Blog Entry: 3/25/2006 4:42:46 PM
It appears there is an auto logout after inactivity for a period of time. How does one change the default time allowed for inactivity?
thx , Please Note : ASPProtect v7.x has a new feature called groups that is much more powerful than access levels. Access Levels were left in the product primarily for existing customers that upgrade to the new version so they do not need to make a lot of changes to their site if they were using Access Levels.
More On Access Levels
Again, Examples of managing Access Levels are provided in the "multiple_access_levels" folder included in the root of the Password System. Look at the source code of the ASP pages in that folder with a text editor to see the working code.
Access Levels and how they work can be re-coded to work in many different ways. However, you have to be a good ASP developer to make changes to it. Here is some information on how they work by default.
In the "check_user_inc.asp" that comes in the root of this system Access Levels work as follows.
Level 1 has Access to - Level 1
Level 2 has Access to - Level 1,2
Level 3 has Access to - Level 1,2,3
Level 4 has Access to - Level 1,2,3,4
Level 5 has Access to - Level 1,2,3,4,5
Level 6 has Access to - Level 1,2,3,4,5,6
Level 7 has Access to - Level 1,2,3,4,5,6,7
Level 8 has Access to - Level 1,2,3,4,5,6,7,8
ADMIN has Access to - Level 1,2,3,4,5,6,7,8,ADMIN
Here is some additional info..
If the access levels are too restrictive you can ignore them all together and create your own totally custom solutions.
Here is a quick rundown of some of the things you can do.
Ok... so if you want to be really specific about what each user can see and
can't .. here's an example of what you can do
Don't use the access levels before the include file..
Don't worry about what you set a user to in the admin area since the access levels won't be used.
Do something like this..
Every time a user logs in session variables are set that you can access at
any time.. thus allowing you to know who they are.
So you could do something like this...
<%@ LANGUAGE="VBSCRIPT" %>
<!--#INCLUDE FILE="check_user_inc.asp"-->
<%
If Session("USERNAME") = "bob1267" or Session("USERNAME") = "carl45" or Session("ADMIN") = "True" Then
Session("PASSWORDACCESS") = "Yes"
Else
Session("PASSWORDACCESS") = "No"
Response.Redirect(Request.ServerVariables("script_name"))
End If
%>
The following URL explains what Redirects are.
http://www.powerasp.com/content/code-snippets/redirects.asp
That would in effect create totally custom access levels.. but you would
have to do it manually for each user.
You can also do things like this after a person logs in
Show custom html to any specific user based on either their username or
access level ... like so
say there was a menu and a certain link should only show up to username
"paully67"
you could do something like this
<HTML>
<HEAD>
<TITLE></TITLE>
</HEAD>
<BODY>
<br>
<a href="main.asp">Home Page</a>
<%
If Session("USERNAME") = "paully67" Then
%>
<br>
<a href="paullys_page.asp">Pauls Stats Page</a>
<%
End If
%>
<br>
<a href="links.asp">Links Page</a>
</BODY>
</HTML>
Or you can show custom HTML or links based on Access Levels or any other info.
You can do just about anything with if-then statements and
using the built in vbscript functions..
Hopefully this info will help to give you some ideas...
Bottom line is you have to do some work within your site to make the Access Level system really come alive. cwilliams38403.6781481481,
Just want to be able to log users in from the home page via a username and password box somewhere say on the left hand side with a login button. Like most sites have.... i cant seem to figure out how to do that with the software.
My other question is..Is there a way to incorporate this software into an event registry? What i mean is this:
Say a company is having a pool party, BBQ, and tennis lessons (just examples)
When a user registers with aspprotect i want him/her to have the option to register for one of the events. Also, I as the admin, would like to be able to view who and how many registered for each event... Here is what i am talking about (and it has a payment option to charge for an event which would be PERFECT if you could do) http://www.cescripts.com/demo/registration/view-events.php
Please let me know if there is a way to add this option or create...
, I was actually able to do similar thing by allowing our dedicated search engine to access the site unchallanged.
