Blog Entry: 3/25/2006 4:43:53 PM
Hi,
I don't see any good reason to rename any of those files.
Changing them though may involve changes to the code recompiling, etc etc... it is not something I support.
, Can you incorporate a secure log in within the scripting. I would like the account information to be secure without having to have the whole site using running through a secure (https://) path. If this is possible, the scripting is perfect!
,
It probably is. You would have to look at the paypal documentation for IPN and see what needs to be changed in the form code.
You can get all that info from PayPal's website.
There are tons of variables and options you can use with all of their code.
They have detailed PDF files full of information on all of them.
cwilliams38459.9550925926, Will do!
, Hi Chris,
I tried changing using Notepad in the config_inc.asp
from:
If Application("SERVER_SOFTWARE") = "" Then
Application("SERVER_SOFTWARE") = Request.ServerVariables("SERVER_SOFTWARE")
End If
To
Application("SERVER_SOFTWARE") = "iis/6"
and the albums still do not show up under the categories 
Rhona (rookie)
, Hello,
If you are using ASPProtect Version 7 it is possible because version 7 supports html emailing. In any other version it would require some custom coding to add html email support. You would have to sort it out by experimenting and editing the emailing code. All the email methods have documentation on the web in some form or another showing how to send html emails.
Also,
sometimes depending on the email component being used and the email client reading the email a link in a text based email will get hyperlinked automatically. For example outlook usually will do that, but it doesn't always in other situations.
Lastly, we have special upgrade pricing should anyone want to upgrade to ASPProtect Version 7. It really has a ton of great features.
Best Regards,
Chris Williams
www.CJWSoft.com
cwilliams38415.6414236111, Hi,
ok, I am a bit confused... you make it sound like as if you are running a different version than you were when you ordered this a couple/few weeks back... that confuses me because you were able to log in to the admin area of aspprotect.net before? weren't you ?
there have been no changes to the download or the version in quite some time ?
I guess I need more information to make any sort of guess at this point. I do not know enough., It's just a generic error that means one of 1000 different things is wrong.. there is a lot of information on in in these forums as well as links to articles about it.
http://support.cjwsoft.com/forum/forum_posts.asp?TID=27& PN=1
usually it means permissions to the database folder are incorrect or the physical path you are specifying for your dsn-less connection is invalid..
everything has to be perfect
cwilliams38370.5271296296, oh, its timing out during the import ??
I didnt know that. I thought you said it was timing out after when you tried to log in.
That changes everything...
Let me start again cause I think I know the problem., Version 8.1 can work with MySQL
http://www.aspbanner.com/aspbanunlimited_v8.asp
It is just not supported at all.
The standard version can not work with MySQL.
There were a lot of changes to make the new version work with it and I really only did ift because I have a couple friends with busy sites that could only use MySQL.
It sounds like your site is way too busy for using an access database as you mentioned.
, Hi,
How do you know permissions are ok in that folder ?
Please tell me more on how they were set.
Please read through my article on how they are set correctly.
http://support.cjwsoft.com/code/moreinfo136-1.htm
Often times they are not set correctly or people thingk they set them somehow but in fact did not do it the correct way.
I would also suggest using the "test_physical_path.asp" page in the "extras" folder to verify if the path you are using to the database mdb file is in fact correct. That page should work whether permissions are set or not. At least then you will know if the path is correct or not and you can go from there.
, you have to check the session variables for groups a little differently.. info on that is here
http://support.cjwsoft.com/code/moreinfo198-1.htm
, Hi, lets start with about when did you purchase and download the application so I know what version of the code you have., No worries
then..
is there any way I can get rid of those information shown on User activity screen, so I can at least know who logged in current day?
thank you in advance
, yes, admins have access to absolutely anything...
as for the other question what you should do is only show links to people logged in that they have access to.. then they wont get logged out when they go to a page they do not have access to
for example if someone doesn't have access to a level 4 page dont give them a link to go there... you can do that by checking the session variables and creating your hyperlink html code accordingly .. using simple if-else logic... you could even make a hyperlink non-clickable and add some text to it like (no access)
it's all about taking the time to intelligently designing the different areas of your web site. It takes a bit of time and work to really make a system flow the way you want it to.
other than that it becomes extremely complicated to not grant them access when they go to a page they dont have access to but also keep them logged in. It is just not designed to flow that way. If someone goes to a page they do have access to they get logged out. It sort of has to be that way because of the ways things flow.
more info on accessing user info after login so you can do that
http://support.cjwsoft.com/code/moreinfo198-1.htm
another good thing to check out is the provided examples for mutliple access levels. You can see that if you log into the default page for that that it only shows you links to pages you have access to. Done with simple if-else logic around the html links. It is using groups but you can do the same sort of concept using groups.
, Now that I think about you may very well be able to use the existing login_form_inc.asp page
the header and footer files for the users area may be ok as well.
probably the smart thing to do is try your old ones and compare them to the new and see if everything you need is there. If not add it by looking at the source html and comparing.
All other files should definetly be replaced with the new.
, Terribly sorry, but we are not software-technical. So can you please tell us exactly which folder the database would be in.
