I'm all set - after thinking about your replies - i checked a bit more and changed the email component type -- thanks again for all your help.

We would like to use some of the variables from the user account in our web pages after they log in (something like, 'hello <user>"), but for professional printout reports using company name and user.

Could you offer some help as to what variable string we use to print that information on logged in pages?

By the way,  the program is working great!!!

it is not uncommon for folder permissions to be lost or changed on a server.. a lot of things can cause it

if it was working and now you can not edit or write new data to the database it is most likely permissions

I would triple check permissions... see my articles if there is any doubt on how permissions are set

http://support.cjwsoft.com/code/moreinfo136-1.htm

http://support.cjwsoft.com/code/moreinfo56-1.htm

Hi Chris,

Thanks for the answer. No, I am not using Paypal since these are employees and sales reps. I guess i'm on my own on this one. :)

Thanks
Sylvain

Sorry, there is no option for that.

I'll take it into consideration, but the way the banner rotation logic works would make adding such an option very complicated.

Just give it  an expiration date way into the future if you do not want an ad to expire anytime soon.

I usually just make all my ads expire in like 2020 or something like that since I don't want them to stop running either on some of my sites.

These are 4 valid examples of calling a flash movie.

The more simple examples may cause problems for people that don't have the flash plugin installed. I really do not know as I am no flash expert. All these work fine for me. Of course I have the latest flash plugin installed. Perhaps some of you can shed some light in this. The 3rd and 4rth examples are obviously only slightly different and mention different versions of flash as far as downloading the plugin goes.

<EMBED src=" http://www.aspbanner.com/test/aspbanner/images/banners/power asp.swf" WIDTH="468" HEIGHT="60">

<object width="120" height="22">
<param name="movie" value=" http://www.aspbanner.com/test/aspbanner/images/banners/power asp.swf">
<embed src=" http://www.aspbanner.com/test/aspbanner/images/banners/power asp.swf" width="468" height="60">
</embed>
</object>

<OBJECT classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase=" http://download.macromedia.com/pub/shockwave/cabs/flash/swfl ash.cab#version=6,0,40,0"WIDTH="468 " HEIGHT="60" id="myMovieName">
<PARAM NAME=movie VALUE=" http://www.aspbanner.com/test/aspbanner/images/banners/power asp.swf">
<PARAM NAME=quality VALUE=high>
<PARAM NAME=bgcolor VALUE=#FFFFFF>
<EMBED src=" http://www.aspbanner.com/test/aspbanner/images/banners/power asp.swf" quality=high bgcolor=#FFFFFF WIDTH="468" HEIGHT="60" NAME="mybannername" ALIGN="" TYPE="application/x-shockwave-flash" PLUGINSPAGE="http://www.macromedia.com/go/getflashplayer">
</EMBED>
</OBJECT>

<OBJECT classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase=" http://active.macromedia.com/flash2/cabs/swflash.cab#version =4,0,0,0" ID=banner WIDTH="468" HEIGHT="60">
 <PARAM NAME=movie VALUE=" http://www.aspbanner.com/test/aspbanner/images/banners/power asp.swf">
 <PARAM NAME=quality VALUE=high>
 <PARAM NAME=bgcolor VALUE=#FFFFFF>
 <embed src=" http://www.aspbanner.com/test/aspbanner/images/banners/power asp.swf" quality="high" bgcolor="#3CBDCD" WIDTH="468" HEIGHT="60" TYPE="application/x-shockwave-flash" PLUGINSPAGE=" http://www.macromedia.com/shockwave/download/index.cgi?P1_Pr od_Version=ShockwaveFlash">
</OBJECT>

Help!.. I need to export the username and password fields to a mail merged letter so everyone knows their username and passwords. However whenever i access the database or do an export. The passwords showup as encrypted. Is there a way to access the list, un encrypted?

thanks

Hello,

I need to see if this is possible. I want to create a browsing system such that, the user selects a Province from a drop down list on the main page. Based the selection, the username of all the users in that province will be shown. Then the user can click on a specific username and his/her portfolio (photo album) will be displayed.

is this possible? If so, How can I do this, please help.

