Blog Entry: 3/25/2006 4:44:41 PM
I am trying to understand how/where the "Log_Off_URL" variable is set
I have searched the forum for that string but don't get real good
results...I think the _'s are replaced with spaces for the search.
I am learning how to use the groups options and have modified some of
your example access level examples to test out group stuff. At the
bottom of the default.asp page I see a "LOG OFF SYSTEM" link that is
filled with a link stored in the Log_Off_URL variable and it looks
like that is being set back to the default.asp file somehow. So when
I click on it it just refreshes the page and appears to keep my user
logged in.
Seems like it should log out the user and redisplay the
login page. Is there a way to log totally off and have the login page
show up again? I am sure I am missing some obvious thing
somewhere...I can see where the Log_Off_URL variable is being created
in the config_inc.asp file but did'nt know where to look for more
info. Can you point me to an existing forum link?
Thanks!!
, I got ya. Well hey, that's what's great about the iframe right?
,
(Capcha Security Image Mod)
This mod will add a Capcha Security Image to the registration signup form.
Instructions:
Download the latest version of the ASP Security Image Generator from this site. http://www.tipstricks.org/
Unzip that download and copy "aspcaptcha.asp" and "aspcaptcha_distort.asp" into the aspprotect "users" folder.
Now edit "users/register.asp" with a text editor and add the code shown below in blue. The code to add goes near the bottom of the form right above the submit button. Just add the blue code. The code around it is shown to help you find the area of code where it gets placed.
<tr>
<td valign="top" align="right"><font face="Arial" size="2"><strong>
Newsletter</strong></font></td> ; ; ; ; ; ; ;
<td valign="top">
<input type="checkbox" name="Newsletter" value="True" checked>
<font face="Arial" size="1">Do you want to be subscribed to the
newsletter ?</font></td>
</tr>
<tr>
<td valign="top" align="right"></td>
<td valign="top"> <img src="aspcaptcha.asp" alt="" width="86" height="21" />
<font face="Arial" size="2" color="#000000">Type the characters shown in image for verification.</font><br>
<input name="strCAPTCHA" type="text" id="strCAPTCHA" maxlength="8" /></td>
</tr>
<tr>
<td colspan="2" bgcolor="#FFFFFF">
<p align="center"><input type="submit" value="Register"></p>
</td>
</tr>
ok, now edit "users/add_new_account.asp" with a text editor and add the code shown below in blue. Just add the blue code. The code around it is shown to help you find the area of code where it gets placed.
If User_Custom6_Used = True Then
If User_Custom6_Required = True Then
If Custom6 = "" Then
ErrorMessage = ErrorMessage & Server.URLEncode("You need to enter a " & User_Custom6_Name &".\n\n")
End IF
End If
End If
strCAPTCHA = Trim(Request.Form("strCAPTCHA"))
if strCAPTCHA = Trim(Session("CAPTCHA_" & Session.SessionID)) then
else
ErrorMessage = ErrorMessage & Server.URLEncode("You did not type in the verification info correctly.\n\n")
End If
If ErrorMessage <> "" Then
Response.Redirect "register.asp?" & Request.Form & "&ErrorMessage=" & ErrorMessage
Response.End
End If
Your done. You just added a Capcha Security Image to your signup form. If you would like a more distorted image that is more difficult for an automated program to figure out change the image tag to call the "aspcaptcha_distort.asp" page instead. It will look more like this.
,
Ok, set up a new web.config in root, with just the suggested code.
that worked to get this....
Configuration Error
Description: An
error occurred during the processing of a configuration file required
to service this request. Please review the specific error details below
and modify your configuration file appropriately.
Parser Error Message: It
is an error to use a section registered as
allowDefinition='MachineToApplication' beyond application level. This
error can be caused by a virtual directory not being configured as an
application in IIS.
Source Error:
Line 409:
Line 410:
Line 411: <authentication mode="Forms">
Line 412:
Line 413: <!-- DO NOT CHANGE UNLESS INSTRUCTED TO DO SO -->
|
Source File: D:\hshome~aspnetprotect\web.config Line: 411
any ideas?
