Hi,

No, only ".asp" files can be protected.  It is the nature of Forms Based Authentication when using web based scripting technologies whether those scripts be ".cgi", ".asp", ".php", or whatever.

To protect entire direcotries at once you really need to run your own webserver and use NTFS permissions and user accounts..... or if something special is installed on the server there may be ways to do it as well. That usually isn't going to happen under a shared hosting account but there are special authentication products for such a thing that some hosting companies do purchase and allow their hosting customers to use.

Using aspprotect we do give working examples of ways to stream and partially protect images and downloads while a user is logged in to an ".asp" page.

Also, any ".htm" pages can simply be renamed to ".asp" if you need to protect them. Links to each other need to be updated of course because of the extension change.

In my opinion the truth of the matter is most high end sites use Forms Based Authentication with scripts. Not directory protection as it is fairly primitive/old school as well as sometimes being confusing for the users of the site because of how the login window from the server often gets stuck behind the browser.. etc etc

If you have a lot of pages in a site that you need to add protection code to then if can often be helpful to use a good Multiple file search and replace program to carefully add the protection code to the top of the source code of the pages. There are even multiple file search and replace programs that can rename extensions which can be helpful for large sites.

For images and graphics you want protect you have to do some work and set up and intelligent system for yourself.

Lastly whether you use https:// or not is no concern to ASPProtect as it works the same under https:// as it does under http://

User Information

After a user logs in there are variables that you can always access.
They can be used to check various things or to display information
dynamically based on who has logged into the system.

   Session("PasswordAccess")
   Session("Access_Level")
   Session("Admin")
   Session("Active")
   Session("Expiration_Date")
   Session("User_ID")
   Session("Groups")
   Session("Redirection_URL")
   Session("Password")
   Session("Username")
   Session("First_Name")
   Session("Last_Name")
   Session("Company_Name")
   Session("Email")
   Session("Address")
   Session("City")
   Session("State_Province")
   Session("Zipcode_Postal_Code")
   Session("Phone")
   Session("Custom1")
   Session("Custom2")
   Session("Custom3")
   Session("Custom4")
   Session("Custom5")
   Session("Custom6")

You can display them on a page at any time using Response.Write like so

<% Response.Write(Session("FIRST_NAME")) %>

or like this

<% = Session("LAST_NAME") %>

Our webhost changed converted all sites from c: to d:, and without us doing anything else, our customers now get the following error message when trying to access our Classifieds site:

***********

Microsoft][ODBC Microsoft Access Driver] Not a valid password.

This means there is most likely a problem with the "ConnectionString" info that you specified.

If you are using a DSN-Less Connection with MSACCESS.

Check that the physical path to the database has been specified correctly.
It has to be perfect and correct. It cannot be specified using "http://" or by using "server.mappath".
It has to be specified like the following example.

ConnectionString = "DBQ=D:\Inetpub\wwwroot\advpass_pro\_database\passwords.mdb;Driver={Microsoft Access Driver (*.mdb)};UID=admin;PASSWORD=Xpass"

If this is running on an NT server or Win2000 Server make sure that permissions have been set on the database.
Only the server admins can do this. If you are not the admin you will have to ask for this to be done.

If you are using a System DSN

It is not set up correctly. Again, make sure the permissions have been set for the database and that the system DSN has been set up correctly by the server admins.

************************************************************ *********************

We did everything the web host asked us to do, that is, changed all references to the C drive to new references to the D drive, but the error is still there.  We also never changed any passwords (as far as we can remember).  Can someone please tell us where to look (also which file might tell us what the correct password is in case it has in fact been changed.

Does ASPprotect support Paypal's Website Payments Pro option, where a user can use a credit card directly on a web site, without passing to paypal.com?

Nick

btw: who is this hosting company anyway ?

and did they give you access to a control panel that lets you manage your site ? sometimes that is where you manage those permissions if their interface supports it

lastly, are frontpage extensions installed in your web so it can be connected to via frontpage ?

again I will ask you what is the real error??

see the link above when I asked you the 1st time.
(I need the error details and line number.. etc etc)

and what kind of a server are you trying to run it on ?
you mention xp pro but in a confusing way ?

ummm.. ok.. Then this doesnt make sense.  On two out of the three machines I have in house here, the images do not show up.  They only show up on the server machine.  I am using the constant url on all three machines.  www.rfamilystuff.com  Does it show up on your?

Hello,

for an admin..
you view albums for a user.. make a new album... then click manage pictures

for a regular user you log in.. go to user user area.. create an album..then click on manage your albums

Nov 2005

Ok time for some more questions!!!