Thanks

Sean

ummm.. ok.. Then this doesnt make sense.  On two out of the three machines I have in house here, the images do not show up.  They only show up on the server machine.  I am using the constant url on all three machines.  www.rfamilystuff.com  Does it show up on your?

It's probably something I could do for you as a custom project if you are interesting in paying to have that work done, but it is probably not something that will be added to this version of aspbanner as it is in my opinion a feature more suited for a more expensive software package.

It is also difficult to get ASP code to do things on it's own. Scheduling something to run on the server or some other clever scenario is necessary and that usually means it would be unique to each persons setup.

http://www.cjwsoft.com/custom_work.asp

Banners no longer show up on my site ?

If banners were working fine and now they are just not showing up.
1st check to see that you are calling a valid zone with live banners in it.
If you are then most likely this it what hapened.

The web server must have crashed or lost power and now the application variables are in limbo/not working.

I have seen this happen 3 times. Twice on my own server when the power went out for 2 hours and once on a customers server.

Basically the application variable system gets all messed up because it was not shut down properlly.

The ways to possibly cure it are as follows.

Edit and save a banner in the system. Hopefully that gets things going again.
If not... keep reading for the more drastic cures..


Go to the command prompt on the server and type "iisreset"
Sometimes that is enough.

Reboot the server.
Sometimes that is enough.

Stop the web in the IIS console.
Sometimes that is enough.

Stop the individual processes for each web in iis
"you must really know what you doing and be very careful about doing this"

Remove and recreate new applications in IIS for the web in question.


And sometimes it just takes a combination of the things listed above and a few reboots. I don't know the best way to cure it but I do know why it happens and the steps listed above can get things back on track.

Again, this is because the server lost power or crashed as far as I know.
It was not allowed to shut down properly which sometimes happens.

You'll know things are ok again when you see your banners show up on your site.

In a way your questions are confusing to me, but here is some information regardless.



Using Active Sever pages you can not protect entire folders. It is simply not possible. ASPProtect is Active Server Pages scripts so it can only protect individual ".asp" files.


If you are concerned about customers downloading the access database..

best practive is to store it in different folder name than it came in
best practive is to give the database .mdb file itself a different name
best practive is to change the password on the access database
best practice is to store it in a directory that is not part of your web if possible.. many of the better hosting companies have it set up so you actually can do that

the more of these things you can do the better..

And if you are really worried about security you should use a SQL Server database which nobody can download from your website under any conditions because your data lives in the sql server and unless they get the username/password to it they can not access it.

More info on the groups session variable.

Session("Groups") will contain the ID numbers of whatever groups the user is a part of.
It does not store the descriptive name of that group. It will show the same data that is actually stored in the "Groups" field in the database.

for example it might hold a value like this

*2*,*5*,*9*

meaning a user is part of groups 2, 5, and 9

so if you wanted to check to see if a user was part of a particular group you would do something like this

<%
If InStr(Session("Groups"),"*9*") Then
     Response.Write("You are a member of group 9")
End If
%>


Taking this even further, if you really wanted to get a particular group's name or description you would have to query the database like so. In this case we ask it the name and description for group 9.

 Group_ID=9
 Set ConnPasswords = Server.CreateObject("ADODB.Connection")
 ConnPasswords.Open ConnectionString
 Set cmdTemp = Server.CreateObject("ADODB.Command")
 Set CmdEditGroup = Server.CreateObject("ADODB.Recordset")
 cmdTemp.CommandText = "SELECT " & tbl_label_groups & ".* FROM " & tbl_label_groups & " WHERE (Group_ID = " & Group_ID & ")"
 cmdTemp.CommandType = 1
 Set cmdTemp.ActiveConnection = ConnPasswords
 CmdEditGroup.Open cmdTemp, , 0, 1
  
 Group_Name = CmdEditGroup("Group_Name")
 Group_Desc = CmdEditGroup("Group_Desc")

Christopher
We are actually having a lot of problems with this software.

Apart from the above problem of the email not being in the database as details above we also do not get any reply emails from any forms, the mass email button does not appear and the forgotten password does not send emails either.

