LOL

Hello,

VBScript is the most popular ASP scripting language, and has the most support available. I estimate that less than 5% of the ASP coders out there use anything other than vbscript

That being said it specifically says on the aspprotect site ASPProtect is only for use in protecting asp using "vbscript" as the language.

http://www.aspprotect.com/more_info_full_v7.asp

http://www.aspprotect.com/comparison.asp

it is something I specified very clearly for this very reason.

Sorry, but you can not use ASPProtect to protect pages using Language="Javascript". The code is too complex to be mixed with server side Javascript.

To password protect asp pages written using "Javascript" you really need a an application specifically written in and designed to work with ASP pages written using "Javascript". And then of course that application would not be able to protect ".asp" pages written using "vbscript." (I mean never say never, but it would be a ton of work to get both working and I doubt you will ever see a commercial application that does both)

as for switching back and forth between vbscript and javascript you really can't except with very simple code. Doing so with anything complex can be extremely problematic because the order of execution sometimes gets all mixed up because of the complexity of the code being used.

That doesn't mean it can not work....

You would really want to do something like this.


do not specify a default language at the top

surround the aspprotect include file with this

<SCRIPT Language="vbscript">

</script>

surround your javascript code with this

<SCRIPT Language="JavaScript">

</script>

then make sure none the code including the aspprotect include file has any <% or %> tags in it

that means you have to remove that sort of thing everywhere... that means a lot of work if you used a lot of that sort of thing instead of response.writes to write out html type stuff

and again... I don't know if you would ever get it all working

I did not make a mistake.. what I typed is what I meant to say. I think maybe you are taking it the opposite way as I explained it.

Regardless,

What you want to do... logging them in under https and then having them continue though the site under http is not possible.

It doesn't work that. way. As far as the webserver is concerned https is a totally different site than http and each have their own unique set of application and session variables.

In a sense no different than www.somesite.com is different then somesite.com (each has their own unique set of application and session variables as well).

Now, because of the nature of Forms Based Authentication session varibles created under one will not carry over to the over and thus no password access if you switch over from a secure url to a non secure url.

If you want them logging in under SSL you need to keep them under SSL.

That is not to say there is some ultra complex scenario to mimic the session variables on the non secure side of things (possible with a complex http post to a non secure page from the scure page telling it what variables to create and set), but doing so means a ton of work and also has security concerns of its own.

When I add a user, I can not activat it.

It sends me back to log on and will now allow me to log in as admin???

I can restart the APP and log in as Admin, but the user I added

is still not activated??

My system will also not allow me to set the Stay Loged in FLag.

It just ignores it....

When I add a user, I can not activat it.

What do you have the registration type set to in the settings ?
They wont be activated automatically unless you have "automatically" selected ?

It sends me back to log on and will now allow me to log in as admin???

I am not quite sure I understand ? Seems to me like that would be normal because you can always log in as the admin at any time. If you cant log in as the user you just signed up as that could be for a couple reasons relating to the registration type you have slected in the settings. There are 3 types all epxlained in the settings screen. Some require manual activation byt the admin, some involve a registration email.. etc etc

I can restart the APP and log in as Admin, but the user I added
is still not activated??

How and why are you restarting the applicaton ? Please explain what your doing there.

My system will also not allow me to set the Stay Loged in FLag.
It just ignores it....

As I told you in an email earlier cookies must be enabled for authentication to work. You mentioned now you can not log off ? I am not sure I know what you mean by that. I assume you know to close all browser windows when testing things like this and I assume you know you have specifically log off and confim it in order to remove the remember me cookie and have to log in again when you return to the site.

that really does not make any sense...

I dont know what else to tell you as this really shouldn't be anything too difficult to sort out...

redirection based on criteria is not something aspprotect does by default... I try to help a bit... I've shown everyone how to do it in this thread...I know plenty of people doing it... I've done it myself... I know it works

let me ask you this... are you using ASPProtect 6 with the Option Pack ?
I assume you must be or you would not have the Groups feature ?
And you asked this question in the ASPProtect 6 section.

but then maybe your using 7.. I do not know

this should all work the same either way

I have been using this solution for over a year now and think its great, however I recently logged on to add a banner and when I clciked on the link that opens a window, displaying all the gifs in the directory../images/banners/, now images showed up, however they do exist in that directory.