Is there a way to make the person's email address their default username... or force it in somehow instead of allowing them to create their own?

Okay, hopefully I'm posting in the correct area this time.

Currently we are utilizing ASPProtect 7.x

When using the Newsletter function, many members are indicating they are not receiving email.  No evidence of email in SPAM folders.  Also, when checking with email provider, they insist it is not being filtered prior to delivery to member's email address.

The following message does appear when a newsletter is sent.

error '8004020f'

/newsite/ASPprotect/scripts/emailing_subs_inc.asp, line 124

Line 124 is the line of code to 'send' the emails.  We have approx. 860 members who are on the list to receive the newsletter emails.  I have no way of knowing how many are not getting the email. Based on anecdotal evidence, I'm guessing it could be as high as 20%.

We are using CDOSYS / SMTP authentication with a real external email with MX records. Our website is hosted by Cbeyond.  They insist it isn't at their end. (for what it's worth)

Thanks for your assistance.

NPA

I disagree...

It would be 20 hours + of conversion and testing. Maybe more.

Like I said, I converted a version fo ASPBanner once to work with MYSQL. It took forever to change all the code (2 weeks of messing around) and get it working. There were also a lot of issues with null values in the database, ado update code that had to be rewritten, cursor type issues, recordcounts not working, etc etc that had to be sorted out. There was a ton of situations where things seemed to be working but later on I noticed there were minor bugs to deal with. It was a lot of work.

ASP Photo Gallery has a ton of asp pages. It is a much larger app then ASPBanner. If you convert it to work with mysql I highly doubt you could have it running well with less than 20+ hours of work. I wrote the app and it would at least take me that long and there would still be bugs at that point.

If you think you could your not used to my style of coding and don't realize exactly how much stuff needs to be rewritten.

Granted, you could get some of the basics running off mysql in a few hours or less but there is just so much little stuff that would give you trouble.

Thanks for your rapid responses, your support is excellent!

It may be best that I stick with html then. You mention that is stresses the Version 7 software, would the unlimited version perform any differently if I use multiple zones?

Also, if I do go with a single zone, would either program be able to make sure each banner is unique, or would there by duplicates for each page view?

Sorry to post so many questions in one day.

Triple check the upgrade instructions because I think you missed something important.

line 227 on "/password_admin/save.asp" refers to the "Password" field

the error your getting most likely means it is not there..

Pay close attention to the areas in the upgrade instructions regarding renaming your existing "Password" field to "Old_Password"

Then making a new "Password" field and carefully following the instructions needed to convert your old passwords for use with the new system.

If you don't everything carefully and perfectly this is the sort of error you will get.

The count is in the album area where the small pictures and description of album.   Viewed 1 time(s)  This count never changes.

Thanks

 John

How to set a new users expiration date.

You'll need to edit the "users/add_new_account.asp" with a text editor.

Find this section..

<%
CmdAddUser.Fields("ValidateEmailCode") = ValidateEmailCode
CmdAddUser.Fields("Access_Level") = "4"
' PUT YOUR CODE HERE
CmdAdduser.Update
ID = CmdAdduser("ID")
CmdAdduser.Close
Set CmdAdduser = Nothing
ConnPasswords.Close
Set ConnPasswords = Nothing
%>

You'll want to add code like this right between the Acccess_Level  and Updates section

CmdAddUser.Fields("Expiration_Date") = Date + 60

That will give take todays date and add 60 days to it.
You can of course do whatever you want here.

Actually, any database value for the user can be set during registration.

You can also change the default Access_Level to whatever you like.

sure (XP PRO), see my article on that

http://www.powerasp.com/content/new/windows_xp_pro_and_permi ssions.asp

Sorry, I guess you did say you finally found them.
Regardless, sorry then, I tried

I dont know what else to tell ya.. except to search www.aspin.com

Perhaps you will find something you can use there.

The only reason no one else asked this many questions is possibly because they didnt NEED the functions i am TRYING to do.

