Blog Entry: 3/25/2006 4:44:32 PM
It works. Thanks Chris.
, hello,
There is no built in option. You would have to add code to do that.
Its not difficult but custimization like that is not something I support.
,
This issue came up once before and when I investigated I could find no error in the html that aspprotect generates and those files do exist where they are supposed to. We concluded it was a parsing error from the log file system.
There just really isn't anything I can do about it. I spent a week trying to figure it out. It is just the log parser screwing up under certain circumstances where there is no reason anything is wrong. They have trouble dealing with some of the complex URL/querystrings that the ASPProtect admin area uses. They think there is a 404 eror when there isn't... etc etc
, Are there any problems with modifying the default database fields.
I need to have an update from net billing and they use different settings in the database than the default.
Will the interface still be functional?
, Your probably talking about "Session.Timeout" which is a feature of the IIS webserver. Please do a google search on it for more information.
In the meatime if you look at the top of the "check_user_inc.asp" file you should see a section like this where you can try to change the value.
' Minutes you want before the session times out.
' This is set on the server to be default to 15 or 20 minutes depending on the server version
' You can change it there or override it here.
Session.Timeout = 30
Specifying it like that is supposed to overwrite the value for your web in the IIS console which is usualy 20 minutes.
, you password protect an asp page in your site "where that is is up to you"
http://support.cjwsoft.com/code/moreinfo171-1.htm
then you link them there from your own pages
thats all there is to it
is that what you are asking?
Additionally...any page you password protect automatically becomes a login page... where you want to start and where you send them after or before login is something you have to handle on your own
Any pages you pasword protect will prompt the user for login info if they are not yet logged in that is.
Then once logged in it returns them to the same page they are showing the page content as it would normally appear.
cwilliams38455.7128356481, Hello,
I need some help with the following code. Please look at the area in red. I need to be able to set someting up to where the variable eval1 (a yes/no field in my database) is set to false after the associated link is pressed.
Thank you
="vbscript" %>
<!--#INCLUDE virtual="/irp/check_user_inc.asp"-->
<html>
<head>
<title>Administrator Evaluations</title>
<style>
<!--
div.MsoNormal
{mso-style-parent:"";
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman";
margin-left:0in; margin-right:0in; margin-top:0in}
-->
</style>
</head>
<body background="../images/1.gif" bgcolor="#C0B59A" vlink="#FF0000" alink="#FF0000" link="#0000FF">
<p><map name="FPMap1">
<area href="http://www.utb.edu/" shape="rect" coords="627, 66, 670, 81"></map>
<span lang="en-us"> & ; ; ; ;nbsp; & ; ; ; ;nbsp; & ; ; ; ;nbsp; & ; ; ; ;nbsp; & ; ; ; ;nbsp; & ; ; ; ;nbsp;
</span>
<img border="0" src="https://blue.utb.edu/irp/Inst-Research&Plan.jpg" usemap="#FPMap1" width="675" height="82"><br>
</p>
<h2 align="center"><span lang="en-us">Administrator Evaluations</span></h2>
<p align="center"> </p>
<p align="left"><span lang="en-us"> <b>Welcome, </b> </span> <b> <% Response.Write(Session("FIRST_NAME")) %>
</b>
</p>
<p align="left"><b><span lang="en-us">On this page, you will see a list of names
that represent the persons that you will be evaluating this year.
Please click on a name to select that persons evaluation form. Once you have completed
and submitted that persons evaluation, you will be returned back to this page to
continue with the next person on your list. Once you have completed all your
evaluations, you can log off the system using the link below.</span></b></p>
<p align="left"><b><span lang="en-us">Please note: Only <u>1</u> submission per
person will be accepted, any additional submissions will not be accepted.</span></b></p>
<p align="left"><span lang="en-us"><b>If you have any questions please feel free
to contact us at the number below.</b></span></p>
<hr color="#FF9933" width="80%" size="3">
<p align="center"><span lang="en-us"><b>Please click on a name below to begin
the evaluation process.</b></span></p>
<div align="center">
<table>
<%If Session("Link1_Name") <> "" Then %>
<table border="1" width="28%" id="table1" bordercolor="#000080">
<tr><td bgcolor="#FFFFCC" style="float: left"> <b><span lang="en-us"> <a href="https://<% Response.Write(Session("Link1"))%>" onclick="<%=Session("eval1")="true"%>;return true" </href> <font color="#000000"><span style="text-decoration: none"><%Response.Write(Session("Link1_Name"))%>< /span></font></a></span> </td>
</tr>
<%End If%>
<%If Session("Link2_Name") <> "" Then %>
<table border="1" width="28%" id="table1" bordercolor="#000080">
<tr>
<td bgcolor="#FFFFCC" style="float: left"> <b><span lang="en-us"> <a href="https://<% Response.Write(Session("Link2"))%>" </href><font color="#000000"><span style="text-decoration: none"><%Response.Write(Session("Link2_Name"))%>< /span></font></a></span></td>
</tr>
<%End If%>
<%If Session("Link3_Name") <> "" Then %>
<table border="1" width="28%" id="table1" bordercolor="#000080">
<tr>
<td bgcolor="#FFFFCC" style="float: left"> <b><span lang="en-us"> <a href="https://<% Response.Write(Session("Link3"))%>" </href><font color="#000000"><span style="text-decoration: none"><%Response.Write(Session("Link3_Name"))%>< /span></font></a></span></td>
</tr>
<%End If%>
POST EDITED / SOME CODE REMOVED TO KEEP IT SHORTER ..
