I am having problems with a password a user wants to use.  He wants HANNAH.  When he (or I) try to log in with his username and password, I get a syntax error  -

Syntax error in string in query expression '(Username = 'changedforsecurity') AND (Password = ' éG'.
pathOnComputer../1protect/check_user_inc.asp, line 114

I've obviously changed the username and the server path in the info above for security. 

I have not messed with the encryption.   

What is it that the system doesn't like in the word HANNAH as a password?  I would just change his password for him but this guy has enough trouble just turning the computer on!  Confusing him with a new password would take weeks to set him straight. 

Thanks,
Mick

again.. more custom code work would be required to handle it

If we wanted to user groups, is the "Access Level" in the User setup the same ID as what the group access would be?  Ex. If John had Access Level 4 and the page specified <% GROUPACCESS = "4" %>
<!--#INCLUDE FILE="check_user_inc.asp"-->

I'm asking because there is no Group Access Level in the user setup.  Thanks

I'am in the process of modifing registration and tieing in paypal. When I get live I will send you a link. Thanks for help.

John

This isn't going to help you much but here is the deal.

The 2checkout support in ASPProtect actually is not supposed to work with 2checkout subscriptions and therefore does not need to use an item number.

It is intended to be used for single payments only with 2checkout as explained in this thread.
http://support.cjwsoft.com/code/moreinfo212-1.htm

Single payments with 2checkout use their shopping cart which allows for dynamic payments without needing an item number.

I agree with you that 2checkout's interface is confusing. It's actually about the worst system I have ever seen. I could not make a 2Checkout subscription system because their system is just too limited and I couldn't make it work the way it really needed to.

ya, thats basically what I was gonna do..

BTW.. if that other app is going crazy with an access database it could be the cause of all the slowdown with ASPProtect... what happens there is it is using so much database driver time that it robs other things that also access a database... so basically ASPProtect isn't asking its database for much but your other application and database are cripping that part of the system and causing it to run like crapola

If your other app is using a system dsn try changing it to use a dsn-less connection... it might actually help

that would probably work...

any ".aspx" page can grab that data after someone logs in..

Session("Username")
Session("User_ID")

etc etc

anything you see set in the "aspprotectlogin.aspx.vb" file will be there

any data not set there would have to be added and then the project recomplied so that data gets saved...

Chris -

Long time no talk, which is a good thing.  I have purchased another product from you, ASPVendor.  I am running into an issues.

When I try and remove the image through the image manager, it does not remove it.  Screen shot attached.

2005-10-19_194248_image_upload.zip

Thanks

Every application we sell that has a password on the database uses "temp"

Also, the password is in the connection string in the dataconn_inc.asp file.

After all, the ASP code needs to know the password just like anyone that wants to open the database would.

[/QUOTE]

That i have, my question revolves around the all the users and passwords that I in that database. I need to be able to export that list to word for a mail merge list, but when I do the passwords show up encrypted. I need to be able to get an unencypted list.

thanks

Microsoft VBScript compilation error '800a0411'

Name redefined

/aspprotect/config_inc.asp, line 15

Dim  Address_Required,CDONTS_Installed,City_Required,Registration _Type,VerifyURL,Log_Off_Page
----^

User Registration

The "users" folder allows users to sign themselves up and edit there accounts as well as retrieve lost passwords..

In the settings tab of the ASPProtect admin area there are options for which fields are used and which are mandatory when a user signs up. The only validation the system performs by default is checking for mandatory status. If you want to add more validation so reduce the chances of input errors that is up to you.

You can add additional server side validation by doing server side checks on the save pages... you can also make the field sizes larger in the database if you think you need to. You'll need to be good with ASP to do this.

Always backup your files before making changes to them so that you can revert back to a working copy if you mess something up.

I have narrowed it down.  The ../ for includes will not work with .asp files but will work in .shtml files.

any ideas?

(User Search & Contact Mod) for ASPProtect Version 7.x

This will allow an individual user to search for other users as well as email or call them.

Notes: This is a down and dirty mod. The users page from the admin area was used as a starting point. I then edited it up real quick to be used as a user search. The way it is it shows the user email as a regular email link. If you want to set it up so emailing is done from the application and emails are not actually shown you will have to do some extra work. If you don't want phone numbers shown you will have to remove that column which is not very difficult.

Directions:
Back up your existing ASPProtect installation.

copy "search.asp" into your "users" folder

2006-03-10_143253_User_Search_Contact_Mod.zip

Direct your users there. They will have to be logged in to view the page.

