Blog Entry: 3/25/2006 4:55:58 PM
People who have the option pack have a new feature called groups.
Groups are meant as a replacement for using the access levels as they are much more powerful. Support for pages protected using access levels is left in tact for backward compatiability for a customers older protection code.
A customer recently told me groups could not be used like access levels and that 8 access levels was not enough. This is how I explained that groups can do everything access levels can do.
Groups can honestly do everything access levels can do if you really think about it.
Using groups and protecting pages accordingly you could actually create a system that basically worked identically to the way the access levels works.
For example..
You make 8 groups and assign users to them accordingly
Protection code on page allows access to groups 1-8
The aspprotect system generates this code for you…
<% GROUPACCESS = "1,2,3,4,5,6,7,8" %>
<!--#INCLUDE FILE="check_user_inc.asp"-->
In this case a user assigned to any one of those groups would have access..
Protection code on page allows access to groups 2-8
The aspprotect system generates this code for you…
<% GROUPACCESS = "2,3,4,5,6,7,8" %>
<!--#INCLUDE FILE="check_user_inc.asp"-->
In this case a user assigned to any group between 2-8 would have access..
Protection code on page allows access to groups 3-8
The aspprotect system generates this code for you…
<% GROUPACCESS = "3,4,5,6,7,8" %>
<!--#INCLUDE FILE="check_user_inc.asp"-->
In this case a user assigned to any group between 3-8 would have access..
cwilliams38114.800775463, Is there a way to protect other virtual sites on the server that are not under the default web site considering people may have different websites running off one server? I get the following error:
Parser Error Message: Cannot use a leading .. to exit above the top directory.
Source Error:
Line 1: <%@ Register TagPrefix="aspprotect" TagName="checkaccess" Src="../../protectpage.ascx" %>
Line 2: <aspprotect:checkaccess level="4" groups="null" runat="server"></aspprotect:checkaccess>
Line 3: |
Thanks!
,
Has anyone used the aspmail function to send and recieve emails from within your forms? If so what string did you use in the aspmail_host field in the connections database.
thank you
adam
, yup. that is correct... they can't log in so they can't see any pages you protect
its the nature of forms based authetication
, ok, I just sent you a private message with download information.
replace you existing
"check_user_inc.asp"
"admin/check_admin_inc.asp"
"admin/email_user.asp"
with the new versions in the download
Do some testing to make sure that HANNAH password works ok for you.
Hopefully this cures the issue...
If it works ok for you for a while I will offer the fixes to everyone and start using this code from now on
BTW:
"admin/email_user.asp" had an unrelated bug in it that only happened if its error handling got triggered... it was posting back to the wrong page when that happened and causing an error
, OK. If no return page is set, do they end up on a PayPal confirmation page and have to navigate back to my site by going Back or typing the web address?
Nick
, These are 4 valid examples of calling a flash movie.
The more simple examples may cause problems for people that don't have the flash plugin installed. I really do not know as I am no flash expert. All these work fine for me. Of course I have the latest flash plugin installed. Perhaps some of you can shed some light in this. The 3rd and 4rth examples are obviously only slightly different and mention different versions of flash as far as downloading the plugin goes.
<EMBED src=" http://www.aspbanner.com/test/aspbanner/images/banners/power asp.swf" WIDTH="468" HEIGHT="60">
<object width="120" height="22">
<param name="movie" value=" http://www.aspbanner.com/test/aspbanner/images/banners/power asp.swf">
<embed src=" http://www.aspbanner.com/test/aspbanner/images/banners/power asp.swf" width="468" height="60">
</embed>
</object>
<OBJECT classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase=" http://download.macromedia.com/pub/shockwave/cabs/flash/swfl ash.cab#version=6,0,40,0"WIDTH="468 " HEIGHT="60" id="myMovieName">
<PARAM NAME=movie VALUE=" http://www.aspbanner.com/test/aspbanner/images/banners/power asp.swf">
<PARAM NAME=quality VALUE=high>
<PARAM NAME=bgcolor VALUE=#FFFFFF>
<EMBED src=" http://www.aspbanner.com/test/aspbanner/images/banners/power asp.swf" quality=high bgcolor=#FFFFFF WIDTH="468" HEIGHT="60" NAME="mybannername" ALIGN="" TYPE="application/x-shockwave-flash" PLUGINSPAGE="http://www.macromedia.com/go/getflashplayer">
</EMBED>
</OBJECT>
<OBJECT classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase=" http://active.macromedia.com/flash2/cabs/swflash.cab#version =4,0,0,0" ID=banner WIDTH="468" HEIGHT="60">
<PARAM NAME=movie VALUE=" http://www.aspbanner.com/test/aspbanner/images/banners/power asp.swf">
<PARAM NAME=quality VALUE=high>
<PARAM NAME=bgcolor VALUE=#FFFFFF>
<embed src=" http://www.aspbanner.com/test/aspbanner/images/banners/power asp.swf" quality="high" bgcolor="#3CBDCD" WIDTH="468" HEIGHT="60" TYPE="application/x-shockwave-flash" PLUGINSPAGE=" http://www.macromedia.com/shockwave/download/index.cgi?P1_Pr od_Version=ShockwaveFlash">
</OBJECT>
cwilliams38089.6129513889, remeber too.. you might have to edit code you used on your existing pages in your site so they still call the "check_user_inc.asp" correctly.. though it may very well work out so it works the way it is at the new site
any redirection code you might have done may need the redirection urls changed if you used full domain urls..