This went to Link3_Name
</table>
<p> </p>
<p><span lang="en-us"><b>If you have completed all your evaluations and wish to
log out please click <a href="log_off.asp">here.</a></b></span> </p>
<p> </div>
<div class="MsoNormal" align="center" style="text-align:center">
<hr size="3" width="80%" noshade color="#ff9933" align="center"></div>
<p align="center" style="text-align:center"><b>Institutional Research and Planning
<br>
Tandy 270<br>
80 Fort Brown<br>
Brownsville, TX 78520</b></p>
<p align="center" style="text-align:center"><b>Phone: 956-544-8816 &nbs p; &nbs p;
Fax: 956-983-7652<br>
E-Mail:
<a style="color: blue; text-decoration: underline; text-underline: single" href="mailto:iresearch@utb.edu?subject=Administrators%20Evaluation">
iresearch@utb.edu</a></b></p>
, (FREE) Nov 23 2005 Update Files
If you purchased ASPProtect Version 7.x before Nov 23 2005 then you can download these Update Files.
(These are non-critical updates.. only update if you want the described changes below)
These updates do the following..
- Make the Tabs in the Admin area move up and down as you navigate around so they look more like tabs used in a file cabinet.
- Updates the import/export process so the tab delimited text files created now store the passwords in plain text instead of encrypted. I have been thinking about this one for a while now and I think it is better this way as it was confusing a lot of people. If can also kill the whole process if by chance the encrypted output of a password contains a line break of sorts. There is no way to deal with that scenario so this is way the import/export process is going to work from now on. This also means you should be VERY carfeful about leaving export files lying around as they will have the passwords in them.
- Updates the "expected_paths.asp" in the data folder because the paths it was generating had an extra "data/" in it.
- Updates the users page so it will not show the import/export link if you have not entered a path for the export files in the settings.
- Adds an Activity Tab if using the Activity Tracking features instead of the links it used to put on the users page that most people didn't see.
To install these just copy them in over the old files.
Now of course back up your existing files so can revert back if there is a problem or you do not like the changes. If you made any custom changes to any of your pages use your head and realize that copying these in over your existing files will overide any custom changes you made. (that is your business, I am just warning you)
2005-11-23_163025_ASPProtect_v7_11-23-2005_update.zip
, Has anyone used the aspmail function to send and recieve emails from within your forms? If so what string did you use in the aspmail_host field in the connections database.
thank you
adam
, Still not having much success. I am using SQL server. I changed the permission in the following directory :sql server data\mssql\data. Is that the database directory you are referring to?, Can I have the logon be in a top frame while having the protected pages displayed in a main frame?
Using frames with forms based authentication is not the best thing to be doing. Your much better off not using frames and using includes files to do a virtual frames sort of thing (search google) but if you are going to use frames I would suggest password protecting the frameset page as well as any pages it contains.
If you want to have a login form in a non protected top frame all the time.. that posts to a lower frame that is password protected.. you would do this
http://support.cjwsoft.com/code/moreinfo169-1.htm
but change the target of the form to one of your frames
personally though I think that would be a somewhat goofy setup to have going on
Also, how will it behave if a user moves in between a protected page to a public page and back to the protected page again?
As long as they have cookies enabled which is required for session variables to work... then you will have no issues because once they come back to a page they have permission to they will just be allowed in without login.. at least while that session is still active.. or for a longer time if they choose the remeber me option which keeps track of them with a cookie .
