Blog Entry: 3/25/2006 4:44:26 PM
one more problem I see...
I think your login box on the main page is missing the hidden form variable
http://support.cjwsoft.com/code/moreinfo169-1.htm, Glad your getting the hang of it.
no difference as far as that goes. It is just different ways to reference the server side include file and it's location on the server cwilliams38457.6019675926,
If you have messed up the admin account or forgotten the admin password you generally should open up the database manually and add a new account or see what the old account is.
In version 7 however you have another option. Go through the installation instructions again. Specifically the part where you use the "get_me_in.asp" page to get back into the admin area by pasting in the password encrpytion keye you are using from your config file. , ok, I moved this thread..
The code in the ASP application handles all encryption and un-encrpytion of passwords in the database. I uses the vbscript RC4 function and the password encryption key specific to your installation to do this.
The whole idea is that if someone gets your database and opens it up that they will not get the passwords (utilitiies to crack access databases are common and work well so they can easily get by the main password)
That being said when you open the database manually your not supposed to see clear text passwords. Your also not supposed to have an easy way to make them clear text. It's a security thing.
Though I am not officially supporting it I will tell you what I think would be the easisest way to make an export file with clear text passwords in it.
Use the export fire creator in the admin area of aspprotect.
Mosdify "export.asp"
change
Password = CmdDataExport("Password")
to
Password = RC4(CmdDataExport("Password"), PasswordEncryptionKey)
Then make an export file and see if that worked.
you can then import the export file into and access database or do whatever you like with it.
, Not sure how to response.write the session variable, Does ASPprotect support Paypal's Website Payments Pro option, where a user can use a credit card directly on a web site, without passing to paypal.com?
Nick
, After I approve someone's username and password, then go to send them the default e mail telling them of the approval, the e mail never goes through. The e mailing used to work well for many months, but it stopped working. Any thoughts?
Spider
, Does emailing work under the simplest scenario ? (directly from the users screen)
Thats the way to test it..
All that error means is whatever reason the settings you have chosen are not working. It could be the server. It could be what you chosen. (and yes I realize your pop info from outlook should probably work with the settings you chose)
Whenever I do installs I often have to try 3-5 different emailing scenarios before I come across one that works.
Each time making some changes and sending out test emails from the users screen until I get somewhere. Often time getting a working example of how your Hosting Company wants you to send email from ASP is the info to get your hands on. (what method and settings)
In this case they may have blocked the usee of a remote server and want you to use some other settings for sending email from asp. A lot of times they put that info in their help system.
If I were you I would start by trying the other two CDOSYS options for starters, and then try the remote server option again but using "localhost" as the server, if none of those work consult your host for example code and settings to send email from asp. If you still have no luck I can help for sure.
Realize too when testing the emails may take a bit to arrive. A delay of sorts. Best to type in a quick note about which method you are trying in the email text. That way when you finally get one delivered you'll know which method worked.
, Perfect exactly what I was looking for.
Thanks
, The webpage header for CJWSoft states "Web Development for Win NT/2000 servers" - a little dated cause it works just fine on 2003 too, right? :),
Is it possible to change the currency for
accepting payments? I will like to change from US to Canadian.
Thanks in advance
Roy
, Humm, Did you make any changes to the code ?
Solid Black is not the default so it must have changed at least once.
Otherwise it might be some sort of application variable problem.
I would make sure the web is and "application" in the IIS console.
, i will probably end up doing this myself, but dropping all the log data in a sql table would be nice as it offers much more flexibility on how an admin can keep track and use the data. Browsing through each log file is very inconvenient. I can search for text in the files (server-side, others with a shared server would probably have to separately download all log files first), but with the current method I don't have the following important options:
- cannot sort by any criteria
- quickly see a list of all login attempts by a specific user (i need to search each log file individually for this info)
if you had an option during setup perhaps (or elsewhere) in a future version that allowed an admin to specify the preferred logging method (separate files or a table in sql) i'm sure many admins would find it very useful to have a database alternative of keeping track of users becuase it would offer the two benefits listed above, plus more.
, ok, well as far as what else to try I already told you..
you need to manually compare all those field settings with the sql script and make sure they all got set correctly...
you also need to tell me what email/name you ordered the application under... before I will continue this support with you.. at this point I don't know if you purchased the application or if you are using the unsupported lite version
, The problem was in config_inc.asp. we had renamed the field in the DB but didn't change it in this file.
But we changed it, it is back to normal.
Thanks
, I do not really know a lot about but it is basically code that lets you specify however many number of images and links... and then display a certain number of them at once.
You'd have to search google for it.. there are 1000 of sites that offer free javascript code and that is where you find scripts like that.
