Blog Entry: 3/25/2006 4:58:08 PM
The pages in the ASProtect Full version that have emailing code in them are as follows.
password_admin/email_user.asp
password_admin/send_mass_email.asp
users/add_new_account.asp
users/email_password.asp
, Hi,
I have a question re ASP Protect, I have got it up and running on a dev server which also hosts a e-com engine (ASP / Access), when users check out they are presented with the e-com log in screen (which is sharing the same ASPP_User table). All's well and registration and editing user details is fine both in the Admin section and the front end of ASP and if I request an email reminder from the ecom scripts I get back the encrypted password.
I'm using <% = Session("Email") %> and <% = Session("Password") %> to populate the fields on the ecom log in page so users can click though and progress, the checkout process needs the username/password, all user info shows up ok, however, when I proceed with these credentials, it doesn't work, even though I know these to be correct and even without requesting a password reminder and using the one that gets me in everywhere else, I still can't get through? do I need some code re the crypto so the ecom can decode??
Any help would be great - I've been on it for about 10 hours, and checked through the posts here but can't fathom it out?
Thanks Craig
,
and did you response.write that session value to see if it holds anything to ensure it is being set , The mass picyure import does not work like that. It involves no uploading component.
Only an admin can do a mass import on an album and they have to ftp the images into the site in that upload folder before they go do the mass import thing. , sorry, I am guilty of being very tired and didnt read your message fully.
I know this forum area is called "database connection issues" but it is only meant for generic issues.
Issues specific to a particular application need to go in that applications area in the forum. It keeps the forums more organized and helps other people fnd help later on.
So please post in the correct area.
I will answer this question soon. I have to do something 1st though.
, that information is actually not helpful in determining whether parent paths is enabled or not.
You should really ask your hosting company or better yet try doing a server side include to page one directory up and see if you get an error.
example
<!--#include file = "../myfile.asp"-->
cwilliams38302.6484259259, like I said you made changes to something to cause that...
users/user_area.asp
runs fine the way it ships "it is one of things I tested earlier when I looked at your installation for you"
If you want I'll go look via FTP and tell you what is wrong
cwilliams38456.1069212963, no, but in the standard version it probably will not run so great with more than 75 or so.
The unlimited version can handle pretty much whatever., yes, How can I have fixed size height and width image without distortion. Is there a component that I can use or how can I change the existing code.
yes, unless its ratio matches
how could it not be ?
Please keep questions like this in the forums... thx.
there is no need for this to be a private message
-- Previous Private Message --
Sent by : eeye
Sent : April/29/2005 at 2:19pm
If I choose fixed width and height is the thumbnail image going to be distorted?
-- Previous Private Message --
Sent by : cwilliams
Sent : April/29/2005 at 1:17pm
that is not possible unless you rewrite the code.
You onlyahve the two options we give in the config file for thumbnails
fixed width and height all the time
or
fixed width / dynamic height
-- Previous Private Message --
Sent by : eeye
Sent : April/29/2005 at 1:07pm
Hi William
One more questions for you. is there a way to make sure that all the thumbnails are the same size without distorting the images (in the thumbnails). Or if a picture's height is bigger than its width is there to create the thumbnail such that the height of the orginal becomes the width of the thumbnails and vice versa.
Basically I just want the thumbnail pictures to be in a perfect row with all the picture heights the same and all the pic width the same.
Thanks
Sean
, Chris,
2Checkout.com has added to their required cart parameters:
https://www.2checkout.com/documentation/newparameters.html
Do you have a version of 2checkout2.asp that will support these?
Thanks,
Nick
, is that lindsey lohan and her fake boobs as ur avatar?
I am installing IIS and all of its glory on the other computer now... gotta love remote desktop (the pc is at work 
)
, Sounds to me like you got some bad databases or something. Or your trying to open a database with too old of a version of msaccess.. not sure
Everything is stored in one database. And yes there is more than just the users table.
Also, removing the "temp" password should be a piece of cake.
Email me for a new copy of the download file ? Use the contact from on the cjwsoft site. Please tell me your order details as well so I know who you are.
, I just made a new admin account and I still can not log in using it ?
Did you by chance edit the code by adding LCID info or something like that ? Something is just very wrong.
The simple example protected pages can not even be logged into ?
, humm, I see your using the lite version which is technically not supported.
I know you were responding to an existing thread but I really would rather you have posted this in the ASPProtect Lite area or at least mentioned what version you are using. Usually there are big differences in the versions and it helps me help you if I know what is going on.