Really, the best thing to do is expirment and see how things behave.
, Good Morning, any suggestions on how to best "fake out the system" -- I would like to try to keep this clean so I can see the real errors?
My thought was to try to just move those .gif files to the directory that it thinks it should be in -- do you have any better suggestions? Or reasons why I really wouldnt want to do that?
, I was able to get it all figured out. Thanks a lot for your help, I really appreciate it. I ended up copying the database with the password to the directory and used the user/password connection code and it works great. I believe it was related to that but I cannot be sure. Thanks again!
, I purchased two site licenses for ASP Protect a while back and am now trying to implement the application.
The connection to the database is fine, because it recognizes the user and displays the user name. However, there must be a problem with the permission because I get the DNS error information from the On Error in the check_user_inc.asp file.
I set the permissions on my PC as you indicated, both on the folder and the database file. But get the error and cannot access the database to view or modify. I also uploaded the file to my web server and set the permissions as well, but get the same problem.
You mention on your forum that it is not the code, but I don't understand if the code is correct and if it finds the database and the permissions have been set as you indicate, why doesn't the code work?
, Three questions here:
1. I am having a problem with characters being displayed properly when viewing listings. Some alphabet characters and punctuation characters do not display properly when viewing the pages.
Sample here:
http://www.hibari2.com/lanoitanretni/kokusai_profiles/view_i tem.asp?Ad_ID=102&CatLevel=2&Cat1_ID=3&Cat2_ID=& amp; amp; amp; amp;Cat3_ID=&Cat4_ID=&FromSearch=True&SearchPage =%2Flanoitanretni%2Fkokusai%5Fprofiles%2Fdefault%2Easp%3FCat Level%3D2%26Cat1%5FID%3D3
In the access database I was looking at the properties for the ‘Ad_Custom’ fields. Unicode Compression is 'Yes' but IME Mode is set to 'No Control'. I wonder by changing this to ‘Hiragana’ if will solve the issue.
Note: the essays are typed in English on computer with Japanese OS, and then pasted up. Even though they are typed in English, there are several setting that may affect the output.
2. I want to reverse sort order for listings instead of listing 4, 5, 6, 7, I’d like to sort 7, 6, 5, 4… Could you tell me which page has to be edited, and in simplest terms what has to be changed?
3. Also, I’d like to increase the default display of ‘items per page’ from 25 to 100. Could you tell me which page has to be edited, and in simplest terms what has to be changed?
Thanks
HIBARI38155.8447569444, Thank you so so much! I went to the admin area and changed the email component from CDOSYS (using remote server) to CDOSYS (using port 25 forwarding) and all is working great now!
Again, thanks!
, I am having an issue with the Thumbnailing process. My host does not support ASPImage so I have to use something called asp thumbnailer which is similar to ASPImage. I am trying to modify the Dundas upload to automatically reduce the images to create thumbnails. I ripped out the asp image code and replaced with the bottom. The main issue I believe is grabbing the image files. I am not sure how to name the actual image file that is already uploaded by the dundas upload. the code is below:
The peices in red are where the issue is I believe. What you see below is my attempt to identify the exact image and then rename it tthumbnail. My optimal solution would be to take the picture, resize it and rename it exactly what it was named before.
Any ideas
Thanks
<% Else %>
<%
Dim thumbObj
Set thumbObj = Server.CreateObject("ASPThumbnailer2.Thumbnail")
If thumbObj.LoadFromWeb("../pictures/" & Filename) Then
thumbObj.ThumbMaxDimension = 140
If thumbObj.CreateThumbnailToWeb("../pictures/Thumbnail.jpg") Then
Response.Write("Thumbnail successfully created.")
Else
Response.Write("There was an error creating the thumbnail.")
End If
Else
Response.Write("<p><hr><b>Unable to load the original image.</b><hr>")
End If
Set ConnClassified = Server.CreateObject("ADODB.Connection")
ConnClassified.Open ConnectionString
Set cmdTemp = Server.CreateObject("ADODB.Command")
Set CmdSetImageInfo = Server.CreateObject("ADODB.Recordset")
cmdTemp.CommandText = "UPDATE Ads SET Image" & PicNumber & "_Uploaded = 1, Image" & PicNumber & "_FileExtension = '" & FileExtension & "' WHERE (Ad_ID = " & Ad_ID & ")"
cmdTemp.CommandType = 1
Set cmdTemp.ActiveConnection = ConnClassified
CmdSetImageInfo.Open cmdTemp, , 1, 3
%>
, We would like to give a member an opportunity to upload an image when on their profile page. How does this work with the photo option on the settings page? Is this the intended usage? Thank You. , And I'm the one who finds those rarities! I'm not surprised. 