WARNING: This has not been extensively tested for SQL Injection attacks.
I think it is perfectly fine the way it is by looking it over quickly, but use it at your own risk.

all I can say is try other things...  like

mail.yoursite.com

or

smtp.yoursite.com

etc etc etc

replacing yoursite with the name of your domain of course


the settings for sending email via ASP are no different then the settings you would use in outlook or something... except sometimes on the server level localhost works as the email server because they set it up to allow that

and of course those 3rd party emailing components need to actually be installed on the server

((TITLE EDITED BY ADMIN))


it would be nice if there was an option for login abuse, where a login account would be flagged if it logged in from x number of different IPs over a period of time. I know many have dynamic IPs, but there's got to be a balance between legitimate logins and logins that are 'shared' for the sake of saving money (I sell subscriptions), in the end costing me.

Maybe searching the first two number groups in the IP (example, 209.168.*.*), and if finding more than an admin specified number of logins per week from IPs with different first two groups, the record would be flagged or locked...

The only other thing I can think of if you are not getting any errors.

Is that you may have the path to the server include file correct but ASP server side code is not executing in that part of your web site.

You can do a simple test to tell if it is...

Make a simple ".asp" page in the same folder.

Put only this code in it.

<% Response.Write ("ASP is executing") %>

then run the page via the web browser thru the server..

If the text prints out ASP is running... if you don't see anything it is not

Password Retrieval System

CDO.Message.1 error '80040213'

The transport failed to connect to the server.

/aspprotect/scripts/emailing_subs_inc.asp, line 174

This is running on Windows 2000 server.

Any ideas?

Warren

I have just purchased ASP v7 and loaded.  Followed instructions.  Obtained codes not prob.  Get to single field login screen, enter password and following page appears:

Method Not Allowed

The requested method POST is not allowed for the URL /temp/aspprotect/password_admin/get_me_in.asp.

Added folder aspprotect under (temp web) folder - temp, but also tried under root folder of web site.

Still no luck.

I really do not know.. maybe it is a conflict with something else..

I run many instances of aspbanner on my servers and I have every item to log enabled for my iis log files... my stats server software which reads those log files (livestats and smarterstats) have never reported any 404 errors related to (aspbanner/those images)...

I do not know what is happening in your situation..

sorry.

Another good tip is to make a copy of the "password_admin/default.asp" named whatever you like..

"default2.asp" would work...

then maybe add a link to it from the header_inc.asp file

then you can modify that one all you want and your will still have the original around.



That concept works for a lot of things.. for example you could make a copy of the "users" folder and call it "users2"  granted a few paths might need to be changed here and there but really not a lot. (how do you think the paypal signup folders were created, they started as a copy of the "users" folder of course)

You can even make a copy of the "check_users_inc,asp" file if you like. Then make a copy of the "scripts/login_form_inc.asp" file... then make your new "check_user_inc.asp" file reference it.

Then you can password protect pages using different versions of the "check_user_inc.asp" file. Why ? well maybe you want different looking logn forms for different parts of your website or you want to make a lot of changes to the "check_user_inc.asp" file and want to leave the original alone.

The sky is the limit really. When it comes down to it besides the actual guts of the "check_user_inc.asp" file ASPProtect is nothing but html tags and chunks of simple server side code that produce more html dynamically. What your browser ends up with is basic html. (some client side javascript in certain cases, but that is pretty basic stuff too.)

I've got an ecommerce module that's running on it that uses access for the db.  Connecting into that thing is slow as well, but I figured that's because of the complications and volume it handles.

So as far as importing on a faster machine and copying it over to the server...what suggestions do you have?

Chris,

I understand.  I set it to a lower number that will hopefully be a good balance for the user.  I am simply AMAZED at what your software does and I thank you for all you have done.

Jess

you summed it up perfectly... everything you said really

As for the banner software custimizations.. you could just make another folder with a modified admin area (little tweaks here and there so the person logged in only controls their own banners) You'd probably want to add an approval process so nothing they did went live unless you really really trust them. That wouldn't be that hard either.

I always planned to do it someday but I just never have time.

If you have an album with more than 96 pictures, the spacing in the tables can become incorrect, with pictures touching each other. (This program is not designed to handle more than 96 pictures due to server speed, but it can handle more than 96 with minor changes to the code.) Also, after 96 pictures, the pictures will not have 6 on a line, but rather 6 on a line up to 96 pictures and then the rest of the pictures on one line next to each other extending to the right of the screen endlessly. To fix this, I simply edited the ASP code using the following loop. It can be a perminent fix, because I used the maxpicsperalbum variable to define the spacing.