We have CDONTS Version: 2.80 Installed as the email system, this is operational on the server. I have tested this with server_info.asp to check.

I can email you direct any other information you may need.

Regards

Hi,

I basically explained how I thought that might work here where I went over everything I could think of and suggested you download the free version and see if you could get it working
http://support.cjwsoft.com/code/moreinfo488-1.htm

The part about using the alternate scenario involving querystring info from a url.

I have never done anything like that and that is why I told you what I knew and suggested you try it with the free version...

IMPORTANT UPDATE - READ THIS
http://support.cjwsoft.com/forum/forum_posts.asp?TID=205& ; ; ; ; ; ; ; ; ; ; ;PN=1

The 2Checkout Support Pack which is built in to ASPProtect 7 contains all the pre-built scripts you need to implement 2Checkout Payments with ASPProtect. You must be using version 2 of the 2checkout system. They are phasing out version 1 regardless so everyone will be using version 2 very soon if they are not already.

THIS IS NOT INTENDED OR DESIGNED TO USE 2CHECKOUT SUBSCRIPTIONS. (see bottom of this thread for more info on that)

This Support Pack basically gives you an additional signup and registration directory "2checkout_signup" and it should not interfere with any changes or customizations you have made to your ASPProtect setup in general. New users can register in this directory and pay for membership at the same time. Existing users whether active or expired can be sent to this directory where they can lookup their account and buy additional membership time online. You can also assign various Access and Group Levels during signup and you can set up various prices for various amounts of time as well. This is a real-time setup for the most part. As soon as a user pays via 2Checkout your system is updated and they will have access.

The 2checkout pack is NEW.. and was released on March 19, 2005. If you don't have it and would like it please just ask.

To start using this edit the "2checkout_signup/2checkout_config_inc.asp" file

You will be entering your 2Checkout Account number in that file as well as the URL you want a user to go to after payment. It is all commented in that file. (There is also a testing variable you can set to True if you want to do testing without real charges being applied)

After editing that file run this page.

http://www.mysite.com/2checkout_signup/show_postback_path.asp

Replacing the part in blue with your website info.

It will report back that postback url you need to use in the 2checkout system.

Log into your 2checkout version 2 account and under the "look & feel section" enter that postback url for both the "Approved URL" and the  "Pending URL"

Trust me: You want the URL there for a pending URL because the 2Checkout system is quite random and 95% of the payments that come in go to the pending URL and end up being legitimate sales. (at least for me they do)

Now make sure the Direct Return option on that page is on as well. 

If set to Yes buyers will be immediately directed to your URLs below once they click the Complete Order button. If set to No the buyers will have to click a button to return to your URLs below.

Save that page... and leave 2checkout.

Now, delete this page from your ASPProtect setup.
http://www.mysite.com/2checkout_signup/show_postback_path.asp

It's a minor security risk and is no longer needed needed.

The basic setup is finished. All you have to now is set up payments options the way you want them.


Changing Payment Options

In the "2checkout1.asp" file there are form options set up.

They look like this and you can have as many as you like.

<option selected value="30,9.95,3,">30 Days, 9.95</option>

In this option... A user has the option to purchase 30 days for $9.95 and he will be set to Access Level 3 when payment in completed.

Here is how it works.

The value setting (red) is essentially and array that can be made up 4 elements separated by comma's
They must be separated by a comma and there can be no spaces. In this example the 4th value was not used but the last comma must still be there. If you didn't want to set an access level and left out the "3" there would 2 commas at the end.  etc etc
Basically there must always be 3 commas but you only have to set the 1st 2 values which are days and price.

days,price,access level,groups

The 1st value is the amount of days.
The 2nd value is the price for the amount of days.
The 3rd value is the access level you want to user assigned to.
The 4th option is the groups you want the user assigned to. (see PayPal subscription thread for examples of specifying group info)

Now, the label for the option in (blue) can say whatever you like.

ASPProtect v7.x runs on Microsoft IIS servers only.
That means Windows XP Pro, Windows 2000 server and Windows 2003 server. The web server must have ASP support enabled and support Data Connections. 99% of them do as it's a pretty normal thing, but you should ask and make sure your hosting plan supports it.