Thanks in advance.
, I finally spoke with someone who knew what I was asking for and they set the rights and all is fine.
Thanks for your help. Wish all business' had customer support like here
, 
Yes.
Now its OK
Thanks Christopher
, sorry for the confusion. I completely forgot about that flag setup, and how different it is between the two databases., look in the "check_user_inc.asp" file
Thank you that did it !!
, Christopher
Found this but I dont really know what to do with it or even if its the right thing.
<%
'=========================================================== ==================='
' Application: Utiity Function
' Author: ; John Gardner
' Date: & nbsp; 20th December 2004
' Description: Used to check the validity of a postcode
' QueryString: None
' Version: V1.0
' Required routines: &nb sp; None
'----------------------------------------------------------- -------------------'
function Check_Postcode (byRef strPostcode)
' This routine checks the value of the form element specified by the parameter
' for a valid postcode.
' The definition of a valid postcode has been taken from:
' http:'www.royalmail.com/docContent/other/Downloadable_Files/ PAF_Digest_Issue_5_0.pdf
' If the element is a valid postcode, the function value is returned as TRUE
' and the postcode is returned in uppercase with the separating space in the
' right place.
Dim strPostcodeRegExp(2) ' holds the regular expressions for valid postcodes
Dim intCount &nbs p; ' For loop counter
Dim strPostcodeCopy ' Copy of postcode
' Variables used to hold regular expression object
Dim objRegExp, objMatches, objMatch
' Expression for postcodes: AN NAA, ANN NAA, AAN NAA, and AANN NAA
strPostcodeRegExp(0) = "^([a-z]{1,2}[0-9]{1,2})([0-9]{1}[abdefghjlnpqrstuwxyz]{2})$"
' Expression for postcodes: ANA NAA, and AANA NAA
strPostcodeRegExp(1) = "^([a-z]{1,2}[0-9]{1}[a-z]{1})([0-9]{1}[abdefghjlnpqrstuwxyz]{2})$"
' Exception for the special postcode GIR 0AA
strPostcodeRegExp(2) = "^(gir)(0aa)$"
' Copy the parameter and convert into lowercase
strPostcodeCopy = Lcase(strPostCode)
' Assume we're not going to find a valid postcode
Check_Postcode = false
' Strip out spaces
strPostcodeCopy = Replace (strPostcodeCopy, " ", "")
Check_Postcode = False
Set objRegExp = New RegExp
' Check the string against valid types of post codes
For intCount = 0 to Ubound(strPostCodeRegExp)
' Check next pattern in list
objRegExp.Pattern = strPostcodeRegExp(intCount)
If objRegExp.Test (strPostcodeCopy) Then
' Post code found. Ensure input parameter is in correct format.
Set objMatches = objRegExp.Execute (strPostcodeCopy)
Set objMatch = objMatches(0)
strPostcodeCopy = Ucase (objMatch.subMatches (0)) & " " & Ucase (objMatch.subMatches (1))
' Show that we have found the postcode
Check_Postcode = True
End if
Next
' Ensure that the uppercase postcode gets returned if valid
If Check_Postcode Then strPostcode = strPostcodeCopy
End Function
%>
regards
John
, can add photo album but after i upload a pic, nothing shows.
where do i look to research why pics aren't showing in the albums
, ahhh ok.. I was going to wait till morning to answer this one..
glad ya figured it out
, To finalize this thread.. a target was added to the form by the customer by accident thus causing the situation, Hi Chris,
The password is HANNAH. If you're into trouble shooting mode and would like the key, I can send it to you. If not, no big deal, I've email the guy a new password. We'll see how many rounds it takes him to get it right.
Thanks,
Mick
, When I add a user, I can not activat it.
What do you have the registration type set to in the settings ?
They wont be activated automatically unless you have "automatically" selected ?
It sends me back to log on and will now allow me to log in as admin???
I am not quite sure I understand ? Seems to me like that would be normal because you can always log in as the admin at any time. If you cant log in as the user you just signed up as that could be for a couple reasons relating to the registration type you have slected in the settings. There are 3 types all epxlained in the settings screen. Some require manual activation byt the admin, some involve a registration email.. etc etc
I can restart the APP and log in as Admin, but the user I added
is still not activated??
How and why are you restarting the applicaton ? Please explain what your doing there.
My system will also not allow me to set the Stay Loged in FLag.
It just ignores it....
As I told you in an email earlier cookies must be enabled for authentication to work. You mentioned now you can not log off ? I am not sure I know what you mean by that. I assume you know to close all browser windows when testing things like this and I assume you know you have specifically log off and confim it in order to remove the remember me cookie and have to log in again when you return to the site.
, If you are developing using Windows 2003 Server and running the NTFS file system setting proper permissions on a folder in your website is done like so.
using "my computer" browse to the folder in your web that you need to set permissions on.
Right click on that folder and then choose the "security" tab.
Give the "Internet Guest Account" Modify Permissions
This will check all the boxes under modify as well.
You can also give permissions to the everyone account and accomplish the same thing.