Andy
, Just installed software, when I attempt to log on I get the following error (actually this is after I moved some of the include files to user).
Active Server Pages error 'ASP 0131'
Disallowed Parent Path
/gallery_admin/default.asp, line 25
The Include file '../dataconn_inc.asp' cannot contain '..' to indicate the parent directory.
What do I need to do to fix?
thanks.
, Thanks.
Nick
, Thank you so much that works great.
I will test with the other settings on the email server again thanks for the advice,
best regards
, If you are using version 6 CDOSYS is not supported. That is one reason why version 7 came out. If you want to rewrite the code to work with CDOSYS in version 6 that is something you need to sort out on your own as I do not support custimization to the code.
, Chris,
Ok new puzzle
. I have now managed to gonfigure it to get the admin screen and update members. All excellent news. Seems to work a treat.
But have used the code you give in your getting started guide to add at
the very top of an aspx page to be protected. The path is configured
correctly I am sure. the aspx file is in the root, the protect program
is in a folder now configured as an application (hence the steps
forward to get to the admin screens) on the root, so address should be
foldrname//protectpage.ascx.
Proble when I load that aspx page is as above. The exact same config error
,oww!
I am sure its a setting on my server now, but I dont know what to ask for, Any ideas...
So close now!
Andy
, that is because passwords in the import/export files are encrypted.. if you make one of your own you need to use the rc4 function in the "config_inc.asp" to encrpyt your passwords just like the aspprotect system does (requires knowledge of vbscript and integration into your export system)
now, there is a way around this
if you want to import a file you made with clear text passwords edit "import.asp" beforehand and change
If UserArray2(5) <> "" Then CmdAddUsers.Fields("Password") = UserArray2(5)
to
If UserArray2(5) <> "" Then CmdAddUsers.Fields("Password") = RC4(UserArray2(5), PasswordEncryptionKey)
that way it should convert your clear text passwords to encrypted while it does the import
this post also addresses this but in the reverse scenario
http://support.cjwsoft.com/code/code_info.asp?TID=261&PN =1&TPN=1
I hope this helps you because I really do have to leave the office like right now. Very late for a dinner meeting.
I should be back on the computer later tonight or tommoro morning
, The random password is generated during signup and the function that creates it is located on this page of code.
users/register.asp
it looks like this
Function RndStr(Length, UseChrs)
If IsNull(UseChrs) OR (UseChrs = "") Then UseChrs = "0123456789abcdefghijklmnopqrstuvwxyz!@#$%^&*()_+=-"
NewStr = ""
Randomize(CByte(Left(Right(Time(),5),2)))
For gpIndex = 1 To Length
NewStr = NewStr & Mid(UseChrs, Int((Len(UseChrs)) * Rnd + 1), 1)
Next
RndStr = NewStr
End Function
For example go to this page and hit refresh and watch the password change.
http://www.aspprotect.com/demo2/users/register.asp
Yes, sometimes if you hit refresh quickly over and over you'll get the same password, but not generally. Also that is not something that would happen normally as a user isnt going to sit at that screen and hit refresh over and over.
Anyway... when signing up the new user of course has the option to change that password to something they would like better...
As far as... "selecting the same user name and password every time"
I need more information. That does not make sense for a lot of reasons.
Most importantly because usernames are not generated. The are inputed by the user during signup. They are then checked to ensure they do not already exist before the user is allowed to complete their signup.
So under normal circumstances there can never be duplicate usernames in the system or even users with duplicate emails as that is checked as well.
Now of course if you edited the code in any way it is possible all this is not working correctly ?
cwilliams38164.8059143519, If you are using an ACCESS Database try to avoid using a system DSN. They are much slower because they go through ODBC which then uses the Jet Drivers to access the database. They also have to do a registry lookup.
ttp://www.4guysfromrolla.com/webtech/070399-1.shtml
http://www.powerasp.com/content/database/dsn_vs_dnsless.asp
It's funny because in the 4guys article they ask the question..
"Hmmmm... so who was right, Microsoft or Wrox?"
I'll tell you who was right and who said it 1st. It was me and I said it on my old powerasp.com site before anyone else ever did.
