Blog Entry: 3/25/2006 4:47:53 PM
Hello dear Chris
I can login for the first time. I exit from the browser and then I cannot login again. This happens for every user.
I noticed that the values in the fields "Login_limit" and "Active" in
the ASPP_Users table in the SQL changed to NULL and 0 when login and
remained in those values after close the browser.
If manually I change the values it is ok but the problem repeated.
Thank you in advance.
, OK.. I went with using ASPEMAIL. The above did not seem to work. No worries though, where there is a will (with options) there is a way.
cwilliams38394.7265162037,
Please forgive my question in advance, I'm sure I've overlooked the answer somewhere obvious. I'm sorry!
I'm wondering if it is possible to customize the appearance of the
banner stats login page or the admin pages. I'd really like the
banner stats pages to look more like my own site or at least have my
logo on there or something like that so that my advertisers can see
that it is my site when checking their stats. However, I want to
do this without violating copyright, etc.
Can someone point me in the right direction or shut down my hope?
Thanks!
Laura
, Hi,
I basically explained how I thought that might work here where I went over everything I could think of and suggested you download the free version and see if you could get it working
http://support.cjwsoft.com/code/moreinfo488-1.htm
The part about using the alternate scenario involving querystring info from a url.
I have never done anything like that and that is why I told you what I knew and suggested you try it with the free version...
, Hello,
In that version is is not easy to change the values as they were not intended to be edited. You would have to dig through quite a lot of code as those values are hardcoded in quite a few pages. Probably at least 10 or more.
In the pro version there are variables you can change that very easily as that is intended to be easily changed in that version.
, that erorr in no way means what it says.. it is just a generic error because something failed.
if you want to PM me info on how to get into your site and I will take a look.. I don't think it is something that can be figured out otherwise especially when you are not telling much about what is going on. There are a lot of factors and settings that are relevant. , Well at least now the import/export link shows up now! lol, I am not sure. I can tell you that I run windows 2003 server and I have never had any issues setting permissions for ASP.NET files and folders. This very server is 2003 and the ASPProtect.NET demo runs on this server as well.
Course, I can't say that I have specifically tried to remove ASP.NET READ permissions on the database folder as it's just not something I would not have a reason to do. Why are you trying to do that? The ASP.NET account needs that permission. If you are trying to stop file browsing and downloading in that folder that is not how you do that. The best way to do that is by keeping the database somewhere else on the server that is not part of the http web. , I wouldn't bother doing that. If pic uplading doesn't work it is most likely permissions to the directory pictures are uploaded to. If they are not set correctly it will not work. That dir needs the same permissions the database folder needs. , Now, back in the dark ages we had to use the command prompt to setup the MySQL database and all that fun stuff. I am not going to show you that method.
What happened was 100 different 3rd party companies developed interfaces to work with the MySQL server visually. Within the past year MySQL actually released its own little GUI for doing just that so I am going to show you how to do things using that.
Let's download and install it.
Go here
http://www.mysql.com/products/tools/
and download Windows (x86) MySQL Administrator
(1.1 is the most current version at the time of this article)
Installing that is a no-brainer as well. Just stick to the defaults and it will do its thing.
Now that it is finished.. run MySQL Administrator from your start menu.
It will ask for your "root" password that we entered when we set up the server.
Hit OK
You should see this if your MySQL server is runnign and you entered the correct password.
Now select the Catalogs Icon on the right.. go down to the Schemata section.. right click in the lower white area and choose Create New Schema
It will look like this
Essentially this is your database name. I am going to call my database "aspbanner"
Hit ok
Your now have a new database with nothing in it. We now need to run the MySQL database creation scripts that I provide which will create the Tables and Fields needed.
The easiest way when using the MySQL Administrator is to select the Restore icon on the left.
The choose "Open Backup File" in the lower right corner.. Browse to the "aspbanner_mysql.sql" file we provide. You can also download that file here. 2006-03-14_164927_MySQL_Script.zip
Once you select that file choose open...
Now, it is very important you choose the database you created earlier. Also known as Target Schema.. in this case I choose "aspbanner"
Now hit "Start Restore"
Ok, now the database has Tables and Fields
Click on the Catalogs Icon on the left and then select aspbanner from the schemata area in the lower left
You'll see we now have tables in the aspbanner database, Thanks Chris.
Yes i never actually considered that they should log in twice.
The site uses two main url and the cookie was being stored for only one
of them. I have fixed the double login issue by making changes to
menu to ensure that they are always logging only via the url stored in
the cookie.
