If I also password protect the pricelist pages then someone will have to login twice.

nobody should have to log in twice... ?

session variables keep track of access... once your in - your in and you can browse to and from any password protected pages you like

If it is making you log in each time then cookies are most likely disabled.. session variables requires cookies being on to work.. cookies being on  is a requirement of aspprotect and is how Formed Based Authentication works..

let me know if that is the issue there...

you shouldnt have to be logging in more than once per session

Thats the whole point of the application...

Hi,

How do you know permissions are ok in that folder ?
Please tell me more on how they were set.

Please read through my article on how they are set correctly.
http://support.cjwsoft.com/code/moreinfo136-1.htm

Often times they are not set correctly or people thingk they set them somehow but in fact did not do it the correct way.

I would also suggest using the "test_physical_path.asp" page in the "extras" folder to verify if the path you are using to the database mdb file is in fact correct. That page should work whether permissions are set or not. At least then you will know if the path is correct or not and you can go from there.

Chris: You are right about a little extra coding to make it work. I am still learning .ASP coding, so I did a little web searching and used IF THEN statments to confirm a member logged in with a valid Access Code. If valid, the protected page executes, with the Member's Name and Access Level on a single line at the top of that page. Looks sharp! If not logged in, or a non member (who found the page via Google), I used a Redirect to send s/he to a login page with optional links as you suggested (http://www.vspa.com/aspprotect/vspa-password-failed.asp) . I couldn't get it to work when using Group Access, but I am sure that is just because I am a novice at .ASP (I will post that example when I figure it out). Meanwhile, here's the code I used that works:

<%@ LANGUAGE="VBSCRIPT" %>
<!--#INCLUDE FILE="dataconn_inc.asp"-->
<!--#INCLUDE FILE="check_user_inc.asp"-->
<!--#INCLUDE FILE="config_inc.asp"-->
<% =Session("First_Name") %>&nbsp;<% =Session("Last_Name") %>:
<%
If Session("Access_Level") = "6"  Then
    Response.Write "VSPA Active Member Access Level 6"
 End If
If Session("Access_Level") = "7" Then
    Response.Write "VSPA Life Member Access Level 7"
 End If
If Session("Access_Level") = "8" Then
    Response.Write "VSPA Officer/Staff Access Level 8"
 End If
If Session("Access_Level") < "6" Then
    Response.Write "Access Level 1-6 NOT AUTHORIZED RESTRICTED AREA ACCESS"
    Response.Redirect("vspa-password-failed.asp")
End If
%><!-- http://www.vspa.com/aspprotect/vspa-password-enter.asp -->
<!-- *** End ASPProtect Code *** -->
<html>
<head>

This is a great article from my old powerasp.com site.
Connections And Server Database Permissions

you can not limit image size using the pure code upload method. Its not possible using a pure asp method that I know of.

You would have to be using one the supported commercial upload components and edit the upload code accordinly to limit upload sizes (you would do this by looking through their documentation and samples) I didnt include any support for upload file size limitations with the supported 3rd party upload components because in my testing I found it problematic with all but aspupload from persits software. (I have example coe for that component I can provide that limits the upload size and seems to do it well) I am sure it could work with safileup and dundas as well but I gave up trying.

As for image resizing..
Image resizing requires the use of one of the supported 3rd party image resizing components. You didnt mention if you are using one or not. If you dont have one available image resizing is just not possible as asp can not do that on its own.

been working on this for about 5 hours today.. I think I found the problem and it involves a vbNullChar that the encryption process is creating only during login attempts

it then messes up during ASPProtect authentication because it blows up the SQL Statement to the database

like I mentioned before the chances off this happening are slim but possible as two people so far have been able to create the situation

I seem to have the HANNAH password working now using your encrption key

I need a little bit more time to clean up the files I have been working on. Then I will give you new "check_user_inc.asp" and "check_admin_inc.asp" files to try out

Noted:
I actually did not think you did.

As far as debugging goes.. thats all built into visual studio.net.
There is a tag you edit in the web.config file to enable project debugging
http://support.cjwsoft.com/code/moreinfo251-1.htm

Like I said though for changes to ASPProtect.NET I'd start off from scratch and stick with vb.net... using the visual.studio.net interface is not really vary hard to remove and change things you dont' need even if you are a C# coder. Especially simple stuff like you mentioned.

