Active Server Pages Blog News 1996-12-22

Home | Advertising Info

138 USERS CURRENTLY ONLINE

Site Search Contact Us

Friday, March 14, 2025

Code Snippets
Hints & Tips
Code Wizards
Guestbook
Newsletter
Forums
Links

DISCUSSION ARCHIVES
DISCUSSION ARCHIVES 2
DISCUSSION ARCHIVES 3
BLOG

We didn't realize
the site was so popular.

Other Stuff

Active Server Pages ASP ASP.NET .aspx .ascx Web HTML Developer Internet Microsoft Web Services Visual Studio .NET CJWSoft ASPProtect ASPBanner ASPClassifieds

Blog Entry: 3/25/2006 4:54:04 PM

while technically that shouldnt be showing that with two slashes that is actually valid and will not effect whether that feature works or not.

so if you are getting an error that is not the reason.. as far as windows is concerned // is the same as slash in that scenario?

what is your error? I need details. Like some code and an error at a line number ?

99% of the time it is permissions and sometimes it is related to the filesystem object being disabled on the server or script blocking software such as norton antivirus , I assumed when it said "expected path" that it understand that was the default and unless I wanted it in a different directory I could leave that blank. I'm checking on it now.,

I have been using ASPBanner for a while and am very pleased with it. Congratulations on a good product.

Only one feature is missing that would really help me and this is being able to display banners dependent on some condition (/aspbanner/aspbanner_inc.asp?BannerZone=6&condition=xxx ).

I think this would be a good idea as it would allow users to present adverts based on different criteria; for example; specific country/region related ads, ads based on time of day, ads based on user preferences, etc.

To achieve this I was thinking of adding a field to the database so that I can enter a set of comma delimited conditions for which the banner can be displayed.

I have looked through some of the asp code with the intention of seeing how easy it would be to implement the functionality. Not knowing the code however, I think that modifying it myself would be risky as I may inadvertently change things, which would have a negative effect.

Would adding this type of functionality in ASPBanner be of interest to you. If not, can you let me have your opinion as to whether this would be relatively simple change for me to do myself or would it be too risky and I should give up the idea. Any guidance or feedback would be appreciated.

Hi Chris

Unfortunately the bl**dy server was down and unavailable for 17 hrs so I couldnt even get to see what the settings were!

It is on, the relevant users appear to have all rights for the data/tempstats folder.

I'm guessing you're going to suggest turning it off and see if the problem still appears.

Colin

Please Note : ASPProtect v7.x has a new feature called groups that is much more powerful than access levels. Access Levels were left in the product primarily for existing customers that upgrade to the new version so they do not need to make a lot of changes to their site if they were using Access Levels.

More On Access Levels

Here is some additional info..

If the access levels are too restrictive you can ignore them all together and create your own totally custom solutions.
Here is a quick rundown of some of the things you can do.

Ok... so if you want to be really specific about what each user can see and
can't .. here's an example of what you can do

Don't use the access levels before the include file..
Don't worry about what you set a user to in the admin area since the access levels won't be used.

Do something like this..

Every time a user logs in session variables are set that you can access at
any time.. thus allowing you to know who they are.

So you could do something like this...

<%@ LANGUAGE="VBSCRIPT" %>



<%
If Session("USERNAME") = "bob1267" or Session("USERNAME") = "carl45" or Session("ADMIN") = "True" Then
Session("PASSWORDACCESS") = "Yes"
Else
Session("PASSWORDACCESS") = "No"
Response.Redirect(Request.ServerVariables("script_name"))
End If
%>

The following URL explains what Redirects are.
http://www.powerasp.com/content/code-snippets/redirects.asp

That would in effect create totally custom access levels.. but you would
have to do it manually for each user.

You can also do things like this after a person logs in

Show custom html to any specific user based on either their username or
access level ... like so

say there was a menu and a certain link should only show up to username
"paully67"

you could do something like this

<HTML>
<HEAD>
<TITLE></TITLE>
</HEAD>
<BODY>

<br>
<a href="main.asp">Home Page</a>
<%
If Session("USERNAME") = "paully67" Then
%>
<br>
<a href="paullys_page.asp">Pauls Stats Page</a>
<%
End If
%>
<br>
<a href="links.asp">Links Page</a>

</BODY>
</HTML>

Or you can show custom HTML or links based on Access Levels or any other info.

You can do just about anything with if-then statements and
using the built in vbscript functions..

Hopefully this info will help to give you some ideas...