We offer tech support for installation of the base application purchased in it's native form.  In other words were not planning on spending weeks holding your hand and teaching you how to build your application or modify the one you bought. Not because anyone wants to make it hard on you but because there is a practically infinite number of things someone could be trying to do and the only way to give you the exact answer would pretty much involve either writing it for you or having a look at your code to see what the heck your doing. Sorry but my time isn’t cheap nor do I have a lot to spare. I already gave you my approach on what to do and what you should be looking at but obviously you’re not catching on. SO ONCE AGAIN, PLEASE LOOK AT THE SOURCE CODE AND DECIDE HOW YOU WANT TO HANDLE YOUR END OF THINGS BASED ON HOW THE APP DOES ITS THING. I really don’t know how I can be more clear that that. I don’t have a crystal ball that can tell me where you’re going with your own code, what the final requirements are... what field you want to add or remove for the database etc. There is a demo up that everyone can look at and play with so they can get a feel for how the things behave and look. It’s not my fault your naivety led you to believe you could do anything with it in ten seconds. I mean if I just add some wings to my car maybe it will fly, and if you just add a shopping cart and a few products maybe you can start your own Amazon.com with that software right? Sounds good to me…

It would take me longer to re-write YOUR code than it would to have LEARNED ASP.NET and made MY OWN.

Well thats one thing we both agree on, I bet it would take you a long time to rewrite the code when you dont know how to write it in the first place. By you own admission you dont know enough about what your doing to be messing with a .NET app at this point. Maybe you should take your own advice and LEARN SOMETHING ABOUT IT. What’s even worse is that application isnt even complicated, its 101 stuff honestly. One class, thats it! Your not looking at thousands and thousands of them that you will have to read and comprehend. If you can actually “read” the code we kept it lean and mean and to the point. Nothing strange or random, no references to a zillion things all sprinkled here and there. Its reads like a book if you know the language. That’s why developers buy these apps all the time. Not because they couldn’t write one themselves, but because they know their time is valuable as well and for $150 which is less than most get paid an hour they couldn’t be bothered. Furthermore we both spend a lot of time making sure these apps are "dumbed down" so that the average programmer without a lot of object oriented background can pick up the coding style tweak it if they need to. Some people do modify things to suite their needs and others are happy with our apps "as is".

Just to recap we already wasted two days yappin about your jacked up servers and after you went through THREE of them and finally got one working you said the code was working. Red lights started flashing in my office by the time you got to the second screwed up machine, but hey weird things happen so at that point I wasn’t 100% concerned. Technically we could have and possible should have cut you off there as the policy in place is pretty clear about us not being your tech support crew when it comes to getting your machine working properly (especially one we cant even look at). Go check those posts again both Chris and I were answering your questions and being as helpful as anyone could possibly expect.

Several more days have been spent answering questions about how to modify your application and again that’s not our responsibility and we don’t support modified versions of the software for all the reasons that should be obvious. No software company does and if I have to explain why that is well this conversation is beyond hope.

Bottom line is the responsibility to support that application ends the moment you get it running the way it was shipped. Were pretty damn decent about going above and beyond and a lot of the time we go into things we shouldn’t have to. If you have well thought out and specific questions by all means ask, this isn’t some sort of thanks for your money now get lost operation. CJWSoft has been around since the beginning of Microsoft’s entrance into the web application market. We have thousands and thousands of happy customers because we are developers and enjoy working with other developers along the way.

You’re not the first N0oB to show up, but you’re the first one I can think of that ever tried to tell us we didn’t write the apps we sell and essentially wanted to argue that we don’t know what were talking about. Meanwhile you should have been done with your thing days and days and days ago, not in here yapping off and showing your ignorance to the other developers that regularly browse these forums. You trying to tell me how CafePress works is a joke, I happened to have been part of the team that worked on the first few revisions of that site and again you really didn’t even understand what I was getting at in that last post. LINK TO LOGIN PAGE not link to every protected page on the site.

If you think I am pissed off at you, your wrong. I'm just irritated with the whining about this and that and rather than admit your over your head you come back with half baked remarks that only make sense to you. If you think you can google a few terms and come back here talking smack like you’re actually someone that knows what you’re talking about your just making a fool of yourself. You sound like a guy from China trying to tell me how to speak English... My advice is get a few books and start learning or try actually reading up and listening to the other bazillion knowledgeable developers out there that do a great job posting articles about the subject. You might just learn something and actually get your project finished before 2010 and when you do please come back and re-read your posts with "enlightened eyes" so you can see what a goofball you are for saying half of the things you have said. I am not in the mood to keep helping you get your project done step by step. I have huge projects of my own going on and if I thought you could actually provide a descent project specification I might offer to make the changes for you at a serious discount so you could go away and everyone would be happy. Problem is I dont get the feeling you could explain your way out of a paper bag let alone provide a group of programmer the techinal specs for your project.

Your best bet is to post a link to the start of this thread at www.AngryCoder.com I'm sure a  few of  people over there would be more than willing to give you a ton of usefull advice

Google 4GuysFromRolla… a great resource site with example, just dont come back here  telling me those guys/ladies posted things that dont work either.