<%
If Trim(Left(Request.ServerVariables("HTTP_USER_AGENT"),11)) = "MYPASSWORD" Then
SearchFlag = True
End If
If SearchFlag <> True Then
If Session("Access_Level") > CHECKFOR or Session("Access_Level") = "" Then
%>
<!--#include virtual="/Auth/check_user_Code.asp" -->
<head>
<title>My Title</title>
</head>
<body>
My Protected stuff here
</body>
</html>
For this to work, the search engine must pass the PW to the web site. I just was not sure how to do the same thing with IPs. I will play with the code and see what happens. If it works, I will post it here to help others, if this is OK with forum rules.
Thanks,
Mo , Oh, I just remembered something..
It's been a while since I did this... :)
Nevermind what I said above as that is a different sort of "debug"
When you want to debug like your talking about find this section in the "web.config"
<compilation defaultLanguage="vb" debug="false" />
change it to this
<compilation defaultLanguage="vb" debug="true" />
When you run the code in a production environment change it back though
More Info
http://support.microsoft.com/default.aspx?scid=kb;EN-US;3061 56
, If a picture does not show after uploading it is one of the following things.
The upload method chosen is not supported on the server
or
The physical path specified to the pictures folder is not correct.
or
The URL to the Pictures folder is not correct.
or
Permissions to the pictures folder have not been set properly
Here is more information on how permissions are set.
http://support.cjwsoft.com/code/moreinfo136-1.htm
http://support.cjwsoft.com/code/moreinfo56-1.htm
Without more information and the settings you have entered and chosen that is all I can offer for now. ,
Error when click on banner. (I remove on error resume next in config_inc.asp)
The conversion of a char data type to a datetime data type resulted in an out-of-range datetime value.
banner_redirect.asp, line 36
Database - MS SQL Server.
Gignutyi38368.5403935185, See, and that's what I thought. What's interesting is that if I call either an aspx page or an asp page in the iframe tag, it asks me if I want to open the page, it doesn't display it. I'm using IE6 so there's not problem with the support for the tag.
I'll keep looking to find out what's going on. I think the iframe method might work best.
JDooley , Running in parallel for testing is actually a smart way to do it, but the truth is you don't use anything from version 6 except the upgraded database (we have a tutorial on how to upgrade the database)
Version 7 was a drastic change /rewrite to all of the asp files that come with the application. So you will be starting out with fresh version 7 ".asp" files and folders... You will also find that once you get version 7 running that editing certain things like the look of the users area and the login screens is much easier to do.
That being said any of your own ".asp" pages that you protect use the same protection code they always did, so there will be no drastic changes needed there when you do finalize the upgrade.
If using MSACCESS as the database I suggest installing the application somewhere in your web and using a fresh ASPProtect 7 database. Once you are familiar with the setup and everything is working fine. Attempt the database conversion and when your done stick your converted database in there and see if everything is ok.
Also, if you already purchased the application download the latest version before doing the install. It's the same download URL. If you don't have it email me and I can hook you up. I have added some new features and fixed a couple minor things since it's release.
So far the feedback on version 7 has been awesome.. cwilliams38414.0133680556, The protection code for my group3 is:
<!-- Begin ASPProtect Code -->
<!-- Groups with access to this page. ( * GP03 * ) -->
<% GROUPACCESS = "3" %>
<!--#INCLUDE FILE="check_user_inc.asp"-->
<!-- End ASPProtect Code -->
btw - sorry but I am using v7
and thanks for the assistance , I had some issues with passwords not working. I cleared them up by
going to the affected user and typing in the desired password manually
on the edit screen. Worked like a champ every time, and I haven't had
to do that for some time now.
, Personally, I think that is something you should work into your existing site code or something you should handle on your own.
It's basic site maintenance issues.. and something every webmaster must deal with on an individual basis. If you are going to upload a new version of some large file of course you should go disable wherever people are dloading it from and then wait/re upload/turn things back on.. etc etc
It is not going to be a feature of ASPProtect and I don't see why it should be. If you want to have some sort of global site is temporaily down thing you should have a common server side include on all your pages right after the password protection include file. In that include file you could easily stop site access with a response.end and also show a message.
Or you should disable a file download page manually on a file to file basis.
Really, big busy sites that have their sh*t together use versions of files for a reason. Every new upload is a slightly new version revision and has a slightly different file name They do this partially to eliminate the problem your talking about and also because that is the way it should be done. Nothing gets uploaded over itself ever. Even if there is a mistake in a file they upload a new revision and document it in the revision/changes file. And of course they dont show users a link to a new file revisions until it is uploaded.
