Blog Entry: 3/25/2006 4:57:37 PM
who knows, thanks for your input, I am further than I was when I started talking to you!, You have old code I think.
It's probably because his password used with your encryption key by chance creates a single quote and messes up the database query
A notice went out about this. I will PM you the latest download with the updated files.
,
Hey, I thought I'd share this tip with the ASPProtect community...
If you'd like to remove, modify, or add fields to the "Users" view in
the password_admin default.asp page, it's really easy to do. Well, at
least it was for me. I'm using an MS Access database, by the way.
For me, I don't need "Company" info, but I do need last access and # of
times accessed displayed. Therefore, I had to change the default page
in three areas:
In /password_admin/default.asp, go to about line 185 or so, where you see stuff like:
[code]<td valign="bottom"><font face="Arial" color="#000000"
size
="2"><b>First Name& lt;/b> </font></td> [/code]
OK, those are the column headings. Each one corresponds to a column
from your USERS table in your database. There are two more areas to
consider, both of which appear immediately after this section.
The next section has statements that look like this:
[code]<td valign="bottom"><a href="<% =THISPAGE
%>?SORTBY=First_Name+ASC&MyPageSize=<% =MyPageSize
%>&Keyword=<% =Server.URLEncode(Keyword)%>"><img
border="0" src="../images/sort_ascending.gif" Alt="Sort
Ascending"></a><a href="<% =THISPAGE
%>?SORTBY=First_Name+DESC&MyPageSize=<% =MyPageSize
%>&Keyword=<% =Server.URLEncode(Keyword)%>"><img
border="0" src="../images/sort_descending.gif" Alt="Sort
Descending"></a></td>[/code]
See the "First_Name" items? The first is for an ascending sort, the
second for a descending. This particular line corresponds to the code
snippet immediately above it. But all this does is handle the sorting.
For the actual data, look lower for this stuff:
[code] <td bgcolor="<% = Cellbgcolor
%>"><font face="Arial" size="1"> <%=
CmdListUsers("First_Name")
%& gt; </font></td> [/code]
It's a good ways down, so don't be impatient if you don't see it in 10
lines from the end of the last mentioned section. This stuff handles
the display of the data from the database (where else ya gonna get
data, anyway?)...
Now, to remove a field, you need to find the three sets that go with
that data. The ascending/descending sort is potentially the trickiest,
because it's the longest set of data and can take a number of lines.
Just clear it from the start td to the end /td and you'll be fine.
To *add* a field, copy and paste the code from an existing field and
modify it. In the first one, the column title, you can type whatever
you want to describe your info. Nobody but you and your admins will see
it. For the next two sections, though, you need to get the correct
column heading from the USERS table and use that to correct the lines
in the copied code you pasted in.
For example, when I added a column to show the number of times a user
logged in, I copied the above snippets and pasted them in where I felt
the column I needed should be. Then, in the first one, I changed "First
Name" to "Logins". In the ascending/descending snippet, I changed
First_Name to Counter. Same for the last snippet.
The result? A new column, showing the number of logins my users were successful with.
Of course, before you experiment, back up your existing default.asp file, JUST IN CASE.
Have fun!
, I have a solution for asp already but thanks anyway. Is there a good book or other learning tool I can purchase that you might know about? I would know where to start about how create a timed subscription in .NET.
, here is the next response to this which was emailed to me but should have been posted here
From: Mo Afifi
Sent: Sunday, October 23, 2005 4:47 PM
To: CJWSoft Support Info
Subject: Re: CJWSoft Support Info : SSL - Verisign Certifcates
Hello,
Thank you for responding to my posting. In the second line of your response you said “not start them off at an http:// url". I think what you meant is to "not start them off at an https:// url". If this is your intention then I agree with you 100%. I have revised my pages so the users will go first to a non-https page and then make a choice either to use secure or non-secure access. Please note that the site is not intended to be completely SSL protected but only the sign up pages. I have another problem though when I click on the "Secure Log In" and enter my log in information; the entire subsequent URLs will have https:// in them which I could not shake off. As I said the intention was to use the https for sign in only.