I found it out on my own by experimenting when I was the Systems Analyst for an large ISP. We we had web servers that were not running well. I didn't read about this solution anywhere because no one was talking about it at the time. Microsoft said use System DSN's so everyone just took their word for it.
I took a lot of heat for saying that back in the day but over time everyone started saying it.
, Hello-
I'd like to set up the system to redirect to a landing page (say home1) after the user logs in.
I have looked at all the documentation and can't find something that explains how to do this. I am thinking that I can set up a log in as the default in my root directory that will have a form with an action=check_user_inc.asp. I have looked at the code there but cannot find a place where I would place a redirect to home1.
Help please
Thanks
, 1) Does everything, i.e. every user, every category, every product, etc., get stored in just one single database, or are there multiple databases at work and are linked to one another? I am asking because there is only one table in the DB, and it is the "Users" table. So I am presuming that there must be other databases that are linked to the DB. Is this correct?
2) Are user-level security permissions utilized in the sample Access DB that is shipped with the software? I am asking because we cannot seem to remove the "temp" password no matter what we try, and this is the only reason I can think of.
, if you are talking about IPN subscriptions and how they work paypal has detailed manauls on their site.. if you are talking about asp.net in general there are probably a lot of good books..
the reason I said look at the aspprotect 7 code is cause the applications and database are very similar and the same techniques will apply for the most part as far as how the ipn subscription posts from paypal talk to the database and what happens during the various post events.. etc etc etc , I just purchased the software and it looks great however, I have been fighting for 4 hours trying to get a protected page to do what it is supposed to.
I was trying the examples you provided and they worked fine, then I would use the code at the top of my pages with no luck.
When I installed the software, I used an FTP package as I have found lately that anything with a database gets all messed up when I publish with FP.
On a whim, I took the page I was publishing in FP and published the same page with my FTP program. It worked! What I can't figure out is what FP does to the files to screw them up so they won't function. Is there a setting in FP that I have to change to get it to work? The files look the same, but they are different sizes when I overwrite them with FTP.
Any ideas? I don't want to have to publish my entire site with FTP as it is a FP template site.
Thanks,
Dave
, Chris-
A general question - Can you have multiple instance of the gallery on the same server?
, in Control_pic.asp is there way to wrap the description field so that it doesn't go outside the table.
Thanks
,
AUGUST 12th 2004
NEW VERSION OF ASPBANNER IS BEING RELEASED THIS WEEK
ASPBanner Unlimited Version 8.0
It is completely finished.
http://www.aspbanner.com/
This new version has more features and is selling for $99.95
Unlimited Version 7.3 is now named "ASPBanner Standard"
Owner's of Unlimited Version 7.3 can get an upgrade to Unlimited Version 8 for the difference in price (based on current pricing)
It is available now for purchase at the following link .
http://www.aspbanner.com/purchase_unlimited_v8.1_classic_upg rade.asp
The new version can use your existing database so it is a fairly easy upgrade.
If you are not an existing ASPBanner Customer you can use the following link to purchase the application normally.
http://www.aspbanner.com/purchase_unlimited_v8.1_classic.asp
Notes on the new version:
ASPBanner Unlimited Version 8
Improved graphics and some new icons
New reports screen... 4 reports total 3 of which are new
New Iframe Banner Calling method with built in auto refresh feature so banners can rotate at a specified interval on their own
New Zone Order Informaion Page
Visually shows you what the current rotation looks like for a zone
Banners can now be stopped at a certain date and at an impression limit
Whichever is hit 1st.. before it was just one or the other
New "data" folder... this new directory is the only directory that needs permissions
this should make setting up the system and permissions a breeze.. all cjwsoft applications will
eventually use this same folder
New configuration text file... eliminates config table in the database and allows us to easily
add more config options in the future without changing the database.. means easier upgrades down the road
and faster loading of the configuration data
New application data connection wizard
makes setting up the data connection a no brainer
more overall emailing methods supported
CDONTS
CDOSYS
ASPEMAIL
ASPMAIL
ASPSMARTMAIL
DUNDASMAILER
JMAIL
SASMTPMAIL
Bamboo Mail
Simple Mail
ASPQMail
QuickSoft EasyMail Objects
OCXMail
Persists ASPEMail now supports outgoing SMTP authentication.
