Blog Entry: 3/25/2006 4:44:40 PM
to finalize this thread.... turns out I was correct and this person was not unzipping the zip file correctly. , You cant do it from initial lohin, but you can do it from the time of registration signup.
http://support.cjwsoft.com/code/moreinfo170-1.htm
As for the emailing thing it is most likely an email sending issue more than a code problem. For example spam filters incorrectly grabiing those emails or something of that nature..
Best thing to do is try different things for emailing options until you get something that works. I suggest using CDOSYS with a real email server and using a valid email account for yourself at that email domain. SMTP authentication if necessary. This will ensure the emails sent have valid MX records and dont get treated as spam.
,
Yeah, its working great witht he Access database. Now I just need to get it all set up. I like how the config file is set up with all the comments, it really helped allieviate the 40k thumbnails,
.
One quick question though, and I haven't looked through all the code yet... Is there a quick way to have pic_window.asp open full screen by default? I just want to minimize having to either scroll through, or maximize, the screen
Thanks!!!
- Jason
, ok, I moved this thread..
The code in the ASP application handles all encryption and un-encrpytion of passwords in the database. I uses the vbscript RC4 function and the password encryption key specific to your installation to do this.
The whole idea is that if someone gets your database and opens it up that they will not get the passwords (utilitiies to crack access databases are common and work well so they can easily get by the main password)
That being said when you open the database manually your not supposed to see clear text passwords. Your also not supposed to have an easy way to make them clear text. It's a security thing.
Though I am not officially supporting it I will tell you what I think would be the easisest way to make an export file with clear text passwords in it.
Use the export fire creator in the admin area of aspprotect.
Mosdify "export.asp"
change
Password = CmdDataExport("Password")
to
Password = RC4(CmdDataExport("Password"), PasswordEncryptionKey)
Then make an export file and see if that worked.
you can then import the export file into and access database or do whatever you like with it.
, I am having difficulties importing new Users.
I have exported the existing list and then copied in the additional users and save the file as text (tab delimited) in Exel.
When I go to import the file (browse then upload) I get the following error:
Microsoft VBScript compilation error '800a03f9'
Expected 'Then'
/aspprotect/password_admin/upload_post.asp, line 6
If Session("Admin") <> "True"
If I upload the text file by FTP and then try to import it it only tends to import the first two existing rows.
All collumns match but not sure if I need to add "User_ID". I have added it and created consequecutive numbers.
Any assistance would be appreciated.
Thanks
, I have seen that happen before though it usually just happens once and then after that it doesn;t show up. It's the asphttp component doing it. The ASPBanner system is not doing it. I would try using banner calling method such as the xml parser method. It's usually installed by default on 200 and 2003 servers.
cwilliams38248.6400115741, [QUOTE=cwilliams]actually, passwords can be up to 75 characters long in ASPProtect.
the only requirement when entered from a non admin user is that they are at least 4 characters long.
what does MSAccess have to do with this ? Are you trying to convert and old system or something? I noticed you created and "old password" field in there ? Is there something I do not know about as far as what you are trying to do?
Passwords in version 7 are encrypted so I hope you understand all of that and realize you can not enter or change passwords right from SQL server. Also if you import info you must handle that accordingly and convert the passwords to encrypted format. [/QUOTE]
First off, I haven't imported anything from MS Access.. The only reason I mentioned it is cuz I thought initially it worked with Access and not SQL server.
I am not converting nor entering any data manually into the db, nor have I changed anything in the way the registration is made (don't know where the "Old password" has come from? thought it was a function you made?)
, I checked the SQL table and had 1 banner with no zone ID. I added it in
directly through the SQL interface and now it seems to be ok., This first one may be an obvious one, but is it only .asp files that I can protect as in no HTML files.
Can the program be set to protect my whole https directory contents (though the answer to the last question may have bearing here - there are html files as well as .asp in there) as in http://secure.mydomain.com
Thanks in advance
, You should email me and I can give you a copy of the original application., can add photo album but after i upload a pic, nothing shows.
where do i look to research why pics aren't showing in the albums
, This server is sitting in my den on a DSL circuit, so I don't have a hosting company. The install for Windows 2000 server is with default settings for all components installed.
I am not sure what you are referring to when you say:
"Does emailing work under the simplest scenario ? (directly from the users screen"
What user screen?
What settings are you referring to that I may have chosen?
, I uploaded the files designed for an aspprotect folder at the root of my site (mysite.com/aspprotect) and went to mysite.com/password_admin/get_me_in.asp and receive this error:
Microsoft OLE DB Provider for ODBC Drivers error '80004005'
[Microsoft][ODBC Microsoft Access Driver]General error Unable to open registry key 'Temporary (volatile) Jet DSN for process 0xf54 Thread 0x908 DBC 0x90c41dc Jet'.