Before you even start please read this thread and do what it says.
If any errors show up it is important you see the real error instead of a useless HTTP 500 internal server error.
http://support.cjwsoft.com/forum/forum_posts.asp?TID=11& PN=1

Once doing that make sure to use Internet Explorer as you follow along with these directions.

Now, unzip your installation zip file that you downloaded from CJWSoft.
Use a program like winzip and be sure you have it set up to unzip the directories as well. You can also use windows xp's built in folder compression tools to unzip the archive.

When you unzip the application you should have all of the following folders and files. (more or less, it depends on the version)

Now, you can copy all of these files into the root of your website or if you like you can make a folder called "aspprotect" and put all of these folders and files in that folder. Either way it really does not matter.

Now, contact your web hosting company and instruct them that you need permissions set on the data folder that you copied into your website. This folder and all of its child folders need modify permissions set on it for the anonymous webserver account. It is very important that they set the permissions correctly and on all the child folders as well.

Here are some threads on exactly how these permissions are set.
If you run your own server or are developing locally you can do this yourself. If not most likely you need to put in a request to your hosting company as you CAN NOT set these permissions via Frontpage or FTP.

Windows 2003 Server and permissions
http://support.cjwsoft.com/forum/forum_posts.asp?TID=136& ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ;PN=1

Windows XP Pro and permissions
http://support.cjwsoft.com/forum/forum_posts.asp?TID=56& PN=1

Once permissions are set.. run this page via your web browser

http://www.mysite.com/data/setup_info.asp

Replacing the part in blue with your website info.

When this page is run it will report back a screen like so:



Now, take the connection string info it shows you.
Edit the "dataconn_inc.asp" file in the root of the ASPProtect system and use that data connection information. It should be valid for the server.

If you are using MSSQL server instead of Access please see the SQL database creation directions as you will need to create the MSSQL database and use a special connection string for that.
http://support.cjwsoft.com/forum/forum_posts.asp?TID=160& ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ;PN=1

Now, take the CookieEncryptionKey and PasswordEncryptionKey info that it gives you and enter it into the "config_inc.asp" file in the root of the ASPProtect system. These will be the unique keys that your encryption will be based off of.

Ok...

The files have been copied to your website, the permissions are set on the data folder, and the database connection is ready.

Now.. run this page

http://www.mysite.com/password_admin/get_me_in.asp

Replacing the part in blue with your website info.

This is a special page we use to get into the system for the 1st time.

If you get a nasty error when you run that page similar to this.

Error Type:
Active Server Pages, ASP 0131 (0x80004005)
The Include file '../dataconn_inc.asp' cannot contain '..' to indicate the parent directory.

Then parent paths are disabled on the webserver and you need to do an extra step to deal with that. Follow this link.
http://support.cjwsoft.com/forum/forum_posts.asp?TID=162& ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ;PN=1&TPN=1

If you get any other variery of "80004005" error then there is a problem with your data connection.
http://support.cjwsoft.com/forum/forum_posts.asp?TID=27& PN=1

Those errors are usualy related to database folder permissions or an imcorrect physical path to the database file specified though they can mean a lot of things.


Once you get the page running you will see a login prompt and one form field

You will need to paste the "PasswordEncryptionKey" value that you used in the "config_inc.asp" file in the form field and hit enter.

If all goes well you will see the admin area of ASPProtect.

Now that you are in the system you need to create an admin account.

Click on "ADD NEW USER".. fill out the info and add a user.
You really only need to fill out (first name,last name,email,username,and password)

Now save that user.

You should see a new user listed in the admin area. Click on Edit user to the left of the new account. On the edit screen check the "admin" checkbox and save the user.

You just created an Admin account.

Now click on the "log off" button on the top menu and click yes to log off.

Now close the browser. Then run this URL

http://www.mysite.com/password_admin/default.asp

Replacing the part in blue with your website info.

You should now be able to in to the admin area of the system using the new admin account you created.