Regardless, the code for this feature is actually the same and I just tested a fresh install of the lite version and it stored that verify url perfectly and all worked as it should in the verification email.
All I can think of is that you can try manually editing the "users/add_new_account.asp" file.
This part
EmailBody = EmailBody & "New Registration.." & vbCrLf & vbCrLf & "Your registration still has to be validated." & vbCrLf & "Go to " & vbCrLf & VerifyURL & "?u=" & Server.URLEncode(Request("Username")) & "&v=" & ValidateEmailCode & vbCrLf & "to verify your registration." & vbCrLf & vbCrLf
Would need your verify URL hardcoded into it which would pretty much guarantee it would get put in the email.
EmailBody = EmailBody & "New Registration.." & vbCrLf & vbCrLf & "Your registration still has to be validated." & "http://localhost/aspprotectlite/users/v.asp" & "Go to " & vbCrLf & VerifyURL & "?u=" & Server.URLEncode(Request("Username")) & "&v=" & ValidateEmailCode & vbCrLf & "to verify your registration." & vbCrLf & vbCrLf
Of course change the url to be valid for your setup.
Still, the fact that this isn't working means there is something wrong with your installation. It would probably be a good idea to erase everything, do an iisreset, and re-install the application in a different directory... immediatly log and go to the settings page, carefully set everything and save it... then register as a new user and see what happens.
There is no reason that variable shouldn't get set. I mean I tested it just now with a fresh install of the version you are using and not only that... 1000's of people have been using that same code for over a year in the full version and no one has had this problem except the guy who started this thread who never populated the value.
My guess is still a problem with your "IIS application" for that web. It is not doing it's thing for some reason. When the settings page is saved and application variable gets set telling the config file to reload the variables as it doesn't do it every time to conserve resources.
If that isn't getting triggered and that variable isn't getting set who knows what else isn't getting set and it's not pratical going around hardcoding 15 important variables., Also, I notice you are using iframes to load the banners. That is probably your issue more than anything. That browser probably does not handle them well.
Possibly try other methods of displaying the banners and see what happens. The XML parser is usually one the best methods to try as it will output just your banner code straight into your html. , If a picture does not show after uploading it is one of the following things.
The upload method chosen is not supported on the server
or
The physical path specified to the pictures folder is not correct.
or
The URL to the Pictures folder is not correct.
or
Permissions to the pictures folder have not been set properly
Here is more information on how permissions are set.
http://support.cjwsoft.com/code/moreinfo136-1.htm
http://support.cjwsoft.com/code/moreinfo56-1.htm
Without more information and the settings you have entered and chosen that is all I can offer for now.
, [QUOTE=cwilliams]I would like to delete the SQL tables and set them up from scratch using enterprise manager and sql query manager and see what happens
If that is ok with you let me know.
Something is wrong like I said... almost seems like the database is caching old password info from the field.[/QUOTE]
Sure go ahead
, I am having trouble getting any information to show up in the log files
directory or anything showing up on the log files tab in the
administrator. I have set the following variables under the
settings tab:
UseLogFiles checked and
value of LogFileDirectory is "c:\inetpub\wwwroot\wf\data\logfiles"
I checked the permissions on that folder and they are set so that the Internet Guest account has full control on that directory.
I also checked RecentActiveUsers and RecentPageRequrests.
I am sure I am missing something simple but no files are ever showing
up in the logfiles directory...anyone have similar problems or at least
successes?
Thanks!!
, ... in addition it is a virtual include not a file. I just tried to use file instead of virtual and then the ../ includes worked on the asp pages.
This is strange because they used to work like that on the 2000 server I had these sites running on.
, I would like to change this file name to the typical Login.aspx, how to do this? I have a VS 2003 but need instrutions if that's the route to go., I am running Windows 2000 server. I do believe asp.net IS installed as I have the .NET 1.1 framework installed.
Funny about the bounce backs. I am at about 10% of my limit, which I control as I am the network admin. I'll check into that.
, its a text file you just edit it with notepad.. if ya mess it up ya put an original copy back in
no biggie either way
jump in there..
I just showed ya exactly what to change.. its a no brainer man
This is simple source code. It's meant to be edited and hacked.
The only reason I warn you is so you can't blame me later on if it effects something
I am just trying to help
If ya dont like that solution why not just use periods for the first name field.. or a dash or something... then nobody will really see it
or maybe store the company name in the first_name field
seems like clever things to try without changing the code..
good luck...
cwilliams38326.870474537, Look in the "check_user_inc.asp" file..
You'll see the name of the cookie there and also get an idea how to access it.
In most versions it looks like this.