I realize that this issue does not have any thing to do with your product, but any input will be appreciated. Best,
, ok,
I pull that crap on myself once and a while... or my
favorite is leaving a bootable CD in the drive and then wondering why the heck
the OS doesn’t come back up. I pretty much promised myself back in 2002 that I
would never mess with anything minor after 10PM. For whatever reason I always
start messing around trying to "fix" something and end up sorry...
Granted if it’s an emergency I am all for it, but I get dresses in advance
anticipating the practically inevitable drive down to the datacenter.
Good luck with that, I am sure you will be much better off
in the long run.
, Banners no longer show up on my site ?
If banners were working fine and now they are just not showing up.
1st check to see that you are calling a valid zone with live banners in it.
If you are then most likely this it what hapened.
The web server must have crashed or lost power and now the application variables are in limbo/not working.
I have seen this happen a few times.
Basically the application variable system gets messed up because it was not shut down properly.
The way to cure it is as follows.
Edit and save a banner in the system. Hopefully that gets things going again.
If this happens a lot it is a server issue, not ASPBanner's fault.
cwilliams38415.0978935185, I have reviewed the permissions requirements for folders from the support documentation but do not see the 'internal guest' account shown in our system to allow internet access to read/write to the access database.
How else can we locate the proper account (or is it possible there is none?) to use to allow permissions to access the Data directory if it doesn't show up as 'Internal Guest'?
cwilliams38417.7773032407, Hi Chris,
I have a small problem, I have installed asp photo gallery pro on a hosted site, and after eventually getting them to modify permissions on directories it is essentially working, except that it won't delete pictures from an album. If I delete an album the pictures are left in the pictures directory, but the album is no longer displayed. If I then make a new album it is labelled incrementally... ie I had one album "album_ID_1", deleted it created a new album it is labelled "album_ID_2". I would have thought that the new album would be called "album_ID_1" ie taking the place of the deleted one. It seems to me that the delete album function isn't fully working either. My hosting comppany swears that the permissions on the pictures directory are set to full access for everybody. What have I done wrong?
Thank you
Nigel
, The folder named Pictures permissions are set to your specs. It has jpg's that were uploaded per the aspphotogal instructions. But, the error message still appears and I am unable to access using aspphotogal., The parent paths things really should not be an issue.
This is an article from the troubleshooting section of the documentation that takes care of it all very easily.
http://support.cjwsoft.com/code/moreinfo162-1.htm
As for a good host that knows ASP and does not mess around when you ask for something. I always recommened www.alentus.com
, If a picture does not show after uploading it is one of the following things.
The upload method chosen is not supported on the server
or
The physical path specified to the pictures folder is not correct.
or
The URL to the Pictures folder is not correct.
or
Permissions to the pictures folder have not been set properly
Here is more information on how permissions are set.
http://support.cjwsoft.com/code/moreinfo136-1.htm
http://support.cjwsoft.com/code/moreinfo56-1.htm
Without more information and the settings you have entered and chosen that is all I can offer for now.
, in Control_pic.asp is there way to wrap the description field so that it doesn't go outside the table.
Thanks
, I am trying to import a file, and I get this error:
Microsoft VBScript compilation error '800a03f9'
Expected 'Then'
/aspprotect/password_admin/upload_post.asp, line 6
If Session("Admin") <> "True"
-----------------------------^
Any suggestions on how to fix it?
Thank you.
, If you are developing using Windows XP Pro and running the NTFS file system setting proper permissions on a folder in your website requires that you 1st disable simple file sharing.
To do so open up "my computer". At the top open up "tools/folder options"
Then the "view" tab.
Then at the bottom uncheck "use simple file sharing"
After that that is done... using "my computer" browse to the folder in your web that you need to set permissions on.
Right click on that folder and then choose the "security" tab.
(If simple file sharing is on that tab wont be there)
Give the "Internet Guest Account" Modify Permissions
This will check all the boxes under modify as well.
You can also give permissions to the everyone account and accomplish the same thing.
