Home | Advertising Info16 USERS CURRENTLY ONLINE   
PowerASP
   Site Search Contact Us Friday, March 14, 2025  

Active Server Pages asp source code database MS SQL MS Access .mdb adovbs.inc cookies calendar codes sql commands scripts asp programming tutorials iis web server components CJWSoft ASPProtect ASPBanner ASPClassifieds



Blog Entry: 3/25/2006 4:51:01 PM

There are 8 Access Levels by default.. they work like this.
http://support.cjwsoft.com/forum/forum_posts.asp?TID=166& ; ; ;PN=1

Access Levels exist in ASPProtect Version 7 for backward compatibilty for customers using previous versions.

Truth is Groups are the replacement for Access Levels and they are much more powerful and flexible. You can also make as many of them as you want in the admin area.
http://support.cjwsoft.com/forum/forum_posts.asp?TID=167& ; ; ;PN=1


On a side note:
We also coded ASPProtect Version 7 so there could technically be as many access levels as you wanted. It's not supported but if you really wanted more Access Levels you would carefully add more Access Levels to the drop down choices when you edit a user. "edit.asp"

I don't know why anyone would want to use Access Levels however when they can use Groups.

cwilliams38433.5546875,

(Capcha Security Image Mod)

This mod will add a Capcha Security Image to the registration signup form.



Instructions:

Download the latest version of the ASP Security Image Generator from this site. http://www.tipstricks.org/

Unzip that download and copy "aspcaptcha.asp" and "aspcaptcha_distort.asp" into the aspprotect "users" folder.

Now edit "users/register.asp" with a text editor and add the code shown below in blue. The code to add goes near the bottom of the form right above the submit button. Just add the blue code. The code around it is shown to help you find the area of code where it gets placed.


    <tr>
      <td valign="top" align="right"><font face="Arial" size="2"><strong>
  Newsletter</strong></font></td> ; ; ; ; ; ; ;
      <td valign="top">
  <input type="checkbox" name="Newsletter" value="True" checked>
  <font face="Arial" size="1">Do you want to be subscribed to the
  newsletter ?</font></td>
    </tr>

    <tr>
      <td valign="top" align="right"></td>
      <td valign="top">&nbsp;<img src="aspcaptcha.asp" alt="" width="86" height="21" />
   <font face="Arial" size="2" color="#000000">Type the characters shown in image for verification.</font><br>
   <input name="strCAPTCHA" type="text" id="strCAPTCHA" maxlength="8" /></td>
    </tr>

    <tr>
      <td colspan="2" bgcolor="#FFFFFF">
        <p align="center"><input type="submit" value="Register"></p>
      </td>
    </tr>


ok, now edit "users/add_new_account.asp" with a text editor and add the code shown below in blue. Just add the blue code. The code around it is shown to help you find the area of code where it gets placed.

If User_Custom6_Used = True Then
 If User_Custom6_Required = True Then
  If  Custom6 = "" Then
   ErrorMessage = ErrorMessage & Server.URLEncode("You need to enter a " & User_Custom6_Name &".\n\n")
  End IF
 End If
End If
 
 strCAPTCHA = Trim(Request.Form("strCAPTCHA"))
 if strCAPTCHA = Trim(Session("CAPTCHA_" & Session.SessionID)) then
 else
  ErrorMessage = ErrorMessage & Server.URLEncode("You did not type in the verification info correctly.\n\n")
 End If 

 
If ErrorMessage <> "" Then
 Response.Redirect "register.asp?" & Request.Form & "&ErrorMessage=" & ErrorMessage
 Response.End
End If

Your done. You just added a Capcha Security Image to your signup form. If you would like a more distorted image that is more difficult for an automated program to figure out change the image tag to call the "aspcaptcha_distort.asp" page instead. It will look more like this.

,



Hi,

I did some layout customizing on the register page on my site. ( http://www.lonestaricon.com/aspprotect/paypal_sub_signup/reg ister.asp)

Now when I tried to register, it seems like it goes to the next page, but it is blank.
( http://www.lonestaricon.com/aspprotect/paypal_sub_signup/add _new_account.asp)

If I log in under administration, it shows that I have registered. I can't seem to figure out what part of the code is wrong, so that the new account page will not load.

I'd would greatly appreciate any help with this.

