Blog Entry: 3/25/2006 4:51:09 PM
This is what "John Evans" of CJWSoft has to say on the matter...
"I think that’s pretty much impossible. If the server sees a .JPG or .JPEG extension why in the world would it go and try to read it or do anything with it.
I believe there may have been some issues with Outlook and Outlook express that made it look like a vbs script sent as an attachment was actually a JPG because someone found an exploit in those programs and it would appear as if double extension files were one thing when in fact they were not.
Having a real time virus scanner on the server (which any good host will) should also catch anything infected being built on the server drives as the file uploads. Always worked for me and I had a lot of people uploading ZIP files on winxptheme.com at one point. Many had viruses in them although I suspect it was totally innocent on the end users part. Some people didn’t even know they had a virus on their rig.
Fact is anything is possible but I think chances of getting a virus or being hacked in some way from this sort of upload are really slim."
cwilliams38447.0602083333, You can also try setting asphttp's user agent property to some browser version like in this example. It might stop that info from showing up when it fetches a page from the server.
<%
Dim BanObj1Http
Set BanObj1Http = Server.CreateObject("AspHTTP.Conn")
BanObj1Http.UserAgent = "Mozilla Compatible (MS IE 3.01 WinNT)"
BanObj1Http.Url = " http://banserver.powerasp.com/aspbanner/aspbanner_inc.asp?Ba nnerZone=1"
Response.Write BanObj1Http.GetURL
set BanObj1Http = nothing
%>
Also... I dont know if these values below will work but I got them from looking at my nt logs.
Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)
Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)
And here is more info on the asphttp component and it's settings.
http://www.serverobjects.com/comp/asphttp3.htm cwilliams38248.6481365741,
sure and thats probably what you should do... that pure asp upload thing must not be able to handle the size of your import file... another thing which can very .. also some versions of IIS require registry changes to upload bigger files via asp code alone , Is there an easy way to make this work with reoccurring a monthly or yearly subscription? , Thanks for the quick reply!
I was thinking it was an ASP config/install issue.
I usually deal with Linux/PHP, so this is all new to me :) , (Password Expiration Mod) for ASPProtect Version 7.x
This Advanced Mod requires decent knowledge of Databases and working with ASP. I originally wrote something like this for a customer on a custom project. I then took the time to re-write all the code from scratch so it could easily be plugged in to the current version of ASPProtect as an option. All in all this mod took me over 15 hours of time to develop and will save you a ton of time & money if you were planning on writing something like this on your own. Some parts of this were so difficult to get working that I would never have written this code if I was not paid to do so. (The encrypted array that rotates through the last 12 passwords was quite frustrating to get working)
The price on this is 19.95. I am not incorporating this into the base product because it makes things more complicated and isn't for everyone.
Purchase Page
Security is a big concern and making your users change their password every so often is a good idea. Keeping track of previous passwords they used and making them choose something they haven't used before takes the concept even further.
This Mod will add a password expiration date to the application. When the password expiration date is hit the user must confirm their old password as well as pick a new one before they can log in again.
There is a new password expiration directory where they must choose a new password that has not been used before. The new password must be confirmed during this process. (It remembers 12 old passwords the way it is coded) The old passwords are stored in the database in an encrypted array.
Directions:
Back up your existing ASPProtect installation.
Add two new fields to the "ASPP_Users" table in your database.
For an MSAccess Database
Password_Expiration_Date (Date_Time Field)
PreviousPasswords (Memo Field)
For a MSSQL Database
Password_Expiration_Date (smalldatetime)
PreviousPasswords (nvarchar 160 characters)
once that is done
Copy all the new ".asp" pages into your site.
Edit the "PasswordExpirationURL" variable in the "check_user_inc.asp" file
It needs to be the full URL to to the "change_password/default.asp" file
Now edit the "change_password/processchange.asp" file
There are 3 variables you can edit.
PageSentToAfter = "http://localhost/aspprotectmods/password_admin/default.asp"
PassMinLength = 4
PassMaxLength = 8
The "PageSentToAfter" is where you want them sent to after they change the password. It can be whatever you like.
If it is a protected page they should automatically get logged in with the new password they just changed to which is nice.
The other two values should be obvious.
That's it...
Just remember the password change thing is not used in the admin area...
