in Control_pic.asp is there way to wrap the description field so that it doesn't go outside the table.

Thanks

Just to put an end to this thread here is the solution for anyone reading.

The permissions were ok.

The data connection string never got edited in the "dataconn_inc.asp" file so it was invalid the whole time.

Once that was corrected the application ran.

So really this whole thread was over not following the directions and not editing the data connection string... 

The redirection at 1st login feature is supposed to work like I explain in this thread.

http://support.cjwsoft.com/code/moreinfo385-1.htm

Though what you just said is a bit confusing it sounds like you have some sort of browser problem and it is doing the redirect every single time. ?

I would suggest reseting all your browser settings to normal and making sure cookies are enabled because forms based authentication uses session variables and cookies must be enabled for session variables to work correctly. If not something like this could happen as the redirection at 1st login would happen over and over every time.

So try it on other computers and try with firefox as well as IE. Many people go nuts with their browser settings and way too much stuff blocked which can cuse all sorts of issues. Also some script blocking and firewall software can cause problems so disable all of that when testing.

You may also have created some sort of endless loop. (I really need to know way more information on what you did to know that for sure)

You may also want to consider doing your redirects manually meaning you protect a a page and right after the protection you use regular ASP redirect statements to redirect the user whevever you like based on their session info which is available to easily check immediatly after someone gets through the authentication.

I still stand behind my statements that redirection is not good site design. You really really need to understand and plan your ASP pages as well as have a very good understanding of the session and how all of that works if you use redirection with a password authentication scenario. You should never be redirecting someone to an ".htm" pages except during testing because you wont be able to stop users who are not supposed to go there from going there directly.

I am trying to set up ASP protect 6 and have a problem that when a new user registers their email is not transferred to the database.

I can see the rest of their entries both in the database and in the admin/edit form but not the email.

Any ideas?

Need to clarify something..

Your talking about the page where a new user registers right ?
Your not talking about adding a new user from the admin area ?

Either way under no circumstances do I see anything like you are saying happening nor has any other ASPProtect user ever mentioned this probem.

I am going to need to see your site and see this happening. It just makes no sense the way you are describing it.

Also. did you edit the registration page code in any way. If so please revert back to an original copy to ensure this is not some sort of problem introduced by editing the code.

Hi. Chris.  I'm not a programmer of any sorts, so I am not comfortable plugging in the changes you suggested and not knowing for sure if it will "break something somewhere else".  If the programmer tells me "you have been warned", its a pretty good sign its a no win situation. If you don't know, theres no way i can know.

I saw in the code where you mentioned the changes. I don't see where it mentions the last name is required either, but the bottom line is it does require it it the actual new user form.

Thanks anyway Chris. I'll figure something out.

-john

How do I change the character length for the description field?

Hi Chris

Unfortunately the bl**dy server was down and unavailable for 17 hrs so I couldnt even get to see what the settings were!

It is on, the relevant users appear to have all rights for the data/tempstats folder.

I'm guessing you're going to suggest turning it off and see if the problem still appears.

Colin

Hi there,

Just bought ASPProtect 7.0 last week and just got around to installing it. I've gotten through the installation and am now trying to test the (Forgot Password) functionality.

I get the following error when I type in the e-mail (or in some cases the username) and Post the form. 

Error was [11004] Valid name, no data record of requested type

I know that the add user functionality is pointing to the correct database (I see the additional rows via SQL Enterprise Manager) and that the e-mail address I am looking for is in the SQL database. 

Any ideas? Any other information you need?

Thanks,
Toni

Ohhh...

I was thinking it worked like this; A user goes to that page and logs in.. and from there they can then browse the site and do what they want..

So in order for it to work i need to edit a page say... members.aspx (i assume it needs to be an asp.net page) and in the header put that protect code and when a user accesses it, it will prompt them for their un and pw and then if correct will allow them to view the page... and likewise if they are still logged in will be able to use the page?

If that is how to works as i mentioned above thats great...

I understand the redirect principle...but say i have a log in box on the main page... you know like most pages have a user log in on the left hand side... i wanted to do that. But i cant obviously protect the main home page or else normal users will not be able to view it without logging in or registering

Got it working.    Had purchased a long time ago and forgot about needing to run the userreg.exe.  All is well and thanks for the follow up.

Lance

when you get back to work.. your   "redirect.asp" needs the password include file at the top of it.. or that wont work either..

and of course those pages you send people to all need to be repaired

not really, aside from looking in paypal and manually adding each one for each user...

how many users are we talking about anyway ?

and were any of the users new sign ups from scratch because if they were and that field didnt get populated that is weird?

ultimately aspprotect does not use that field. I was just storing it for the sake of storing it... so its not a big deal but I would still like to figure out what is going on

removing the expiration dates from paypal subscripbers will be enough to fix the issue your having about them getting the expiration notifications

The random password is generated during signup and the function that creates it is located on this page of code.

users/register.asp

it looks like this

Function RndStr(Length, UseChrs)
 If IsNull(UseChrs) OR (UseChrs = "") Then UseChrs = "0123456789abcdefghijklmnopqrstuvwxyz!@#$%^&*()_+=-"
 NewStr = ""
 Randomize(CByte(Left(Right(Time(),5),2)))
 For gpIndex = 1 To Length
  NewStr = NewStr & Mid(UseChrs, Int((Len(UseChrs)) * Rnd + 1), 1)
 Next
 RndStr = NewStr
End Function

For example go to this page and hit refresh and watch the password change.

http://www.aspprotect.com/demo2/users/register.asp

Yes, sometimes if you hit refresh quickly over and over you'll get the same password, but not generally. Also that is not something that would happen normally as a user isnt going to sit at that screen and hit refresh over and over.

