(Password_Email_Confirmation_Mod) for ASPProtect Version 7.x

This will change the basic registration pages so that the email address and password entered must be confirmed when signing up. This eliminates the auto generated password during signup.

Some may prefer it working this way.

Directions:
Back up your existing ASPProtect installation.

Copy the two new files into your "users" folder

"register.asp"
"add_new_account.asp"

2005-12-01_182201_Password_Email_Confirmation_Mod.zip

If you have found out that parent paths are disabled on the web server you can still use the application.

Before you continue.

If it is your server consider enabling parent paths to solve the problem.

If it is not your server consider asking them to enable parent paths for your web site to solve the problem.

If that is not possible please download this zip file.
2005-02-20_150703_aspprotect_v7.x_alternate_include_file_pat hs.zip

This zip file contains 3 sets of alternate files depending on your situation. You simply replace your existing aspprotect v7.x files with these new ones.

The zip file contains the following folders and files.

Below is the contents of the readme.txt file which explains everything.

The following folders each have a version of all the files in the ASPProtect system that might need to be edited in case you need to change the paths for the server side include files. There are 3 different scenarios.

(parent paths enabled) - This is the way the application comes.
The files in this folder have FILE server side includes containing "../" information. While these includes will work when the applicaion in is any location of a website they will not work if parent paths are disabled on the web server. Generally you will want to use these on your xp development machine. You can of course use them on your real server if parent paths are enabled. Parent Paths are now disabled on II6 by default and some hosting company will not enable them.

(domain root)
The files in this folder have VIRTUAL server side includes in them.
These includes only work when the applicaion is installed in the root of your web domain. For example if your domain was called "www.somedomain.com" the following aspprotect files and folders would end up like this
"http://www.somedomain.com/check_user_inc.asp"
"http://www.somedomain.com/password_admin"
"http://www.somedomain.com/users"

(domain directory)
The files in this folder have VIRTUAL server side includes in them.
These includes only work when the applicaion is installed in a directory called "aspprotect" in the root of your web domain. For example if your domain was called "www.somedomain.com" the
following aspprotect files and folders would end up like this
"http://www.somedomain.com/aspprotect/check_user_inc.asp"
"http://www.somedomain.com/aspprotect/password_admin"
"http://www.somedomain.com/aspprotect/users"
You can change the name of the "aspprotect" directory but you will will have to edit the includes in the files.

Lastly, if you are on a local machine and insist on using the VIRTUAL INCLUDES you would also use the (domain directory files) even though you dont have a domain on your local machine most likely
For example if your site was installed like so.
"http://localhost/aspprotect/check_user_inc.asp"
"http://localhost/aspprotect/password_admin"
"http://localhost/aspprotect/users"

The problem was that I did not have

ConnectionString = "Driver={Microsoft Access Driver (*.mdb)}.... in the connection string.

Thank You.

Hi,

We use ASP Protect to password protect the pages in the member area ( http://www.pti.org/members.asp )

Of late Once or twice every month our whole site goes down and it gives us a "Microsoft VBScript runtime error 800a006 Overflow: Clnt //global.asa line 33 " error message (with the friendly message turned off). When we reboot the web server things are up as normal.

But this is happening too frequently and creates a bad impression.

Any suggestions on how we could prevent this would be greatly appreciated.

ConnectionString = "DBQ=C:\TradersReportsCom\aspprotect\data\database\ASPProtec t_access2002.mdb;Driver={Microsoft Access Driver (*.mdb)};UID=Admin;Password=temp"

I have already set the folder permissions as indicated in the documentation.

Have you thought about language file so users dont have to go into the code to put it in their language??

been working on this for about 5 hours today.. I think I found the problem and it involves a vbNullChar that the encryption process is creating only during login attempts

it then messes up during ASPProtect authentication because it blows up the SQL Statement to the database

like I mentioned before the chances off this happening are slim but possible as two people so far have been able to create the situation

I seem to have the HANNAH password working now using your encrption key

I need a little bit more time to clean up the files I have been working on. Then I will give you new "check_user_inc.asp" and "check_admin_inc.asp" files to try out

so you are using the subscriptions signup directory right ?
"paypal_signup2" ?