You could easily add code for that on your own though by looking at the the password expiration code I added to the publics "check_user_inc.asp" file
Also:
You will see a new field to edit on the user edit screen for the Password Expiration of course. , Still not ready... I have no time to finsih it at the moment..
release date is unknown...
, You really can not do something like that. You can not use client side code to change a server side session variable.
To make changes server side a form must be submitted or a link clicked on to another page. Then you can do whatever you like but you cant have an onlci event update a session variable like that.
Though I am not sure of exactly what you are trying to do I think you'll need to go about things a little differently.
, check permissions for the user you are connecting to the SQL database.
http://support.cjwsoft.com/code/moreinfo122-1.htm
That user may not have permission to make new data
Also, check all field and table settings manually by comparing them to the SQL creation script we provide. You may very well be missing auto increment and primary keys which would make adding new data not work.
It is most likely one of those two things. , Chris:
Quick question. I'm currently using navigation style 1 which
keeps everything within the 1 window. I'd like to take the text
descriptions and place them under the main photo when it is
displayed. Before i modify anything, I'd like to check if I'm in
the right neighborhood first. It looks like I need to:
- modify the behaviour of the 'onmouseover' function in the file 'view_album_style_1.asp'
- add in a few lines of code to take
FixStr(UserArray1(PicIndex - 1),"PrepareForJavaScript"), put it into a
text string and do a response.write under (or over) the photo in
question.
Question Part 2 -- if i wanted to use the first line of the description as a title could I:
- add in an input to the photo upload
- concatenate the 2 strings together (title and description)
- display the title under the thumbs
- bold the display of the title over the large version of the image.
Pretty complicated questions, but I'm coming along nicely (IMHO). Have a look at
http://www.iphotosite.com/galleryapp/default.asp
I really like the progress that I've been able to make with this app without really spending a huge amount of time.
Kurt
, Hi there, I am not exactly what you mean when you say "moved some of the include files to user"
are you saying you are moving files around ? I am not sure what you mean there.
but.. the parent path issue is described in detail here
http://support.cjwsoft.com/code/moreinfo5-1.htm
Having is enabled is actually a requirment of the photo gallery application as stated on the web site
http://www.aspphotogallery.com/aspgallery_pro.asp
You can certainly still use the apllication but as that article says you will need to change any file includes to virtual includes so they will work with parent paths disabled
, when you get back to work.. your "redirect.asp" needs the password include file at the top of it.. or that wont work either..
and of course those pages you send people to all need to be repaired , Can ASPClassifieds display the ads by city?
I have a web directory that lists websites and companies by city. Is it possible to have specific ads shown to the user depending on what city they click on? For example, only ads in New York would be shown to users that have already clicked on that city in my directory.
thanks, , ok, I just sent you a private message with download information.
replace you existing
"check_user_inc.asp"
"admin/check_admin_inc.asp"
"admin/email_user.asp"
with the new versions in the download
Do some testing to make sure that HANNAH password works ok for you.
Hopefully this cures the issue...
If it works ok for you for a while I will offer the fixes to everyone and start using this code from now on
BTW:
"admin/email_user.asp" had an unrelated bug in it that only happened if its error handling got triggered... it was posting back to the wrong page when that happened and causing an error , ok, How to set a new users expiration date.
You'll need to edit the "users/add_new_account.asp" with a text editor.
Find this section..
<%
CmdAddUser.Fields("ValidateEmailCode") = ValidateEmailCode
CmdAddUser.Fields("Access_Level") = "4"
' PUT YOUR CODE HERE
CmdAdduser.Update
ID = CmdAdduser("ID")
CmdAdduser.Close
Set CmdAdduser = Nothing
ConnPasswords.Close
Set ConnPasswords = Nothing
%>
You'll want to add code like this right between the Acccess_Level and Updates section
CmdAddUser.Fields("Expiration_Date") = Date + 60
That will give take todays date and add 60 days to it.
You can of course do whatever you want here.
Actually, any database value for the user can be set during registration.
You can also change the default Access_Level to whatever you like.
cwilliams38088.4986689815, Upgrade from V6 to v7.x with an MSSQL SERVER DATABASE
1st of all, backup your existing ASPProtect files and database before performing this upgrade. Please be really careful while performing this upgrade. Version 7.x is a highly advanced application compared to any previous versions. CJWSoft under no circumstances is responsible if you lose information or have website downtime.