, It sounds like permissions... to the database folder specifically
they are not correct
It could also be that your odbc drivers are very new and you are not using a new enough version of the access Database. I recommened using the 2002-2003 verison of MSACCESS
Now.. if using a SQL Server Database permissions to certain tables are handled in enterpise manager cwilliams38303.5892708333, I think I have successfully integrated Paypal but seem to have a slight
issue. Once a person has entered the Paypal site but cancels their
order, the ad is still placed on the site. The optimal way for my site
to work would be to cancel the ad once the Paypal process has been
cancelled. Any help would be great.
Thanks
, When I designed the system I never really intended people to type in long descriptions for pictures
and if they did I assumed they would use the enter key once in while..
but I guess people dont do that
This thread is along the same lines and shows what someone else did about this..
http://support.cjwsoft.com/code/moreinfo99-1.htm
though they are talking about a different page its the same issue , It runs on either... I used IIS
I dont remember much about installing it except it went pretty smoothly / no issues, What other information do you have ?
Details are very important.
Info on situations where it works... like OS, browser version.. etc etc
Info on situations where it does not work... same stuff
size of the PDF files ?
server info ?
Maybe protect a page and offer a PDF file so myself and some of the forum users can try it and report back what happens.
Also, Many people zip up PDF files when letting people download them as browsers can act pretty odd at times with them. Perhaps that is an option. , new version is still not finshed as of the end of the year... I am not going to release it until I feel it is ready., I've encountered another problem. When i edit the link for existing banners and save it, the banner reverts to the old link instead of the new one.
The directory where the the database is located to rwed so the permissions is not a problem.
Any advice?
Thanks
, you have to check the session variables for groups a little differently.. info on that is here
http://support.cjwsoft.com/code/moreinfo198-1.htm
, Christopher,
Thanks for the reply. I think I've found my problem, but can't test until later in the evening as it is on a live site.
Darrell , It is common when testing a site that this happens because of the nature of session variables.
Admins have access to EVERYTHING so it is very important when testing different user accounts that you specifically log out... and then close every single browser window before logging in as a different user. This is to ensure session info from the previous user does not overlap in any areas.
(The session variable for admin access being the main one)
Under normal circumstances a user would not log in with many different accounts on the same computer this this would only be a problem for a developer who is testing.
So make sure you go to the to log-off page and log off.. then close all browser windows.. then test another user.
If all this is not the case then something else is going on and I will need more information. I pretty much know the level checking code for ASPProtect Version 6 is correct as there has been no reason to change any of it in over a year. I would have heard reports of problems with it. , question 2 is answered best here
http://support.cjwsoft.com/code/code_info.asp?TID=319&KW =paypal
Ok, got it. Didn't know if there was something already set up for this that I was missing.
>>I should also mention that the paypals scenarios used in ASPProtect can not be tested using PayPal's sandbox.
Ok. Thanks.
>>Also test using two real PayPal accounts and on a live setup. (You'll allowed two paypal accounts) then you can log into the other and refund the transctions and of
course it makes sense to use low amount like 1 cent and what not.
Yeah, been messing around with
that. Got everything going except the return page which I can't
do until the site is live. 
>>Also, I'd love to see what you came up with with the
integration. I have been working on it here as well and took it in a
different direction as I plan to sell directions for it as an add-on
for aspprotect.
Ok. Will email you with a username and password for access to the site once it's live.
Sounds like a great add-on for ASPProtect!
Thanks!
Michelle
, I'll try to help when I get back tues night,, see the contact page for info on where I am
http://www.cjwsoft.com/contact/default.asp?Subject=CJWSoft+G eneral+Inquiry ,
AUGUST 12th 2004
NEW VERSION OF ASPBANNER IS BEING RELEASED THIS WEEK
ASPBanner Unlimited Version 8.0
It is completely finished.
http://www.aspbanner.com/
This new version has more features and is selling for $99.95
Unlimited Version 7.3 is now named "ASPBanner Standard"
Owner's of Unlimited Version 7.3 can get an upgrade to Unlimited Version 8 for the difference in price (based on current pricing)
It is available now for purchase at the following link .
http://www.aspbanner.com/purchase_unlimited_v8.1_classic_upg rade.asp
The new version can use your existing database so it is a fairly easy upgrade.