1st.. I would check that the xml parser is working.

It is required for making the post back to paypal.
It is installed on windows 2000 and 2003 and XP by default.

http://support.cjwsoft.com/forum/forum_posts.asp?TID=134& ; ; ; ; ; ;PN=1


Then I would check the actual form page to paypal to make sure it is generating a valid IPN url as a hidden form value.  It's the payment page you actually click on that actually takes you to paypal. For the subscription signup system that page is called "paypal1.asp"


You'll want to go through the process starting with the default.asp of the signup folder untill you get to that page. Then you want to look at the html source of that page in Internet Explorer. Your looking for something like this in the source code and you want to make sure it is valid.

<input type="hidden" name="notify_url" value=http://www.mysite.com/aspprotect/paypal_sub_signup/ipn.asp>

It also has to a url on the internet that paypals server can see. It can not be a local url for your machine. Also: If it is not valid we can try hard coding it.


If all of these things are good I'll have to take a look. I have some text file logging I can do when paypal hits your IPN url that can tell us if it is actually hitting that page like it is supposed to. And I can test the system for you by making some 1 cent payments using my own paypal account until we find out what is going wrong.

Sorry, I guess you did say you finally found them.
Regardless, sorry then, I tried

I dont know what else to tell ya.. except to search www.aspin.com

Perhaps you will find something you can use there.

it is by design actually and something that can be improved
(I just never thought of it when I 1st designed the system and it is actually planned to be added in Version 8)

The trick would be to reset those session variables anytime someone edits and saves their information... not very hard at all

you would do it on the save code page for when a user edits themself.
you want to grab the info posted from the form and  reset each session variable at the same time everything is re-saved to the database

example

Session("Company_Name") = Request("Company_Name")

Has any one used the aspmail function to send emails from within your site? If so what did you use as the AspMail_Host string in the connections database?

thank you

Humm, I can see all those pages loading just fine at both domains so you got me pretty confused at this point as you just said they didnt load.

regardless, the data connection tests are failing with both of them.

so let me ask you again how are you setting permissions on the database folders?

I will actually explain how to set access_levels and/or groups...

in "users/add_new_account.asp"

When I attempt to upload, it appears that the image uploads. I get a "Original Image Size 0 X 0 pixels"

they don't appear in the web pages, any thoughts? I am using VBscript to upload, my host has safileup but I am unable to use it in this script, thanks for any help

http://mcintoshcounty.org/real_estate/extras/server_info.asp

here's the site link

Never mind, had the path to the image folder screwed up 

This may be an old question ??? If it is please point me to the post or documentation where I can find the answer please.

When creating protected pages I am using the following to protect them:

<%@ LANGUAGE="VBSCRIPT" %>

<!--#INCLUDE FILE="/aspprotect/check_user_inc.asp"-->

But that is not working. I get the following error when I try to access the members logon page in the directory that I wish to add the pages to:

Active Server Pages error 'ASP 0130'

Invalid File attribute

/filelocation/filename.asp, line 3

File attribute '/aspprotect/check_user_inc.asp' cannot start with forward slash or back slash.

However if I create the pages in the root of the AspProtect directory and use a link to the same page that exists in the AspProtect directory and the following include:

<%@ LANGUAGE="VBSCRIPT" %>

<!--#INCLUDE FILE="check_user_inc.asp"-->

The pages work fine.

I really do not want to put all of my protected pages in the root of the AspProtect directory.

 I would like to mix protected and unprotected pages throughout the site in order to #1 make it easier to administer. #2 keep the AspProtect directory solely for authentication. And, #3 keep any user authentication pages out of the AspProtect directory.