Bottom line is you have to do some work within your site to make the Access Level system really come alive.

cwilliams38403.6781481481,

Here are three known bugs and their fixes...

If you have any of these symptoms these fixes will most likely take care of them.
If you don't have a symptom do not make any changes as you most likely have an updated copy of the application.

Technically if you bought that app on or after April 27th 2004 these bugs should all have been corrected.

Description Fix

(no descriptions showing in pop up window)

Edit pic_window.asp with a text editor

Change

Set f=fs.OpenTextFile(Server.MapPath("pictures/Album_ID_" & Album_ID & ".txt"), 1)

Set f=fs.OpenTextFile(Server.MapPath("../pictures/Album_ID_" & Album_ID & ".txt"), 1)

Slideshow Fix�

(last image in slideshow it not showing)

In slideshow.asp

Change

<% For PicArrayIndex = 0 To Ubound(PicArray) - 1 %>

<% For PicArrayIndex = 0 To Ubound(PicArray) %>

Add To Favorites fix

(add to favorites feature doesn�t work at all)

Edit "album_uppermenu_inc.asp" in the scripts folder

Change

<a href="users/favorite_albums.asp?Album_ID=<% =Album_ID %>"><img border="0" src="<% =application("skinpath") %>add_to_favorites.gif"></a>

<a href="users/favorite_albums.asp?Album_ID=<% =Album_ID %>&Action=Add_To_Favorites"><img border="0" src="<% =application("skinpath") %>add_to_favorites.gif"></a>

cwilliams38104.7034375, Haven't gotten to it yet. I do know there are a few customers using it to edit the app and said it was not all that different. Maybe they will chime in with some tips.,

<%@ LANGUAGE="VBSCRIPT" %>


<%
Response.Write(Session("Groups"))
%>

The setting I am most interested in is what you have for the "Pic_Max_Image_Width" used when the image resizing components resize the big image

setting it to nothing or zero could cause this

no, there is not not.

If you wanted to to that you would have to add some code to check their album count in the database and not allow them to make a new album if they were at the limit.

cwilliams38433.0233680556, Here is an example of a query I made in MSACCESS that deletes all users that belong to Group ID of 3. I used the graphical query designer in MSACCESS to do this. Took a few minutes.

DELETE
FROM ASPP_Users
WHERE (((InStr([ASPP_Users]![Groups],"*3*"))>"0"));

Because of the way groups are stored in the Groups fields you have to use the InStr function to determine if the user is part of a particular group
We are deleting all users that of Group ID of 1 so we look for *3* in this example

The SQL statement for a MSSQL database may be slightly different but the general Idea is the same

The SQL statment used in an ".asp" page will be very similar as well.

SQL Statements are the TRUE POWER of working with databases. They are something everyone should learn to work with because they allow you to do some very powerful things.,

did you fix it because I see all the pictures just fine ?

http://mcintoshcounty.org/real_estate/view_item.asp?Ad_ID=1

Does emailing work under the simplest scenario ? (directly from the users screen)

Thats the way to test it..

All that error means is whatever reason the settings you have chosen are not working. It could be the server. It could be what you chosen. (and yes I realize your pop info from outlook should probably work with the settings you chose)

Whenever I do installs I often have to try 3-5 different emailing scenarios before I come across one that works.

Each time making some changes and sending out test emails from the users screen until I get somewhere. Often time getting a working example of how your Hosting Company wants you to send email from ASP is the info to get your hands on. (what method and settings)

In this case they may have blocked the usee of a remote server and want you to use some other settings for sending email from asp. A lot of times they put that info in their help system.

If I were you I would start by trying the other two CDOSYS options for starters, and then try the remote server option again but using "localhost" as the server, if none of those work consult your host for example code and settings to send email from asp. If you still have no luck I can help for sure.

Realize too when testing the emails may take a bit to arrive. A delay of sorts. Best to type in a quick note about which method you are trying in the email text. That way when you finally get one delivered you'll know which method worked.

This issue came up once before and when I investigated I could find no error in the html that aspprotect generates and those files do exist where they are supposed to. We concluded it was a parsing error from the log file system.

There just really isn't anything I can do about it. I spent a week trying to figure it out. It is just the log parser screwing up under certain circumstances where there is no reason anything is wrong. They have trouble dealing with some of the complex URL/querystrings that the ASPProtect admin area uses. They think there is a 404 eror when there isn't... etc etc

, i was only kidding!!

