Blog Entry: 3/25/2006 4:56:21 PM
I just added this line to the paypal1.asp
page
<input type="hidden" name="currency_code"
value="CAD">
and it worked. Clearly other values can be entered for other currencies.
Everything was listed in this manual https://www.paypal.com/en_US/pdf/subscriptions.pdf.
Cheers
Roy
, The Double DIM needs to be removed for this code to work properly.
<%
Dim BannerZone, BannerConnectionString, BannerDatabaseType, ConnBannerSystem
Dim CmdCheckUser, CmdGetConfiguration, App_Name, Config_SQL, BodyTag, BanDataConn
Dim CmdBannerTemp, CmdGetZones, ZoneString, ZoneArray, ZoneIndex, CmdUpdateWaiting
Dim CmdUpdateExpired, CmdRetrieveImpLimitedAds, CmdRetrieveImpressions
Dim CmdUpdateImpHit, CmdRetrieveAds, CycleBannerTotal, CycleList, NewCycleList
Dim Dim LoopBanner, CycleLoop, CycleListArray, CycleListArrayIndex, BannerCycleData
Dim Banner_Array, CurrentBanner, NewCycleListArray, Banner_Array2, LocationIndex
Dim Stop_Processing, Keep_Processing, CmdUpdateStats
%> ,
Using just ASP (Form Based Authentication) you can only protect the actual content of the ".asp" files.
You can however use some ASP tricks to stream other types of files to the users.
That way the actual file locations are never known and they can only get them/see these files when they are logged in as you would be streaming files to them after they logged in.
Below are informative links I have collected on the subject in an email I sent to another customer a while back.
Using Active Server Pages you can only protect ".asp" pages.
You can however password protect ".asp" pages that stream files to the user using code like in these examples therefore keeping the actual file name a secret.
And from another email I sent...
ASPProtect only protects the content of ".asp" pages. Directory protection is not possible using just ASP.
Other file extensions can not be protected using just ASP.
There are ways to get around this.
You'd want to do a technique like this to stream non ".asp" files to the users.
The safileup component from softartisans can actually do something similar as far as streaming the files go.
Then use something like ASPProtect to protect the ASP files that streams the files.
The actual location of the files is never known to the users and of they don't have access to the asp pages they can not see or get those other types of files.
Very doable, but nothing ASPProtect takes care of automatically.
This info above should get ya on track.
cwilliams38344.8751736111, I have accessed the "get_me_in.asp" page and entered the password encryption key. Once I entered it, I was taken to the ASPProtect Admin Area Login. It does not give me the option to create a new user as is described in the general installation documentation. How do I access the program now?, It is not something I did when I wrote the emailing sub routines. You would have to edit the email sub routine for CDONTS and add something to it most likely. The email sub routines are in the "scripts" folder in the "emailing_subs_inc.asp" file.
I am not sure you can do that when using CDONTS though I think you can do it with CDOSYS. You would have to do some research and edit the code like I mentioned.
, Sorry, there is not any documentation on that.. it is basic asp/database work and customization like that is not supported. I recommended looking at what is already there and using that as a guide to produce more fields. etc etc , I finally spoke with someone who knew what I was asking for and they set the rights and all is fine.
Thanks for your help. Wish all business' had customer support like here , Banners no longer show up on my site ?
If banners were working fine and now they are just not showing up.
1st check to see that you are calling a valid zone with live banners in it.
If you are then most likely this it what hapened.
The web server must have crashed or lost power and now the application variables are in limbo/not working.
I have seen this happen 3 times. Twice on my own server when the power went out for 2 hours and once on a customers server.
Basically the application variable system gets all messed up because it was not shut down properlly.
The ways to possibly cure it are as follows.
Edit and save a banner in the system. Hopefully that gets things going again.
If not... keep reading for the more drastic cures..
Go to the command prompt on the server and type "iisreset"
Sometimes that is enough.
Reboot the server.
Sometimes that is enough.
Stop the web in the IIS console.
Sometimes that is enough.
Stop the individual processes for each web in iis
"you must really know what you doing and be very careful about doing this"
Remove and recreate new applications in IIS for the web in question.
And sometimes it just takes a combination of the things listed above and a few reboots. I don't know the best way to cure it but I do know why it happens and the steps listed above can get things back on track.