Oh well...this should be interesting trying to get an 80 year old man to change his password.
Thanks for your quick responses Chris. This is still an awesome membership system!
Mick
, Hey CJWSoft,
We're helping out some clients of ours in a server transfer and we
really need some assistance from you guys. We've got everything
transfered and running, except for the ASP.NET banner. Do you
have any directions on how to go about moving the install from one
server to another? We've sent a couple emails through the site
but haven't gotten any responses back.
Please help.
-Tony Valenti
, Hi,
The source code comes with it.
They are the.vb files.
I don't give out any project files for reasons stated in the article below.
Please read this in full if you want to edit the application in Visual Studio.NET
http://support.cjwsoft.com/code/moreinfo85-1.htm
, did you fix it because I see all the pictures just fine ?
http://mcintoshcounty.org/real_estate/view_item.asp?Ad_ID=1
, OK.. I went with using ASPEMAIL. The above did not seem to work. No worries though, where there is a will (with options) there is a way.
cwilliams38394.7265162037, I would check out this article for starters... aspprotect is very similar to asp photo gallery and so are a lot of the page names.
http://support.cjwsoft.com/forum/forum_posts.asp?TID=49& PN=1
Jeromy, You should have access to that page.
, yes, like macnap says.... you have to protect your ".asp" pages the way the directions tell you to...
and like in the "example" protected pages we provide
or they will not be protected and nothing will happen as far as ASPProtect goes
I guess I just didnt understand what you were talking about
, Oh also, I tried to run the asp on my machine (win XP) and unless I'm missing something fairly obvious, I cannot get it to run correctly...when previewing it, I see all the code instead of what I should be seeing., Is there a simple way to upgrade from 7.x Lite to 7.x Full? I was testing out the software and I just purchased it. I have made some look and feel changes to the lite version (ie: login page), but no look and feel changes to the admin section. Is there certian files that I can add to have the full version without shorting myself features or functionalbity?
Thanks
, I need to use SQL for other reasons than efficiency. If I create 2-seperate databases, would there be a lot of code to edit?
Thank you.
Lance
, You do not run that page by itself. That is not how forms based authentication in .NET works. That is a special page used by the web.config file. It is automatically used when you protect one of your existing .NET pages but is not meant to run on it’s own thus the error.
To answer your other question a user is not sent anywhere. You protect existing ASP.NET pages as shown in the documentation and the examples. If sent to any protected page they are either prompted with a login box or if logged in they see the page as usual. If they log in the form posts to itself and they end up at the same page after supplying proper login credentials. That is how ASP.NET forms based authentication works. I suggest you get a good book on ASP.NET that explains all of that if you are still confused.
Now, if you really want some sort of page to redirect them somewhere after login make a basic asp.net page.. protect it.. and then use a redirect statement. , Hi, I have not gotten anything from you about it.
click on the PM button below and send it that way through the forums.
Thanks
, Am very interesting in purchasing ASPProtect, but am curious as to whether anyone has had success/failure with Network Solutions "standard windows hosting" solution? Thought I would ask just in case someone has had recent experience. thx, , SQL Server Datareader Datawriter Permissions..
here is a screenshot that shows how to set datareader and datawriter permissions on an aspbanner database using "SQL Enterprise Manager"
In this example we are making sure the aspbanneruser has those permissions on the aspbanner table in the database
cwilliams38325.8002893519, I would say that it isn't all that difficult using mySQL for the backend....the main thing is to make sure you set the primary keys for auto-incrementing in your database. Alos need to make sure that any DELETE SQL statements are formatted like this
DELETE FROM tblName WHERE tblField=SomeValue
and not
DELETE * FROM tblName WHERE tblField=SomeValue
The same holds true for using MSSQL
, ahh, I see..
that is not really something you should change.. it is pretty much always going to say read for any folder
It's hard to say, but adjusting settings like that could inadvertently change folder permissions in a way that could cause problems and be hard to correct. I really don't know that for sure but it is very easy to totally mess up permissions when trying different things. In the past I had to reinstall iis just to get things back to normal. I eventually over time learned what to do and what not to do and have never had a problem since. I am not saying you are one of those people but a lot of people have problems because they play around with things they shouldn't or they go nuts trying to give every account permission starting from root folders... overwriting important default permissions instead of just making changes to a few specific folders.. not understanding the importance of what they are doing..... etc etc
Sometimes you practically have to be a NT expert just to fully understand permissions. I know a lot and I can handle my own server but it's hard to explain the low level basic of NT permissions to others as there is a lot to it under the scenes. A lot of hard core NT/2000 users do all the permissions from the command prompt because there is a lot more control at that level.