Simple Mail now supports outgoing SMTP authentication.
It is becoming popular for ISP to use this.
Emailing code now uses functions so we can easily add more email component support down the road
Flash files (.swf) can now be previewed and used in new banner right from the upload page
before this could only be done with image files
Users page now has a notes popup feature
when you hold the mouse over the icon you see all info on a user without needing to edit that user
Edit banner page now shows the color of the banner status in the dropdown menu
New clone banner feature.. allows you to easily create similar banners
Banner application page has been optimized to be even more efficient
Javascript popup calendar date selectors
Ton of misc little things & Improvements...
Some Screenshots
, Need to clarify something..
Your talking about the page where a new user registers right ?
Your not talking about adding a new user from the admin area ?
Either way under no circumstances do I see anything like you are saying happening nor has any other ASPProtect user ever mentioned this probem.
I am going to need to see your site and see this happening. It just makes no sense the way you are describing it.
Also. did you edit the registration page code in any way. If so please revert back to an original copy to ensure this is not some sort of problem introduced by editing the code.
cwilliams38164.8115046296, Sorry Chris,
It didn't fix it. Looks like I had the current code. I bought the system in mid-April. The version says 3-10-2005.
I do know that in the database, the password shows as " éG" but in the error code, it shows as " éG". The square character is missing.
Thanks,
Mick
Edit: well heck. It skips the square box here too. The password in the database puts a square box in front of the éG
, Yeah, its working great witht he Access database. Now I just need to get it all set up. I like how the config file is set up with all the comments, it really helped allieviate the 40k thumbnails,
.
One quick question though, and I haven't looked through all the code yet... Is there a quick way to have pic_window.asp open full screen by default? I just want to minimize having to either scroll through, or maximize, the screen
Thanks!!!
- Jason
, YAY! I FOUND A BUG IN MY TESTING!!! Do I get a cool t-shirt or a coupon for Ben & Jerry's Ice Cream? 
Hehehe... seriously, thanks for digging deeper and spotting the error.
You got some mad skillz and some excellent service, Mr. Cwilliams!
, i took another look at the file, and realized that when i was looking at the data structure i had confused "banner_image_URL" with "banner_link_URL". i lengthened the latter, and now all is good.
sorry for the false alarm, and thanks for a very-to-work-with product.
, again.. more custom code work would be required to handle it
, I dont understand why I would get an error? -- I'm not sending the email from internal - so why would it try to validate?
I'm trying to send an email to an independent place - just like I would send an email to you
Am I using the wrong email setting - should I be doing something other than using "remote server"
, perhaps the filesystem object is disabled on the server ?
or some sort of script blocking is running and causing a problem ?
other than that I can take a look if you put it up on a live server.
, Hello,
You are correct regarding what you noticed.. ASPBanner only allows one person to administrate. If if did what you are asking about it would probably cost more.
(you get the ASP source so if you really wanted that you could always add it on your own fairly easily, but it all depends on your skills)
AS for keyword advertising and different ads based on certain pages ASPBanner does not get into that. The main reason being performance as I built ASPBanner primarily as a performance banner rotation solution.
http://support.cjwsoft.com/forum/forum_posts.asp?TID=144& ; ; ; ; ;PN=1
Like that thread says, you could make different zones for different conditions.. then surround the banner calling code with if else logic so a different banner zone was called under certain conditions.
Regardless, if you really need something that has every bell and whistle. BanManPro is where it is at.
cwilliams38434.7100578704, No problem. I get it now.
I added a Session Variable for "Counter". Then wrote an If statement around that. When the user logs on for the first time they see a window pop, after that the normal start page.
Thanks
, The album ID thing is completely normal and by design. Once an ID in the database is used it can not be used again. That is how autonumber fields in a database work.
As far as not being able to delete images... Are you by chance using ASP.NET to show dynamic thumbnails... Because if you are you must turn that feature off and wait 20 minutes or so (maybe more) before you will be able to delete any of the images. It is because the current version of the ASP.NET script used to make the thumbnails locks the images on the server temporarily anytime it creates a thumbnail.