TIA

[QUOTE=cwilliams]actually, passwords can be up to 75 characters long in ASPProtect.
the only requirement when entered from a non admin user is that they are at least 4 characters long.

what does MSAccess have to do with this ? Are you trying to convert and old system or something? I noticed you created and "old password" field in there ? Is there something I do not know about as far as what you are trying to do?

Passwords in version 7 are encrypted so I hope you understand all of that and realize you can not enter or change passwords right from SQL server. Also if you import info you must handle that accordingly and convert the passwords to encrypted format. [/QUOTE]

First off, I haven't imported anything from MS Access.. The only reason I mentioned it is cuz I thought initially it worked with Access and not SQL server.

I am not converting nor entering any data manually into the db, nor have I changed anything in the way the registration is made (don't know where the "Old password" has come from? thought it was a function you made?)

Hi, I have not gotten anything from you about it.

click on the PM button below and send it that way through the forums.

Thanks

Is there a way to protect other virtual sites on the server that are not under the default web site considering people may have different websites running off one server?  I get the following error:

Parser Error Message: Cannot use a leading .. to exit above the top directory.

Source Error:

Line 1: <%@ Register TagPrefix="aspprotect" TagName="checkaccess" Src="../../protectpage.ascx" %> Line 2: <aspprotect:checkaccess level="4" groups="null" runat="server"></aspprotect:checkaccess> Line 3:

Thanks!

Sorry Chris,

It didn't fix it.  Looks like I had the current code.  I bought the system in mid-April.  The version says 3-10-2005.

I do know that in the database, the password shows as " éG"  but in the error code, it shows as " éG".  The square character is missing. 

Thanks,
Mick

Edit: well heck.  It skips the square box here too.  The password in the database puts a square box in front of the éG

look in the "check_user_inc.asp" file

Thank you that did it !!

Tony,

ASPBanner.NET was discontinued about 14 months ago. It is no longer supported in any way because quite frankly the classic ASP version is faster, more stable, has more features, and is a lot easier to install and get running.

If you PM me via the forum you are welcome to a copy of the current ASP Unlimited Version. It can serve banners to any type of page extension. All you have to do is ask for a copy.

Whether or not your existing ASPBanner.NET database is exactly the same structure I do not know, but I believe it is. You should compare the two if you plan to keep using the old database and make any neccessary changes so the old database has the exact same structure as the new version. If there are any differences they are very few.

humm, did you edit any of the registration code ?
this is not something anyone has ever mentioned and the aspprotect 6 code has not been changed in over a year ?

can I see where there is happening ?
I may need ftp or frontpage access to the server in order to troubleshoot unless you can provide me with more details here.

thx..

Things have now changed I found out godaddy has persitis aspUPload and aspjpeg as value added products, I have the aspjpeg working but have been unable to upload when using aspUPload, everything works fine with the vbscript method so I think my permissions are correct. Whenever you get a chance, any help would be appreciated.

Thanks

Mark

Christopher

Many Thanks

Seems like its working just got to test it bit to see, though it wasnt going to work as I had one too many End If's after the last part of the code you done for me. But even I eventually sussed it, nothing to do with your bit just another mistake on my part

Great to get support like this especially on a Saturday

regards

John

Hi,

Could you please advise what may be causing this error:

Microsoft OLE DB Provider for ODBC Drivers error '80004005'

[Microsoft][ODBC Microsoft Access Driver]General error Unable to open registry key 'Temporary (volatile) Jet DSN for process 0x57a4 Thread 0x5474 DBC 0xf03a704 Jet'.

/ASPProtect/check_user_inc.asp, line 292

Funny thing is that if I refesh the page with the above error it gives me the following eror:

/ASPProtect/check_user_inc.asp, line 292

and after few times of refreshing the page it shows me the page I am after.

Is this my promlem or ISP's.

Thank you

It turns out that I never enabled ASP.net on the site. After doing that the skins work much better. I'll have to poke around and see what other functionality is now available.

Thanks!

Al