Like I said earlier, what you showed me looks right but this isn't a complex issue and the error means what it means. Something isn't right with the permissions.
I would start from scratch if I were you. Perhaps consider doing an install in a new web instead of in your root like you showed me. Or try installing it on another machine for troubeshooting sake.
I am sorry I can't think of some amazing answer on this one, but I think this is just one of those weird situations that requires starting from scratch or trying it on another machine.
, It just sits there indefinitely without an error being returned. The only clue I have is that it seems to be connecting to the database when I try to log-in. I know this because I decided to erase the files and start again, but I could not delete the database because it was "in use". After I rebooted to clear that connection and erased the database, then re-did the install, the same condition exists after entering the key on the get_me_in.asp page. It just sits there indefinitely., Chris:
The string is being saved and I get a .wav ring sound to confirm. I have tried editing in "notepad" and then running the "data/show_path_info.asp" file after with the same results.
Ken
, Ok i was wanting to know what the "if then" statement would be if i wanted to show xxx if your group is xxx.
I tried
<% If Session("Groups") = "1" then%>
<font size="2">TEXT HERE</font>
<%end if%>
But that did not seem to work.
, Once you have the LANGUAGE = VBSCRIPT and Checkfor = 1 on your page,
you'll have it secured. I've got over 1600 pages secured in such a
manner, thanks to ASPProtect!
, Hi,
How do you know permissions are ok in that folder ?
Please tell me more on how they were set.
Please read through my article on how they are set correctly.
http://support.cjwsoft.com/code/moreinfo136-1.htm
Often times they are not set correctly or people thingk they set them somehow but in fact did not do it the correct way.
I would also suggest using the "test_physical_path.asp" page in the "extras" folder to verify if the path you are using to the database mdb file is in fact correct. That page should work whether permissions are set or not. At least then you will know if the path is correct or not and you can go from there.
, recent activity infomation is temporary and mantains itself per application start up.. when the web application restarts for whatever reason the info is reset
a reboot, an iisreset on the server, application pool restarts, etc etc
this is done because if that info was saved in the database your database would get huge real quick
logfiles however do not do that and are permanent
,
Timecard Entry: 3/25/2006 4:44:32 PM
Marcy -Jackie, deferred income report from Steve, handed out paychecks, PHONES, INVOICES ETC., Partners site working on credit card and check site on secure server, steady morning. , TICC& Consolidated, batching and answering phone, , Manning NOC, answering questions Techs had, resetting open modems, watching modems. Watching network. Trying to read up on linux a little so that I would be able to fix any problems if needed., Folding amd mailing invoices and answering phone. , cancellations for nonpayment, ordered carpet, cleaned, answered phones - signups,cancels, acct changes, filed customer paperwork, coupon, e-mails / new users / ask us ?, BackToBasicsPetFood.Com - finish auto email form submission and confirmation message., Calling customers back. Responding to voice mail. , Creg system- left message for Brian on updates for web site
The moose/fax info for setting up virtual email/ changes for web site
Thom Peterson- email rates and pricing/letter sent
Baldwinsville Chamber- changes for web site, update on categories for web site
whispringwindsbingo- three doamin pricing /sent email to randy and ray cook
timberview- billing for internet pick up meeting
McCadam cheese- chnages for web site/ given to tom/sent letter online storefront/buiness card
Clayton Harbour- drop off brochure on products and goods
, Chad Edwards, Finally slowed so that I was able to answer all of the online issues, Same as before., research and develop content for th vermont internet site: develop content and layout for the hosting and design areas of the site, Worked on additional meterials for the Go gisco and partners site., Checking out latest ASP Developors Magazine., soft router docs, steady afternoon., lunch in kitchen with the wife, Not much activity with phone, worked on marketing materials for the albany show. , Details, Meeting at Best Western, Started the stress test...hard but very interesting. Lots of terms to remember. Monitored all activities including 5 voice mails., further development of visio drawings, reviewed with pc to get feedback on instructions for cpe to employees. went to and from watertown to clayton office to drop off materials and pick up pay checks for wtn. office., Trying to get back with Christine at the Chamber of Comerce (Watertown). She had called earlier because their connection wasn't working.,