Thanks for your hep,
Stuart
, Actually, as far the "aspprotectnet.dll" file goes it makes sense because of the following.
The "aspprotectlicense.dll" is something we do not provide the source code for. We also do not compile it in "debug" mode because you not want dll's running in "debug" mode in a production environment and we also do not want that dll in debug mode because of reverse engineering reasons.
Now, that being said that DLL is no different than any other 3rd party dll "so to speak" that you would use in a project. Many of which will not be in debug mode and you will also not have the source for.
"Microsoft.Data.Odbc.dll" being an example
Regardless, there must be a way to do what your trying to do. I am just not sure at the moment. It is nothing anyone has brought up before and I personally have never had any issues like that when I work on the application so I am just not sure.
It probably has something to do with the way you set up your project., let's try this... edit that page with a text editor like notepad...
Carefully replace any instance of "Cint" with "CDbl".. I may have missed some of those when testing the last time I edited the code.
, You edit the web.config file that came with ASPProtect.NET.
You find this tag
<customErrors mode="RemoteOnly" />
you change it to this
<customErrors mode="Off" />
If you have a different web.config file in your root I suggest you make sure the tag is set to off there as well for troubleshooting sake
If done correctly you will get a detailed error
It's basic low level ASP.NET stuff really and does not have anything specific to do with ASPProtect.NET.
You also need to make sure your web is set up correctly for ASP.NET and that the correct web.config's are firing..etc etc
cwilliams38454.4368055556, also.. you could try chaning your connection string to set the current language to english like in this example..
BannerConnectionString = "Provider=sqloledb;Data Source=127.0.0.1;Initial Catalog=aspbanner;User Id=aspbanneruser;Password=temp;Current
Language=English;"
I do not know if that actually works but from what I have been researching it looks valid and it may solve your problem.
Also: The value may need to be Current Language=us_english
You'll have to try them, There are several pages on my website that a user may go to that are not protected (e.g. home page). If the user has indicated that they want to be saved on this computer (until they explicitly log off), and their 1st entry point is to an unprotected page, how do I determine whether they have logged in before, and extract the info from the cookie / session variables without forcing them to log in or making the entry page protected?
, Connecting user is dbo of database.
User_ID is primary key with auto increment identity.
SQL Script of current table:
CREATE TABLE [dbo].[Security_Users] (
[User_ID] [int] IDENTITY (1, 1) NOT NULL ,
[First_Name] [nvarchar] (100) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Last_Name] [nvarchar] (100) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Company_Name] [nvarchar] (100) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Username] [nvarchar] (75) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Password] [nvarchar] (15) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Access_Level] [nvarchar] (30) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Notes] [nvarchar] (1000) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Admin] [bit] NOT NULL ,
[Active] [bit] NOT NULL ,
[Expiration_Date] [smalldatetime] NULL ,
[Email] [nvarchar] (100) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Address] [nvarchar] (100) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[City] [nvarchar] (100) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[State_Province] [nvarchar] (100) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Zipcode_Postal_Code] [nvarchar] (20) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Phone] [nvarchar] (20) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Counter] [int] NULL ,
[Last_Access] [smalldatetime] NULL ,
[Login_Limit] [int] NULL ,
[Custom1] [nvarchar] (255) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Custom2] [nvarchar] (255) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Custom3] [nvarchar] (255) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Custom4] [nvarchar] (255) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Custom5] [nvarchar] (255) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Custom6] [nvarchar] (255) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[ValidateEmailCode] [nvarchar] (50) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Date_Created] [datetime] NULL ,
[Validated] [bit] NOT NULL
) ON [PRIMARY]
GO
ALTER TABLE [dbo].[Security_Users] WITH NOCHECK ADD
CONSTRAINT [PK_Security_Users] PRIMARY KEY CLUSTERED
(
[User_ID]
) ON [PRIMARY]
GO
, Perfect. Thanks buddy :)
eeye38433.0629976852, I recently upgraded my ASPclassifieds from MS Access to SQL. The application launches, I can browse existing catagories, etc. but when I try clicking on the login, guestbook, register or accessing the classifieds_admin, I get the HTTP 500 - Internal server error. Guessing this must be a folder or file permission issue? Have tried changing IUSR permissions but nothing helps.
Please advise.
Thanks, lancem
, Hello,
VBScript is the most popular ASP scripting language, and has the most support available. I estimate that less than 5% of the ASP coders out there use anything other than vbscript
That being said it specifically says on the aspprotect site ASPProtect is only for use in protecting asp using "vbscript" as the language.
http://www.aspprotect.com/more_info_full_v7.asp
http://www.aspprotect.com/comparison.asp
it is something I specified very clearly for this very reason.