BOTTOM LINE: (PERFORM THIS UPGRADE AT YOUR OWN RISK)
To do this upgrade you're going to need to have SQL Enterprise Manager and SQL Query Analyzer
That being said, on with the upgrade..
Open your SQL database in SQL Enterprise Manager
Regarding the following Tables
Rename "Users" to "ASPP_Users"
Rename "Groups" to "ASPP_Groups"
If you do not have a "Groups" table do not worry about it right now.
Now right click and DELETE the Config Table.
Yes, delete it..
Now, go into Design View for the "ASPP_Users" Table.
Rename the "Password" field to "Old_Password"
Be sure to spell it perfectly using the Underscore
If you have a "Groups" Field... leave it alone
If you do not have a "Groups" Field add one and make it a "nvarchar" field with a lengh of 255.
Now, we are going to add a few more new fields.
Add a field called "Redirection_URL" make it a "nvarchar" field with a lengh of 150.
Add a field called "PayPal_Subscriber_ID" make it a "nvarchar" field with a lengh of 100.
Add a field called "Newsletter" and make it a "bit" field
Add a field called "Password" and make it a "nvarchar" field with a lengh of 100.
Now close that window and save the changes..
Download these scripts.
2005-02-23_171110_aspprotect_v7_sql_upgrade_scripts.zip
Now open up SQL Query Analyzer
Connect to your SQL server.
Then load the script "aspprotect_v7_config_table.sql" into the Query Analyzer. Click the green play button at the top. If everything goes well the response should read something like this.
******************************************************
(1 row(s) affected)
******************************************************
Now, if you had a Groups Table your done with the database changes.
If you didnt have a groups table.
Then load the script "aspprotect_v7_groups_table.sql" into the Query Analyzer. Click the green play button at the top.
Now, go back to your database in Enterprise Manager and make sure all 3 tables are there and look ok. You might need to do a refresh or two to see them.
Now make sure an existing or new SQL user has (public / datareader / datawriter) permissions for all three tables. You reference this user in the asp code connection string so this user must be set up correctly. You may need your SQL server admins or hosting company to help you on this step as you may not have access to do this. You may not need to create a user and set permissions as the sql user you were logged in as to use query analyzer may by default get the correct permissions on anything you create.
Regardless, as you can see from this screenshot I have a SQL user called "aspprotectuser" and proceeded to set the permissions for that user. Under database access giving him (public,datareader, and datewriter permissions).
Now, you are done upgrading your SQL Server Database.
The existing passwords still have to be encrytped and moved from the "Old_Password" to the "Password" field
To that we have a special page we run in the application that will take care of that.
So, for now... go install the application, but using the database we just created.
Follow these instructions for the most part...
http://support.cjwsoft.com/forum/forum_posts.asp?TID=181& ; ;PN=1
When you get to the part where you finally get into the admin area and need to make an admin account you will notice that your existing user database is there but none of the users have passwords if you look at them in the edit screen.
That is normal. Simply do what the instructions say and create and admin account using a username that does not exist..
Then log off... then back in as that new admin account. If that works you are ready to convert the passwords.
This part is very easy.
You want to run a special page via the browser.
http://www.mysite.com/password_admin/convert_to_encrypted.asp
Replacing the part in blue with your website info.
Once you get the page running you will see a login prompt and one form field just like before with the "get_me_in.asp" page
You will need to paste the "PasswordEncryptionKey" value that you used in the "config_inc.asp" file in the form field and hit enter.
If all goes well you will see a page telling you to click here to encrypt the passwords and copy them over.
So do what it says... dont click more than once and wait.
Eventually it should say it is finished. So go log in to the admin area of the system using the new admin account.
Now edit some users but dont save... you want to see if the passwords are showing up. If they are the conversion worked. If you see nothing or a garbled mess it did not work and you made a mistake during this whole process.
If things went well backup and delete the conversion file below.
http://www.mysite.com/password_admin/convert_to_encrypted.asp
You do not need it anymore.
Once you are positive every thing is running smoothly and everyone's passwords are ok you can go in and delete the "Old_Password" field as well.
If things didnt go well.. try again from scratch and go slowly.
If they still dont go well get ahold of us for help.