, Verison 8 is superior in every way and the code is much more optimized so yes I think it would handle it better. It is still a lot of banners on one page though which means a lot of hits to the database if you call them all individually with zone calling code. SQL server would make sense more than MSACCESS.

Now, the only reason I said make one zone for all those banners on the home page is because a banner has to be associated with a zone. It would make sense to put them all in one because if you just tracked the clicks like I mentioned you really wouldnt be using the zone except for maybe when you go to view stats. ,

These are 4 valid examples of calling a flash movie.

The more simple examples may cause problems for people that don't have the flash plugin installed. I really do not know as I am no flash expert. All these work fine for me. Of course I have the latest flash plugin installed. Perhaps some of you can shed some light in this. The 3rd and 4rth examples are obviously only slightly different and mention different versions of flash as far as downloading the plugin goes.

cwilliams38089.6129513889,

Hello Chris:

Yes I'm using the Option Pack.

-Ricardo

I would check out this article for starters... aspprotect is very similar to asp photo gallery and so are a lot of the page names.

http://support.cjwsoft.com/forum/forum_posts.asp?TID=49& PN=1

Jeromy, You should have access to that page.

, I am sending you a PM with the new download url

see instructions above for what to do with it,

the following error message appears, but only when attempting to log off. all other parts of the program seem to be working.

[Microsoft][ODBC Microsoft Access Driver]General error Unable to open registry key 'Temporary (volatile) Jet DSN for process 0xa04 Thread 0xa38 DBC 0x21ff024 Jet'.

I have a solution for asp already but thanks anyway. Is there a good book or other learning tool I can purchase that you might know about? I would know where to start about how create a timed subscription in .NET.

Yes, I was referring to ASP Protect.

I had about a dozen people access the same account, but it is highly unlikely that they would all try at the same time (unless there were several hundred people who had access). Having an enhanced login abuse would be nice.

, ok, now were getting somewhere

I didn't know you imported from another system,

chances are you are missing field information that an ASPProtect user requires.

Start off from scratch with a new aspprotect database... create a new user and look at the info that gets entered by default for every field in the database

make sure when you import a user that you mimic it all

dont import directly using access because the passwords will not get converted to encrypted versions of themselves correctly.. and the whole process will be usesless as no passwords will be correct

Use the import feature built into ASPProtect.. because it is smart enough to take the clear text passwords and encrypt them accordingly

if you want to know a correctly formatted import file needs to look like make one and check it out

do one user at a time and make sure you can log in to an example protected page till you get it right...

once you get that working do them all

Thats really the best advice I can give you. ,

here is a thread that may help you if this is what you were getting at

http://support.cjwsoft.com/code/moreinfo389-1.htm

humm

expiration dates in the aspprotect system are not used at all when using paypal subscriptions.. all date handling is done on their end actually

and they of course send notices from their system to the user regarding their subscription and when it renews,cancels, etc etc

so I am pretty sure any errors with that would have more to do with the info you used for the subscription setup and possibly any paypal settings associated with it

its hard to say at this point

The smart thing to do I think.. would be to sign up someone using another PayPal account (your allowed 2)... and while doing it be very careful about the subscription setup data.. and then as soon as the subscription is created review all the info in the paypal system and see if the length of the subscription / expiration.. etc etc in the paypal system info looks right..

at least then you can begin to troubleshoot what is going on...

you do not run "check_user_inc.asp" by itself

Pages you protect include that file at the top.. when they someone goes to a protected page if not logged in a user then sees a login prompt..

after loggin in they see that same page as normal

its an automated process..

now, that being said if you really want to you a specify a page to be redirected to after the 1st login when you edit a users info. You can also redirect anyone anywhere like using a simple ASP redirect statement in your code.

Personally I feel that redirecting people all over the place is poor site design. ASP is all about dynamic code and ASPProtect is all about dynamically tailoring pages to the current logged in users... so why redirect people all over the place.. it justs complicates things because you still need to password protect the places you send them to.... which means twice the work and twice the confusion.

Also, here is a Version 6 thread about redirecting manually that still applies to version 7.

http://support.cjwsoft.com/code/moreinfo17-1.htm

, ok, so from your PM Iknow you are using SQL server with IIS5.
You say you created the SQL database using the provided scripts and that is good.

What is going on may just be a weird odbc issue that sometimes happens on IIS5 when using SQL server and I have an idea on how to remedy it.

Edit the "config_inc.asp" with notepad.