/aspprotect/scripts/populate_config_variables_inc.asp, line 11
I am assuming my host has still not set rights properly and that is why I receive this error. Am I correct?
I will definitely recommend hosting company you suggested for our businees site.
, Will do!
, no, but in the standard version it probably will not run so great with more than 75 or so.
The unlimited version can handle pretty much whatever., Hello,
You'll need to find a validation function to test for it.
Either server side or right in the form via client side javascript.
I dont have any experience with validating zip codes here much less UK.
Google it would be my best advice.. or maybe find some free app written in UK format and see how they did it.
Good Luck..
And if ya find anything post it here if ya like
cwilliams38381.5607638889, Thats what I needed. Thank you!, Installed latest verison Doesn't seem to have corrected problem. Still with same message. I wonder if deleting this user and putting him back in might help. I have not however tried any other user names and passwords.
, I downloaded the skins, ftp'd them to the skins folder and can see them in the list of available skins. No matter which one I try to apply it keeps solid_color_black.
Al
, "I can login for the first time."
when you say that what exactly does that mean, because in this version you do not just log in for the 1st time.
What I am saying is there are steps where you run a special page to intially get into the system, then you setup a new user, then you make them an admin, and then you can log in as them.
You left all of that out of your story...
I really need all details in order to help.. is this an upgrade or a new install, etc etc etc
I would also advise very carefully comparing the fields in your sql database to the sql creation scripts to make sure all the field settings are correct.
Lastly, please tell me what name/email you ordered the product under so I can check your purchase.
Thanks, The problem was that I did not have
ConnectionString = "Driver={Microsoft Access Driver (*.mdb)}.... in the connection string.
Thank You.
, UPDATE... on very very busy sites these methods have been reported to fail once in a while.. meaning .NET gets overloaded and instead of a banner its shows some error code.
its not the banner system .. its the .net engine and the calling method
cwilliams38326.8618865741, No can do. In both cases there is an icon that says "Not uploaded". I click in it and nothing happens. There is no link to upload. Am I missing something?
By the way, I appreciate and am impressed with your rapid response. Thanks.
, I use the group feature and would like to know if it is possible to change or delete members from a group in bulk. For example if I have 200 users registered for group 1 and 3 how could I delete all members from group 3 in one pass rather than editing 200 individual members?, Our home page is not showing up gives this error:
Active Server Pages error 'ASP 0126'
Include file not found
/Default.asp, line 246
The include file 'elib/articles/home_feature1.asp' was not found.
, No rush, I have it out on the internet, but have not gone live with the site yet.
Thanks for responding,
Enjoy your well deserved break
, If you are developing using Windows XP Pro and running the NTFS file system setting proper permissions on a folder in your website requires that you 1st disable simple file sharing.
To do so open up "my computer". At the top open up "tools/folder options"
Then the "view" tab.
Then at the bottom uncheck "use simple file sharing"
After that that is done... using "my computer" browse to the folder in your web that you need to set permissions on.
Right click on that folder and then choose the "security" tab.
(If simple file sharing is on that tab wont be there)
Give the "Internet Guest Account" Modify Permissions
This will check all the boxes under modify as well.
You can also give permissions to the everyone account and accomplish the same thing.
BTW:
If you are using ASP.NET you need to give permissions to an account called ASPNET. It wont show up in the user list. You'll need to click "add" and then type in "ASPNET"
cwilliams38203.582337963, It's seems to work fine after renaming the file, rebuilding the application, and editing the web.config file to point to login.aspx. It looks like I can use your fine product and thanks again for the help. It was unusually easy. Merry Christmas…
, If I also password protect the pricelist pages then someone will have to login twice.
nobody should have to log in twice... ?
session variables keep track of access... once your in - your in and you can browse to and from any password protected pages you like
If it is making you log in each time then cookies are most likely disabled.. session variables requires cookies being on to work.. cookies being on is a requirement of aspprotect and is how Formed Based Authentication works..
let me know if that is the issue there...
you shouldnt have to be logging in more than once per session
Thats the whole point of the application...
, "do you know a way around the BinaryRead problem with ASPProtect?"
Let me rephrase:
Do you know a way in which ASPProtect can be modified to get around the BinaryRead problem?
Thanks,
Michelle
, Christopher
Thanks for a speedy reply. This is what I have used most recently...
ListingsConnectionString = "DSN=longreach;UID=lradmin;PWD=skipper;"
DatabaseType = "SQL"
but that throws an error of:
[Microsoft][ODBC Driver Manager] Data source name not found and no default driver specified
I have private messaged you my SQL server IP address. I am a fast learner with ASP (I think!) but some things really catch me out!