Request.Cookies("PASWORDSYSTEMCOOKIE")("COOKIE_USERNAME")
You'll want the cookie for the username because the session variable will not exist unless they have actually gone to a protected page during that session at the site.
It would probably be best the check for both the session and the cookie. That will make sure people logged in that arent using the cookie option still see the message you want to display.
Sorta like this..
GetUsername = ""
If Request.Cookies("PASWORDSYSTEMCOOKIE")("COOKIE_USERNAME") <> "" Then
GetUsername = Request.Cookies("PASWORDSYSTEMCOOKIE")("COOKIE_USERNAME")
Else If Session("Username") <> "" Then
GetUsername = Session("Username")
End If
Response.Write GetUsername
cwilliams38298.9175, Not without changing a lot of code. If you didn't want encryption you really should have went with version 6. Encryption is a big new feature of Version 7 and it is inter-mixed with it the code in a lot of places.
As for doing the export and import you have to create a valid export file and then read through this very thread which explains how to import an export file with clear text passwords.
This is from the admin area regarding the text file format
The import/export file must be tab delimited with no text qualifiers. The 1st row containing field names and the following each being a new user. To create your own import file it must be in this exact format. To find out what field names and their order are simply create an export file using ASPProtect and take a look at it.
Generating an import file from your own database requires good knowlege and understanding of Access's Importing and Exporting functions. It is not something I cover as the process is different for everyone and not really very hard. , say ?
How do you like LiveSTATS.xsp V7 ?
Looks pretty sweet but the pricing is just too much for me to justify as I am very happy with smarterstats and I host a lot of sites now.
I used to use Livestats 5 back in the day when we had a 50 domain license where I worked and hosted my sites. I liked it a lot then I tried the version 6.2 that they had for a while and hated it. Version 5 still runs well on 2003 server but it has such outdated search engine information that it isnt worth using. cwilliams38324.8862847222, ok, here is what is going on
you are password protecting an ".asp" page that requires querystring info to run correctly (example - "somepage.asp?ID=3"")
that is something I never intended anyone to do.. while it does handle and repass the querystring info along during successful login it does not re-pass that info during a failed login as you have found out
this is all by design.. the only reason the system re-passes the querystring info at all is because I wanted to make it smart for the sake of the remember me/cookie feature.. so if someone was using that and bookmarked a page deep in your site with querstring info...then when they went back to that bookmark they would get authenticated and still see the page as intended with the querystring info in tact
it was a nice feature never intended to handle any situations other than what I just described...
now...
notice the url in the browser after failing a login.. then logging in successfully.. it is missing the querystring info
that more than anything is what is going on.. browser caching can cause some confusion when dealing with this because the browser likes to return you to the page minus the querstring info... when that happens a simple browser refresh at that time may very well solve the problem and then you see the page you are supposed to see...
To avoid all of this...
One solution to this is to always start people logging in to an ".asp" page that has no querystring info. That way this won't happen. Once they are logged in you can then offer them links to the pages they need to go to. (you of course still want to password protect those pages)
Another solution is to log them into a page with no querystring info and then do a response.redirect to the page with quersytring info.. thus accomplishing the same thing but without the possibility of the issue because of a failed login.
Another solutions is to do checks in your asp page for missing querstring info.. and if it isn't there do something about it like send them somewhere else.. or display a message about there being an error... etc etc
So,basically you don't want to tell people to login into such and such page with querstring info... and providing a username and password..... You can do it but like you found out it can cause an error if they mess up logging in the 1st time. The system just was not designed to handle that. There are complex reasons for that involving security that would just take me too long to explain.
I hope this makes some sense to you.. it is very hard to try and explain
, I did a google search and it turns out that error very well might have to do with ASP trying to send an email and that process failing.
That tells me your emailing from the application is not working so it is probably not something you edited incorrectly.
see this article...
80040211
http://www.aspfaq.com/show.asp?id=2026
Emailing was working as when I did your installation (I think I did it months ago, didn't I) so it must be some incorrect changes to your email settings in the admin settings screen. Try sending an individual email to a user from the admin users screen and see if it works. My guess is you will get the same error and means your email sending options are no longer correct or valid.
If that is the case I would ask you if you changed them or possibly something changed as far as your email setup goes. Passwords ? EMail Server .. etc etc etc
, When I add a user, I can not activat it.
What do you have the registration type set to in the settings ?
They wont be activated automatically unless you have "automatically" selected ?
It sends me back to log on and will now allow me to log in as admin???