You could certainly set up all the images and links for each banner in aspbanner but if you used them with code like that you be limited to tracking clicks on banners. Tracking page impressions would not be possible because the javascript would be handling what images get displayed at any given time. Basically each link for each image would be going through aspbanners tracking url feeding it the banner id and therefore tracking the click and sending the user to the desirec URL.
Regardless, it is not something I would support. You would have to sort it out as it is nothing ASPBanner was designed to do and not something I want to deal with because client side javascript code is not something I am NOT very good with. , how di I change the currency dollar sign to gdp pound sign ?
I need all my tranactions in gdp puund sterling to use on paypal
regards
simon
, yes, any page you want protected needs to be edited..
You can probably have a login box on a non protected page. Just copy the generated source html form code for the login box of a protected page. Then put it on your non-protected page, but change the action to the page you want them to log in to.
In other words go to a protected page. See the login box, view the html browser source and use that to make your login form on the main page.
I have not tried it with .NET but I am pretty sure you can do it since it pretty much works the same as the classic asp version of ASPProtect.
try it.. see if it works.. If I have time tommoro I will test it out., Hello,
I dont know exactly how you go about that and it would really depend on a lot of things like when the ad started and how yu wanted t handle that. it would involve custom coding though, not a change in the database.
, More Info in Case Anyone is Interested:
This bug was mentioned by a couple people. The cause of it was never really understood until I recently re-wrote some of the banner code for an upcoming version.
The fix for this bug was very simple. It was just one of those weird situations where code should have worked but did not. I added some code to do it a bit differently and it worked as it should have..
It really still makes no sense to me why it didnt work the way it was, but at least there is a fix.
cwilliams38203.5883680556, You shouldn't be renaming or moving anything... unless you really really understand what you are doing and are at an expert level expert as far as ASP coding goes.
like I said earlier..
http://support.cjwsoft.com/code/code_info.asp?TID=354&ge t=last#1130
redirecting with version 6 is not supported but this thread tells you exactly how to set it up (I showed you this thread in an that earlier post)
http://support.cjwsoft.com/code/code_info.asp?TID=17&KW= redirect
This thread below may also help in case the page you want to start on with a login form should not be password protected..
http://support.cjwsoft.com/code/moreinfo18-2.htm , The Read-only attribute i was referring to is at the windows explorer level when looking at the folder properties under the general tab.
ASPNET and IUSR have full access to the _database folder as you suggested - Yet still I get the permission error noted above.
, When I add a user, I can not activat it.
What do you have the registration type set to in the settings ?
They wont be activated automatically unless you have "automatically" selected ?
It sends me back to log on and will now allow me to log in as admin???
I am not quite sure I understand ? Seems to me like that would be normal because you can always log in as the admin at any time. If you cant log in as the user you just signed up as that could be for a couple reasons relating to the registration type you have slected in the settings. There are 3 types all epxlained in the settings screen. Some require manual activation byt the admin, some involve a registration email.. etc etc
I can restart the APP and log in as Admin, but the user I added
is still not activated??
How and why are you restarting the applicaton ? Please explain what your doing there.
My system will also not allow me to set the Stay Loged in FLag.
It just ignores it....
As I told you in an email earlier cookies must be enabled for authentication to work. You mentioned now you can not log off ? I am not sure I know what you mean by that. I assume you know to close all browser windows when testing things like this and I assume you know you have specifically log off and confim it in order to remove the remember me cookie and have to log in again when you return to the site.
, that wont work the way you did it because groups are not stored like like.
groups are stored "*1*"
or "*1*,*9,*"
so if you test for them you must do so using the InStr function of vbscript
example:
If InStr(Session("Groups"),"*1*") Then
' do whatever
End If
also.. as for the session variable
it should be Session("Groups")
And in Version 6.... (its all ready to go in version 7) that session variable must be saved in the check_user_inc.asp file near where all the others are saved. If it is not there by default "I dont remember if it is or not" you have to add it like so near where all the others are saved
Session("Groups") = CmdCheckUser("Groups")
If you are wondering if it is being saved correctly you can always response.write out the Session("Groups") to see if it holds a value
, Thanks, I figured that out!
I managed to get the gallery running, minimally, on the test server, so now on to the real thing.
Thank you!
- Jason
, question 2 is answered best here
http://support.cjwsoft.com/code/code_info.asp?TID=319&KW =paypal
I should also mention that the paypal scenarios used in ASPProtect can not be tested using PayPal's sandbox. Also test using two real PayPal accounts and on a live setup. (You'll allowed two paypal accounts)
then you can log into the other and refund the transctions and of course it makes sense to use low amount like 1 cent and what not.