, I'm using version 6 upgrade and recently some of the users complained that their passwords are no longer working. I was able to replicate the problem as I also experienced the same thing with my account.
Once I reset the password thru e-mail (Forgotten your password?), I am able to login but it fails later. This is weird as I have an identical copy of the code running flawlessly 
on my test server.
The only change which I made to the original downloadable code is by adding password encryption using Base 64 encryption.
Any ideas what might be the problem 
, Hi,
I basically explained how I thought that might work here where I went over everything I could think of and suggested you download the free version and see if you could get it working
http://support.cjwsoft.com/code/moreinfo488-1.htm
The part about using the alternate scenario involving querystring info from a url.
I have never done anything like that and that is why I told you what I knew and suggested you try it with the free version...
, What application you talking about ? I'll assume ASPProtect. In the future please specify what application you are talking about.
ASPProtect 7 already has protection that is quite effective. The no concurrent login feature which will not let the same username under a different ip log in at the same time. Meaning if someone gives out their info they will screw themslves over because eventually they won't be able to log in. Only one unique ip at a time can log in so even of 100 people know the info it won't really do anyone much good except the lucky one that logged in 1st and stayed logged in. The username/password will eventually become more and more useless as more and people know it.
In addition to that is is a good idea to monitor the daily logs and single out a user you see logging in a lot. The more ips you see for that user the more chance it is multiple people logging in and you should take action. , Access Database Password
By default all of the Access Databases we give out have a default password of "temp"
The Default username that and Access database uses is "Admin" but you should not be concerned with that except in your connection strings.
The default password for the Access Database can only be changed using Microsoft Access to do so. If you have security concerns it would make sense to change the password. The help system built into Microsoft Access best explains how to do that.
cwilliams38403.6820833333, ok.
sorry then..
I just had a series of fraudulant orders this past week including today and the whole thing has me on edge. (foreign people getting my code for free and doing who knows what with it) When you mentioned calling the cc company it pushed all the right buttons.
Merry Christmas, Making progress. I have made the appropriate settings and now I have the option to upload. When I upload, I get the following message:
"Your upload did not succeed, most likely because your browser does not support Upload via this mechanism.
Your browser must support a standard called RFC 1867. Please check with your browser vendor for support of this standard"
I am using IE6 XP SP2. I also am using DUNDAS UPLOAD, ASPIMAGE.
I think I set permissions correctly bot not positive. I have given all auth to everyone for the database etc.
, it is not uncommon for folder permissions to be lost or changed on a server.. a lot of things can cause it
if it was working and now you can not edit or write new data to the database it is most likely permissions
I would triple check permissions... see my articles if there is any doubt on how permissions are set
http://support.cjwsoft.com/code/moreinfo136-1.htm
http://support.cjwsoft.com/code/moreinfo56-1.htm
, Thanks very much for the quick reply.
That sets my mind at ease 
I was just worried if users would see warnings in their firewall software too.
I realize that the admin would have to have to go through some errors...
And since we are throwing things in here... Definately, if you have your own server you need a Hardware Firewall and a Managed one at that. The internet can be pretty dangerous for business if you don't.
Plus, I agree Black Ice although in it's heyday a few years ago was considered great. It is not suitable for todays standards alone even for the normal user (But, it is required by the company I work with for VPN. I think it's stupid too using old technology. I have 2 more firewalls setup besides that just so that I do have some security. And, that's just for my PC)...
Thanks
, Thank you for the response to my question. In the mean time if I can figure any workaround I will post it here.
,
Timecard Entry: 3/25/2006 4:44:40 PM
Working on Grater and the router at the Clatyon office, CLEC Review, syracuse to Alex bay with a stop in watertown to pickup some stuff, from 3 till 7 it was bizzy, Completed customer's computer, took 2 calls, vacummed and wiped up, emptied baskets, all downstairs outside doors locked and secured., manager meeting., lunch, enter remining web billings for July, make correcting entries for July, more tech calls and more radlogs and that is basically it, more posting, same as above, read asp book, E-Mail, Voice-Mail, packing up, etc., emails , wwnytv.net/72k - archive sytem and search local news archives completed. Date display error fixed. Tested. (trade), Checking out and installing the ISP easy for demoing for Jim G., also reviewing www.boardtown.com Platypus billing software, Chris Williams circuit troublehooting w/ Verizon on the phone., Setup email for cubpro.com, Worked on E Business Solutions Ad, got set up on the exchange server, Finishing up monthly reports, RMA'D incorrected T-1 Adtrans back to Manufacturer. , teched phone calls and we were having so trouble with 0100 numbers given718 errors, Administrative (emails and organize)
, Team Meeting, to North Lawrence, Working on imput sheet changes that Bob Nelson and I discussed last Friday., Review WAN JObs, Migrate SimmonsCompany to iMail, email/voice mail,