Change

If Application("SERVER_SOFTWARE") = "" Then
Application("SERVER_SOFTWARE") = Request.ServerVariables("SERVER_SOFTWARE")
End If

To

Application("SERVER_SOFTWARE") = "iis/6"

And lets see if that helps the situation.

it will change some SQL String query values in the application from "-1" to "1"

either should always work but under certain scenariois only one or the other works,

Great suggestion, routing the banner click through an intermediate page before the destination. We use Deepmetrix LiveSTATS.xsp V7 and I should be able to configure a filter to capture the stats of the intermediate page.

Thanks for the help!
Lance

, Sounds crazy. I recently took over this web site and all IT duties. User today said member area was not working. All pages would not display. After restoring some files I got the members area partially working. But I cannot find where the database sits. I am able to get in and view users in the admin are and log in as a member. Thanks.,

Please Note : Users with the option pack a new feature called groups that is much more powerful than access levels.

More On Access Levels

Again, Examples of managing Access Levels are provided in the "multiple_access_levels" folder included in the root of the Password System. Look at the source code of the ASP pages in that folder with a text editor to see the working code.

Access Levels and how they work can be re-coded to work in many different ways. However, you have to be a good ASP developer to make changes to it. Here is some information on how they work by default and also info on an alternate scenario we have provided.

In the "check_user_inc.asp" that comes in the root of this system Access Levels works as follows.

Level 1 has Access to - Level 1
Level 2 has Access to - Level 1,2
Level 3 has Access to - Level 1,2,3
Level 4 has Access to - Level 1,2,3,4
Level 5 has Access to - Level 1,2,3,4,5
Level 6 has Access to - Level 1,2,3,4,5,6
Level 7 has Access to - Level 1,2,3,4,5,6,7
Level 8 has Access to - Level 1,2,3,4,5,6,7,8
ADMIN has Access to - Level 1,2,3,4,5,6,7,8,ADMIN

The "check_user_inc.asp" included in the "extras" directory is an example of changing the access level checking code
to work differently. In that "check_user_inc.asp" Access Levels works as follows.

Level 1 has Access to - Level 1
Level 2 has Access to - Level 2
Level 3 has Access to - Level 3
Level 4 has Access to - Level 4
Level 5 has Access to - Level 5
Level 6 has Access to - Level 6
Level 7 has Access to - Level 7
Level 8 has Access to - Level 8
ADMIN has Access to - Level 1,2,3,4,5,6,7,8,ADMIN

If you get creative you can create some interesting access level checking scenarios.

Bottom line is you have to do some work within your site to make the Access Level system really come alive.

cwilliams38114.6506712963, Makes sense to me. I used the ASPProtect_access2002.mdb supplied. (I am using 2003). Only added more names and other personal info to it for test. Uploaded the amended db with FTP. This did not restrict someone not listed in db from logging in.

Would each individuals' information need to be added to the code in order to have it check the database first to find out if the person is authorized to view?

Part of the problem is I dont know which ASP page or script links the db to the rest of the web, or how one page relates or links to the other.

Sometimes I wonder if problems I encounter originate with the server.

Thanks for patience.

,

ASPProtect and PayPal are fully automated and ready to go.
Accounts will automatically get activated after payment.

We actually do not tell you to put nothing in the PayPal system for the IPN URL. Something has to be there or PayPal will not let you enable IPN. We actually tell you in you PayPal settings to turn on IPN and make up an IPN url because something has to go there. (I think we suggested making a blank asp page on you're site to send it to) It really doesn't matter where you send that but it might as well be a valid page on your site to avoid any 404 errors in your logs when a non ASPProtect payment comes in.

You see, we dont set that IPN url set in the PayPal system because each ASPProtect signup script directory (single payment and subcription) uses it own IPN url and that all gets set on the fly by the aspprotect system. There is a way to overide the defaul IPN url is what I am saying.

Also:
A lot of people already have something there and we didn't want the ASPProtect system to interfere with things they already had going on.

cwilliams38421.530787037, I use the group feature and would like to know if it is possible to change or delete members from a group in bulk. For example if I have 200 users registered for group 1 and 3 how could I delete all members from group 3 in one pass rather than editing 200 individual members?,

You have old code I think.

It's probably because his password used with your encryption key by chance creates a single quote and messes up the database query

A notice went out about this. I will PM you the latest download with the updated files.