Thanks,

Allison

,
ok "ace45",

I just spent a bunch of time in your setup using SQL server and I didnt have a single issue. It all seems to be working perfectly to me.

I got into the system using the "get_me_in.asp" page like the instructions say to to.. then I deleted those two users you had there.

I created a new user called "admin".. then I edited that user to make him an admin.

I have logged off and back on as that user a bunch of times without issue.

admin
test


is the user info..

I just didnt see any problems whatsoever???

I also took the liberty of going into the settings page and setting all that up for you as well so all the url paths are right now and emailing from the application works.

I am going to wait an hour or so and try to log in a few more times but it honestly seems to be running perfectly to me. , I have no idea to be honest, I just like the way it looks 

Good deal on the remote install, just dont pull the old "hangman" move shutdown the machine on yourself around 4AM. Otherwise you be getting in the car and going for a drive LOL


,

Perfect. Thanks buddy :)

eeye38433.0629976852,

really all depends on the sql connection string you are using and the names of your sql user you are using...

you really havent described very much..

I'd double check all of it.. something is wrong

cwilliams38325.8892824074, Is the user ID case sensetive? In my case I use the user email as the login ID.,

ahh, I see..

that is not really something you should change.. it is pretty much always going to say read for any folder

It's hard to say, but adjusting settings like that could inadvertently change folder permissions in a way that could cause problems and be hard to correct. I really don't know that for sure but it is very easy to totally mess up permissions when trying different things. In the past I had to reinstall iis just to get things back to normal. I eventually over time learned what to do and what not to do and have never had a problem since. I am not saying you are one of those people but a lot of people have problems because they play around with things they shouldn't or they go nuts trying to give every account permission starting from root folders... overwriting important default permissions instead of just making changes to a few specific folders.. not understanding the importance of what they are doing..... etc etc

Sometimes you practically have to be a NT expert just to fully understand permissions. I know a lot and I can handle my own server but it's hard to explain the low level basic of NT permissions to others as there is a lot to it under the scenes. A lot of hard core NT/2000 users do all the permissions from the command prompt because there is a lot more control at that level.

Like I said earlier, what you showed me looks right but this isn't a complex issue and the error means what it means. Something isn't right with the permissions.

I would start from scratch if I were you. Perhaps consider doing an install in a new web instead of in your root like you showed me. Or try installing it on another machine for troubeshooting sake.

I am sorry I can't think of some amazing answer on this one, but I think this is just one of those weird situations that requires starting from scratch or trying it on another machine.

, ok,

I checked the option pack code as well and it looks correct.
I tested it and it acted as it should.

You can see it in active at the live demo
http://www.aspprotect.com/demo3/demo.asp

admin
test

go the the admin area.. you will notice 3 users with level 4 access
1 of them is inactive

then go to the mass email area and pick   active and level 4
it will say it is sending email to 2 users which is correct

then go to mass email again and pick level 4 and inactive
it will say it is sending email to 1 user which is correct

choose any status and access level 4 and it will send email to 3 users which is correct

When you do this please realize you can not choose a group as well.
That will cause a problem because you can not choose a group and an access level at the same time.


Anyway... perhaps you can private message or use the contact us form and and let me take a look at your system. Since I can't reproduce the behavior that is the only way we might figure this out.

cwilliams38104.690787037,

yes, admins have access to absolutely anything...

as for the other question what you should do is only show links to people logged in that they have access to.. then they wont get logged out when they go to a page they do not have access to

for example if someone doesn't have access to a level 4 page dont give them a link to go there... you can do that by checking the session variables and creating your hyperlink html code accordingly .. using simple if-else logic... you could even make a hyperlink non-clickable and add some text to it like (no access)

it's all about taking the time to intelligently designing the different areas of your web site. It takes a bit of time and work to really make a system flow the way you want it to.

other than that it becomes extremely complicated to not grant them access when they go to a page they dont have access to but also keep them logged in. It is just not designed to flow that way. If someone goes to a page they do have access to they get logged out. It sort of has to be that way because of the ways things flow.

more info on accessing user info after login so you can do that
http://support.cjwsoft.com/code/moreinfo198-1.htm

another good thing to check out is the provided examples for mutliple access levels. You can see that if you log into the default page for that that it only shows you links to pages you have access to. Done with simple if-else logic around the html links. It is using groups but you can do the same sort of concept using groups.