I am not quite sure I understand ? Seems to me like that would be normal because you can always log in as the admin at any time. If you cant log in as the user you just signed up as that could be for a couple reasons relating to the registration type you have slected in the settings. There are 3 types all epxlained in the settings screen. Some require manual activation byt the admin, some involve a registration email.. etc etc
I can restart the APP and log in as Admin, but the user I added
is still not activated??
How and why are you restarting the applicaton ? Please explain what your doing there.
My system will also not allow me to set the Stay Loged in FLag.
It just ignores it....
As I told you in an email earlier cookies must be enabled for authentication to work. You mentioned now you can not log off ? I am not sure I know what you mean by that. I assume you know to close all browser windows when testing things like this and I assume you know you have specifically log off and confim it in order to remove the remember me cookie and have to log in again when you return to the site.
, Got it working. 
Had purchased a long time ago and forgot about needing to run the userreg.exe. All is well and thanks for the follow up.
Lance
, when did you puchase/download the application? you may have old code., Flash files cannot track clicks unless you edit the original flash file to link to the aspbanner system redirect URL.. feeding it the correct ID of the banner.
When that link is clicked on it will then track the click and redirect the user to the “link url” specified for that banner.
The system actually generates the necessary ASPBanner URL for you. That link is shown on the banner edit screen.(you must save the banner at least once and come back to that screen to see the link though)
Really the best way to show it is with an example as seen below.
Basically the flash banner file "powerasp.swf" highlighted in green needs to be edited to link to the banner redirect url which is highlighted in red.... the banner redirect url will then track the click and ultimately send the user to the Link_URL highligthed in blue.
All banners systems work this way when it comes to flash files.
It’s the nature of flash and the web browser,
The flash source code must be edited to link to the redirect url in the ASPBanner system. There is no possible way any banner system can track a flash click unless the flash file links to the banner system 1st.... because that click is handled by Flash and the web browser.
In some cases if you do have the original source file for the flash banner then you are out of luck as far as tracking clicks goes.
On a side note... if you create flash banners the way this article says you can actually feed a .swf flash file a link for it to click to. Instead of it being hardcoded.
http://www.macromedia.com/resources/richmedia/tracking/desig ners_guide/index.html
This is really the way everyone should design their flash banners from now on because the url it links to can be easily changed at any time without editing the flash file source code.
cwilliams38325.740162037, You really should just look at the documentation that came with the application. It tells you everything you need to know.
it is in the docs folder in html format.. it is also linked to from the aspclassifieds website
http://www.aspclassifieds.com/demo/docs/
, After a user edit his information (name, email, etc), the session variables are not updated. In the user_area.asp
page, I "Response.Write" all the session variables, and they are still
showing the old information. I tried refreshing the page but to no
avail. The only way to update the display is to log off and login again.
please help.
, That's because when the page rebuilds, it uses the default number of
users per page setting. You'd have to modify that default setting to
have it do things differently. I used to have mine set to 500
users, until I got past 300... then it wasn't fun to show all users on
the page anymore. I now like 10 per page and searching for
specific users as needed.
But that's me. If you hack a COPY of your default.asp file (with the
original backed up as above), you can get the value set to one you
prefer.
If you want me to find the value, post and I'll look for it later on.
If you want to find it yourself, happy hunting! Just be sure to have a
backup in case you do the wrongest thing possible in your haxxoring.
, trust me, they (serverobjects) do not check processors.. as a matter of fact they haven't answered support emails for about 3 years. All they do is sell those components like hotcakes and take in mad crazy cash. But I will say the stuff does work well and always has. (that guy probably took all the money he made/makes from those components and took off to Jamaica or something sitting on the beach drinking margaritas)
regardless,
ASP just cant resize pictures on it's own.
It' just not possible. You need a 3rd Party component.
There isn't much to say about the ASP.NET thing.
If your server has ASP.NET installed (meaning you can run aspx pages on your server and the ASP.NET framework is installed) and running you just pick that option in the config file and ASP Photo Gallery will use ASP.NET to make dynamic thumbnails for you.
To run ASP.NET it must be a 2000 or 2003 server.
, Sorry, you cannot, that is how it works and that is how it has to work for reasons I am not going to try to explain as it is pretty technical. (it works the same way even when not using paypal and using email authentication... nearly every registration system out there does it that way under an email authentication scenario or a PayPal IPN thing.)
Basically, if you are concerned about it you need to periodically manually check for accounts that were never activated and delete them. Maybe when I get some time some day I will make a little interface to help find those and clean them up at once.