If you are not an existing ASPBanner Customer you can use the following link to purchase the application normally.
http://www.aspbanner.com/purchase_unlimited_v8.1_classic.asp
Notes on the new version:
ASPBanner Unlimited Version 8
Improved graphics and some new icons
New reports screen... 4 reports total 3 of which are new
New Iframe Banner Calling method with built in auto refresh feature so banners can rotate at a specified interval on their own
New Zone Order Informaion Page
Visually shows you what the current rotation looks like for a zone
Banners can now be stopped at a certain date and at an impression limit
Whichever is hit 1st.. before it was just one or the other
New "data" folder... this new directory is the only directory that needs permissions
this should make setting up the system and permissions a breeze.. all cjwsoft applications will
eventually use this same folder
New configuration text file... eliminates config table in the database and allows us to easily
add more config options in the future without changing the database.. means easier upgrades down the road
and faster loading of the configuration data
New application data connection wizard
makes setting up the data connection a no brainer
more overall emailing methods supported
CDONTS
CDOSYS
ASPEMAIL
ASPMAIL
ASPSMARTMAIL
DUNDASMAILER
JMAIL
SASMTPMAIL
Bamboo Mail
Simple Mail
ASPQMail
QuickSoft EasyMail Objects
OCXMail
Persists ASPEMail now supports outgoing SMTP authentication.
Simple Mail now supports outgoing SMTP authentication.
It is becoming popular for ISP to use this.
Emailing code now uses functions so we can easily add more email component support down the road
Flash files (.swf) can now be previewed and used in new banner right from the upload page
before this could only be done with image files
Users page now has a notes popup feature
when you hold the mouse over the icon you see all info on a user without needing to edit that user
Edit banner page now shows the color of the banner status in the dropdown menu
New clone banner feature.. allows you to easily create similar banners
Banner application page has been optimized to be even more efficient
Javascript popup calendar date selectors
Ton of misc little things & Improvements...
Some Screenshots
 , Turn off "Show Friendly HTTP error messages"
If you are getting errors with your ASP application go to Internet Explorer and make sure this setting is unchecked. Having this checked can cause a generic error to be displayed in you web browser when ASP code encounters an error. This generic error message doesn't really help you fix the problem. Having this setting unchecked will usually result in a more detailed error message and the line number the error is occurring at, thus giving you a good clue as to where the problem is within the ASP code. If detailed ASP error messages have been disabled at the server level this setting will make no difference. cwilliams38084.7513773148, Got any info for me on this ?
Chris , Sorry Chris,
It didn't fix it. Looks like I had the current code. I bought the system in mid-April. The version says 3-10-2005.
I do know that in the database, the password shows as " éG" but in the error code, it shows as " éG". The square character is missing.
Thanks,
Mick
Edit: well heck. It skips the square box here too. The password in the database puts a square box in front of the éG , Everything is running fine.. I can read ads... reply to them. but when I click sign in or register.. I get a server error.
Any suggestions
Thank You , [QUOTE=cwilliams]Humm, Did you make any changes to the code ?
Solid Black is not the default so it must have changed at least once.[/quote]
I did change the top_logo.gif and the associated link. That was on the default page not the Solid Black skin which is unchanged. After downloading/uploading the skins I tried changing it to one of the Beach skins and that's when it changed to Solid Black and has been stuck there ever since.
[quote]Otherwise it might be some sort of application variable problem.
I would make sure the web is and "application" in the IIS console.[/quote]I don't have access to the Microsoft IIS console as this is a host site. I can access the site's "control panel" but it does allow for those type of settings. Mostly just permissions, DSN entries, etc.
Thanks.
Al , Of course ASP.NET is and HAS been installed. I have been running asp.net scripts for years on it. I am not new to asp.net nor setting up the server or anything. ASP.NET is properly installed and works perfectly.
You are missing the fact i mentioned it is a DOMAIN CONTROLLER.
I have come across MANY articles ONLINE via GOOGLE that mention if it is a domain controller, for some reason the aspnet account is not there or gets deleted.