Again, this is because the server lost power or crashed as far as I know.
It was not allowed to shut down properly which sometimes happens.
You'll know things are ok again when you see your banners show up on your site. cwilliams38295.0183101852, Thank you for the response to my question. In the mean time if I can figure any workaround I will post it here. , Hi
I downloaded the .chm format installation documentation but when I open it I get the index but can't see any of the pages so am a bit stuck. , Hi,
First and foremost, a great product. I downloaded it last night and it took little effort to get it up and running 
.....now a little question...
Has the software/code been tried out on a Mysql db and if so did it work?
The reason I ask is that my website is very busy (1.5million page views per month avg) and I'm considering converting the ASPBanner Access db to a Mysql one to help handle the traffic. For every page view one banner impression is being made which means that the Access db is under a bit of pressure
This afternoon there were 1012 simultanious users on the website and it froze with an error message displaying where the banner should have been (I didn't quite catch the message but something to do with the banner script timing out). I'm not sure if the Access db had something to do with it but it seemed too coincidental. Rebooting the server cured the problem but obviously kicked off the visistors as well
At present there's 668 online and no problems so I'll have to monitor it to see how it goes but if anyone can answer the Mysql question I'd be grateful
Thanks,
Dave , one thing to note... the time period we are talking about is going to to be whatever you have the session timeout set at in the settings.
perhaps making that value lower like 10 minutes is an option for you.. and might help to deal with situation
, Thanks for the quick reply!
I was thinking it was an ASP config/install issue.
I usually deal with Linux/PHP, so this is all new to me :) , Our home page is not showing up gives this error:
Active Server Pages error 'ASP 0126'
Include file not found
/Default.asp, line 246
The include file 'elib/articles/home_feature1.asp' was not found. , Now that I think about you may very well be able to use the existing login_form_inc.asp page
the header and footer files for the users area may be ok as well.
probably the smart thing to do is try your old ones and compare them to the new and see if everything you need is there. If not add it by looking at the source html and comparing.
All other files should definetly be replaced with the new. , No problem. I get it now.
I added a Session Variable for "Counter". Then wrote an If statement around that. When the user logs on for the first time they see a window pop, after that the normal start page.
Thanks
, lmao ... ya that has never happend to me before.... , Protecting ASP Pages
To protect a page without using the Access_Level or Groups feature simply add this code to the top of that page.
Put this under the <%@ LANGUAGE="VBSCRIPT" %>
<!--#INCLUDE FILE="check_user_inc.asp"-->
This is an example of a File Server Side Include. You could also use a Virtual Server Side Include.
The following URL explains what Server Side Includes are.
http://www.powerasp.com/content/code-snippets/includes.asp
Now when someone runs that page they will prompted to login. They will not be allowed access to that page until they successfully logged in.
An example of doing this is provided in the "default.asp" file included in the root of the Password System.
Look at the source code with a text editor to see the working code. It is quite simple.
Protecting ASP Pages Using Access Levels
To protect a page using the Access Level feature simply add this code to the top of that page.
You simply specify the Access Level before the include file is called. In this example we are protecting the page with Access Level 4.
Put this under the <%@ LANGUAGE="VBSCRIPT" %>
<% CHECKFOR = "4" %>
<!--#INCLUDE FILE="check_user_inc.asp"-->
This is an example of a File Server Side Include. You could also use a Virtual Server Side Include.
The following URL explains what Server Side Includes are.
http://www.powerasp.com/content/code-snippets/includes.asp
Now when someone runs that page they will prompted to login. They will not be allowed access to that page until they successfully logged in as a Level 4 user.
Examples of managing Access Levels are provided in the "multiple_access_levels" folder included in the root of the Password System.
Look at the source code of the ASP pages in that folder with a text editor to see the working code. Again, It is quite simple to follow.
Protecting ASP Pages Using Groups
Please see the code generators in the admin are for the code to do that. cwilliams38403.6864351852, The Pop-Up Javascript Date Pickers will only show up of your server's regional settings are set to one of two lCID values.
1033 which is English - United States
mm/dd/yyyy date format
or
2057 which is English - United Kingdom
dd/mm/yyyy date format
Many servers are set to run the default LCID which is 2048 so the banner system will not show the date pickers.