Sorry, but you can not use ASPProtect to protect pages using Language="Javascript". The code is too complex to be mixed with server side Javascript.
To password protect asp pages written using "Javascript" you really need a an application specifically written in and designed to work with ASP pages written using "Javascript". And then of course that application would not be able to protect ".asp" pages written using "vbscript." (I mean never say never, but it would be a ton of work to get both working and I doubt you will ever see a commercial application that does both)
as for switching back and forth between vbscript and javascript you really can't except with very simple code. Doing so with anything complex can be extremely problematic because the order of execution sometimes gets all mixed up because of the complexity of the code being used.
That doesn't mean it can not work....
You would really want to do something like this.
do not specify a default language at the top
surround the aspprotect include file with this
<SCRIPT Language="vbscript">
</script>
surround your javascript code with this
<SCRIPT Language="JavaScript">
</script>
then make sure none the code including the aspprotect include file has any <% or %> tags in it
that means you have to remove that sort of thing everywhere... that means a lot of work if you used a lot of that sort of thing instead of response.writes to write out html type stuff
and again... I don't know if you would ever get it all working
, as far as permissions are concerned I wrote two large articles about permissions that cover everything in detail on how to properly set them
http://support.cjwsoft.com/code/info11.htm
see the windows 2003 and windows xp permission threads
From things you are saying I assume this is your server. My comments about the path looking funny are because very few commercial hosts would use the "c:\inetpub\wwwroot\" directory. If you are using that and that is correct info then that is fine.
as for knowing whether or not the filesystem object is working the best thing to do is to try to write a text file somewhere in your web and see if it works. Testing something under the most basic scenario is the key to troubleshooting asp issues.
http://www.devasp.com/samples/writetofile.asp
,
If you want to have a login form on a non protected page that posts
to a protected ".asp" page use code like this.
Change the action of the form to the page you want them to log into.
Make sure to page you send them to is protected by the "check_user_inc.asp" file.
<center>
<table border="0" width="400" height="200" bgcolor="#000000">
<tr>
<td bgcolor="#F4F4F4">
<form method="POST" action="memberarea.asp">
<input type="hidden" name="Status" value="Checkem">
<p align="center"><font face="Arial">ASPProtect Login</font></p>
<div align="center">
<center>
<table border="0" bgcolor="#C0C0C0">
<tr>
<td bgcolor="#EBEBEB"><strong><small><font face="Arial">Username</font></small></stro ng></td>
<td><input type="text" name="Username" size="10"></td>
</tr>
<tr>
<td bgcolor="#EBEBEB"><strong><small><font face="Arial">Password</font></small></stro ng></td>
<td><input type="Password" name="Password" size="10"></td>
</tr>
<tr>
<td bgcolor="#EBEBEB" colspan="2"><font face="Verdana, Arial, Helvetica" size="-1"><input type="checkbox" name="KEEPMESIGNEDIN" value="True">Keep
me signed in on this computer unless I log off.</font></td>
</tr>
</table>
</center>
</div>
<div align="center">
<center>
<p> <input type="submit" value="Login"></p>
</center>
</div>
</form>
</td>
</tr>
</table>
</center>
, that is because passwords in the import/export files are encrypted.. if you make one of your own you need to use the rc4 function in the "config_inc.asp" to encrpyt your passwords just like the aspprotect system does (requires knowledge of vbscript and integration into your export system)
now, there is a way around this
if you want to import a file you made with clear text passwords edit "import.asp" beforehand and change
If UserArray2(5) <> "" Then CmdAddUsers.Fields("Password") = UserArray2(5)
to
If UserArray2(5) <> "" Then CmdAddUsers.Fields("Password") = RC4(UserArray2(5), PasswordEncryptionKey)
that way it should convert your clear text passwords to encrypted while it does the import
this post also addresses this but in the reverse scenario
http://support.cjwsoft.com/code/code_info.asp?TID=261&PN =1&TPN=1
I hope this helps you because I really do have to leave the office like right now. Very late for a dinner meeting.
I should be back on the computer later tonight or tommoro morning
, SQL Server Datareader Datawriter Permissions..
here is a screenshot that shows how to set datareader and datawriter permissions on an aspbanner database using "SQL Enterprise Manager"
In this example we are making sure the aspbanneruser has those permissions on the aspbanner table in the database
cwilliams38325.8002893519, Noted:
I actually did not think you did.