I recently upgraded my computer and am now using windows XP...could that be the problem?

Thanks

Chris,

2Checkout.com has added to their required cart parameters:

https://www.2checkout.com/documentation/newparameters.html

Do you have a version of 2checkout2.asp that will support these?

Thanks,

Nick

I'm using version 6 upgrade and recently some of the users complained that their passwords are no longer working. I was able to replicate the problem as I also experienced the same thing with my account.

Once I reset the password thru e-mail (Forgotten your password?), I am able to login but it fails later. This is weird as I have an identical copy of the code running flawlessly  on my test server.

The only change which I made to the original downloadable code is by adding password encryption using Base 64 encryption.

Any ideas what might be the problem

i downloaded the latest version. i also downloaded the sql script provided and ran in sql query analyser to create the tables.

After that i ran a special page to intially get into the system,

then setup a new user, then make them an admin,

and after that i logged out and again when i try to login iam not able to login.  When i check the ASpp_User table I noticed that the values in the fields "Login_limit" and "Active" in the ASPP_Users table in the SQL changed to NULL and 0. But if the value are Nulls or 0 it means it's not active and it's not allowing me to login.

Pls advice

More Info on Simple File Sharing

http://www.practicallynetworked.com/sharing/xp/filesharing.h tm

http://www.theeldergeek.com/quick_guide_to_simple_file_shari ng.htm

http://support.microsoft.com/default.aspx?scid=kb;en-us;3040 40

expiration dates are not used in aspprotect's database when signing someone up using PayPal subscriptions because the PayPal system keeps track of all of that and will automatically send posts to the approtect system if a user needs to be deactivated for not paying or for whatever reason.

As you will notice in that thread about subscriptions the paypal signup data you use for the person determines their membership pricing and details..
http://support.cjwsoft.com/forum/forum_posts.asp?TID=186& ;PN=1

Basically the system takes care of everything.
PayPal takes care of everything.

However you want to look at it.

• What kind of encryption do you use with version 7?
• If I purchase version 7 and use it on my site with a new SQL database then migrate the old records from version 6 so I can by-pass the issue with my home-grown Base 64 encryption, do you forsee other issues with the upgrade?

Of course ASP.NET is and HAS been installed. I have been running asp.net scripts for years on it. I am not new to asp.net nor setting up the server or anything. ASP.NET is properly installed and works perfectly.

You are missing the fact i mentioned it is a DOMAIN CONTROLLER.

I have come across MANY articles ONLINE via GOOGLE that mention if it is a domain controller, for some reason the aspnet account is not there or gets deleted.

IN ITS PLACE GOES THE IIS_WPG ACCOUNT. IS YOUR SOFTWARE NOT COMPATIBLE WITH THIS ACCOUNT?

Is it possible to run ASP.NET scripts without ASP.NET not being installed? Because I have been running asp.net pages without any problem.

Hi Chris,

When I run the physical map test this is what I get:

The Physical path to this virtual website is: \\NAWINFS04\home\users\web\b2623\rh.vickery2004

Will that work correctly without a drive letter specified?

Thanks

Rhona

I really do not know to tell you the truth. I'll do some research.

The script only allows .jpg, .jpeg, and .gif extensions.

If someone uploads a file called... "filename.vbs.jpeg" with bad vbscript in it I seriously doubt anything can happen because of it because of the extension.

But I really do not know.

It has never happened to any sites I have or know of.

You can also try setting asphttp's user agent property to some browser version like in this example. It might stop that info from showing up when it fetches a page from the server.

<%
Dim BanObj1Http
Set BanObj1Http = Server.CreateObject("AspHTTP.Conn")
BanObj1Http.UserAgent = "Mozilla Compatible (MS IE 3.01 WinNT)"
BanObj1Http.Url = " http://banserver.powerasp.com/aspbanner/aspbanner_inc.asp?Ba nnerZone=1"
Response.Write BanObj1Http.GetURL
set BanObj1Http = nothing
%>

Also... I dont know if these values below will work but I got them from looking at my nt logs.

Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)

Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)

And here is more info on the asphttp component and it's settings.
http://www.serverobjects.com/comp/asphttp3.htm

That did the trick. Once again a quick very helpfull reply.

Thanks.

any asp code that accesses an access database, writes to text files, or allows for picture uploading will need permissions set on certain directories

every application out there is going to need permissions set at some point

its just a fact.. and if your hosting company does not give you a way to manage permissions or have it done when you ask they do not know what they are doing and they are not supporting your asp hosting needs

see my article for more info on the whole process
http://support.cjwsoft.com/code/moreinfo136-1.htm
the part newar the bottom talks about hosting companies

The redirection at 1st login feature is supposed to work like I explain in this thread.

http://support.cjwsoft.com/code/moreinfo385-1.htm

Though what you just said is a bit confusing it sounds like you have some sort of browser problem and it is doing the redirect every single time. ?

I would suggest reseting all your browser settings to normal and making sure cookies are enabled because forms based authentication uses session variables and cookies must be enabled for session variables to work correctly. If not something like this could happen as the redirection at 1st login would happen over and over every time.

So try it on other computers and try with firefox as well as IE. Many people go nuts with their browser settings and way too much stuff blocked which can cuse all sorts of issues. Also some script blocking and firewall software can cause problems so disable all of that when testing.

You may also have created some sort of endless loop. (I really need to know way more information on what you did to know that for sure)

You may also want to consider doing your redirects manually meaning you protect a a page and right after the protection you use regular ASP redirect statements to redirect the user whevever you like based on their session info which is available to easily check immediatly after someone gets through the authentication.

I still stand behind my statements that redirection is not good site design. You really really need to understand and plan your ASP pages as well as have a very good understanding of the session and how all of that works if you use redirection with a password authentication scenario. You should never be redirecting someone to an ".htm" pages except during testing because you wont be able to stop users who are not supposed to go there from going there directly.

If you need to know how to enable them on your test server.

http://support.cjwsoft.com/forum/forum_posts.asp?TID=5&P N=1

I just took a look and that is definetly what happened.
It has nothing to do with the registration process as far as I can see.

Just running this page triggers it and I know it does not do that the way it comes.
http://www.myvirtualtutor.com/aspprotect/users/user_area.asp

Please back up what you changed and put the user area back the way it came..

If error still happens then I can help you.. It it works fine with the default files from the zip archive then you messed something up in the code.

You have to be really careful when working with ASP code.

Also: just in case you did this. " you should not be password protecting any files in the users area that are already there " the users area does it's own thing and there is no reason to be doing anything like that to the files that are already there. You can do whatever you like to files you add on your own.

Editing using Visual Studio.NET

Here are directions for editing the application using Visual Studio.NET
2002 or 2003 version.. either should work

Some of you are wondering why I didnt just give you the project files.
It is best you go through this process and really understand what is going on.
Also, I dont use VS 2002 so I wouldnt be able to give you project files that would work with that. Not to mention there is 100% chance my prject files wouldn't work for you anyway because of path differences and other things.


Anyway.. on with the instructions...

1st.. make sure IIS, ASP.NET, .NET Framework, and Visual Studio.NET are all installed correctly and up to date.

Open Visual Studio.NET

File -  New Project

Select a New Visual Basic ASP.NET web application.

give the new web to be created a name.. I called mine "aspprotectdotnet"

Hit Ok..

Now. once the project opens up we need to delete a few things in the solution explorer window.

So delete "webform1.aspx" , "deletestyles.css", "Global.asax", "AssemblyInfo.vb", and "web.config"

Basically all the files under the project...

Now... you should have the aspprotect.net files unzipped somewhere on you hard drive...

open that folder and select all the files and folders like so




Now drag those selected files and folders to the solution explorer window of Visual Studio.NET right on to the name of the web. In my case "aspprotectdotnet"

It might say this folder already contains a folder names Bins.. just tell it to copy over and continue on any prompts like that.

You'll notice your project is now populated.