You are now ready to go to the settings page so click on the settings tab in the menu. There are a lot of options and paths that need to be set on this page. Every setting is described in detail on this page. You need to go through the page and set things up properly. Anytime the page asks for a path to a url or file the page will auto generate what should be the path to use. (expected path) If your server has parent paths disabled a few of those auto generated paths will not show up. If that is the case run this url from your server and it should tell you the paths to use for those settings.

http://www.mysite.com/data/expected_paths.asp

Replacing the part in blue with your website info.

Once your all done and the system seems to be running fine you should go back and delete the following pages as they are no longer needed and pose a potential security risk.

http://www.mysite.com/data/setup_info.asp
http://www.mysite.com/data/expected_paths.asp
http://www.mysite.com/password_admin/get_me_in.asp

You should back up the original zip archive you got from CJWSoft in case you ever need those files again.

VERY IMPORTANT: The user passwords from now on will be encrypted using the "PasswordEncryptionKey" you specified in the "config_inc.asp" file.

If you ever change that key all of your passwords will be invalid and you can not get them back unless you know the key and put it back, so plan on never changing that key unless you really know what your doing and know how to decrypt/re-encrypt the passwords using a new key. (something we do not cover at the moment but probably will when we have time to make a tutorial) 

can add photo album but after i upload a pic, nothing shows.

where do i look to research why pics aren't showing in the albums

I did all that you sugessted and all failed, you  said "I did a sign up.. your verify URL is not saved/set in the application variables. is this somthing I can change manually?  below are the steps I performed......

1 - made sure the web is it's own application in IIS

2 - Reset IIS in command promt

3 - Restarted the server, the only thing is I have not waited perhaps long enough for it to kick in. but it should have with the restart.

I am running windows 2003 on the front end with wondows 2003 and Exchange 2003 on the back end, is there anything else that may be causing this issure?

Thank you!

Matt...

nope ,sql server has nothing to do with this

I am talking about the folder pictures are stored in.. it needs modify permissions set for the internet guest account like those articles talk about

Hi,

We use ASP Protect 6.0 and the database is SQL Server. Our hosting company is charging a lot for daily and weekly backups for everything. Which directories/folders do we need to backup daily and weekly incase something happenes to the site and we need to restore and get the password-protected are that works with ASP Protect to get working.

UPDATE

Version 8.1 has code generators for these new methods built in...

this issue has been resolved.. see following thread

http://support.cjwsoft.com/code/moreinfo316-1.htm

right..

I had to open up the permissions to get it to work.  I now have to go back and uncheck each one for directory listing.. :)

Really, only you or your hosting company would know that information...

It is usally installed in the "_database" folder but the physical path including the drive letter  to that can only be known by asking your hosting company or by using server mappath to learn the path on you own.
http://www.powerasp.com/content/hintstips/physical-path.asp

That folder also needs special permissions. The permissions it needs are covered in the documentation for the software and generally only your hosting compnay can set those permissions.

The online support forums here are full of information and resources on correctly setting up data connections. It is ASP 101 and something you really need to have an understanding of.

I am happy to answer questions and try to help, but if you dont want to deal with it or can't we do offer installation services.

http://www.cjwsoft.com/installation_service.asp

well, I was curious myself so I just tried it.

Good news is it worked just as I thought.

Only problem is your changing things to allow authentication info to be passed over the net in a url. If you can live with the security implications then it will work. I mean a sniffer could see that and end up knowing the username and password.. not likely but just putting that out there.

Of course now that I think about it unless you are running under SSL (https://) when you log in normally that info is in the post info anyway and possible to get at.. course not right out in the open like when you put it in the url and less likely to be noticed.

As long as your not doing it to access critical areas like the admin pages... and you monitor the log files once in a while it's probably nothing to worry about.

Upgrade from V6 to v7.x with an MSSQL SERVER DATABASE

1st of all, backup your existing ASPProtect files and database before performing this upgrade. Please be really careful while performing this upgrade. Version 7.x  is a highly advanced application compared to any previous versions. CJWSoft under no circumstances is responsible if you lose information or have website downtime.

BOTTOM LINE: (PERFORM THIS UPGRADE AT YOUR OWN RISK)

To do this upgrade you're going to need to have SQL Enterprise Manager and SQL Query Analyzer

That being said, on with the upgrade..

