using linux.

I asked the user to post the code here because I think it is interesting and it may help someone who is working with the app.

This article is not for everyone for a few reasons.

1.) The application can already mass import pics on it's own. It does 100 pics pretty quickly on a decent server. The built in method also resizes pictures and make low res thumbnails should your server support a supported ASP image resizing component. The method above simply rename pictures in a folder so the application will see them as part of an album.

2.) We don't support or recommend that anyone sets the application to use more than 100 pics per album. It is just not tuned for that and there will be issues. Please dont ask me what they are as it is complicated and I am not sure/dont remember what they all are.

3.) Your going to have to be familiar with linux to use the code shown above.

If things are not perfect there will be no log files and no errors.. it can only be one of these things really
http://support.cjwsoft.com/code/moreinfo313-2.htm

You may also want to make your the filesystem on the server is working and not disabled by norton script blocking or anything random like that. Testing the filesystem object is best done by writing a simple text file to a folder. Plenty of examples of doing that can be found at www.aspin.com

Recent activity is temporary and admin activity in the admin area is not tracked. If your application in IIS has reset or there has been no activity in the users area or in pages you protected there will be nothing there. The busier your site the more chance something will be there. For example usually our online demo has something there except right after 4am when my server does an iisreset.