We are here to help, but if you really want us to we can be hired to do the conversion. , I really need more detailed information to say anything about it.
I would try different methods of calling banners as well to see if that helps.,
|
These Settings:
Picture upload feature settings. |
| Use_Picture_Upload |
< = value=True name=Use_Picture_Upload> Check this if you will be using the picture uploading feature. |
| UploadDirectory |
< size=60 value=C:\Inetpub\virtuals\aspphotogallery.com\Web\demo\pictu res name=UploadDirectory>
Example: "C:\Inetpub\wwwroot\ASPPhotoGallery\pictures"
Ask your server admin if you are not sure.
This directory needs proper permissions for the SAFILEUP component or the VBSCRIPT solution to work correctly. It basically needs to same permissions as the database directory would need when using Microsoft Access. |
| PictureURL |
< size=60 value=http://www.aspphotogallery.com/demo/pictures name=PictureURL>
Example: "http://p600laptop/ASPPhotoGallery/pictures"
This is the web URL of the the upload directory specified above. |
| Use_SAFILEUP_Upload |
< = value=SAUP name=Upload_Solution>
This option will enable file uploads using a component called SAFILEUP which is high end upload component available from www.softartisans.com. It is far superior in performance and reliability compared to the VBSCRIPT file upload solution.It is highly recommended for a busy site. If you enable this component and do not have it installed on your web server you will cause an error. |
| Use_ASPUPLOAD_Upload |
< = value=ASPUPLOAD name=Upload_Solution>
This option will enable file uploads using a component called ASPUPLOAD which is high end upload component available from www.persits.com. It is also far superior in performance and reliability compared to the VBSCRIPT file upload solution.It is highly recommended for a busy site. If you enable this component and do not have it installed on your web server you will cause an error. |
| Use_DUNDAS_Upload |
< = value=DUNDAS name=Upload_Solution>
This option will enable file uploads using a (FREE) component called DUNDAS UPLOAD which is a high end upload component available from www.dundas.com. It is also far superior in performance and reliability compared to the VBSCRIPT file upload solution.It is highly recommended for a busy site. If you enable this component and do not have it installed on your web server you will cause an error. |
| Use_VBSCRIPT_Upload |
< = value= name=Upload_Solution>
This option will enable file uploads using a pure VBSCRIPT solution. It requires VBSCRIPT version 5 or higher to be installed on the server. The solution usually works fine, but has been reported to cause memory leaks on XP machines. | , I really do not know to tell you the truth. I'll do some research.
The script only allows .jpg, .jpeg, and .gif extensions.
If someone uploads a file called... "filename.vbs.jpeg" with bad vbscript in it I seriously doubt anything can happen because of it because of the extension.
But I really do not know.
It has never happened to any sites I have or know of.
cwilliams38447.0491435185, Our webhost changed converted all sites from c: to d:, and without us doing anything else, our customers now get the following error message when trying to access our Classifieds site:
***********
Microsoft][ODBC Microsoft Access Driver] Not a valid password.
This means there is most likely a problem with the "ConnectionString" info that you specified.
If you are using a DSN-Less Connection with MSACCESS.
Check that the physical path to the database has been specified correctly.
It has to be perfect and correct. It cannot be specified using "http://" or by using "server.mappath".
It has to be specified like the following example.
ConnectionString = "DBQ=D:\Inetpub\wwwroot\advpass_pro\_database\passwords.mdb;Driver={Microsoft Access Driver (*.mdb)};UID=admin;PASSWORD=Xpass"
If this is running on an NT server or Win2000 Server make sure that permissions have been set on the database.
Only the server admins can do this. If you are not the admin you will have to ask for this to be done.
If you are using a System DSN
It is not set up correctly. Again, make sure the permissions have been set for the database and that the system DSN has been set up correctly by the server admins.
************************************************************ *********************
We did everything the web host asked us to do, that is, changed all references to the C drive to new references to the D drive, but the error is still there. We also never changed any passwords (as far as we can remember). Can someone please tell us where to look (also which file might tell us what the correct password is in case it has in fact been changed.
Scaramouche38306.4845833333, I just did a quick google search... found a ton of info on how to find the setting. Here is one...
These are directions for IIS6 but the process is similar for IIS4-5
- Click Start, click Administrative Tools, and then click Internet Information Services (IIS) Manager.