It is a known issue... and there is no fix at the moment other than what I told you above.
cwilliams38324.744525463, You are right, there are NO entries in the "PayPal_Subscriber_ID" field at all. Any way of fixing this?
, Hello,
Again, enspecified error are not very helpful.
An error usually tells you at least a line number and page or something.
Please read this as it might help do tell me more.
http://support.cjwsoft.com/forum/forum_posts.asp?TID=11& PN=1
As for only happening once in a while. It could be a lot of things.
Version being used (when did you purchase.. what name/email was it under and I can look) ?
What banner method being used?
Access or MSSQL ?
How busy the site is ?
Server Resources ?
cwilliams38414.6114930556, Just checked XML Parsing with your file. Got a clean bill of health on that: It's working.
Got the right code for the location of the ipn.asp in my paypal1.asp, from http:// all the way to .asp.
I think since everything is set up properly from the looks of things,
I'll wait and see. If I get another one who flubs things, then I'll
start the testing of the account. But if it goes through just fine,
then maybe the Internet just hiccoughed on the first guy... thanks
again!
, Oh big deal !!... John mentioned some site and you feel like you proved some sort of point. Aren't you special ?
Look, I am telling for the 3rd time you can't do what you are talking about with ASPProtect.NET. Are you braindead cause I really am beginning to think you are and I for one am done trying to be somewhat nice to you ??????
I am also willing to bet you had no idea what viewstate even was until I mentioned it and then you probably went and read up about it so quit trying to pretend like you know what is going on! If you knew what was going on you would not be asking more questions about ASPProtect.NET than any customer in the history of selling the application.
As a matter of fact you should send me like 400.00 just for all my time you have taken up because you are totally frigin clueless !!!!!
I should have cut you off the instant you offered me illegal software from p2p right in a forum post., Oh, to clarify the above. We did not change any columns in your [Users] database or any other table., Flash Code Generator
Until I have time to make one I suggest using the one on the banmanpro support site as it is pretty nice.
http://www.banmanpro.com/support/flashgenerator.asp
cwilliams38291.6146875, good news.. like I said it is probably becuase aol blocks emails sent from IP's with no MX record in the dns system , where is your site ? I'll taka a look
, I am using VS 2005, when i go to new project in visual basic folder asp.net web application is not there..
Can i add it somehow?
, Bingo! that did it. Somehow the data must have gotten corrupted.
Hopefully that will do for me. Seems like everything is humming along and looks great!
Thanks again,
Laura
,
Timecard Entry: 3/25/2006 4:44:41 PM
Working on some details with pocket real estate and the directions I have to design, Vermont Internet public site design, set top boxes, email, taking sign ups, checked emails, answering phone, , Email/Newsgroups, Weekly Meeting , Clayton to Watertown, 24 miles, enter bills; credit memo's w/ Andrea, designed and ran coupon by Tara and Steve, worked on SoftVendor "user manual" (mostly refinining look and feel of test page and finishing configuring database to work correctly), Went to meet with Bob Nelson and we went over what he thingks we need our new CMA report to do. IHe has given me details and various programs to run and try as well as print out of what the reports needs to do and look like. I will be working on this most likely for the next week and a half as it is going to be extremely complicated for me to get finished., #2000-7-65 FXCaprara.Com - Form Manager., general admin, call backs, prepare for afternoon calls, tech support supervisor, passed out callbacks, voice mail, radlog assigned and followed up, did follow ups, ask us a questions, dial up issues, helped techs with there issues at hand... good night
, Conference call with Seth and Kareta, lunch, lunch, meeting with Ron and Jim, Pricing Meeting, techcalls, radlog, new users, Set up Chairs, Unload Supplies, Pinehurst - put entire site into tables, resize all graphics to fit on printed page, Answered tech related calls. Checked and called on rad log. Also checked dial-up issues.., same as above, Entered bills, Team meeting. Herald building. , Sat down in the NOC room., Printing & alphabetizing invoices & statements, check/read email, voice mail,