,

Tony,

ASPBanner.NET was discontinued about 14 months ago. It is no longer supported in any way because quite frankly the classic ASP version is faster, more stable, has more features, and is a lot easier to install and get running.

If you PM me via the forum you are welcome to a copy of the current ASP Unlimited Version. It can serve banners to any type of page extension. All you have to do is ask for a copy.

Whether or not your existing ASPBanner.NET database is exactly the same structure I do not know, but I believe it is. You should compare the two if you plan to keep using the old database and make any neccessary changes so the old database has the exact same structure as the new version. If there are any differences they are very few.

,

How to set a new users expiration date.

You'll need to edit the "users/add_new_account.asp" with a text editor.

Find this section..

<%
CmdAddUser.Fields("ValidateEmailCode") = ValidateEmailCode
CmdAddUser.Fields("Access_Level") = "4"
' PUT YOUR CODE HERE
CmdAdduser.Update
ID = CmdAdduser("ID")
CmdAdduser.Close
Set CmdAdduser = Nothing
ConnPasswords.Close
Set ConnPasswords = Nothing
%>

You'll want to add code like this right between the Acccess_Level  and Updates section

CmdAddUser.Fields("Expiration_Date") = Date + 60

That will give take todays date and add 60 days to it.
You can of course do whatever you want here.

Actually, any database value for the user can be set during registration.

You can also change the default Access_Level to whatever you like.

 

 

 

 

cwilliams38088.4986689815,

Thanks.

Nick

,

Chris,

I've given the IUSR account modify access for the aspprotect folder.

In the ODBC manager module on the webserver I've taken out the aspprotect access driver option.

The dataconn_inc.asp line reads as

ConnectionString = "DBQ=D:\missourirealtor.org\members\aspprotect\data\database \ASPProtect_access2002.mdb;Driver={Microsoft Access Driver (*.mdb)};UID=Admin;Password=temp"

Now this should make it DNS-less correct? with the permissions set properly?

I've also taken out the password on the access database.

The original database of users I had was an access database from a different program called spooky login.  I exported them into a tab delimited file and changed the column headings to match those in aspprotect exactly.  Actually access would not let me import them in the databases without them being exact.

I imported that information directly using access's import options.  I tried the import/export manager in aspprotect but kept timing out as well.


 

,

I understand the encryption for security, but I am using ASPP for a very low security function and don't want encryption.

Can't I simply delete the code that does encryption?

If not, how can I

take my ASPProtect_access2002.mdb that was opened on my local host, with my own users added with text passwords,

export to a delimited text file, import it into ASPP with my own passwords encrypted, the use that file instead of my old .mdb file? Thanks

,

Your going to have a lot of problems and a lot of the code will have to be re-written.

There are a lot of things in the the code that the MYSQL database system does not support or has issues with . I know because I once made a version of ASPBanner work with MYSQL and it took weeks of work to get it stable.

Null field types can cause problems... but mostly ADO updates which I don't think MYSQL supports at all. All of the ADO stuff would have have to be rewritten.. etc etc

That's probably why you cant get much of the code to write to the database.


Here is a generic example.

An update to an existing record using ADO
http://www.powerasp.com/content/database/ado_update.asp

And update to an existing record using an update query.
http://www.powerasp.com/content/database/using_update.asp

All through the the code the ADO updates would have to converted to update queries which means a lot of work.

I used ADO a lot because I like it and it is little easier to validate data before it is written to the database.

It is also a little easier for customers to understand when they look at the code.


Anyway....

The app just was not designed to work with MYSQL.
It was specifically designed to work with MSSQL and MSACCESS only.

This holds true for all of our applications.

Your running off an IIS 5 Server so I would suggest just using MSACCESS as the database. The Photo Gallery app will run very well using MSACCESS. 

,

do you have the smtp part of iis installed on your machine

cdonts needs that

then again I am not sure you can even use cdonts on a xp box without making some changes...

cdonts has kinds died out and as of windows 2000 basically got replaces by cdosys

,

the reason being is because when I do installs I do not touch any of your existing content. I only install the base application and make sure everything in it working correctly and also that the example protected pages are working. I do not integrate it with your existing site or edit any of your existing web content. That is up to you

sorry about that, but it would be way too time consuming and editing people's existing pages is a good way to cause a lot of headaches for me and the customer if something goes wrong. Not only that but everyone uses the system differently and it wouldnt make sense for me to be the one doing that based on access levels, groups.. etc etc  which will all be custom to how you want things set up.

more on installation policies here.
http://www.cjwsoft.com/installation_service.asp

,

Hello,

Sorry, I do not have any good ideas on this one...
Domain Name Masking can cause issues with quite a few things.