BTW:
If you are using ASP.NET you need to give permissions to an account called ASPNET. It wont show up in the user list. You'll need to click "add" and then type in "ASPNET"
cwilliams38203.582337963, It should be released sometime late May 2004 or early June 2004 but no gurantees as I am pretty busy right now with some projects.
There will be upgrade instructions and it should be a fairly easy upgrade.
, I'm getting errors when clicking the Update Config Button in the System Info page and when clicking the log files button.
I'm not sure if it's a permission thing or not. ASPNET and IUSR both have modify access to the _database folder and childs, yet I'm still getting the error:
Access to the path "D:\Inetpub\wwwroot\aspprotectnet\_database\xsd\aspprotectne t_config.xml" is denied.
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.
Exception Details: System.UnauthorizedAccessException: Access to the path "D:\Inetpub\wwwroot\_database\xsd\aspprotectnet_config.xml" is denied.
ASP.NET is not authorized to access the requested resource. Consider granting access rights to the resource to the ASP.NET request identity. ASP.NET has a base process identity (typically {MACHINE}\ASPNET on IIS 5 or Network Service on IIS 6) that is used if the application is not impersonating. If the application is impersonating via <identity impersonate="true"/>, the identity will be the anonymous user (typically IUSR_MACHINENAME) or the authenticated request user.
To grant ASP.NET write access to a file, right-click the file in Explorer, choose "Properties" and select the Security tab. Click "Add" to add the appropriate user or group. Highlight the ASP.NET account, and check the boxes for the desired access.
Any ideas?
Thanks
, Things have now changed I found out godaddy has persitis aspUPload and aspjpeg as value added products, I have the aspjpeg working but have been unable to upload when using aspUPload, everything works fine with the vbscript method so I think my permissions are correct. Whenever you get a chance, any help would be appreciated.
Thanks
Mark
, Not the way it ships. You would have to add that functionality by editing the source code and database., I had never noticed this before, but a customer sent me email to say that they had set up their aspclassifieds profile such that they be contacted by email and not by phone.
However, in their ad, their phone number still appears. The lines in view_ad.asp that check for True values for the Contact_Via_Email and Contact_Via_Phone before displaying that information seem to always evaluate to True, regardless of their setting in the database.
I'm using an Access2000 DB for this. When I open the DB in access, I see the checkboxes correctly unchecked for phone and checked for email. However, if I do a quick test to display the retrieved values in the view_ad.asp (<%=contact_via_phone%> <%=contact_via_email%> they both display True.
What gives? I have had nightmares with Access and its weird handling of true/false 0/1 yes/no fields, but this is driving me nuts.
, Chris, and all who read this post.
Don't run away!
I believe that perhaps I gave Chris good cause for this post to be created
. But dont fear
.
When it comes to most languages I am a newbie, let alone ASP.NET. I did not choose to have an application for my site to be built in ASP.NET. However it was and I had paid for that program and it needed protecting!
Now I did have a few problems, however NONE were with ASPProtect.NET. It is brilliant. NONE were with Chris and the support he provides. I believe he must work 24/7 judging by the speed of replies and the timezone differences.
In the end all the problems were down to MY typos and a web host who insisted that any problem was a conflict and not their server set-up.(which it was!)
Having eliminated the typo and changed web provider to a less arrogant company. ASPProtect.NET installed and ran out of the box. Truely impressive.
As a newbie it is not something I would like to do again. But with help from Chris and from a friend with ASP.NET knowledge any issues were very quickly resolved.
An A+ recommendation for CJWSoft. I love it!
, This is a great article for newbies..
Hints & Tips when working with ASP
http://www.powerasp.com/content/hintstips/common_sense.asp
cwilliams38436.5949768519, if you use our existing User_ID they are going to get new ID's. There is nothing you can do about that.
You could very easily though stick your exisisting User_ID's in one of the custum fields so you dont lose that info for each member., Then you should have current enough code.
If you PM me the encryption key you are using and the plain text password for this user I can see if I can reproduce the error and come up with a fix.