- Double-click your computer name in the left pane, and then double-click Web Sites.
- Locate the Web site and directory that houses the ASP application.
- Right-click the application site or directory, and then click Properties.
- Select Home Directory, and then click Configuration.
- Click Options, and then click to select the Enable Parent Paths check box.
- Click OK two times.
cwilliams38148.5822453704, Greetings:
I am doing the initial set-up and have run into a problem. Everything has gone smoothly up to and including pulling up the get_me_in.asp page. When I enter the "PasswordEncryptionKey", nothing happens. The page just sits there without doing anything and the browser says it's opening the page, but never does. I have tried entering the value with and without the double-quotes. The value is the correct one from the config_inc.asp file. I did a copy paste from the file twice to insure I transferred it correctly.
I am running Windows 2000 server.
What now?
Warren , Thanks for your rapid responses, your support is excellent!
It may be best that I stick with html then. You mention that is stresses the Version 7 software, would the unlimited version perform any differently if I use multiple zones?
Also, if I do go with a single zone, would either program be able to make sure each banner is unique, or would there by duplicates for each page view?
Sorry to post so many questions in one day. , CJWSoft offers a mutually beneficial partnership program for resellers of our Active Server Pages Based Web applications.
The program is very simple.
- You offer our products to your customer's as Ready-to-Run Web Site Applications.
- We sell your company our software at a 50% discount allowing you to re-sell if for the same price we sell it for or slightly higher.
- Your company installs the application in the customer's web site and configures it for the customer.
- Your company is in charge of installation support and general usage issues. We handle other more complex issues as usual.
Each time a customer purchases an application from you, you are required to purchase a license from us.
These must be purchased online via PayPal. You will be give a special password protected URL where these purchases can be made. You are in charge of setting up a system for your customers to purchase the software from you. You are also responsible for purchasing a license from us within 7 days of a license being purchased from you.
Below are the applications currently eligible for the program.
They have been chosen because of their popularity and reliability.
You must resell all three applications below.
The details and pricing of this program may change at any time.
 |
ASPBanner Standard sells for 99.95 (You pay 49.95)
ASPBanner Standard is a high end Banner Rotation system. Web Based Administration for managing the users and banners in the database. Advertisers can monitor online statistical reports via their web browsers. |
 |
ASPProtect Version 6 with Option Pack sells for 99.95 (You pay 49.95)
Easily Password Protect any ".asp" page within your web site. Easily integrates with your current website or project design. Web Based Administration for managing the users in the database. |
 |
ASP Photo Gallery Pro sells for 49.95 (You pay 24.95)
ASP Photo Gallery allows anyone to have their very own online photo album. Upload an unlimited amount of albums. Set up categories however you like. Allow others to upload photos. Optional image resizing and thumbnail creation. |
We are looking for Web Hosting Companies and ISP's who can sell an average of 2 applications per month.
If you are not a serious company with a professionally done website you need not apply.
We are not looking for mom & pop operations.
To be very clear:
We are looking for experienced ASP Development/Hosting Companies that are serious about being a reseller and ready to go.
We need knowledgeable resellers that are experienced with ASP and will be able to install the application for the customers and handle some of the general installation issues that may come up.
To qualify for the program:
Please send us a brief overview of your company, Website URL, and your expectations for the program. After looking over your information we will get back to you with a response.
Contact us
Additional Info:
Our applications run on NT based servers only with true Microsoft ASP support. They do not run under Chilisoft. Our applications are licensed per website. That means one running installation of the database and scripts. Qualified resellers will be reviewed every quarter to see if they are meeting the 2 application per month quota.
AND LASTLY PLEASE DONT WASTE OUR TIME. IF YOU ARE NOT SERIOUS DONT EVEN BOTHER APPLYING. I HAVE HAD A LOT OF WANNABES SIGN UP FOR THE PROGRAM AND THEY ARE EITHER NOTHING BUT A PAIN IN THE BUTT OR THEY NEVER SELL ANYTHING. IF THAT IS YOU DONT BOTHER. ON THE OTHER HAND IF YOU ARE A GOOD SIZED COMPANY AND YOU KNOW WHAT YOU ARE DOING WE WE"LL HAVE A WONDERFUL AND PROFITABLE RELATIONSHIP. cwilliams38426.5449537037, Thanks very much for the quick reply.