This setting can however be easily overwritten when using the ASPBanner system.
Edit the "config_inc.asp" file with a text editor.
Add this code between the <% and %> tags.
Near the top is good
Session.LCID = 1033
or
Session.LCID = 2057
depending on what date format you are looking to use
Save the file and go edit a banner. The date pickers should be there now. cwilliams38325.7403125, OMFG, Christopher
Thanks for a speedy reply. This is what I have used most recently...
ListingsConnectionString = "DSN=longreach;UID=lradmin;PWD=skipper;"
DatabaseType = "SQL"
but that throws an error of:
[Microsoft][ODBC Driver Manager] Data source name not found and no default driver specified
I have private messaged you my SQL server IP address. I am a fast learner with ASP (I think!) but some things really catch me out! , Chris,
I've given the IUSR account modify access for the aspprotect folder.
In the ODBC manager module on the webserver I've taken out the aspprotect access driver option.
The dataconn_inc.asp line reads as
ConnectionString = "DBQ=D:\missourirealtor.org\members\aspprotect\data\database \ASPProtect_access2002.mdb;Driver={Microsoft Access Driver (*.mdb)};UID=Admin;Password=temp"
Now this should make it DNS-less correct? with the permissions set properly?
I've also taken out the password on the access database.
The original database of users I had was an access database from a different program called spooky login. I exported them into a tab delimited file and changed the column headings to match those in aspprotect exactly. Actually access would not let me import them in the databases without them being exact.
I imported that information directly using access's import options. I tried the import/export manager in aspprotect but kept timing out as well.
, Dear Christofer
I already have send you the details you asked me for. Please let me know if you have received , ASPProtect v7.x has a new feature called groups.
Groups are meant as a replacement for using the access levels as they are much more powerful. Support for pages protected using access levels is left in tact for backward compatiability for a customer that was using them.
A customer recently told me groups could not be used like access levels and that 8 access levels was not enough. This is how I explained that groups can do everything access levels can do.
Groups can honestly do everything access levels can do if you really think about it.
Using groups and protecting pages accordingly you could actually create a system that basically worked identically to the way the access levels works.
For example..
You make 8 groups and assign users to them accordingly
Protection code on page allows access to groups 1-8
The aspprotect system generates this code for you…
<% GROUPACCESS = "1,2,3,4,5,6,7,8" %>
<!--#INCLUDE FILE="check_user_inc.asp"-->
In this case a user assigned to any one of those groups would have access..
Protection code on page allows access to groups 2-8
The aspprotect system generates this code for you…
<% GROUPACCESS = "2,3,4,5,6,7,8" %>
<!--#INCLUDE FILE="check_user_inc.asp"-->
In this case a user assigned to any group between 2-8 would have access..
Protection code on page allows access to groups 3-8
The aspprotect system generates this code for you…
<% GROUPACCESS = "3,4,5,6,7,8" %>
<!--#INCLUDE FILE="check_user_inc.asp"-->
In this case a user assigned to any group between 3-8 would have access..
and so on... I think you should get the picture by now , yes, How can I have fixed size height and width image without distortion. Is there a component that I can use or how can I change the existing code.
yes, unless its ratio matches
how could it not be ?
Please keep questions like this in the forums... thx.
there is no need for this to be a private message
-- Previous Private Message --
Sent by : eeye
Sent : April/29/2005 at 2:19pm
If I choose fixed width and height is the thumbnail image going to be distorted?
-- Previous Private Message --
Sent by : cwilliams
Sent : April/29/2005 at 1:17pm
that is not possible unless you rewrite the code.
You onlyahve the two options we give in the config file for thumbnails
fixed width and height all the time
or
fixed width / dynamic height
-- Previous Private Message --
Sent by : eeye
Sent : April/29/2005 at 1:07pm
Hi William
One more questions for you. is there a way to make sure that all the thumbnails are the same size without distorting the images (in the thumbnails). Or if a picture's height is bigger than its width is there to create the thumbnail such that the height of the orginal becomes the width of the thumbnails and vice versa.
Basically I just want the thumbnail pictures to be in a perfect row with all the picture heights the same and all the pic width the same.