, 5300 users honetly wouldn't even phase the database or the code... even with MSAccess...you got other problems and I can say that with 150% certainty
my guess is permissions on the database folder are not quite right or the odbc drivers have issues.. something along those lines..
access databases act up when full modify permissions are not given to the folder they are in.... they can also act up if the odbc drivers are very new and you are not using a newer version of the access database such as 2002 version as opposed to a 97 or 2000 version
using a system dsn as opposed to a dsn-less connection can also cause BIG issues. always use a DSN-LESS connection
you can also have big problems if just the database file is given permissions instead of the whole directory it is in
also, the script timeout has nothing to do with it.. if that is happening something is wrong with the data connection like I said... no amount of changing timeouts is going to cure it...
how permissions are correctly set
http://www.powerasp.com/content/new/windows_2003_server_and_ permissions.asp
why system dsn's with access databases are bad news
http://support.cjwsoft.com/code/moreinfo9-1.htm
I know it worked at 1st but it can still be related to all of this because when permissions are not perfect databases will work ok for a while and then act up. it all has to do with the temporay lock files that access creates and deletes on a regualr basis
, A question. Does this apply to all areas of the application. I have recently uploaded 50 photes. But when I look at the site from the url, I have X where the picture should be. Now, if I look at it though the localhost, I see the pictures perfectly.
, Your users with Internet Explorer may have received the "Page Expired" error. For ASPProtect users, it happens when the user is not logged on and tries to invoke the target page. check_user_inc.asp puts up the login form, and IE sees it as part of the target page. Any later attempt to Back up and reload from cache gives the errror.
My solution was, after successful login, instead of falling through the bottom of check_user_inc.asp and running the target page, I issue a re-direct to reload the target page. I also added META tags on the dynamic login form to say no-cache and expire now, so the re-direct really does reload the target page. This time, of course, check_user_inc.asp does not need to put up the login form, and the new target page in cache contains no form at all. So, IE will not give a Page Expired error when Backing up to it later.
Netscape, and I gather other browsers, do not behave the same way, so I limited the solution to IE. Also, the solution only works if the target page has no form of its own.
I'm uploading my customized version of check_user_inc.asp that contains this solution. (In it, I also used the Javascript focus method to place the "cursor" in the Username field when the login form loads.)
2004-11-22_050940_check_user_inc.zip
cwilliams38313.494537037, What application you talking about ? I'll assume ASPProtect. In the future please specify what application you are talking about.
ASPProtect 7 already has protection that is quite effective. The no concurrent login feature which will not let the same username under a different ip log in at the same time. Meaning if someone gives out their info they will screw themslves over because eventually they won't be able to log in. Only one unique ip at a time can log in so even of 100 people know the info it won't really do anyone much good except the lucky one that logged in 1st and stayed logged in. The username/password will eventually become more and more useless as more and people know it.
In addition to that is is a good idea to monitor the daily logs and single out a user you see logging in a lot. The more ips you see for that user the more chance it is multiple people logging in and you should take action. ,
Timecard Entry: 3/25/2006 4:58:08 PM
Attempted to publish wwnytv.net/72k updates/fixes back to server. had same problem as with watertown school district. folders become corrupt and access denied. contacting Andy at Watertown office to see if we can figure out the problem. Contacting CB to let him know whats going on., misc admin, talk to randy about streaming, gather info for meeting for martins marina
Davidson- Ron called for email
North coiuntry music- info, SQL Self-Study, check voice mail- confirm screen with Linda from Watertown chamber
, Promoting your web site meeting, Met w/ Tim, Time Cards, Emails, A-Links, SWMF, Switchboard, brief billing calls, beth had to go to clayton so in addition to working on linux box i was watching emonitor, work, Worked on the letter to go out to the statement of old accounts outstanding and entered bills, template crap, Pretty slow... took one call from a customer who was trying to download IE 5 and a call from a user who had reformatted hard drive and reinstalled windows. She needed help setting up and getting DUN working. , recieved new equipement, Cash flow report, SoftMLS2 working on template public site of site with fully functional public feedback forms that the Admin are can also manage., Resetting all open modems., Chinese, TICC Team Mtg, Meeting with Leigh Horan about a couple of issues she is having with CostGuard, travel to dutches co for presentation, Cost Guard Presentation prep., Tried to get in on the meeting., machine software, Dave McBride re: Sales leads for DSL, NS1 @ IMCNet, corrected DNS problem, also discovered user using BitchX chat server, changed telnet port numbers for NS1 and NS2, also changed root passwords and modifid inetd.conf file to allow only telnet and ftp access to NS1 and NS2, Read collocation materials,