That sets my mind at ease 
I was just worried if users would see warnings in their firewall software too.
I realize that the admin would have to have to go through some errors...
And since we are throwing things in here... Definately, if you have your own server you need a Hardware Firewall and a Managed one at that. The internet can be pretty dangerous for business if you don't.
Plus, I agree Black Ice although in it's heyday a few years ago was considered great. It is not suitable for todays standards alone even for the normal user (But, it is required by the company I work with for VPN. I think it's stupid too using old technology. I have 2 more firewalls setup besides that just so that I do have some security. And, that's just for my PC)...
Thanks , Is there a limit to how many access levels the program has? We were thinking of having a different access level for each client that logs on our site so we can customize their web experience. We see 6 in one place of the program, 8 in another, but is there any reason why we couldn't make 100 more?
Thanks again for the help! , How about the option to add an unsubscribe link to the end of newsletters that are sent out and a function that will uncheck the newletter field for that record if they click on the link?
Please??? 
Thanks,
Michelle , ok,
I have a quick question...when a user signs up I have a drop down menu for Company name and they have a choice of branch selections. Everything works fine but when the info is saved in the database there is some sort of conversion to lower-case...?
Original drop list selection:
Winston Salem, NC - (XXX/XXX) - original
In the database (access), some letters are lowercased now...why? anything to do with the period, , or - ?
Winston Salem, Nc - (xxx/xxx) - what is saved
, After a user edit his information (name, email, etc), the session variables are not updated. In the user_area.asp
page, I "Response.Write" all the session variables, and they are still
showing the old information. I tried refreshing the page but to no
avail. The only way to update the display is to log off and login again.
please help.
, If it stopped working it has nothing to do with the ASP code. YIf could have stopped for any number of reasons as hosts often change email server requirements and info. You need to go over the email settings. Of course make sure you and the person you are sending to have valid email addresses and try different methods/settings until you get emailing to work again.
Testing it by sending emails off from the users screen.. in each email type in what you are trying at that time so you know what worked if emails make it through. Also, be sure to check junk filters when testing to make sure the emails are not being put in any of those.
That's what I would do. CDOSYS is always your best bet for sending emails as it has so many options and all new server support it. , While I originally thought the login form on a non-protected page idea may be similar in setup to how our Classic ASP version of ASPProtect works I could not have been more incorrect. Truth is I forgot that it works a lot differently.
ASP.NET Web forms are meant to post to themselves and there is thing called the viewstate. (google it.. its a hidden variable the server creates in the form code that is required when the form posts back to itself.. and hold all sorts of information the server uses) Doing what you are asking about means disabling the viewstate and that can have big consequences and break certain things.
Basically you cant just put a form on a non-protected page and post to a protected page if the viewstate is enabled. Disabling it can break certain web controls like data grids .etc etc.. and can also have an effect on how the session is managed at the site and sometimes disabling it is not possible depending on what is going on cause you need it.
I am still doing research on the whole thing, but it looks to me like doing that is going to have a tradeoff of some sort.
That does not mean this isn't possible somehow. I am still researching and I am also going to see what John Evans thinks.
I told you .NET was complicated.
As for your other question that is something you have to sort out on your own by editing the code and recompiling it based on your custom project needs. It is not something I can help you with. , My server is Server2003. I could not find the folder settings you mentioned. I did find a iuser which I added as specified. I retried to perform an upload. Still same message. But it does move the JPG to the picture folder. So, part of it is working. , YAY FOR ASPPROTECT 7!!!
Now I need to know... how can I automate PayPal subscriptions and purchases? I'd like it so that once PayPal gets its money, my accounts get marked active.
Now, the documentation on this site currently says, to point the IPN post action to a null page. Yet, I see an IPN.asp in my files for PayPal subs and PayPal purchases... Looking over the code there, I see actions to make accounts active and stuff like that. Is the page ready for prime time, or should I hold off for a new version?
cwilliams38421.7014814815, I did not make a mistake.. what I typed is what I meant to say. I think maybe you are taking it the opposite way as I explained it.
Regardless,
What you want to do... logging them in under https and then having them continue though the site under http is not possible.
It doesn't work that. way. As far as the webserver is concerned https is a totally different site than http and each have their own unique set of application and session variables.
