Blog Entry: 3/25/2006 4:46:02 PM
Sorry about earlier post in wrong area-
I have followed instructions to set up access levels (adding the
<% CHECKFOR = "4" %> for user level 4 for instance.) The database is connecting properly and the basic check for login is taking place, but it seems that all users have access to all levels no matter what is on the database; i.e I set up a test page with "checkfor=4" and all users have access to it, even those with lower leve access.
Any ideas?
Thanks
, Thank you.... yes it does
Is there a limit in the number of Zones you can have in the database.
thanking you
,
I use the group feature and would like to know if it is possible to change or delete members from a group in bulk. For example if I have 200 users registered for group 1 and 3 how could I delete all members from group 3 in one pass rather than editing 200 individual members?, Thanks, I'll take a look.
Nick
, I am not sure. I can tell you that I run windows 2003 server and I have never had any issues setting permissions for ASP.NET files and folders. This very server is 2003 and the ASPProtect.NET demo runs on this server as well.
Course, I can't say that I have specifically tried to remove ASP.NET READ permissions on the database folder as it's just not something I would not have a reason to do. Why are you trying to do that? The ASP.NET account needs that permission. If you are trying to stop file browsing and downloading in that folder that is not how you do that. The best way to do that is by keeping the database somewhere else on the server that is not part of the http web. , If the physical path isnt right and the permissions are not right it just plain will not work. You will not get an error.
If the filesystem object is disabled on the webserver it will not work either.
Something has to be wrong.
Please start a new thread when the topic changes.. thanks
It helps to keep the forums organized for other users in the future.
cwilliams38454.6146180556, I'll give it a shot loading it on the laptop and publishing it, if it doesn't work I'll let you know and you can take a look at it tomorrow afternoon. Thanks for all the help tonight...
Good luck pouring that concrete!
, yes. what you are talking about has to do with norton ad blocking software.. it blocks images or paths that have the word "ad" in them.. and you see red x's where images should be on web sites.. usually
it is different then what this thread initially mentions which has to do with a code/server issue with the application variables.
, that wont work the way you did it because groups are not stored like like.
groups are stored "*1*"
or "*1*,*9,*"
so if you test for them you must do so using the InStr function of vbscript
example:
If InStr(Session("Groups"),"*1*") Then
' do whatever
End If
also.. as for the session variable
it should be Session("Groups")
And in Version 6.... (its all ready to go in version 7) that session variable must be saved in the check_user_inc.asp file near where all the others are saved. If it is not there by default "I dont remember if it is or not" you have to add it like so near where all the others are saved
Session("Groups") = CmdCheckUser("Groups")
If you are wondering if it is being saved correctly you can always response.write out the Session("Groups") to see if it holds a value
, Sorry, I guess you did say you finally found them.
Regardless, sorry then, I tried
I dont know what else to tell ya.. except to search www.aspin.com
Perhaps you will find something you can use there.
, Chris,
2Checkout.com has added to their required cart parameters:
https://www.2checkout.com/documentation/newparameters.html
Do you have a version of 2checkout2.asp that will support these?
Thanks,
Nick
, Need to know more about ASP ?
Check out these links.
| |
15 Seconds
Free resource for developers working with Microsoft Internet Solutions. 15 Seconds is the biggest IIS and ASP development resource in the world. |
| |
ASP FAQ
Have a question about ASP? Check the ASP FAQ site. They've probably got the answer. |
| |
ASP Free
Your 1st source for free ASP and ASP.NET live demos, downloads and more!!! |
| |
ASP Connections
ASP Connections Conference for the ASP Developer features sessions on ASP Performance, IIS 5.0, ASP 3.0, XML, ADO, E-Commerce, VID, COM, COM+, MTS, DHTML, load balancing, and more. Speakers include Mike Amundsen, Wayne Berry, Charles Carroll, Michael Corning, Jeff Niblack, & Ken Spencer. |
| |
4GuysFromRolla
4GuysFromRolla: Web Technology, Programming, Humor... All this and it counts as work! |
| |
CoverYourASP.com
A great new site. It's got some great stuff and is using JScript! A must see! |
| |
askASP
Promising new site! Check out the question archives! |
| |
CodeHound
CodeHound ASP - The ASP Developer's Search Engine! |
| |
CodeAve.com
A neat ASP reference with some interesting features. Check out their "Script Writers" |
| |
ASPZone
The website for advanced ASP developers. |
| |
DevASP
A relatively new ASP site. Straight forward and informative. |
| |
www.LearnASP.com
This in another site maintained by Charles Carroll, and it specializes in Active Server Pages programming issues. Contains links to a wide range of resources and articles. |
| |
ASPin.com
The ASP Resource Index. Here you will find the stuff you need to take advantage of ASP and make your website an interactive mecca. |
| |
ASP Sites
A great place to go to find ASP resources fast! |
| |
Macromedia - DevNet
While much of the content is Dreamweaver MX-centric, they also have a fair amount of plain vanilla ASP.NET content as well. |
cwilliams38431.8787152778, Most likely it is no longer supported on the web server. The web host probably moved you site to a windows 2003 server which does not support cdonts or they stopped running the IIS SMTP server.