Also, I'd love to see what you came up with with the integration. I have been working on it here as well and took it in a different direction as I plan to sell directions for it as an add-on for aspprotect. I have it all working here but so far I dont see an easy way to let other people do it as I had to change things in both systems in a lot of places. Utimately if done under a SQL environment triggers should be used at the database level and that is another consideration.
, Yeah, its working great witht he Access database. Now I just need to get it all set up. I like how the config file is set up with all the comments, it really helped allieviate the 40k thumbnails,
.
One quick question though, and I haven't looked through all the code yet... Is there a quick way to have pic_window.asp open full screen by default? I just want to minimize having to either scroll through, or maximize, the screen
Thanks!!!
- Jason
, You have old code I think.
It's probably because his password used with your encryption key by chance creates a single quote and messes up the database query
A notice went out about this. I will PM you the latest download with the updated files.
, While attempting the database connection test, I receive the following error:
Server Error in '/' Application.
Security Exception
Description: The application attempted to perform an operation not allowed by the security policy. To grant this application the required permission please contact your system administrator or change the application's trust level in the configuration file.
Exception Details: System.Security.SecurityException: Security error.
Source Error:
An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below. |
Stack Trace:
[SecurityException: Security error.]
aspprotectnet.DBConnectTest.Page_Load(Object sender, EventArgs e) +0
System.Web.UI.Control.OnLoad(EventArgs e) +67
System.Web.UI.Control.LoadRecursive() +35
System.Web.UI.Page.ProcessRequestMain() +2112
System.Web.UI.Page.ProcessRequest() +218
System.Web.UI.Page.ProcessRequest(HttpContext context) +18
System.Web.CallHandlerExecutionStep.System.Web.HttpApplicati on+IExecutionStep.Execute() +179
System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +87
|
Version Information: Microsoft .NET Framework Version:1.1.4322.2300; ASP.NET Version:1.1.4322.2300
My guess is that this is an issue with the fact that I'm in a shared hosting environment that is restricted by CAS. Before I move to a dedicated server, I'd like to verify that this is the issue. I'd appreciate your input.
My host is 1and1 Internet. You may find this FAQ helpful: http://faq.1and1.com/scripting_languages_supported/_net/16.h tml.
, do you have the url path to the registration page set correctly in the settings cause not having it there would do that ? , Now, back in the dark ages we had to use the command prompt to setup the MySQL database and all that fun stuff. I am not going to show you that method.
What happened was 100 different 3rd party companies developed interfaces to work with the MySQL server visually. Within the past year MySQL actually released its own little GUI for doing just that so I am going to show you how to do things using that.
Let's download and install it.
Go here
http://www.mysql.com/products/tools/
and download Windows (x86) MySQL Administrator
(1.1 is the most current version at the time of this article)
Installing that is a no-brainer as well. Just stick to the defaults and it will do its thing.
Now that it is finished.. run MySQL Administrator from your start menu.
It will ask for your "root" password that we entered when we set up the server.
Hit OK
You should see this if your MySQL server is runnign and you entered the correct password.
Now select the Catalogs Icon on the right.. go down to the Schemata section.. right click in the lower white area and choose Create New Schema
It will look like this
Essentially this is your database name. I am going to call my database "aspbanner"
Hit ok
Your now have a new database with nothing in it. We now need to run the MySQL database creation scripts that I provide which will create the Tables and Fields needed.
The easiest way when using the MySQL Administrator is to select the Restore icon on the left.
The choose "Open Backup File" in the lower right corner.. Browse to the "aspbanner_mysql.sql" file we provide. You can also download that file here. 2006-03-14_164927_MySQL_Script.zip
Once you select that file choose open...
Now, it is very important you choose the database you created earlier. Also known as Target Schema.. in this case I choose "aspbanner"
Now hit "Start Restore"
Ok, now the database has Tables and Fields
Click on the Catalogs Icon on the left and then select aspbanner from the schemata area in the lower left
You'll see we now have tables in the aspbanner database, Chris -
I am encountering a problem with items showing up. When I click on a category and then select an item to view I get
THIS ITEM IS NO LONGER ACTIVE
DO NOT CONTACT THIS USER AS THIS ITEM HAS BEEN TURNED OFF
OR THE USER HAS SOLD THE ITEM.
I have verified the item has the item_active check. For giggles, I even unchecked with the same results.
Thoughts?
, I would look on the pictures folder on the server and see what is there for pictures. Also, when you see a broken X on the site right click and see where it is trying to get the picture from and what the pictures name should be.