 

cwilliams38366.3136342593,

I am converting the email over from CDONTS to CDO so it will run on my host 2003 server.

What files should I be concerned with?  Under gallery_admin there is an email_user.asp and  under the main gallery folder thier is an email friend. Is there an other email routines I should be concerned with?

Thank You for your Assistance.

Jeromy

, Those access levels are not used and are nothing to worry about. They are left over from the ASPProtect core which I used for the users area of ASPBanner.

I am not sure what you did but its not a none, Unless I know more I can not make any guesses what happened. I would make sure in the database that the user is active and the expiration date field for them if there is one is empty, Can you be more specific on the javascript I should look for? Can it be combined with ASPBanner?, I purchased the photo upload software and it all works fine, except when I
try to click the categories I've created on the home page they don't show
any of the albums I've created and designated as that category. I went to
one of the example sites at http://www.minnessota.com/users/
place_new_album.asp?CatAdValue=
and it works fine. When you click Photos(40) it takes you to the 40
photos. I'm sure it's some setting I missed or something simple. Could
you email me back soon and let me know what to do/try? Thanks. ,
Excellent.
 
Payment now taken in £.
 
Pasted <input type="hidden" name="currency_code" value="GDP"> into
paypal_signup/paypal2.asp
 
Thanks Folks.
 
, SQL Server Database Information Mod

This mod is only for customers running SQL server. It is a new stored procedure and a new version of the "server_info.asp" file that will display information about your SQL database on the Server Info page.

Purchase Page





This is for Advanced SQL Users only that understand how to add a Stored Procedure to a SQL Database as well as assign permissions and what not.

To install this mod you should have access to SQL Enterprise Manager and Query Analyzer as well as be able to grant your SQL database user EXEC permissions on the new stored procedure. ,

If you are using version 6 CDOSYS is not supported. That is one reason why version 7 came out. If you want to rewrite the code to work with CDOSYS in version 6 that is something you need to sort out on your own as I do not support custimization to the code.

,

Hi,

I wanted to see if you had any suggestions for converting from Access to SQL sever database. I attempted this earlier today performing the following steps.

1) Create SQL Tables using Enterprise Manager / SQL Scripts
2) Use DTS to move all of the existing table data to the sql tables.
3) Update dataconn_inc.asp to use SQL and the required connection string.

When these steps were complete I was able to login to ASPProtect as an admin and search / find both groups and users. However, any attempt to edit or create users resulted in a "the page ... had a problem ... " type problem. It seems that I can read from the db fine but and getting errors writing to the tables. The user id that is being used to connect to the db is the [dbo].

Any additional hints for this procedure?

Thanks

Darrell

,

been working on this for about 5 hours today.. I think I found the problem and it involves a vbNullChar that the encryption process is creating only during login attempts

it then messes up during ASPProtect authentication because it blows up the SQL Statement to the database

like I mentioned before the chances off this happening are slim but possible as two people so far have been able to create the situation

I seem to have the HANNAH password working now using your encrption key

I need a little bit more time to clean up the files I have been working on. Then I will give you new "check_user_inc.asp" and "check_admin_inc.asp" files to try out

,

Hallo,

What do I have to do for inserting around 6,000 new users?

I have all my user in an access file. I don't know the password of access database files. The same problem with the "aspprotect upgrade pack".

Sorry for my English

vaghelis38300.2319097222, here is the next response to this which was emailed to me but should have been posted here


From: Mo Afifi
Sent: Sunday, October 23, 2005 4:47 PM
To: CJWSoft Support Info
Subject: Re: CJWSoft Support Info : SSL - Verisign Certifcates

Hello,

Thank you for responding to my posting. In the second line of your response you said “not start them off at an http:// url". I think what you meant is to "not start them off at an https:// url". If this is your intention then I agree with you 100%. I have revised my pages so the users will go first to a non-https page and then make a choice either to use secure or non-secure access. Please note that the site is not intended to be completely SSL protected but only the sign up pages. I have another problem though when I click on the "Secure Log In" and enter my log in information; the entire subsequent URLs will have https:// in them which I could not shake off. As I said the intention was to use the https for sign in only.