IN ITS PLACE GOES THE IIS_WPG ACCOUNT. IS YOUR SOFTWARE NOT COMPATIBLE WITH THIS ACCOUNT?
Is it possible to run ASP.NET scripts without ASP.NET not being installed? Because I have been running asp.net pages without any problem. , Hi,
How do you know permissions are ok in that folder ?
Please tell me more on how they were set.
Please read through my article on how they are set correctly.
http://support.cjwsoft.com/code/moreinfo136-1.htm
Often times they are not set correctly or people thingk they set them somehow but in fact did not do it the correct way.
I would also suggest using the "test_physical_path.asp" page in the "extras" folder to verify if the path you are using to the database mdb file is in fact correct. That page should work whether permissions are set or not. At least then you will know if the path is correct or not and you can go from there. , Installing and running NET on a DOMAIN CONTROLLER is a BAD idea period.
Besides the security risks you will have nothing but endless problems
with that setup. Domain controllers ARE NOT and NEVER were intended to
be run as any sort of application server. Your best bet is to run your
asp and asp.net scripts from a member server or one set up just for web
apps. Of course if your in the mood to mess around endlessly it is
possible to make that work, but why would you want to when the prefered
solution is a heck of a lot easier.
, You cannot use server mappath in the connecting string of the application. If you want to know why read my article.
http://www.powerasp.com/content/hintstips/physical-path.asp
Make your connecting string just like in my example.. do not use the oledb connection string either as it will cause other problems.
If you need to find out the path to the mdb file you can use server.mappath to get that info but do not put server mappath in the connecting string. See my article again.
then if the database folder has proper permissions and the path to the mdb file is valid it will work... otherwise you get useless errors, its really that simple.
You also may want to download ASPTest from www.cjwsoft.com it is designed to show a person how to setup a working data connection., trust me, they (serverobjects) do not check processors.. as a matter of fact they haven't answered support emails for about 3 years. All they do is sell those components like hotcakes and take in mad crazy cash. But I will say the stuff does work well and always has. (that guy probably took all the money he made/makes from those components and took off to Jamaica or something sitting on the beach drinking margaritas)
regardless,
ASP just cant resize pictures on it's own.
It' just not possible. You need a 3rd Party component.
There isn't much to say about the ASP.NET thing.
If your server has ASP.NET installed (meaning you can run aspx pages on your server and the ASP.NET framework is installed) and running you just pick that option in the config file and ASP Photo Gallery will use ASP.NET to make dynamic thumbnails for you.
To run ASP.NET it must be a 2000 or 2003 server. , While my host says the permissions are now correct....its still trying to download the setup ASP file instead of executing it.
I really need to get this application working asap too. I noticed the purchasing page said that install came free.....so any help would reaallly be great.
re , Your going to have a lot of problems and a lot of the code will have to be re-written.
There are a lot of things in the the code that the MYSQL database system does not support or has issues with . I know because I once made a version of ASPBanner work with MYSQL and it took weeks of work to get it stable.
Null field types can cause problems... but mostly ADO updates which I don't think MYSQL supports at all. All of the ADO stuff would have have to be rewritten.. etc etc
That's probably why you cant get much of the code to write to the database.
Here is a generic example.
An update to an existing record using ADO
http://www.powerasp.com/content/database/ado_update.asp
And update to an existing record using an update query.
http://www.powerasp.com/content/database/using_update.asp
All through the the code the ADO updates would have to converted to update queries which means a lot of work.
I used ADO a lot because I like it and it is little easier to validate data before it is written to the database.
It is also a little easier for customers to understand when they look at the code.
Anyway....
The app just was not designed to work with MYSQL.
It was specifically designed to work with MSSQL and MSACCESS only.
This holds true for all of our applications.
Your running off an IIS 5 Server so I would suggest just using MSACCESS as the database. The Photo Gallery app will run very well using MSACCESS. , I do not what is going on at this time. It is not a known issue.
If is is not working it would seem to be a problem with the application variables on the server possibly and your web.
Perhaps try installing it on a local machine and see if it works for testing sake.
Also.. if your stuck with the black skin you could always just edit the information in the that skins folder to get the app looking the way you want.