Anyway... when signing up the new user of course has the option to change that password to something they would like better...

As far as... "selecting the same user name and password every time"

I need more information. That does not make sense for a lot of reasons.

Most importantly because usernames are not generated. The are inputed by the user during signup. They are then checked to ensure they do not already exist before the user is allowed to complete their signup.

So under normal circumstances there can never be duplicate usernames in the system or even users with duplicate emails as that is checked as well.

Now of course if you edited the code in any way it is possible all this is not working correctly ?

The problem with that is when a user deletes an album, the album record does not get deleted from the DB, so counting all the records would return the accurate result. :(

Any hints?

I did not make a mistake.. what I typed is what I meant to say. I think maybe you are taking it the opposite way as I explained it.

Regardless,

What you want to do... logging them in under https and then having them continue though the site under http is not possible.

It doesn't work that. way. As far as the webserver is concerned https is a totally different site than http and each have their own unique set of application and session variables.

In a sense no different than www.somesite.com is different then somesite.com (each has their own unique set of application and session variables as well).

Now, because of the nature of Forms Based Authentication session varibles created under one will not carry over to the over and thus no password access if you switch over from a secure url to a non secure url.

If you want them logging in under SSL you need to keep them under SSL.

That is not to say there is some ultra complex scenario to mimic the session variables on the non secure side of things (possible with a complex http post to a non secure page from the scure page telling it what variables to create and set), but doing so means a ton of work and also has security concerns of its own.

Nov 2005

Yes worked fine

thanks

I'll try to help when I get back tues night,, see the contact page for info on where I am .
http://www.cjwsoft.com/contact/default.asp?Subject=CJWSoft+G eneral+Inquiry

Good Morning, any suggestions on how to best "fake out the system" -- I would like to try to keep this clean so I can see the real errors?

My thought was to try to just move those .gif files to the directory that it thinks it should be in -- do you have any better suggestions? Or reasons why I really wouldnt want to do that?

Hi Chris,

We installed our key onto the live server.

However, since our temp key has expired, we can't access our application on our development machine because the login won't work anywhere except on the live server.

Of course we can access the application on dev, if we remove the aspprotect tags, but if we need to log in to do something unique to the user, then we have a problem.

Can we get another temp key from you? And would there be a better long term solution to this debug/maintanence issue?

--JP

Nobody ever asked me, so i guess npegley sorted it.

The solution is indeed a single line added to your button form code ..

eg :

<input type='hidden' name='return' value='http://www.your-return-url/here.asp'>

This will overwrite any settings you have in your paypal preferences.

I posted this reply for anyone stumbling on here with the same problem. Hope it helps. :)

Dave.

Chris, if there is no way to change this, I understand. I just though maybe it might be possible and I can't find out if i don't ask.

Thanks Chris.

Let me know.

-john

Ya, you must have tried to upgrade from a really really old version like you said which wouldnt really work out because those instructions are specifically for upgrading a version 6 database to version 7.

That line error you had was looking for the User_ID field and I bet the version you had was so old that you didnt have a field named that as a few years ago the field "ID" got renamed to "User_ID"

As for all the cool stuff... yup there is a lot of cool stuff in this version... glad ya like it so far

I Dont know... it shouldnt do anything like that.

if it ever asks to download a aspx or asp page its generally a server configuration issue not related to the actual code

provided you arent trying to grab the injectbanner page through an iframe call which is only for use with the javascript method of calling banners

How can I make so it goes to certain webpages if user enters valid username and password??

I suppose user enters its information on check_user_inc.asp page, and username and password are stored on SQL database.

Thanks

Same here.  Thinking it might be server load or the bandwidth to the server.

Thanks for checking!
Lance

Thank you so so much! I went to the admin area and changed the email component from CDOSYS (using remote server) to CDOSYS (using port 25 forwarding) and all is working great now!

Again, thanks!

ERROR [HY000] [Microsoft][ODBC Microsoft Access Driver] Operation must use an updateable query.

Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

Exception Details: Microsoft.Data.Odbc.OdbcException: ERROR [HY000] [Microsoft][ODBC Microsoft Access Driver] Operation must use an updateable query.

Source Error:

An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.

Stack Trace:

[OdbcException: ERROR [HY000] [Microsoft][ODBC Microsoft Access Driver] Operation must use an updateable query.] Microsoft.Data.Odbc.OdbcConnection.HandleError(IntPtr hHandle, SQL_HANDLE hType, RETCODE retcode) +27 Microsoft.Data.Odbc.OdbcCommand.ExecuteReaderObject(CommandB ehavior behavior, String method) +838 Microsoft.Data.Odbc.OdbcCommand.ExecuteNonQuery() +80 aspprotectnet.aspprotectlogin.Login_Click(Object sender, EventArgs e) +2284 System.Web.UI.WebControls.Button.OnClick(EventArgs e) +108 System.Web.UI.WebControls.Button.System.Web.UI.IPostBackEven tHandler.RaisePostBackEvent(String eventArgument) +57 System.Web.UI.Page.RaisePostBackEvent(IPostBackEventHandler sourceControl, String eventArgument) +18 System.Web.UI.Page.RaisePostBackEvent(NameValueCollection postData) +33 System.Web.UI.Page.ProcessRequestMain() +1292

Version Information: Microsoft .NET Framework Version:1.1.4322.2300; ASP.NET Version:1.1.4322.2300

I am getting this error message when trying to log in as admin or registering a new user. I am using Windows Server 2003 and it is a DOMAIN CONTROLLER.

I have read that there is NO ASPNET account for a domain controller. In its place is the IIS_WPG account. I have given this account and the IUSR account FULL CONTROL.

STILL GETTING AN ERROR. ANY SUGGESTIONS???