 I realize that this issue does not have any thing to do with your product, but any input will be appreciated. Best,

 Mo

,

I am in process of upgrading from v6 to v7.  I have made database changes, can connect to database and get in to Administration area just fine.  However when I go to create a new user I get the following error

 

ADODB.Recordset error '800a0cc1'

Item cannot be found in the collection corresponding to the requested name or ordinal.

/password_admin/save.asp, line 227

Thanks

 

,

That would be great.

I am sure you know that many virus that are sent via email have the same property. (double extension). The code can be executed even though Windows identifies them as simple text files etc.

Thanks again

,

You can't unless you plan on editiing and custimizing the code.

The application is only designed to have one kind of admin and that kind has full access to the admin area.

You can of course give any user access to stats for their banners via the bannerstats page.

That is how it works. There are no other levels of admin access.

 

, you can edit the look of it but because it is licensed software the links to aspbanner and the aspbanner logo.. etc etc must remain  otherwise change it all you like., If you are having trouble setting up a simple data connection ASPTest is a great learning tool.

You can download it from the www.CJWSoft.com website near the bottom. cwilliams38087.5457060185,

I do not have any programming knowledge and have what might be a simple question.

I am having a hard time getting my hosting company to modify the rights on the data folder. They state they support ASP and access databases however this is the response I got when I requested the modify permissions set for the internet guest account:

Were the rights changed on the data folder?  No, we do not manage rights to folders.

My question to you is: Doesn't supporting asp require those permissions be set on the database folder or can asp (not just aspprotect) work without those rights modified?

Thanks

,

Same here.  Thinking it might be server load or the bandwidth to the server.

Thanks for checking!
Lance

,

I am having problems accessing the admin site at the following URL:

http://www.drsweisberg.com/password_admin/default.asp

It brings up the login page, but when I enter the admin/test, it times out.  The DB is the copy with no password and it resides in a directory on the same server hosting the site but it is not in a folder viewable by web users.  This is how the dataconn_inc.asp is set:

<%
'*** Below are the only two settings you need to edit in this file
 
ConnectionString = "DSN=drweisberg;Driver={Microsoft Access Driver (*.mdb)}"
DatabaseType = "MSACCESS"
%>

The ODBC is setup and the IUSR has read/write/modify permissions.

Any help would be greatly appreciated.

,


Timecard Entry: 3/25/2006 4:51:01 PM

MaryDavis Real Estate support, USA1NET/reconcile, general tech support did radlogs and as well i did expiring user callbacks, Resetting modems and setting up Netserver., Traffic Reports, Answered a customers email that was sent to me, getting my picture taken for the Bell Atlantic Badges at Sears with Seth, worked on some isp things to fix, watertown office, Dental, new employee, On phone with Laura from Remington Museum. Says she hasn't been able to get connected for 3 days. Looked up alternate numbers for her area., Nortel, John Adee, Howard, Meet with Tim Badour re USA1net, Filled in Modem Maintenance log., TIITC database project, reading and responding to emails, Emails, Publish cphospital.org, test all areas., cphospital.org - starting addition of health resource pages and transfer of old content., Answered phones, and kept an eye on other tech duties., Doctors Appointment in Watertown, Met with Nic- made arrangement for the Bravo Festival called dom-spoke to customer regarding ISDN in NYC, off site meeting with tech management. Covered lots of information. Was very productive., reconcile ckbk w/ Terri, Setup a test area in the other building using 2 Centrals and 1 Remote router before going to the field. , travel back to watertown, Paul eaton re: hosting rates and dev. work, Marketing, TICC payroll, More DNS handholding,

   Active Server Pages Rule The World
Contact Us  
All artwork, design & content contained in this site are Copyright © 1998 - 2025 PowerASP.com and Christopher J. Williams
Banner ads ,other site logos, etc are copyright of their respective companies.
STATS Unless otherwise noted - All Rights Reserved.

Active Server Pages what is asp programming how to sample asp example code scripts software asp forum mail sessions applications global.asa CJWSoft ASPProtect ASPBanner ASPClassifieds www.aspclassifieds.com, www.powerasp.com,www.cjwsoft.com,www.aspphotogallery.com,www.codewanker.com,www.aspprotect.com,www.aspbanner.com