Blog Entry: 3/25/2006 4:44:13 PM
Your users with Internet Explorer may have received the "Page Expired" error. For ASPProtect users, it happens when the user is not logged on and tries to invoke the target page. check_user_inc.asp puts up the login form, and IE sees it as part of the target page. Any later attempt to Back up and reload from cache gives the errror.
My solution was, after successful login, instead of falling through the bottom of check_user_inc.asp and running the target page, I issue a re-direct to reload the target page. I also added META tags on the dynamic login form to say no-cache and expire now, so the re-direct really does reload the target page. This time, of course, check_user_inc.asp does not need to put up the login form, and the new target page in cache contains no form at all. So, IE will not give a Page Expired error when Backing up to it later.
Netscape, and I gather other browsers, do not behave the same way, so I limited the solution to IE. Also, the solution only works if the target page has no form of its own.
I'm uploading my customized version of check_user_inc.asp that contains this solution. (In it, I also used the Javascript focus method to place the "cursor" in the Username field when the login form loads.)
2004-11-22_050940_check_user_inc.zip
cwilliams38313.494537037, Gotcha.
Can you set an expiration date on a subscription?
Thanks,
Jess
,
The file check_user_inc.asp as the lines: (which include Session("groups")
Here we set some valus about the user into session variables
Session("PasswordAccess") = "Yes"
Session("Access_Level") = CmdCheckUser("Access_Level")
Session("Admin") = CmdCheckUser("Admin")
Session("Active") = CmdCheckUser("Active")
Session("Expiration_Date") = Expiration_Date
Session("User_ID") = CmdCheckUser("User_ID")
Session("Groups") = CmdCheckUser("Groups")
Session("Redirection_URL") = CmdCheckUser("Redirection_URL")
Session("Password") = RC4(CmdCheckUser("Password"), PasswordEncryptionKey)
Session("Username") = CmdCheckUser("Username")
, The default database password is "temp"
This is noted in the docs. You can also see the current password by looking at your connection string.
cwilliams38176.7913888889, 1st of all when I look at the site I see a lot of non US characters and I can see the regional settings of the site are foreign.
ASPClassifieds in only intended to run under US and Canadian regional settings as stated on the site.
Thus the BIG notice on the purchase page.
http://www.aspclassifieds.com/purchase.asp
It won't run right like that for a lot of reasons and it is not supported like that as that notice says.
The categories showing 0 is just one of the problems you will have.
If I help you fix this it will just lead to 4 more issues right after.
If you would like support with the classifieds application you need to run it on a server with US or Canadian regional settings like the site says. , The links to view that info are on the main users screen of the admin area.
Down below...
They wont show up unless you have that stuff enabled in the settings screen as well.
, It turns out that I never enabled ASP.net on the site. After doing that the skins work much better. I'll have to poke around and see what other functionality is now available.
Thanks!
Al
, how you connecting... lets see the connection string...
could be permissions related too.. if they are not set correctly
(always give them to the folder, never just the mdb file)
Some of this might help...
http://support.cjwsoft.com/code/moreinfo11-1.htm
http://support.cjwsoft.com/code/moreinfo136-1.htm
http://support.cjwsoft.com/code/moreinfo56-1.htm
you may want to download some of the different versions of the access database from the support area and try connecting to them as you may have older odbc drivers on the server
You may also want to try to get ASPTest from our website working before you go any further
, Ok, I started the database tables from scratch. I did everything using sql enterprise manager and query analizer..
Same thing happens... certain passwords just do not work.
So I did a lot of testing and I have come to the conclusion that this has something to do with the regional settings of that SQL server.
Here is an example.. see the screenshot below.
Username "admin" password "petepetepete"
The top query done in Enterprise Manager is valid and shows the user.
The bottom query is also valid but it does not show the user.
And that is exactly what is happening from the ASP codes point of view.
Now, this means that even though that encrypted password is getting saved to the databse correctly this particular SQL server just cant deal with it from a QUERY.
It works fine on two different SQL servers that I have. It's just got to be something regional related like unicode characters not being dealt with correctly or something odd like that.
I tried changing the collation data for the "Password" field type on that SQL server and it looks right. I don't know what else to do but it is something about that SQL server. There may be a way to change the regional setting through the connection string but I cant find any articles on that right now.