I believe you found one of the rare examples where the encryption creates a strange character that messes up things. Sometimes those characters are not even visable.
Changing the password should solve the problem in the meantime., All of the fields with the expected paths show the correct file structure, so now I've put them in them in the boxes
, Not a problem. Have a good time at your wedding.
thanks!
, I have just purchased ASP v7 and loaded. Followed instructions. Obtained codes not prob. Get to single field login screen, enter password and following page appears:
Method Not Allowed
The requested method POST is not allowed for the URL /temp/aspprotect/password_admin/get_me_in.asp.
Added folder aspprotect under (temp web) folder - temp, but also tried under root folder of web site.
Still no luck.
Apache/1.3.27 Server at www.didac.co.uk Port 80, Okay Chris, I wold like to get rid of the encryption then if it's not too much trouble.
I have no option of running the production server against an ms access db, since the db needs to be online and accessible from another system.
, Hi, I am glad you like the system.
Thx for the comments..
The banner logic in aspbanner it tweaked for speed and performance.. that sort of thing really wouldn't fit into the current code structure very well. It would slow things down and be a nightmare to code because of the way aspbanner uses ultra fast application variables for the banner rotation. Basically its a feature I didnt incorporate for performance and pricing reasons.
I would suggest making different zones for different conditions.. then surrounding the banner calling code with if else logic so a different baner zone was called under certain conditions.
That way performance would not be effected and you could actually show a different group of banners based on certain conditions.
Sorry, but that is the best advice I can offer at this time.
I built ASPBanner for performance and at this time I refuse to sacrifice that for any feature that will slow it down and consume more resources.
cwilliams38383.5395601852, You are right, there are NO entries in the "PayPal_Subscriber_ID" field at all. Any way of fixing this?
, pretty clever...
If anyone is interested in what the Mod function actually does this article explains it nicely. They even use it for the same purpose in the examples.
http://www.asp101.com/articles/steven/mod/default.asp
cwilliams38210.6791898148, Well my hosting company has finally gotten back with me, so I'm having them troubleshoot the webserver to see what might be eating up those resources. So I'm in a holding pattern on this for right now., Thank you...I thought I was doing something wrong - and thanks for the tip on the virtual path., oh, its timing out during the import ??
I didnt know that. I thought you said it was timing out after when you tried to log in.
That changes everything...
Let me start again cause I think I know the problem., Hi, I am wondering if I can redirect users with "GROUPACCESS"
just like access levelS. I tried to redirect using both "Groups"
and "GROUPACCESS" example below:
<%
If Session("GROUPACCESS") = "1" Then
Response.Redirect("group1.asp")
Else
Response.Redirect("allothers.asp")
End If
%>
I could only get the Access_Level to actually redirect. Is
this something the option pack supports? If so, any words of
advice?
, I know what is happening.. its the old single quote thing messing up the query string..
but it shouldnt be happening with the newer code as I fixed it.
If you like I can go in and reproduce/fix the issue. I can not think of any other way I can help you as other users have not reported the issue.
Chances are if it is happening in one situation it will happen again in the future.. it really all depends on the passwords being used and your encyrption key... other passwords may produce the issue even if the password is correct
basically once the password gets encrypted it by chance has a single quote in it... then it messes up the query
I take care of the situation by replacing the single quote with a double quote but it looks like you found a situation where that didn't work out
cwilliams38453.8921990741, Christopher,
Thank you again Sir. Your quick responses and helpful demeanor add greatly to the value of your software.
,
I am not entirely sure how one configures
the system to assign a user to a specific group. For example, let say I
have created two groups A and B, and I have pages protected by the code
generated in the admin area for groups A and B. I know I can assign access
to these groups in the admin area.
However, it is not clear to me how I do it automatically
through the registration process.
, I do not have any programming knowledge and have what might be a simple question.
I am having a hard time getting my hosting company to modify the rights on the data folder. They state they support ASP and access databases however this is the response I got when I requested the modify permissions set for the internet guest account:
Were the rights changed on the data folder?