Open your SQL database in SQL Enterprise Manager

Regarding the following Tables

Rename "Users" to "ASPP_Users"
Rename "Groups" to "ASPP_Groups"

If you do not have a "Groups" table do not worry about it right now.

Now right click and DELETE the Config Table.
Yes, delete it..

Now, go into Design View for the "ASPP_Users" Table.

Rename the "Password" field to "Old_Password"
Be sure to spell it perfectly using the Underscore

If you have a "Groups" Field... leave it alone
If you do not have a "Groups" Field add one and make it a "nvarchar" field with a lengh of 255.

Now, we are going to add a few more new fields.

Add a field called "Redirection_URL" make it a "nvarchar" field with a lengh of 150.
Add a field called "PayPal_Subscriber_ID" make it a "nvarchar" field with a lengh of 100.
Add a field called "Newsletter" and make it a "bit" field
Add a field called "Password" and make it a "nvarchar" field with a lengh of 100.

Now close that window and save the changes..

Download these scripts.
2005-02-23_171110_aspprotect_v7_sql_upgrade_scripts.zip

Now open up SQL Query Analyzer
Connect to your SQL server.

Then load the script  "aspprotect_v7_config_table.sql" into the Query Analyzer.  Click the green play button at the top. If everything goes well the response should read something like this.

******************************************************
(1 row(s) affected)
******************************************************

Now, if you had a Groups Table your done with the database changes.

If you didnt have a groups table.

Then load the script  "aspprotect_v7_groups_table.sql" into the Query Analyzer.  Click the green play button at the top.

Now, go back to your database in Enterprise Manager and make sure all 3 tables are there and look ok. You might need to do a refresh or two to see them.

Now make sure an existing or new SQL user has (public / datareader / datawriter) permissions for all three tables. You reference this user in the asp code connection string so this user must be set up correctly. You may need your SQL server admins or hosting company to help you on this step as you may not have access to do this. You may not need to create a user and set permissions as the sql user you were logged in as to use query analyzer may by default get the correct permissions on anything you create.

Regardless, as you can see from this screenshot I have a SQL user called "aspprotectuser" and proceeded to set the permissions for that user. Under database access giving him (public,datareader, and datewriter permissions).


Now, you are done upgrading your SQL Server Database.

The existing passwords still have to be encrytped and moved from the "Old_Password" to the "Password" field

To that we have a special page we run in the application that will take care of that.

So, for now... go install the application, but using the database we just created.
Follow these instructions for the most part...
http://support.cjwsoft.com/forum/forum_posts.asp?TID=181& ; ;PN=1

When you get to the part where you finally get into the admin area and need to make an admin account you will notice that your existing user database is there but none of the users have passwords if you look at them in the edit screen.

That is normal. Simply do what the instructions say and create and admin account using a username that does not exist..

Then log off... then back in as that new admin account. If that works you are ready to convert the passwords.

This part is very easy.

You want to run a special page via the browser.

http://www.mysite.com/password_admin/convert_to_encrypted.asp

Replacing the part in blue with your website info.

Once you get the page running you will see a login prompt and one form field just like before with the "get_me_in.asp" page

You will need to paste the "PasswordEncryptionKey" value that you used in the "config_inc.asp" file in the form field and hit enter.

If all goes well you will see a page telling you to click here to encrypt the passwords and copy them over.

So do what it says... dont click more than once and wait.

Eventually it should say it is finished. So go log in to the admin area of the system using the new admin account.

Now edit some users but dont save... you want to see if the passwords are showing up. If they are the conversion worked. If you see nothing or a garbled mess it did not work and you made a mistake during this whole process.

If things went well backup and delete the conversion file below.

http://www.mysite.com/password_admin/convert_to_encrypted.asp

You do not need it anymore.

Once you are positive every thing is running smoothly and everyone's passwords are ok you can go in and delete the "Old_Password" field as well.



If things didnt go well.. try again from scratch and go slowly.
If they still dont go well get ahold of us for help.

We are here to help, but if you really want us to we can be hired to do the conversion.