In a sense no different than www.somesite.com is different then somesite.com (each has their own unique set of application and session variables as well).
Now, because of the nature of Forms Based Authentication session varibles created under one will not carry over to the over and thus no password access if you switch over from a secure url to a non secure url.
If you want them logging in under SSL you need to keep them under SSL.
That is not to say there is some ultra complex scenario to mimic the session variables on the non secure side of things (possible with a complex http post to a non secure page from the scure page telling it what variables to create and set), but doing so means a ton of work and also has security concerns of its own. , It just sits there indefinitely without an error being returned. The only clue I have is that it seems to be connecting to the database when I try to log-in. I know this because I decided to erase the files and start again, but I could not delete the database because it was "in use". After I rebooted to clear that connection and erased the database, then re-did the install, the same condition exists after entering the key on the get_me_in.asp page. It just sits there indefinitely., Making progress. I have made the appropriate settings and now I have the option to upload. When I upload, I get the following message:
"Your upload did not succeed, most likely because your browser does not support Upload via this mechanism.
Your browser must support a standard called RFC 1867. Please check with your browser vendor for support of this standard"
I am using IE6 XP SP2. I also am using DUNDAS UPLOAD, ASPIMAGE.
I think I set permissions correctly bot not positive. I have given all auth to everyone for the database etc. , Hi Chris
I've just recently purchased ASPBanner and have been testing out serving multiple Tradedoubler code using the IFRAME method. I have four types of banner on the same page refreshing every 15 seconds. (this will change on the live site)
I've been leaving the IE page up for x hours and coming back to find between 1-3 of the banners has stopped and in place is an "internal error".
BannerZone=3&Refresh=15|40|800a0046|Permission_denied 80
I thought it may have been the SQL permissions from one of your other messages so I gave the banner user the DataReader and DataWriter permissions.
Its still happening and around the same time in the logs theres a couple of file not found errors.
BannerZone=2&Refresh=15|23|800a0035|File_not_found 80 - 80.65.240.159
BannerZone=4&Refresh=15|25|800a0035|File_not_found 80 - 80.65.240.159
BannerZone=1&Refresh=15|25|800a0035|File_not_found 80 - 80.65.240.159
Any ideas? I'm hoping its not the server as there is currently only 2 sites on it and this is pretty much the only traffic.
Thanks
Colin ,
I pull that crap on myself once and a while... or my
favorite is leaving a bootable CD in the drive and then wondering why the heck
the OS doesn’t come back up. I pretty much promised myself back in 2002 that I
would never mess with anything minor after 10PM. For whatever reason I always
start messing around trying to "fix" something and end up sorry...
Granted if it’s an emergency I am all for it, but I get dresses in advance
anticipating the practically inevitable drive down to the datacenter.
Good luck with that, I am sure you will be much better off
in the long run.
,
Timecard Entry: 3/25/2006 4:51:09 PM
screenshot of remington for business record, emails and voicemail, Went over Posi-Plus website with Lisa gave me a briefing about what we needed to do to start design process, jim corbin, car freshner, past/present future, research press releases, review clec planet marketing ideas, nortel marketing, start nyab press release, Watn. Appl., At home working on SoftMLS2... working on Agent and Public Feedback area sicne they needed to be totallyt re-done since they didnt work at all, Lunch, went through a few settings. mail server down, purchased office supplies; cc decline report and letters; batched; started online staples order., Working on CostGuard integrations, weekly staff meeting, SunandShield.com - Started site administrator layout & design. Creating online user administrator., Lunch, traveled to cortland to talk with the board, Stayed after to work on the site a little bit more on my own, paperwork, vermont internet: admin site development, content development for the public vermont internet site, Worked on an issue with 2360 not authenticating., Admin (emails and organize), Going to Radio Shack to pick up a coax cable to test out streaming server., travel to clayton office, E-mail - Cdn dial-up, TOWNOFCLAYTON.COM
COLLAGE THREE PHOTOS MASK OUT BACKGROUND AND FUSE PICTURES TOGETHER, SCANNING OF PHOTOS, BEG, Revamping timecard interface and starting to place work order system online, lunch, E-mail, timecards, on-line research, same as a.m., billing reconciliation, crazy morning. , *24Dollar Domains development,
| 