Open up the references tab in the solution explorer window as we need to add some references to the dlls in the bin folder of this project. This is needed so the compile process and function correctly.

Right click on references.. click add reference
Then browse....browse on your hard drive to the location of the new web and the bin folder within it. 

In my case... "C:\Inetpub\wwwroot\aspprotectnet\bin"

Choose "aspprotectlicense.dll"

Hit open...

Now do the same thing again until you have added all the dlls in that bin folder to the references.. 

Now.. click add-references again and this time choose
"system.management" from the choices in the .NET tab

Once all of that is done your references should look like this




Now in the Visual Studio.NET menu system up top..

Choose Build - Build Solution

If you did everything right you will see something like this in the build window

------ Build started: Project: aspprotectdotnet, Configuration: Debug .NET ------

The problem with that is when a user deletes an album, the album record does not get deleted from the DB, so counting all the records would return the accurate result. :(

Any hints?

You are not supposed to use "../" with a virtual include

Thats goes against what a virtual include is and makes no sense.
When using a virtual include you give the path as if accessing from the root of the main web / virtual directory

I find it very hard to believe it ever worked like that and if it ever did it was wrong.

That bit about zones makes perfect sense and seems surpassingly simple for me to integrate due to our categories and page contents being based on the same if/then functionality.

Regarding the user, I guess you mean that I could simply recreate a limited admin interface for users based on the interface you have included for me, is that correct? I realize how subjective the question is, but do you think that this would be a bad idea?

I'm leaning toward your software here. I have a budget that could easily cover a variety of programs, but the UI for advertisers at banmanpro, for example, seems far too complicated for my users. Also, banmanpro doesn't have supporting compatible softare I am interested in, such as your classifieds software.

I guess I am trying to buy a good shell from which I can do my own customization and coding, and into which I can integrate future additions such as your classified ads. Does this seem like the right place to be?

Thanks much for your time!

Is there a possibility to build in a option that the administrator will be notifed when a banner expired.

But can you guess as to why the following might be happening:

1) The password is still "temp", and we verified that by checking dataconn_inc.asp ; 2) People are able to place new ads, etc. ; 3) We then download the DB.  Sometimes we are able to open up the DB just downloaded with the password "temp", but only see the USERS table.  At other times, we cannot open the same DB with any password, and get a "password not valid" message even when using the password "temp".

So what can the problem be?

Great software.

How easy would it be to copy the email address entered at registration directly into the login id field so that the user's email address is automatically used as the login id? 

Also, where in the code can I turn off the random password generator - I'd rather force people to pick something they can remember themselves.

Thanks,

Nick

The setting I am most interested in is what you have for the "Pic_Max_Image_Width" used when the image resizing components resize the big image

setting it to nothing or zero could cause this

http://support.cjwsoft.com/code/moreinfo286-2.htm

http://support.cjwsoft.com/code/moreinfo391-1.htm

http://support.cjwsoft.com/code/moreinfo385-1.htm

Hello,

Again, enspecified error are not very helpful.
An error usually tells you at least a line number and page or something.

Please read this as it might help do tell me more.
http://support.cjwsoft.com/forum/forum_posts.asp?TID=11& PN=1

As for only happening once in a while. It could be a lot of things.

Version being used (when did you purchase.. what name/email was it under and I can look) ?
What banner method being used?
Access or MSSQL ?
How busy the site is ?
Server Resources ?

Anyone have any experience configuring PhotoGallery to use a backend mySQL database?

The application connects successfully for Read operations, but no amount of troubleshooting can get it to Write records to the tables.

http://www.marc-lisa.com/photos/default.asp

Yes, that’s all I wanted to know. The problem is on my end. The server is not creating the .NET site correctly. I think I got it working now. Thanks.

In case you wanted to know? The only reason I asked you is because you mentioned that you where having trouble with overseas piracy and my account is new. I figured it was my user error by just though I’d ask you first. Hope you have no more piracy issues and have a good rest of the day.

Thanks again for the quick response.

I am trying to set up ASP protect 6 and have a problem that when a new user registers their email is not transferred to the database.

I can see the rest of their entries both in the database and in the admin/edit form but not the email.

Any ideas?