Thanks
Sean , It should be released sometime late May 2004 or early June 2004 but no gurantees as I am pretty busy right now with some projects.
There will be upgrade instructions and it should be a fairly easy upgrade. , Some of our users complained that their users id and passwords are sent in the clear. So we decided to invest in an SSL certificate from Verisign. It has been tested fine with all forms and pages in ASPProtect version 6. The only remaining page which I am not sure how to protect is the home page. Let's say my home page is http://www.MyDomain.com/index.asp. When the user goes to this link he/she will be presented with the check_user_inc.asp page so he/she can enter their ID and PW. So how to make the login information send from this page thru HTTPS? , Chris: You are right about a little extra coding to make it work. I am still learning .ASP coding, so I did a little web searching and used IF THEN statments to confirm a member logged in with a valid Access Code. If valid, the protected page executes, with the Member's Name and Access Level on a single line at the top of that page. Looks sharp! If not logged in, or a non member (who found the page via Google), I used a Redirect to send s/he to a login page with optional links as you suggested (http://www.vspa.com/aspprotect/vspa-password-failed.asp) . I couldn't get it to work when using Group Access, but I am sure that is just because I am a novice at .ASP (I will post that example when I figure it out). Meanwhile, here's the code I used that works:
<%@ LANGUAGE="VBSCRIPT" %>
<!--#INCLUDE FILE="dataconn_inc.asp"-->
<!--#INCLUDE FILE="check_user_inc.asp"-->
<!--#INCLUDE FILE="config_inc.asp"-->
<% =Session("First_Name") %> <% =Session("Last_Name") %>:
<%
If Session("Access_Level") = "6" Then
Response.Write "VSPA Active Member Access Level 6"
End If
If Session("Access_Level") = "7" Then
Response.Write "VSPA Life Member Access Level 7"
End If
If Session("Access_Level") = "8" Then
Response.Write "VSPA Officer/Staff Access Level 8"
End If
If Session("Access_Level") < "6" Then
Response.Write "Access Level 1-6 NOT AUTHORIZED RESTRICTED AREA ACCESS"
Response.Redirect("vspa-password-failed.asp")
End If
%><!-- http://www.vspa.com/aspprotect/vspa-password-enter.asp -->
<!-- *** End ASPProtect Code *** -->
<html>
<head>
, Actually, I think I just found my answer...
I will take out the StrToFix = Replace(StrToFix," "," ") bit of code and see what happens...
- Jason
Jawa38406.4721412037, if you just see code then you do not have ASP and Web Server setup correctly.. Basic IIS Server Setup stuff and not something I cover, but there is plenty of info out there.
http://www.aspfaq.com/show.asp?id=2084
http://www.codefixer.com/tutorials/installation.asp
http://www.webwizguide.com/asp/tutorials/installing_iis_winX P_pro.asp
http://www.w3schools.com/asp/asp_intro.asp
, I had a question about user registration and how it works, mainly because I am having a problem.
When a user registers, with the email verification setting, I am assuming that there is supposed to be a new record created in the USERS table in the database. What could cause this not to happen?
Actually, in testing further I found that with the setting at Auto, Manual, or email, the record is not added to the table. And, if I am logged in as admin, the Add User button does not do anything.
I can however edit and delete user records...
Hmmm, adding a Category yields the same thing. And loggin in as a non-admin user still displays some of the menu items for admin, but then gives a page can not be found error if you click on one (ie, approve).
This looks like a db issue to me, I will have to try this with access and on a test server...
Any thoughts?
- Jason
cwilliams38303.8507291667, If you need to know how to enable them on your test server.
http://support.cjwsoft.com/forum/forum_posts.asp?TID=5&P N=1
, If you are using version 6 CDOSYS is not supported. That is one reason why version 7 came out. If you want to rewrite the code to work with CDOSYS in version 6 that is something you need to sort out on your own as I do not support custimization to the code. , Great! Sounds good Chris. ,
I'm having another problem-hopefully it's a quick fix.
it tries to go to a page: default.aspx
Server Error in '/' Application.
The resource cannot be found.
Description: HTTP 404. The resource you are looking for (or one of its dependencies) could have been removed, had its name changed, or is temporarily unavailable. Please review the following URL and make sure that it is spelled correctly.