<%
Dim SixInterval
For SixInterval = 2 to maxpicsperalbum
 SixInterval = SixInterval + 5
%>
 <% If PicIndex = SixInterval THEN %> 
  </tr>
  <tr>
 <% End If %>
<% Next %>

Then, the following code must be commented out:

<% If PicIndex = 6 or PicIndex = 12 or PicIndex = 18 or PicIndex = 24 or PicIndex = 30 or PicIndex = 36 or PicIndex = 42 or PicIndex = 48 or PicIndex = 54 or PicIndex = 60 or PicIndex = 66 or PicIndex = 72 or PicIndex = 78 or PicIndex = 84 or PicIndex = 90 or PicIndex = 96 Then %>
 </tr>
 <tr>
<% End If %>

This code can be found in scripts/view_album_style*STYLE NUMBER*_inc.asp . (STYLE NUMBER depending on which style you are using (found in config file))

This change in code will enter a new table row after each 6th picture. You can have more or less than 6 pictures per line depending on the width of your files and preference by changing  changing the number 5 in this line of code: SixInterval = SixInterval + 5

If you have any questions, JPortnoy@Checkernet.com

There is nothing built in to the system but it is very doable.
However, you need to be a decent asp coder because your going to have to write some code.

Basically you would want to do a check on the screen where a user uploads to count how many pictures they have uploaded.

Then act accordinly and either let them or dont let them proceed.

On a side note the overall filesize limit of the total of all pictures a user can upload can be set when you edit a user.

can add photo album but after i upload a pic, nothing shows.

where do i look to research why pics aren't showing in the albums

Can you incorporate a secure log in within the scripting.  I would like the account information to be secure without having to have the whole site using running through a secure (https://) path.  If this is possible, the scripting is perfect!

It's probably something I could do for you as a custom project if you are interesting in paying to have that work done, but it is probably not something that will be added to this version of aspbanner as it is in my opinion a feature more suited for a more expensive software package.

It is also difficult to get ASP code to do things on it's own. Scheduling something to run on the server or some other clever scenario is necessary and that usually means it would be unique to each persons setup.

http://www.cjwsoft.com/custom_work.asp

Hi,  Its just a generic error that really doesn't mean much of anything except that something wrong with your data connection.

http://support.cjwsoft.com/code/moreinfo27-1.htm

could be invalid permissions on the database folder... could be any number of things

when setting up your connection I suggest going dsn-less.
http://support.cjwsoft.com/code/moreinfo9-1.htm

It is better/faster and also a lot easier to set up.

grrrrrr

As far as the users thing... my fault that was setup wrong in the settings of the admin login page.

but still dont have a solution for what im trying to do

There are 8 Access Levels by default.. they work like this.
http://support.cjwsoft.com/forum/forum_posts.asp?TID=166& ; ; ;PN=1

Access Levels exist in ASPProtect Version 7 for backward compatibilty for customers using previous versions.

Truth is Groups are the replacement for Access Levels and they are much more powerful and flexible. You can also make as many of them as you want in the admin area.
http://support.cjwsoft.com/forum/forum_posts.asp?TID=167& ; ; ;PN=1

On a side note:
We also coded ASPProtect Version 7 so there could technically be as many access levels as you wanted. It's not supported but if you really wanted more Access Levels you would carefully add more Access Levels to the drop down choices when you edit a user. "edit.asp"

I don't know why anyone would want to use Access Levels however when they can use Groups.

LOL

ok, I just sent you a private message with download information.

replace you existing

"check_user_inc.asp"

"admin/check_admin_inc.asp"

"admin/email_user.asp"

with the new versions in the download

Do some testing to make sure that HANNAH password works ok for you.

Hopefully this cures the issue...
If it works ok for you for a while I will offer the fixes to everyone and start using this code from now on

BTW:
"admin/email_user.asp" had an unrelated bug in it that only happened if its error handling got triggered... it was posting back to the wrong page when that happened and causing an error

Hi Chris,

The password is HANNAH.  If you're into trouble shooting mode and would like the key, I can send it to you.  If not, no big deal, I've email the guy a new password.  We'll see how many rounds it takes him to get it right. 

Thanks,
Mick