Chris has written hundreds of articles on PowerASP, a great place to start looking as well… www.powerasp.com I've been spitting out code for longer than I can remeber and I still look thing up on this site because its LOADED with great info. That happens to be one of the very first ASP sites that went up on the net so lets just say he knows a bit or two about the subject.

I'm sure your frusturated but your pushing your luck seriously. 38 posts about this subject in a week and your over there hacking away on your virus infested WaReZ machine which isnt exactally the ideal development rig. I mean we provide the code and your supposed to provide at the least a very basic knowlege of what your doing and a production grade platform to test it out on. To me thats like buying a car and then asking how to drive it... then bugging the dealer to teach you and when you smash the thing complaining because no one told you that your not supposed to drive into a wall. I have the same policy as the dealer, show me something wrong with the car from the factory and we will fix it for you NO QUESTIONS at all with our appoligies, but really once you take it off the lot what you do with it is your deal and its not our responsability in the least.

I did a google search and it turns out that error very well might have to do with ASP trying to send an email and that process failing.

That tells me your emailing from the application is not working so it is probably not something you edited incorrectly.

see this article...

80040211
http://www.aspfaq.com/show.asp?id=2026

Emailing was working as when I did your installation (I think I did it months ago, didn't I) so it must be some incorrect changes to your email settings in the admin settings screen. Try sending an individual email to a user from the admin users screen and see if it works. My guess is you will get the same error and means your email sending options are no longer correct or valid.

If that is the case I would ask you if you changed them or possibly something changed as far as your email setup goes. Passwords ? EMail Server .. etc etc etc

Hi-

Thanks for the quick response to my previous posts.

This is my issue:

I have read over all the docs and installation instructions and can't find a way to do this:

my default page in my root dir will be a log in page which will take the user once his level is validated to a "home page". Is there a page in your examples that will perform the function of this log in page? or should I rename check_user_inc.asp as the default and change it's html output to make it look like my log in page?

I also looked within the code for check_user_inc.asp and did not see where to specify where the user will go once he signs in.

Your help is appreciated

It probably is. You would have to look at the paypal documentation for IPN and see what needs to be changed in the form code.

You can get all that info from PayPal's website.

There are tons of variables and options you can use with all of their code.
They have detailed PDF files full of information on all of them.

This is a great article from my old powerasp.com site.
Connections And Server Database Permissions

Hi there, I am not exactly what you mean when you say "moved some of the include files to user"

are you saying you are moving files around ? I am not sure what you mean there.

but.. the parent path issue is described in detail here

http://support.cjwsoft.com/code/moreinfo5-1.htm


Having is enabled is actually a requirment of the photo gallery application as stated on the web site
http://www.aspphotogallery.com/aspgallery_pro.asp

You can certainly still use the apllication but as that article says you will need to change any file includes to virtual includes so they will work with parent paths disabled

Banners no longer show up on my site ?

If banners were working fine and now they are just not showing up.
1st check to see that you are calling a valid zone with live banners in it.
If you are then most likely this it what hapened.

The web server must have crashed or lost power and now the application variables are in limbo/not working.

I have seen this happen a few times.

Basically the application variable system gets messed up because it was not shut down properly.

The way to cure it is as follows.

Edit and save a banner in the system. Hopefully that gets things going again.

If this happens a lot it is a server issue, not ASPBanner's fault.

False alarm. Dumb user alert (both the classifieds customer and me).

When I test fixes, I need to be looking at the right Ad_ID to get correct results

Hello,

Again, enspecified error are not very helpful.
An error usually tells you at least a line number and page or something.

Please read this as it might help do tell me more.
http://support.cjwsoft.com/forum/forum_posts.asp?TID=11& PN=1

As for only happening once in a while. It could be a lot of things.

Version being used (when did you purchase.. what name/email was it under and I can look) ?
What banner method being used?
Access or MSSQL ?
How busy the site is ?
Server Resources ?

yes, like macnap says.... you have to protect your ".asp" pages the way the directions tell you to...

and like in the "example" protected pages we provide

or they will not be protected and nothing will happen as far as ASPProtect goes

I guess I just didnt understand what you were talking about

Now that I really think about it.. instead of logging that info to a text file and worrying about folder permissions you could probably just save the post info into an application variable during the paypal ipn.asp post like so

For Each Item In Request.Form
formdata = formdata & vbCrLf & Item & "=" & Request.Form(Item) & vbCrLf
Next

Application("PayPalPost") = formdata & " - " & NOW


then anytime you wanted to see if that info was there or when it happened you could make a simple asp page in your site to display the results like so

<%
Response.Write "(" & Application("PayPalPost") & ")"
%>