Requested Url: /default.aspx
When i log in as admin from the aspprotectadmin/default.aspx that works fine...
where should the user be sent when they log in? Am i supposed to specify that or is it automatic? Why isnt it working for me? I dont believe i changed any settings that correspond to that either , Well. fontpage publishing is evil. That you have found out.
Do not use it. It usually wont work right when running asp code locally and also at the server because of differences with the paths and virtual directory structure. etc etc etc
You can definetly use frontpage to connect to the web site live and drag and drop files into it/edit them... but the sooner you stop using the publishing feature the better off you will be. , Got it working.  Had purchased a long time ago and forgot about needing to run the userreg.exe. All is well and thanks for the follow up.
Lance , You can also try setting asphttp's user agent property to some browser version like in this example. It might stop that info from showing up when it fetches a page from the server.
<%
Dim BanObj1Http
Set BanObj1Http = Server.CreateObject("AspHTTP.Conn")
BanObj1Http.UserAgent = "Mozilla Compatible (MS IE 3.01 WinNT)"
BanObj1Http.Url = " http://banserver.powerasp.com/aspbanner/aspbanner_inc.asp?Ba nnerZone=1"
Response.Write BanObj1Http.GetURL
set BanObj1Http = nothing
%>
Also... I dont know if these values below will work but I got them from looking at my nt logs.
Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)
Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)
And here is more info on the asphttp component and it's settings.
http://www.serverobjects.com/comp/asphttp3.htm cwilliams38248.6481365741, Different Versions of the Access Database
Below is a zip file with many alternate versions of the Access Database provided to help with installation and general usage.
2005-02-20_155310_ASPProtect_Database_Versions.zip
ASPProtect.mdb is saved as an Access97 database (password "temp")
ASPProtect_access2000.mdb is saved as and Access 2000 database (password "temp")
ASPProtect_access2000.mdb is saved as and Access 2002-2003 database (password "temp")
ASPProtect_access2002_no_password.mdb is saved as and Access 2002-2003 database with no password set on it
Try to use the newest version as server odbc drivers sometimes have to use the newest version for everything to work correctly. No password version is provided because sometimes there are issues connecting to a database with a password set on it.
Default username for access databases is of course "admin" but you really dont use that except in the data connection information. cwilliams38403.6840277778, I wasnt talking about the date for a banner ad.. I was talking about the date field in the database for a USER if there is one (I dont remember if that app had date fields for user or not and I am not at a computer to take a look)
If you do not know how to directly open up and edit the database then yes you should just make a new user,
Timecard Entry: 3/25/2006 4:56:21 PM
Hotel to Class, sign ups, general billing, copying, recp., switchboard, invoices, Emerald, Front page extensions broken on site...unistalled them and reinstalled them....then resetup permissions for the site, timecards, worked on changes to Hacketts site including setting up an admin for changing the office hours, changing fields on gift certificate (which included having to put it on the secure server), change left navigation image (including image map links), change multiple static links in store to point to home page rather than store front page (hackettsonline.com, secure.gisco.net/hackettsonline, programming, billable), Called expiring users and updated the churn report., cphospital.org - Contacted Virginia Myers for quick tutorial on how upload and banner ad components work, image sizing techniques, etc. This is billable., Admin (emails, industry reading, & organization)
, Calls regarding dial up issues and system configurations., did a few setups. general stuff, struggled with 7 computer crashes while trying to continue work on brochure, Checked online. I took a lot of calls while Ron and Alan took care of the online issues, Meeting with all Directors and the McNally's., reply to clients e-mail re: site development, Emails and had to runt to the store for cream, Manager's meeting, Ken Mills, assisting Creg systems, emails and callbacks. PROMO signups, promo with jackie, samaritan, ads, softmls press release., Meeting with Howard, teched calls, Answered tech related calls. Busy still with the 9200 lines., went and got car... lunch
, travel to watertown for meeting with palawood, lunch, Login and e-mail issues. Most due to system settings. More calls from malone. Worked very long time with a customer who would not let me off until he was logged on. Did not bother me, very enjoyable to work with, it just took a long time. He finally logged in and was very thankful., deposit to bank, Publishing North Country Insurance to my server. Can't access because is an imc-net account. Got password, published, fixed broken links.,
| 