things like that... etc etc etc, Thanks very much for the quick reply.
That sets my mind at ease 
I was just worried if users would see warnings in their firewall software too.
I realize that the admin would have to have to go through some errors...
And since we are throwing things in here... Definately, if you have your own server you need a Hardware Firewall and a Managed one at that. The internet can be pretty dangerous for business if you don't.
Plus, I agree Black Ice although in it's heyday a few years ago was considered great. It is not suitable for todays standards alone even for the normal user (But, it is required by the company I work with for VPN. I think it's stupid too using old technology. I have 2 more firewalls setup besides that just so that I do have some security. And, that's just for my PC)...
Thanks
, ok, I am home.. missed flight.. just got home an hour ago.
lets see.. I really need more info...
For starters are you using the delayed stats feature ? that is expirmental and could cause that problem
, New question...
When someone edits their personal information, such as address, is there any way to set it so that someone in the office can receive an e-mail noting the changes?
Thanks.
, Still not ready... I have no time to finsih it at the moment..
release date is unknown...
, One problem that is appearing is that in the admin section, in the users.aspx page, only one user is showing up when there are in fact 9 users. Also, when I click the edit user or email icon, the page does not go to the edit screen, it remains on the same page.
Also, I’ve been trying to modify the code to adapt it for our application -- by removing fields that we do not need such as address, city, state, phone, but I am having trouble getting visual studio to compile. It could be due to the fact that the rest of the project is in C#. Or it could be due to some other factor in ASP Protect.
, Thought that was already done....
Back to the drawing board...
, How can I make so it goes to certain webpages if user enters valid username and password??
I suppose user enters its information on check_user_inc.asp page, and username and password are stored on SQL database.
Thanks
, it makes zero sense really... in the 4 years we have sold this application this is really the weirdest thing anyone has had happen.., It sounds like permissions... to the database folder specifically
they are not correct
It could also be that your odbc drivers are very new and you are not using a new enough version of the access Database. I recommened using the 2002-2003 verison of MSACCESS
Now.. if using a SQL Server Database permissions to certain tables are handled in enterpise manager
cwilliams38303.5892708333, ok, 1st we need to rule out the #1 reason people sometimes think that is not working.
Is is set up never to allow the same IP to increment the count more than once in a row so when testing it is real easy to think the count isn't working because unless you can change your ip you can not increment the count more than once per album
It's a poor mans spam abuse type of deal..
For the most part it will keep some Joker from hitting refresh 100 times and inflating the count of an album.
Do you think that is possible what is happening ?
Also, here is an older thread about the same issue?
http://support.cjwsoft.com/code/moreinfo54-2.htm
, I wonder if this could this be a FrontPage problem. I deleted the skins folder and re-ftp'd the original one that only contains default and Solid Black. I logged in and tried to change it back to default but it won't. I'm going to try making this folder a Frontpage subweb to see if that makes a difference.
Al
, Humm.. that should have worked fine
why are you getting a "OLE DB" error I wonder ?
I need more information.
Database being used and version ?
Server OS Version?
Connection String being used ?
etc etc
, I would like to create a login form on the home page which will not be password protected to the site for members so that they can login right from the home page and not a password protected page like many sites have. And every portal I have seen.
Plus the login form looks really pretty and proffesional on the home page 
...
I can't find anything in the documentation that says how to do this or if it's even possible. Everything I have found says to password protect a page and then direct them there which isn't what I would like to do.