One solution I have for you to get this working there is to eliminate the encryption factor then I dont think you will have these issues.
It's either that or find another SQL server with US type settings or use MSAccess. ASPProtect runs nearly as fast on Access as long as you do not have over 10,000 users or whatever. The system hardly ever accesses the database so it performance under MSAccess is always good.
Let me know what you want to do. I can shows you how to eliminate the encrypytion factor if you want to try that. I think if I make you a custom version of the RC4 function you can just replace that and then the system will use plain passwords.
Your call..
, ASPProtect v7.x has a new feature called groups.
Groups are meant as a replacement for using the access levels as they are much more powerful. Support for pages protected using access levels is left in tact for backward compatiability for a customer that was using them.
A customer recently told me groups could not be used like access levels and that 8 access levels was not enough. This is how I explained that groups can do everything access levels can do.
Groups can honestly do everything access levels can do if you really think about it.
Using groups and protecting pages accordingly you could actually create a system that basically worked identically to the way the access levels works.
For example..
You make 8 groups and assign users to them accordingly
Protection code on page allows access to groups 1-8
The aspprotect system generates this code for you…
<% GROUPACCESS = "1,2,3,4,5,6,7,8" %>
<!--#INCLUDE FILE="check_user_inc.asp"-->
In this case a user assigned to any one of those groups would have access..
Protection code on page allows access to groups 2-8
The aspprotect system generates this code for you…
<% GROUPACCESS = "2,3,4,5,6,7,8" %>
<!--#INCLUDE FILE="check_user_inc.asp"-->
In this case a user assigned to any group between 2-8 would have access..
Protection code on page allows access to groups 3-8
The aspprotect system generates this code for you…
<% GROUPACCESS = "3,4,5,6,7,8" %>
<!--#INCLUDE FILE="check_user_inc.asp"-->
In this case a user assigned to any group between 3-8 would have access..
and so on... I think you should get the picture by now
, OK, I figured out the problem. Not running ASP becasue the pages are not saved as ASP but rather HTM... OK so I am smart like a tractor but strong like an ox.
cwilliams38229.9128819444, I guess i am not being clear as to what i am trying to do. As far as the event thing... lets hold off on that for now. It seems Chris has answered my question and i am on my own for that one...
As far as the log in goes: I went to that site you mentioned;www.CafePress.com to see if they had what i was talking about. and they do. Notice on the bottom of the page it says "sign in to your account"
I want that option on my home page where users can sign in to go to their account. It will either take them to a page where they can update their info, or it will take them to a protected page. Pretty much instead of posting a link on the site to say... click here to go to members.aspx and have it return an "access denied" the user can enter their info from the main page and be automatically re-directed to that members.aspx page.
I know how the viewstate works and i also know what that returnURL thing does..pretty self-explanitory.
Hopefully that makes things easier. I just want a user to log in from the homepage and be redirected to either a protected page or their account page...
(as does that cafepress website)
, I am using cdont to send email. what do i have to do send email to other display my full name instead of email address. In other word I want to see first name last name in their email client instead of email address.
thanks for your help
, Chris,
Another question on V7. I set up all the paths as required for the extras like user pics and exports on my site. They were working fine. I created an export, then as you recommend, deleted the file on the site to ensure it doesn't get in the wrong hands. I did this a few times to test it after a number of people logged in.
About 2 days later, I went to do it again and the system came back with an error saying the directory didn't exist. I know it did because I created it and it worked fine. I then created the directory again thinking I was losing it.
Then today, I went to do another export and the directory is gone again! Can you help me understand why this might be happening? I am the only one with FTP access to the site so there is no way that it could be someone else doing it. The error I get is:
Microsoft VBScript runtime error '800a004c'
Path not found
/password_admin/export.asp, line 78
Thanks,
Dave
, I downloaded the skins, ftp'd them to the skins folder and can see them in the list of available skins. No matter which one I try to apply it keeps solid_color_black.
Al
, This is great FREE SQL Server Web Data Administrator App from Microsoft..
http://www.microsoft.com/downloads/details.aspx?FamilyID=C03 9A798-C57A-419E-ACBC-2A332CB7F959&displaylang=en
It is an ASP.NET web application that you install locally on your development server and then use to connect to a SQL database whether remote or local.
It can do nearly everything enterprise manager can do.