You usualy wont get an error..
it is also possible that cdonts is boned up as it is pretty flaky and that tends to happen. For example sometimes the emails it is suppost to send get caught up in the smtp pickup directory and never get sent out until the server is rebooted.
You should really ask the hosting company why cdonts has stopped working. It definetly has nothing to do with the code if it has been working all that time. If CDONTS still is supportd tell them you emails are in limbo. Ask them to look and see if a bunch of ".eml" files are stuck in the stmp pickup directly and if so to please reboot the server.
lastly:
cdonts has been deprecated and now everyone uses cdosys.
see my article
http://www.powerasp.com/content/new/sending_email_cdosys.asp
, Kurt,
There really is no default width in general.
The thing to remember is that the default.asp page includes a lot of different pages.. and some of those pages also include pages.
Now all of this gets wrapped by the header and footer include files so in a sense what you do there can effect everything inside to a certain degree.
Now there are some widths set here and there for different tables and what not on certain pages, but its really the kind of situation where you just have to dig around in the code and experiment until you eventualy find what you are looking for and get the desired result.
I'd love to tell you there is easy way to just set a width, but it is not that simple.
Maybe someday it will be. Just not in the current version.
CJW
, Yes, that’s all I wanted to know. The problem is on my end. The server is not creating the .NET site correctly. I think I got it working now. Thanks.
In case you wanted to know? The only reason I asked you is because you mentioned that you where having trouble with overseas piracy and my account is new. I figured it was my user error by just though I’d ask you first. Hope you have no more piracy issues and have a good rest of the day.
Thanks again for the quick response.
, I am up to speed on how it works. My goal was to not have just a link to a protected page- so that when a user clicks it they get the "access denied" screen and then have to log in. My goal was to avoid that if possible by having them log in and then redirected to the protected page.
So this isnt possible? The only way for it to work is for a user to click a link to the protected page, get the denied screen, then login and be redirected?
Or is there another way..?
I made my point by rebuttling your "cafepress" with agreeing "YES" that is what i want... now you are changing this around on me. I dont think i can be ANY clearer in what i intend to do. It is extremely clear and i am not sure why its becoming more than it should be. I just want the user to be able to log in from ANY PAGE ON THE WEBSITE AND THEN BE REDIRECTED TO THE PROTECTED PAGE IF THE HAVE THE PROPER CREDENTIALS. It would be nice if this software gave an error message when an incorrect username/password was entered instead of simply refreshing the screen.
, While I originally thought the login form on a non-protected page idea may be similar in setup to how our Classic ASP version of ASPProtect works I could not have been more incorrect. Truth is I forgot that it works a lot differently.
ASP.NET Web forms are meant to post to themselves and there is thing called the viewstate. (google it.. its a hidden variable the server creates in the form code that is required when the form posts back to itself.. and hold all sorts of information the server uses) Doing what you are asking about means disabling the viewstate and that can have big consequences and break certain things.
Basically you cant just put a form on a non-protected page and post to a protected page if the viewstate is enabled. Disabling it can break certain web controls like data grids .etc etc.. and can also have an effect on how the session is managed at the site and sometimes disabling it is not possible depending on what is going on cause you need it.
I am still doing research on the whole thing, but it looks to me like doing that is going to have a tradeoff of some sort.
That does not mean this isn't possible somehow. I am still researching and I am also going to see what John Evans thinks.
I told you .NET was complicated.
As for your other question that is something you have to sort out on your own by editing the code and recompiling it based on your custom project needs. It is not something I can help you with. , Hi all
I logged in myself to my website, and I tried to log in to another with same username and password. But I was able to log in again.
It was supposed to block me from logging in, but it let me to log in.
there has got to be some configurations I must have missed.