That and the header and footer files that comes with the app are what control the look of the system.
cwilliams38294.5880208333, You can not edit that code with dreamweaver. It will re-arrange the asp and kill it.
If you want to change the look of the login html you have to edit the html by hand in a text editor.
Or create what you want on a blank page using your editor of choice and carefully use parts of that in the ASPProtect code.
In version 7 the login screen is one asp page by itself and is much easier to edit with just about any editor. In version 6 you have to know your html and be careful.
Either way I am not sure templates are a good idea for something like that. That sort of thing tends to cause problems with dynamic code that executes under different directory levels. You want to stick to regular html techniques. , (FREE) Nov 23 2005 Update Files
If you purchased ASPProtect Version 7.x before Nov 23 2005 then you can download these Update Files.
(These are non-critical updates.. only update if you want the described changes below)
These updates do the following..
- Make the Tabs in the Admin area move up and down as you navigate around so they look more like tabs used in a file cabinet.
- Updates the import/export process so the tab delimited text files created now store the passwords in plain text instead of encrypted. I have been thinking about this one for a while now and I think it is better this way as it was confusing a lot of people. If can also kill the whole process if by chance the encrypted output of a password contains a line break of sorts. There is no way to deal with that scenario so this is way the import/export process is going to work from now on. This also means you should be VERY carfeful about leaving export files lying around as they will have the passwords in them.
- Updates the "expected_paths.asp" in the data folder because the paths it was generating had an extra "data/" in it.
- Updates the users page so it will not show the import/export link if you have not entered a path for the export files in the settings.
- Adds an Activity Tab if using the Activity Tracking features instead of the links it used to put on the users page that most people didn't see.
To install these just copy them in over the old files.
Now of course back up your existing files so can revert back if there is a problem or you do not like the changes. If you made any custom changes to any of your pages use your head and realize that copying these in over your existing files will overide any custom changes you made. (that is your business, I am just warning you)
2005-11-23_163025_ASPProtect_v7_11-23-2005_update.zip
,
Timecard Entry: 3/25/2006 4:42:46 PM
steady morning. quality checked sign ups, cancellations, reports, callbacks from voicemail, checked emails, answering phone, taking signups, , CHR phone meeting with Randy and Darrell, Finding project for Bill - Gave him TICS web w/instructions to make reports accept multiple entries., Working on GL Solutions bundle page, Roy from the Flour Shop called complaining about his store software abd how the manufacturer search was showing categories twice. I explained to him why it was doing that and he didnt like my solution so I decided to change the code so that he could do what he was trying to do and then I wouldnt have to hear about it anymore. Below is an excerp from an email I sent him.
Roy..
I added some code so that when the manufacturer screen shows the subcategories.
It also in small text shows the Category for that subcategory next to it.
That way they will be distinguised automatically.
I spent an hour trying to figure this out and If you dont want that feature I will get rid of it.
I was just trying to help.
If you like it that way you should be able to have the same subcategory associated with the same category because they won't show up as duplicated, but as slighty differnt because it will say what category it is part of now also.
So if you put it like you had before you called me It should work ok.
Its still going to show each subcategory twice because they are part of different categories but at least it will show the category next to it.
Its up to you.. I know you've been trying to get this figured out and I am just trying to help., Prep for the investot meeting and TICC opening, Heritage cheese- set up meeting for next wednesday to sign for internet access andtraining on soft vendor, batching and answering phone. , also moved office furnature, Email/Voice Mail/Time Card, misc proposals, business fair info, PO travel and registered everyone for VBITS, Carol helped me to set up new payroll files for 2001-and then deleted other in the copies, Suprema return to Watertown, Interview Jeff Hall, Discussing Internal Billing Issues and Understanding PO process., Read and responded to emails, Updated Production assignments list, put it in Outlook, helped a few people with errors connecting. did some email problems, Lunch, Lunch, domain registration changes, Lunch, (billable???)DHTML troubleshooting for Samaritans web site, Drive back from Syracuse (90 miles), meeting with 4 major realtors from geneseo board, Still working on airlines (Errols had to be mailed back), Community Service - TI Youth Hockey budget Committee meeting, Finish running cables for Syracuse IPRS, terminating one ethernet connection to basement and installing a Cisco 7200., batching and answering phone,
| 