I purchased the ASPGallery Pro last week and still cannot get it running. When I enter www.vickerylightning.com/aspgallery/dataconn_inc.asp on the screen it says "Not a valid bookmark"

Below is the connection string. My hosting company uses server map paths:

'Create database connection

'Create a connection odject
Set adoCon = Server.CreateObject("ADODB.Connection")

'Database connection info and driver
'strCon = "DRIVER={Microsoft Access Driver (*.mdb)}; DBQ=" & Server.MapPath("aspgallery_access2002.mdb")

'Alternative drivers faster than the generic access one above
'strCon = "Provider=Microsoft.Jet.OLEDB.3.51; Data Source=" & Server.MapPath("aspgallery_access97.mdb") 'This one is if you use Access 97
'strCon = "Provider=Microsoft.Jet.OLEDB.4.0; Data Source=" & Server.MapPath("aspgallery_access2000.mdb") 'This one is for Access 2000/2002
GalleryConnectionString = "Provider=Microsoft.Jet.OLEDB.4.0; Jet OLEDB:Database Password=temp; Data Source=\\NAWINFS04\home\users\web\b2623\rh.vickery2004\aspga llery\aspgallery_access2002.mdb; "
GalleryDatabaseType = "MSACCESS"

adoCon.ConnectionString = "Provider=Microsoft.Jet.OLEDB.4.0;Data Source="&Server.MapPath ("\aspgallery\aspgallery_access2002.mdb") & ";"

Definitely need some assistance!

Rhona (rookie asp) -

A question.  Does this apply to all areas of the application.  I have recently uploaded 50 photes.  But when I look at the site from the url, I have X where the picture should be.  Now, if I look at it though the localhost, I see the pictures perfectly.

its one or the other... you cant protect upload.asp at the same time if upload.asp is included in another page..

I mean sure you can protect upload.asp from running when another page calls it by password protecting the page calling it.

And sure you can protect upload.asp by itself if it also runs all by itself. But you can not include the "check_user_inc.asp" more than once in any order of execution scenario. That includes pages being included.

Generally anytime a page is included in another that included page is not meant to run by itself and wouldn't produce any outcome if run by itself so this would never be an issue.

if you don't want "upload.asp" to ever be run by itself in that scenario put it somewhere in your web site that is not web browser accessible.

I would also suggest you look into using Virtual includes. It will save you a lot of time figuring out this sort of thing "../../../../../" becuase once you figure out the virtual include path you can use the same server side include from any directory level.

http://www.powerasp.com/content/code-snippets/includes.asp

Humm, I dont see how moving to a new server could have anything to do with that.

What method of displaying the banners are you using. Perhaps try some of the other ones.

Don't use the javascript method with a javascript based ad like google.. that's for sure.

That is by design, removing and deleting are two different things as far as the classifieds system goes.

A regular user can only remove an ad from the category index. (which makes the ad inactive)

An admin however can truly delete an ad from the system.

noted.

1.) this has been explored and because of the way groups works is not feasable. Because us this I wrote code to allow you to view and sort all users for any group on the actual groups page. You pick a groups and then click the "Show Users" button

2.) noted

The company that hosts our business web site has been impossible to deal with in assisting me in getting asp protect to work. Getting the rights set correctly took 6 days and then getting parent paths enabled has been impossible. There last response was simply this:

The includes were changed so that if your server does not support "parent paths"
' and the "../" that you could easily change a few files like this and make the
' includes virtual includes instead of file includes. We didnt make them virtual
' includes by default because depending on where in your site you put the application
' the virtual include path would be different. They are also much different on a local
' development server than they would be on your real server
'
' Here are some examples of what you might change these includes to
'
' If you put the aspprotect folder in the root of your domain at your server
' example: www.mydomain.com/aspprotect
' then you would probably use
'
' #INCLUDE VIRTUAL="/aspprotect/dataconn_inc.asp"
' #INCLUDE VIRTUAL="/aspprotect/config_inc.asp"
' #INCLUDE VIRTUAL="/aspprotect/scripts/emailing_subs_inc.asp"
'
' Or if you didnt use the aspprotect folder and just put the contents of it in the root
' of your domain
' then you would probably use
'
' #INCLUDE VIRTUAL="/dataconn_inc.asp"
' #INCLUDE VIRTUAL="/config_inc.asp"
' #INCLUDE VIRTUAL="/scripts/emailing_subs_inc.asp"
'
' It really all depends on what works for your situation
' If you want more information on server side includes read this article at PowerASP
'
' http://www.powerasp.com/content/code-snippets/includes.asp

I am assuming that they will not enable parent paths and I need to modify some code. I do not know asp. WHere do I modify the code for a server that will not enable parent paths?