I will actually explain how to set access_levels and/or groups...

in "users/add_new_account.asp"

carefully edit with a text editor

find this part

CmdAddUser.Fields("Access_Level") = "4"

that is where the acess level gets set...

you can change the level or remove that line all together if you dont want one set

now for groups you would add this line in the same area

CmdAddUser.Fields("Groups") = "*3*"

CmdAddUser.Fields("Groups") = "*1*,*2*,*3*"

Groups access for a user is stored in one field in the database like you see above. If you are confused what you should be saving in that field I suggest simply setting a user to whatever groups you want via the admin area and then looking in the database to see what got saved in that field. It's pretty simple really how they are stored.

*1*,*5*,*9*

that user would be a member of groups 1,5, and 9

, Guess who!

I have a user/client who can't access stats. Even when I give them a new username, I get the message that their username has expired. In the notes of the account it says "Level 1 access" and I can't figure out what that is and where it is edited or set or even what it means. Seems like I must have hit something somewhere that goofed up this account. I could just delete the account/user and set it back up but I'm worried I'd just make this same mistake later and figured I'd get the info on it. Any ideas?

TIA! (So far, I'm VERY happy with this product)

Laura
,

I did not make a mistake.. what I typed is what I meant to say. I think maybe you are taking it the opposite way as I explained it.

Regardless,

What you want to do... logging them in under https and then having them continue though the site under http is not possible.

It doesn't work that. way. As far as the webserver is concerned https is a totally different site than http and each have their own unique set of application and session variables.

In a sense no different than www.somesite.com is different then somesite.com (each has their own unique set of application and session variables as well).

Now, because of the nature of Forms Based Authentication session varibles created under one will not carry over to the over and thus no password access if you switch over from a secure url to a non secure url.

If you want them logging in under SSL you need to keep them under SSL.

That is not to say there is some ultra complex scenario to mimic the session variables on the non secure side of things (possible with a complex http post to a non secure page from the scure page telling it what variables to create and set), but doing so means a ton of work and also has security concerns of its own.

There is nothing built in to the system but it is very doable.
However, you need to be a decent asp coder because your going to have to write some code.

Basically you would want to do a check on the screen where a user uploads to count how many pictures they have uploaded.

Then act accordinly and either let them or dont let them proceed.

On a side note the overall filesize limit of the total of all pictures a user can upload can be set when you edit a user.

Access Database Password

By default all of the Access Databases we give out have a default password of "temp"

The Default username that and Access database uses is "Admin" but you should not be concerned with that except in your connection strings.

The default password for the Access Database can only be changed using Microsoft Access to do so. If you have security concerns it would make sense to change the password. The help system built into Microsoft Access best explains how to do that.

cwilliams38403.6820833333,

Timecard Entry: 3/25/2006 4:54:04 PM

Working on new timecard/workorder system, Driving back to Watertown. miles=25., Posted accounts and did a detail of cheks and cash for a bank deposit. Customer inquiries, credit card authorizations, ans. phone, and made the bank deposit. Worked on problem children., Showing Tim, Paul, Mark, Talked to Paul and Bob nelson, Kelly Vergin - shirts/marketing, worked partly with crispin on the TIITC cite, travel time to clayton , travel time to Phoenix, 120 miles toal trip, Soft Router Docs, LOWENGUTH REALTY PHOTOSHOP ENHANCEMENTS ON TWO PICTURES AND INSERTION OF PICTURES IN NEWLY CREATED PAGE, check and reply to e-mail, chr weekly conference call., Met with Seneca Data to discuss co-marketing opportunities, Bay flowers info for web site, NY Air Brake problem w/ slow traffic., *TaskForce - Meet regarding Spider , had a quick sub..., lunch, edavisproducts.com - reworking public pages to detect between fragrance, description, and packaging field options. (billable), marketing meeting with Tom McCall, phone, answered AUAQ, Nortel Collo Plan, RSLE, travel to Syr with Howard and Paul, ick mcdonalds, Java Training, phones, receipts, sign ups, information given for internet services. , timecards , emails to people who I had to remove approval , Working with servers. Checking e-mail. Supporting customers. Meeting with clients.,

Active Server Pages Rule The World

Contact Us

All artwork, design & content contained in this site are Copyright � 1998 - 2025 PowerASP.com and Christopher J. Williams
Banner ads ,other site logos, etc are copyright of their respective companies.
STATS Unless otherwise noted - All Rights Reserved.

Active Server Pages asp search engine active server page asp application components tutorial CJWSoft ASPProtect ASPBanner ASPClassifieds www.aspclassifieds.com, www.powerasp.com,www.cjwsoft.com,www.aspphotogallery.com,www.codewanker.com,www.aspprotect.com,www.aspbanner.com