Could you instruct me on this Concurrrent login so mine works as well...
thanks
, One of my users is looking to do mass updates (multiple records). He wants to be able to update the "Expiration Date" for a group of users who work for the same company. , Sounds crazy. I recently took over this web site and all IT duties. User today said member area was not working. All pages would not display. After restoring some files I got the members area partially working. But I cannot find where the database sits. I am able to get in and view users in the admin are and log in as a member. Thanks., issue resolved.. new files did the trick, basically one at a time because of limitations of the file uploads that browsers can support
more on that here
http://www.aspphotogallery.com/pro_add_ons.asp
An Admins can however ftp a bunch of pics to the import folder and import them into any album all at once pretty easily
, I did the initial steps of downloading the sql scripts and running it in Query Analyser, tables created fine.
I can login for the first time. I exit from the browser and then I cannot login again. This happens for every user and admin.
I noticed that the values in the fields "Login_limit" and "Active" in the ASPP_Users table in the SQL changed to NULL and 0 when login and remained in those values after close the browser.
So iam just struck not able to log in. Pls advice.
, Haven't gotten to it yet. I do know there are a few customers using it to edit the app and said it was not all that different. Maybe they will chime in with some tips., Its not on their end. Using ASP alone you really won't be able to send more than around 300-400 individuals emails at a time before things will time out. Its just that ASP is not an efficient way of sending email and it never will be.
You really should look into worldcast like I mentioned before.
http://www.fairlogic.com/worldcast/
Then just export the email list from the database into worldcast and send out the newsletters.
You will get much better results and perfect newsletters and it really only takes a little bit longer to do each time once you figure it out. That is how I send out my PowerASP and CJWSoft newsletters and it works perfectly every time.
, Is there a possibility to build in a option that the administrator will be notifed when a banner expired.
, Chris,
I've given the IUSR account modify access for the aspprotect folder.
In the ODBC manager module on the webserver I've taken out the aspprotect access driver option.
The dataconn_inc.asp line reads as
ConnectionString = "DBQ=D:\missourirealtor.org\members\aspprotect\data\database \ASPProtect_access2002.mdb;Driver={Microsoft Access Driver (*.mdb)};UID=Admin;Password=temp"
Now this should make it DNS-less correct? with the permissions set properly?
I've also taken out the password on the access database.
The original database of users I had was an access database from a different program called spooky login. I exported them into a tab delimited file and changed the column headings to match those in aspprotect exactly. Actually access would not let me import them in the databases without them being exact.
I imported that information directly using access's import options. I tried the import/export manager in aspprotect but kept timing out as well.
, Hi
I've tried almost anything here... I'm using an online SQL SERVER database with ASPProtect 7, and I can't login after my initial creation of the admin account.
It works fine with Access... I believe I have checked all the fields created by the sql statement (which was run with no errors),
What could be the problem here? could it be a problem that I run my local IIS against the online sql server?
sincerely,
Morten
, and the permissions, how exactly were they set ?
I find a lot of customers think they are setting permissions correctly when they really are not. That's why I wrote that long article on the subject.
As you probably know a data connection is a very low level thing. It is the foundation of any ASP application that communicates with a database. Unfortunatly it sometimes takes a while to get the hang of setting them up without issue.
Everything must be perfect.. the ODBC drivers must be up to date, folder permission are critical, sometimes you must use a new version of the access database.. etc etc etc The errors and things that happen when all these things are not perfect and not helpful as you have found out.
I would suggest you download and get ASPTest from CJWSoft running before you go any further. It is designed to be as simple as possible and helps get a hang of the database setup process.
, that is because passwords in the import/export files are encrypted.. if you make one of your own you need to use the rc4 function in the "config_inc.asp" to encrpyt your passwords just like the aspprotect system does (requires knowledge of vbscript and integration into your export system)
now, there is a way around this
if you want to import a file you made with clear text passwords edit "import.asp" beforehand and change
If UserArray2(5) <> "" Then CmdAddUsers.Fields("Password") = UserArray2(5)
to
If UserArray2(5) <> "" Then CmdAddUsers.Fields("Password") = RC4(UserArray2(5), PasswordEncryptionKey)
that way it should convert your clear text passwords to encrypted while it does the import
this post also addresses this but in the reverse scenario
http://support.cjwsoft.com/code/code_info.asp?TID=261&PN =1&TPN=1
I hope this helps you because I really do have to leave the office like right now. Very late for a dinner meeting.
I should be back on the computer later tonight or tommoro morning
, This is what "John Evans" of CJWSoft has to say on the matter...
"I think that’s pretty much impossible. If the server sees a .JPG or .JPEG extension why in the world would it go and try to read it or do anything with it.