Other things to note:
If you are using ASP.NET you need to give permissions to an account called ASPNET. It wont show up in the user list. You'll need to click "add" and then type in "ASPNET"
In some cases you may want to go into the advanced tab and check both checkboxes shown in order to make sure the permissions you need get set. It really all depends on the situation.
cwilliams38342.7343981481, 
Much thanks, the duplicate incl's I spaced on and should have caught. The hidden form variable was a key issue. Thanks for the syntax and the help. Now I get this page together. j As a note - I got faster results by dropping my timeout to 3 minutes temporarily while progging and cleared browser cache between tests. Thanks again.
, Chris:
The string is being saved and I get a .wav ring sound to confirm. I have tried editing in "notepad" and then running the "data/show_path_info.asp" file after with the same results.
Ken
, I really do not know to tell you the truth. I'll do some research.
The script only allows .jpg, .jpeg, and .gif extensions.
If someone uploads a file called... "filename.vbs.jpeg" with bad vbscript in it I seriously doubt anything can happen because of it because of the extension.
But I really do not know.
It has never happened to any sites I have or know of.
cwilliams38447.0491435185, Hi all
I logged in myself to my website, and I tried to log in to another with same username and password. But I was able to log in again.
It was supposed to block me from logging in, but it let me to log in.
there has got to be some configurations I must have missed.
Could you instruct me on this Concurrrent login so mine works as well...
thanks
, Another good tip is to make a copy of the "password_admin/default.asp" named whatever you like..
"default2.asp" would work...
then maybe add a link to it from the header_inc.asp file
then you can modify that one all you want and your will still have the original around.
That concept works for a lot of things.. for example you could make a copy of the "users" folder and call it "users2" granted a few paths might need to be changed here and there but really not a lot. (how do you think the paypal signup folders were created, they started as a copy of the "users" folder of course)
You can even make a copy of the "check_users_inc,asp" file if you like. Then make a copy of the "scripts/login_form_inc.asp" file... then make your new "check_user_inc.asp" file reference it.
Then you can password protect pages using different versions of the "check_user_inc.asp" file. Why ? well maybe you want different looking logn forms for different parts of your website or you want to make a lot of changes to the "check_user_inc.asp" file and want to leave the original alone.
The sky is the limit really. When it comes down to it besides the actual guts of the "check_user_inc.asp" file ASPProtect is nothing but html tags and chunks of simple server side code that produce more html dynamically. What your browser ends up with is basic html. (some client side javascript in certain cases, but that is pretty basic stuff too.)
cwilliams38422.509525463, Still not having much success. I am using SQL server. I changed the permission in the following directory :sql server data\mssql\data. Is that the database directory you are referring to?, Chris,
When I set up a test user name it does accept name and passwords and the passwords are encrypted, no problem there.
All I want to do is to restrict access to the protected pages to the members only. Only those users will be accepted and allowed to view.
I have entered all of thier names, address, phone number, email and company in the database, which is still named ASPProtect_access2002.mdb and in the fpdb directory of wwwroot. To get it there I uploaded via FTP. I hope I expained the situation well enough.
, You are right.
I have SQL server.
From August to today I have used a very simple login system and now I come back to you for better.
I can insert, edit, delete users but it happens what I mentioned in my first message.
, ASPProtect v7 comes with working example code of protecting an image from being downloaded and also protects the true file location of the image on your server..
This comes with the system as an example folder with some files in it.
(some of the initial purchaser's of the system might not have that directory.. if that is the case please ask)
Here is how it works...
It does not matter what directory name the ASPProtect files and folders are in but you cant go moving around critical file and folders like it appears you did nor is there any reason to.
All that is is saying is that the users folder, the password_admin folder, the scripts folder, the check_user_inc.asp file, and all the other files and folders that come with the system can be in any directory name as a whole.... but that doesn't mean you can go messing around with the files and folders in that directory.
I assure you 100's of users do not use "aspprotect" as the main folder name and they have no issues doing so.
Regardless, you need to explain in much clearer detail exactly what you did and what paths you used and what is where. At this point I really do not know what is you did as your post was not clear to me.
You should also check that you have entered correct path info in the admin settings page area. The register page is one of the paths that geths set there.
, I am having problems with a password a user wants to use. He wants HANNAH. When he (or I) try to log in with his username and password, I get a syntax error -
Syntax error in string in query expression '(Username = 'changedforsecurity') AND (Password = ' éG'.
pathOnComputer../1protect/check_user_inc.asp, line 114
I've obviously changed the username and the server path in the info above for security.
What is it that the system doesn't like in the word HANNAH as a password? I would just change his password for him but this guy has enough trouble just turning the computer on! Confusing him with a new password would take weeks to set him straight.
as far as permissions are concerned I wrote two large articles about permissions that cover everything in detail on how to properly set them
From things you are saying I assume this is your server. My comments about the path looking funny are because very few commercial hosts would use the "c:\inetpub\wwwroot\" directory. If you are using that and that is correct info then that is fine.
as for knowing whether or not the filesystem object is working the best thing to do is to try to write a text file somewhere in your web and see if it works. Testing something under the most basic scenario is the key to troubleshooting asp issues.