I have tested it and it works great for me.
cwilliams38325.7453587963, Thank you for the response to my question. In the mean time if I can figure any workaround I will post it here.
, ya it should have uploaded that no problem...
what about something blocking the use of the filesystem object and causing these timeouts ?
Your not running anything like Norton Script Blocker are you ?
Its part of Norton Antivirus or Internet Security and causes all sorts of problems with ASP when it is running on a server. Especailly when using the filesystem object to deal with text files and when uploading via pure asp.
It could be the cause of the all these problems or something like it ?
It will cause a timeout like your getting and give no real reason why.
More info on that.
http://www.aspfaq.com/show.asp?id=2180, thats actually just the xml parser component barfing out on you.. it can't handle the load of being called so much on that server
you might want to try some of the other methods of calling banners, Does emailing work under the simplest scenario ? (directly from the users screen)
Thats the way to test it..
All that error means is whatever reason the settings you have chosen are not working. It could be the server. It could be what you chosen. (and yes I realize your pop info from outlook should probably work with the settings you chose)
Whenever I do installs I often have to try 3-5 different emailing scenarios before I come across one that works.
Each time making some changes and sending out test emails from the users screen until I get somewhere. Often time getting a working example of how your Hosting Company wants you to send email from ASP is the info to get your hands on. (what method and settings)
In this case they may have blocked the usee of a remote server and want you to use some other settings for sending email from asp. A lot of times they put that info in their help system.
If I were you I would start by trying the other two CDOSYS options for starters, and then try the remote server option again but using "localhost" as the server, if none of those work consult your host for example code and settings to send email from asp. If you still have no luck I can help for sure.
Realize too when testing the emails may take a bit to arrive. A delay of sorts. Best to type in a quick note about which method you are trying in the email text. That way when you finally get one delivered you'll know which method worked.
, Now, we can connect to the MySQL database with ASPBanner using the following connection string if we like.
"driver={MySQL ODBC 3.51 Driver};server=localhost;port=3306;uid=root;pwd=temp;databas e=aspbanner;option=16386"
But we really do not want to connect to the aspbanner MySQL database using the "root" account
So, lets make an account to use..
In MySQL Administrator select "User Administration"
Down below you will see the user "root"
Right click on "root" and select "Add new user"
Type in a New MySQL Username and Password
I am going to call my new user "aspbanneruser"
Hit the Schema Privileges" tab
In this case since I am using the root account to manage my MySQL system I am just going to give this new user account what it needs to use the aspbanner database.. you may want to apply more permissions to the new account, that is up to you.. I am giving the new user (select, insert, update, delete, execute) So I right click on the aspbanner and then bring over the permissions I need for it.. and hit apply changes down in the bottom right.
We can now connect to the aspbanner MySQL database using this new account like so.
"driver={MySQL ODBC 3.51 Driver};server=localhost;port=3306;uid=aspbanneruser;pwd=tem p;databas e=aspbanner;option=16386"
------------------------------------------------------------ -----
article still in the process of being written (3/14/06)
, http://support.cjwsoft.com/code/moreinfo286-2.htm
http://support.cjwsoft.com/code/moreinfo391-1.htm
http://support.cjwsoft.com/code/moreinfo385-1.htm
, I just finished implementing the V7 product on our site and someone made mention that on the profile form where you are asked all your personal and user information there are 2 fields for passwords. The first field uses masking to hide the password as you type it, where the second shows it in clear text.
Now we know that the only people able to see the password are the user and the administrator, but it is playing mind games with my users as they think there is a problem with the application. I am not a programmer (however, learning ASP slowly now!) and am not sure if you did this on purpose or if it is a bug?
If it was done on purpose, can you advise how I can make the confirm password field masked as well to eliminate the unfounded questions!
Thanks
, yes, PM me the encryption and cookie keys if you don't mind.
I can add it to my combinations that cause trouble.
it might help me to figure this problem out.
, I finally spoke with someone who knew what I was asking for and they set the rights and all is fine.
Thanks for your help. Wish all business' had customer support like here
,
I encountered a problem that I haven't been able to solve.
I'm trying to get .pdf files to byte serve (page-by-page load in the browser)
but unable to do so. I've narrowed it down to stream download file where it
creates the header object. I haven't made any success with the changes I've
tried. Any help would be very nice.