I believe there may have been some issues with Outlook and Outlook express that made it look like a vbs script sent as an attachment was actually a JPG because someone found an exploit in those programs and it would appear as if double extension files were one thing when in fact they were not.
Having a real time virus scanner on the server (which any good host will) should also catch anything infected being built on the server drives as the file uploads. Always worked for me and I had a lot of people uploading ZIP files on winxptheme.com at one point. Many had viruses in them although I suspect it was totally innocent on the end users part. Some people didn’t even know they had a virus on their rig.
Fact is anything is possible but I think chances of getting a virus or being hacked in some way from this sort of upload are really slim."
cwilliams38447.0602083333, no, there is not not.
If you wanted to to that you would have to add some code to check their album count in the database and not allow them to make a new album if they were at the limit.
cwilliams38433.0233680556, No worries
then..
is there any way I can get rid of those information shown on User activity screen, so I can at least know who logged in current day?
thank you in advance
, That helped very much. Thank you. Hope you enjoyed your dinner., (User Search & Contact Mod) for ASPProtect Version 7.x
This will allow an individual user to search for other users as well as email or call them.
Notes: This is a down and dirty mod. The users page from the admin area was used as a starting point. I then edited it up real quick to be used as a user search. The way it is it shows the user email as a regular email link. If you want to set it up so emailing is done from the application and emails are not actually shown you will have to do some extra work. If you don't want phone numbers shown you will have to remove that column which is not very difficult.
Directions:
Back up your existing ASPProtect installation.
copy "search.asp" into your "users" folder
2006-03-10_143253_User_Search_Contact_Mod.zip
Direct your users there. They will have to be logged in to view the page.
WARNING: This has not been extensively tested for SQL Injection attacks.
I think it is perfectly fine the way it is by looking it over quickly, but use it at your own risk.
, Right, I've done that. My concern is that it will time out again while I'm trying to import the file.
The import/export manager does not show up under the users tab when I log in normally. I have to pull up the page in frontpage and then preview it a browser to get it to show.
, ok, that is what you are suppose to do... not having that path info set can cause all sorts of trouble., Larry,
I have a new computer up and running and am back on the Internet full time. I am here to help when you are ready to continue with this.
I went to your site to look around and "try it" like you mentioned but I can not really try anything as the admin username/password seems to be something other than the default
, In addition to that I just noticed the </href> you have in there.. man that is some scary stuff you came up with.. that may appear to work and make a link but it is not correct. Each link will work but never truly be closed.
That is just not valid proper use of the anchor tag.
You make a link in html like so
<a href = "somepage.htm">somepage.htm</a>
http://www.w3schools.com/tags/tag_a.asp
Then your surrounding each link with <span lang="en-us"> </span>
Not sure why ?
, Ok, I tried what you suggested but the program won't let me leave the
date area on the banner ad blank. I reset it to a date in 2010.
I deleted the Level 1 Access note in the notes area.
I then attempted to access the banner stats using the correct info and
the right link. Again, got this message:
ACCESS DENIED
INVALID Username & Password
Username HAS EXPIRED
Any ideas? Should I just delete the whole account and start fresh?
TIA,
Laura
,
Timecard Entry: 3/25/2006 4:46:02 PM
Resetting modems on all numbers., Fairly busy with calls., Sent out a couple of emails. Some within the company and some that weren't related. , meeting with alpha paging, Review Northernhealthnet.org with Rob, Fiber Optics Workshop, Move cybershingle.com to Simmons box, gogisco.net - partners listings admin complete, published to server, tested, good to go., pickup and dropoff stuff at clayton, ATM on PP training, SoftMLS2...still working on Bob Nelson changes. He is training the Hornel board and according to him everything is going great and they are very happy., teched calls and radlog, Finished istallation of software. Set up ICQ, email accounts,
got crash course in Front Page, MS Tech Support re: FPSE, Install projects from Home., Install O'Reilly WebSite on clicksright box, working on moving web pages off of NS0, techcalls, radlog, new users, email and voicemail, emails and voicemails -Joe Starks confirmation, Fixing problems with UCPA's connection. , Travelling back out to watertown, answered emails, Straightened up more and worked on the computer more., logins , e-mails, Switchboard, billing calls, e-mails, callbacks, Email/talk to Terri and Jodi about setting up a new affinity code for Warren BOR dial-up users, travel from Watertown to Morristown, Posted accounts and did a detail on money to be deposited. Customer inquiries. and ans phone., Doing inventory.,