I would also be sure to clear out your temporary internet files in IE. clost and restart all browsers..
maybe show me the site ? so I can see this happening ?
cwilliams38348.9748726852, One is for paypal subscriptions (recurring billing) and the other is for single payments
http://support.cjwsoft.com/forum/forum_posts.asp?TID=185& ; ; ;PN=1
http://support.cjwsoft.com/forum/forum_posts.asp?TID=186& ; ; ;PN=1
You can delete any of the 3rd party payment directories you are not using including the the 2checkout one... (all those folders really are is a copy of the users folder specially modified to handle a certain payment processor)
Just Don't delete the "users" folder though as there are things you do there that you can not do anywhere else.. quite a few things.. editing existing account info, looking up passwords... etc etc
cwilliams38446.6055555556, humm
expiration dates in the aspprotect system are not used at all when using paypal subscriptions.. all date handling is done on their end actually
and they of course send notices from their system to the user regarding their subscription and when it renews,cancels, etc etc
so I am pretty sure any errors with that would have more to do with the info you used for the subscription setup and possibly any paypal settings associated with it
its hard to say at this point
The smart thing to do I think.. would be to sign up someone using another PayPal account (your allowed 2)... and while doing it be very careful about the subscription setup data.. and then as soon as the subscription is created review all the info in the paypal system and see if the length of the subscription / expiration.. etc etc in the paypal system info looks right..
at least then you can begin to troubleshoot what is going on...
, I see what your saying.. its just hard to troubleshoot something when a lot of changes have been made.
Did you test things before you started modifying the code ?
If its SQL server it is very important that the database was created with the provided SQL scripts., Here is an example of a query I made in MSACCESS that deletes all users that belong to Group ID of 3. I used the graphical query designer in MSACCESS to do this. Took a few minutes.
DELETE
FROM ASPP_Users
WHERE (((InStr([ASPP_Users]![Groups],"*3*"))>"0"));
Because of the way groups are stored in the Groups fields you have to use the InStr function to determine if the user is part of a particular group
We are deleting all users that of Group ID of 1 so we look for *3* in this example
The SQL statement for a MSSQL database may be slightly different but the general Idea is the same
The SQL statment used in an ".asp" page will be very similar as well.
SQL Statements are the TRUE POWER of working with databases. They are something everyone should learn to work with because they allow you to do some very powerful things., ((TITLE EDITED BY ADMIN))
it would be nice if there was an option for login abuse, where a login account would be flagged if it logged in from x number of different IPs over a period of time. I know many have dynamic IPs, but there's got to be a balance between legitimate logins and logins that are 'shared' for the sake of saving money (I sell subscriptions), in the end costing me.
Maybe searching the first two number groups in the IP (example, 209.168.*.*), and if finding more than an admin specified number of logins per week from IPs with different first two groups, the record would be flagged or locked...
, ok thanks, Its not a known issue.. I would try the original code before you made any changes and see if it still happens to you.
It seems to be working fine here for me in amy test web.
I am going to look into some more in the meantime.cwilliams38341.7166782407,
Timecard Entry: 3/25/2006 4:44:26 PM
Warren DB Conv. Cleanup., Amy - Discussing Timberview, graphical guestbook and other things to be added to site., Rochester Board of Realtors Meeting with Paul Chris and Jeff, still steady, Went to the bank to make deposit and came back to finish weekly cancels, tanned, travel to watn to meet with Nic, Got my taxes done!, Filling out time card. Grabbing work for home tonite., billing issues, started to do this domain setup, but after some prodding, found out that its not even registered to us..., Lunch, Prepare materials for PC Bundle display at Oktoberfest, Talked to Kelly about his schedule for the next couple of weeks., WORKED ON MAILER TO UTICA BOARD MEMBERS, GraysFlowerShop.Com - Secure checkout., updated the in dex of promotions, traveling back to watertown with beth and randy , dennis honney well boating site, Talked with Steve about a project that I will be doing tomorrow with Tara that he will help me get started on. Continued to read in my ASP book and I sent an email to Paul again about my school project, Answered Phones, and took care of what I could of the other tech stuff., team meeting. researched telcordia website and called for info on asr classes., Cleaning crew arrived w/10 people. 135 secured by Alan. Bob M will send me an email with results of cleaning 130 and any concerns., Lunch, At work working on changes and customizations to www.cnymn.com.. the first MLS site we put up. Actually what I am working on is more like GENERAL softmls features that just arent finished enough yet or working correctly..., users group, jcc/greg, set agenda, selectavision proposal, chad edwards propsoal, lunch, Materials gathered for Friday. New potentials in Vermont called. Talked to Recor. Talked to Andrea about corporate partner for Tuttle. Kathy lane at JCC. Contract situated for Donna Sawyer., to watertown 27 miles, Took some tech calls, Checked voice mail and Gisco issues page. Delt with people who just needed to re-start there computers to fix the problems.,