Here is the code of the login page which is an asp include file on the main page:
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1252">
</head>
<body>
<td><img src="images/a026.jpg" alt="" width="187" height="21"></td>
</tr>
<tr>
<td bgcolor="#EBEBEB"><table width="100%" border="0" cellspacing="0" cellpadding="3">
<tr>
<td><table width="180" border="0" cellpadding="0" cellspacing="0" bgcolor="#AAAAAA">
<tr>
<td><img src="images/spacer.gif" alt="" width="1" height="1"></td>
<td><img src="images/spacer.gif" alt="" width="178" height="1"></td>
<td><img src="images/spacer.gif" alt="" width="1" height="1"></td>
</tr>
<tr>
<td><img src="images/spacer.gif" alt="" width="1" height="1"></td>
<td bgcolor="#FFFFFF"><form name="form_login" method="post" action="">
<table width="100%" border="0" cellspacing="5" cellpadding="0">
<tr>
<td width="53%"><input name="textfield" type="text" class="style-01" value="username"></td>
<td width="47%"><a href="#" class="link-02">Forgot pass?</a> </td>
</tr>
<tr>
<td><input name="textfield2" type="text" class="style-01" value="password"></td>
<td><a href="#" class="link-02">Not registered?</a> </td>
</tr>
</table>
</form></td>
<td><img src="images/spacer.gif" alt="" width="1" height="1"></td>
</tr>
<tr>
<td colspan="3"><a href="#"><img src="images/a027.jpg" alt="" width="180" height="15" border="0"></a></td>
</tr>
</table></td>
</tr>
</table></td>
</body>
</html>
Does anybody know what values I would put in the form to send the correct login to AspProtect. And, if I would have to add any extra includes or code to it.
TIA 
, glad it is working now
sorry ya had trouble.
cwilliams38418.6886342593, humm, yea thats a data connection error..
really not related to the asp code in the application for the most part.
that is low level
If using MSACCESS
I would make sure permissions are set correctly on the database folder (not just the database file itself)
I would make sure your using at least a 2000 version of the database. 2003-2003 format being better..
I would make sure the server has up to date mdac/odbc drivers.. (that is really the server admins responsibility)
As for permissions there are articles in our forums about exactly how they need to be set. Improper permissions can cause a ton of random errors like that.
cwilliams38414.6528240741, I have set up a user to be redirected to a different page when logging in for the first time.
I assumed this function would count the number of times a user has logged in. When the login count was greater than 1, the user would be taken to the default.asp
This isn't happening. The user is always redirected. The user login count in the database is now 9.
What am I missing?
, Good Evening,
I have been trying to log into my site using the protected pages comments you have in support. I have copied the code in the ASPprotect 7 guide.
<%@ LANGUAGE="VBSCRIPT" %>
<!--#INCLUDE FILE="check_user_inc.asp"-->
and pasted it in my page, set the the IIS to open this page and the page will not open it and the page will not open and the error is
When I remove the two lines of code everything goes normally.
I have aspprotect in its own directory in the website. I have read the installation several times and I am afraid I am missing something blatently obvious so I really appreciate you thoughts.
I am presently using redirects. I like not haveing to use them as your comments have suggested. I have pulled all that code from the pages I desire to protect during this test.
Cool.
Well I'm in the middle of uploading the txt file and it's about half way done and sitting there...so I'm keeping my fingers crossed.
, Below is the email I received when testing the self-registration. Does anyone know what setting I configured incorrectly?
I received the email to confirm the registration but the link to activate is invalied.
Your registration still has to be validated.
Go to
?u=bubbaj&v=4579
to verify your registration.
, Please forgive my question in advance, I'm sure I've overlooked the answer somewhere obvious. I'm sorry! I had made modifications to the import_pics.asp file, because I added more fields to the db, and made the import folder path dynamic, but I seem to have forgotten to add in the response.expires=0
Once I added this back in it has stopped messing up.
What was happening was, it wasn't overwriting the files, nor were they too big, but you would click on one thumbnail in an album(category) and it would display a picture from a totally different category. It seems browser cache was the culprit, however.
It's just a generic error that means one of 1000 different things is wrong.. there is a lot of information on in in these forums as well as links to articles about it.
usually it means permissions to the database folder are incorrect or the physical path you are specifying for your dsn-less connection is invalid..
Is there a limit in the number of Zones you can have in the database.
I believe you will find it the "config_inc.asp" file in the root though... be careful with naming it though because if you use any spaces or weird characters it might cause issues with various functions in the application like emailing.. I recommend just using letter, numbers, and maybe dashes
Chris, if there is no way to change this, I understand. I just though maybe it might be possible and I can't find out if i don't ask.
Thanks Chris.
Let me know.