Thanks,

D

that's they way it should be done..

the only other thing would have been to test everything with sql before trying to import any data.. and make sure all was fine at that stage




more info on the errors would be helpful.

Id' also carefully visually compare the SQL tables and fields with the SQL scripts and make sure all field types and settings got set correctly.

Also, make sure the user accessign the database has datareader and datawriter permissions of course.

Nobody ever asked me, so i guess npegley sorted it.

The solution is indeed a single line added to your button form code ..

eg :

<input type='hidden' name='return' value='http://www.your-return-url/here.asp'>

This will overwrite any settings you have in your paypal preferences.

I posted this reply for anyone stumbling on here with the same problem. Hope it helps. :)

Dave.

More Info in Case Anyone is Interested:

This bug was mentioned by a couple people. The cause of it was never really understood until I recently re-wrote some of the banner code for an upcoming version.

The fix for this bug was very simple. It was just one of those weird situations where code should have worked but did not. I added some code to do it a bit differently and it worked as it should have..

It really still makes no sense to me why it didnt work the way it was, but at least there is a fix.

Hello,

You'll need to find a validation function to test for it.
Either server side or right in the form via client side javascript.

I dont have any experience with validating zip codes here much less UK.

Google it would be my best advice.. or maybe find some free app written in UK format and see how they did it.

Good Luck..

And if ya find anything post it here if ya like

Chris -

Long time no talk, which is a good thing.  I have purchased another product from you, ASPVendor.  I am running into an issues.

When I try and remove the image through the image manager, it does not remove it.  Screen shot attached.

2005-10-19_194248_image_upload.zip

Thanks

I've downloaded this neat little app, but I'm having troubles understanding what I should be using.  Cassinni or IIS, can you help?  I've tried to look at the help, but it is very vague on what to use in each situation. 

Any help is appreciated. 

Cheers

Chris,

When I set up a test user name it does accept name and passwords and the passwords are encrypted, no problem there.

All I want to do is to restrict access to the protected pages to the members only. Only those users will be accepted and allowed to view.

I have entered all of thier names, address, phone number, email and company in the database, which is still named ASPProtect_access2002.mdb and in the fpdb directory of wwwroot. To get it there I uploaded via FTP.  I hope I expained the situation well enough.

Whenever you are running software that can block scripts from certain things you are going to have issues like this.

I imagine many complex asp scripts you will download will do things like this as well.

A highly doubt it is anything to worry about regarding people that use your site.

ASP code delivers standard html to the browser... nothing weird goes on as far as that goes.

This system has been sold for 6 years and this is just not something to worry about. Trust me.. though you may want to tone down black ice so it doesn't give you issues as it tries to block various things.

If I were you I would do some google searches on black ice and issues with it blocking asp scripts.. etc etc

Now, if you are running black ice right on the server that a whole other story and something you as a server admin need to decide what to do about. I doubt that is the case as black ice is not probably suitable for a commercial webserver but I just thought I would throw that out there.

I cleaned up the code as you suggested, and I still can't get the images to display without the whitespace around it.

How do I download the ASP version?  I'll give it a try.

Thanks for your help,
JDooley

Thought that was already done....

Back to the drawing board...

as I look at your installation more I notice that you are using MSSQl as the database type.

chances are that is the source of these problems. Fields in the sql database are most likely not all set correctly

it is very important that the sql tables and fields are set up exactly as described and that the sql script we provide runs without error

http://support.cjwsoft.com/code/moreinfo160-1.htm

if you create the sql database other than the way we tell you to or the sql script doesn't do its job setting all the field types/constraints/primary keys/etc..... for some reason .. then weird things like this can happen

at this time this is my best guess as to what is going on

I would examing the sql script we provide and compare the information set in it for each field and table to your existing SQL database to see if everything got set correctly.. I would start by checking these fields 1st of all as they are very important.... (username,password,expiration_date,admin,active)

in the meantime testing the ASPProtect system with an Access database will prove that all the ASP code is working as it is supposed to if you are interested in doing that

I finally spoke with someone who knew what I was asking for and they set the rights and all is fine.

Thanks for your help. Wish all business' had customer support like here