This maybe useful:
http://msdn.microsoft.com/library/default.asp?url=/library/e n-us/act/htm/actml_ref_href.asp
, I have added two users in different group access but none of them can login to the pages
, I noticed that is grabbing the wrong URL for some reason. Even when i mouse over the URL its somehow getting the users sub directory. How.. i dont know... when i erase that users in the url it works perfectly.
I am looking at the code in the .vb file and i dont see anything that could be causing it to do that... but then again i am no programmer LOL
Its obviously kicking in that users subdirectory somehow... what are your thoughts?
, You can not edit that code with dreamweaver. It will re-arrange the asp and kill it.
If you want to change the look of the login html you have to edit the html by hand in a text editor.
Or create what you want on a blank page using your editor of choice and carefully use parts of that in the ASPProtect code.
In version 7 the login screen is one asp page by itself and is much easier to edit with just about any editor. In version 6 you have to know your html and be careful.
Either way I am not sure templates are a good idea for something like that. That sort of thing tends to cause problems with dynamic code that executes under different directory levels. You want to stick to regular html techniques. , I do not have any programming knowledge and have what might be a simple question.
I am having a hard time getting my hosting company to modify the rights on the data folder. They state they support ASP and access databases however this is the response I got when I requested the modify permissions set for the internet guest account:
Were the rights changed on the data folder?
Just having the database with members does not protect the page. You need to add the appropriate code to every page you want to restrict access to.
This issue came up once before and when I investigated I could find no error in the html that aspprotect generates and those files do exist where they are supposed to. We concluded it was a parsing error from the log file system.
There just really isn't anything I can do about it. I spent a week trying to figure it out. It is just the log parser screwing up under certain circumstances where there is no reason anything is wrong. They have trouble dealing with some of the complex URL/querystrings that the ASPProtect admin area uses. They think there is a 404 eror when there isn't... etc etc
, the readme.txt file with the sql directions tells you this if you use that script
------------------------------------------------------
Examples of using DSN-LESS connections.
The "SERVER" and "Data Source" settings are either the Network Name for the SQL Server or the IP Address.
For local servers you can also use an IP of "127.0.0.1"
GalleryConnectionString = "Driver={SQL Server};UID=aspphotogalleryuser;password=temp;DATABASE=aspph otogallery;SERVER=127.0.0.1"
GalleryConnectionString = "Provider=sqloledb;Data Source=127.0.0.1;Initial Catalog=aspphotogallery;User Id=aspphotogalleryuser;Password=temp;"
------------------------------------------------------
Is it actually possible, with your product, to password-protect the folder that has the actual database without having to require customers browsing the listings to enter a password, or will password-protecting the database folder prevent customers from browsing the classifeds listings?
, Ok I used the following for the sql string.. is this correct?
SELECT COUNT(Album_ID) AS Alb_Count FROM " & tbl_label_albums & " WHERE (User_ID = " & CmdListUsers("User_ID") & " AND Album_Active = '-1'" & ")"
, If you have an album with more than 96 pictures, the spacing in the tables can become incorrect, with pictures touching each other. (This program is not designed to handle more than 96 pictures due to server speed, but it can handle more than 96 with minor changes to the code.) Also, after 96 pictures, the pictures will not have 6 on a line, but rather 6 on a line up to 96 pictures and then the rest of the pictures on one line next to each other extending to the right of the screen endlessly. To fix this, I simply edited the ASP code using the following loop. It can be a perminent fix, because I used the maxpicsperalbum variable to define the spacing.
<% If PicIndex = 6 or PicIndex = 12 or PicIndex = 18 or PicIndex = 24 or PicIndex = 30 or PicIndex = 36 or PicIndex = 42 or PicIndex = 48 or PicIndex = 54 or PicIndex = 60 or PicIndex = 66 or PicIndex = 72 or PicIndex = 78 or PicIndex = 84 or PicIndex = 90 or PicIndex = 96 Then %>
</tr>
<tr>
<% End If %>
This code can be found in scripts/view_album_style*STYLE NUMBER*_inc.asp . (STYLE NUMBER depending on which style you are using (found in config file))
This change in code will enter a new table row after each 6th picture. You can have more or less than 6 pictures per line depending on the width of your files and preference by changing changing the number 5 in this line of code: SixInterval = SixInterval + 5