As far as debugging goes.. thats all built into visual studio.net.
There is a tag you edit in the web.config file to enable project debugging
http://support.cjwsoft.com/code/moreinfo251-1.htm
Like I said though for changes to ASPProtect.NET I'd start off from scratch and stick with vb.net... using the visual.studio.net interface is not really vary hard to remove and change things you dont' need even if you are a C# coder. Especially simple stuff like you mentioned.
, Thanks for the quick reply!
I was thinking it was an ASP config/install issue.
I usually deal with Linux/PHP, so this is all new to me :)
, Probably not... javascript calling complex javascript is not a good thing and is often a problem.
I would try one of the other methods such as the xml parser if possible.
, Hi,
I have a question re ASP Protect, I have got it up and running on a dev server which also hosts a e-com engine (ASP / Access), when users check out they are presented with the e-com log in screen (which is sharing the same ASPP_User table). All's well and registration and editing user details is fine both in the Admin section and the front end of ASP and if I request an email reminder from the ecom scripts I get back the encrypted password.
I'm using <% = Session("Email") %> and <% = Session("Password") %> to populate the fields on the ecom log in page so users can click though and progress, the checkout process needs the username/password, all user info shows up ok, however, when I proceed with these credentials, it doesn't work, even though I know these to be correct and even without requesting a password reminder and using the one that gets me in everywhere else, I still can't get through? do I need some code re the crypto so the ecom can decode??
Any help would be great - I've been on it for about 10 hours, and checked through the posts here but can't fathom it out?
Thanks Craig
, Help!.. I need to export the username and password fields to a mail merged letter so everyone knows their username and passwords. However whenever i access the database or do an export. The passwords showup as encrypted. Is there a way to access the list, un encrypted?
thanks
, how di I change the currency dollar sign to gdp pound sign ?
I need all my tranactions in gdp puund sterling to use on paypal
regards
simon
, Thank you so much that works great.
I will test with the other settings on the email server again thanks for the advice,
best regards
, Okay, this also shows at the bottom of the import/export page
I've got the IUSR account with modify permissions on this data folder as well. Is the "this directory needs change permission" line just a general reminder?
Files are being stored in "D:\missourirealtor.org\members\aspprotect\data\export\\"
This directory needs change permissions for the anonymouse webserver account.
Those permissions can only be set by your hosting company.
These features will not work without those permissions being set.
, Has anyone used the aspmail function to send and recieve emails from within your forms? If so what string did you use in the aspmail_host field in the connections database.
thank you
adam
, I'll try to help when I get back tues night,, see the contact page for info on where I am
http://www.cjwsoft.com/contact/default.asp?Subject=CJWSoft+G eneral+Inquiry
, Chris -
Long time no talk, which is a good thing. I have purchased another product from you, ASPVendor. I am running into an issues.
When I try and remove the image through the image manager, it does not remove it. Screen shot attached.
2005-10-19_194248_image_upload.zip
Thanks
, After understanding how the count works i checked the IP in the db. They are all set to the same IP (my web server) no matter what ip is doing the viewing. This is probably due to my ISA2004 firewall that is posting the ip address of the web server with each log on. So, can you help me with where the code would be to modify so the db does not get updated? I risk the refresh problem, don't think it is an issue with me.
Thanks,
, What am i supposed to do now... i do have another member server that is not a domain controller-
However, i have like 5 websites running on this domain controller already. I have thought about this before how its a HUGE security risk but it will take too long to configure everything on the other computer :(
, sorry for delay responding,
I got bombarded with support inquiries while I was gone and I missed this one since I been home.
Does the server_info.asp page I provide say that aspupload is indeed installed. Let's start there. , I'm trying to use CDOSYS.
It seems to work fine on the web page, however the mail never gets
delivered.
I can see my messages sitting in c:\inetpub\mailroot\pickup but they never leave it.
I found another folder after doing a search for "pickup".... it is:
d:\program files\Exchsrvr\Mailroot\vsi 1\PickUp If I paste the files
into there, they get delivered.
How can I get the email to be delivered without doing the cut and paste?
I've tried it both with and without authorization.
I am running a Windows 2000 server with Exchange 2000.
Thanks.
, All can say right now is take a break and get away from it for a bit. All your going to do is stress yourself out more if you keep working on it.
There is probably a way to make it work but it may require days of fiddling around and reading articles and trying things and even then you may not get it working AND THEN ITS JUST A BAD IDEA ANYWAY. Like John says you are better off running it on a server that is not a domain controller.
,
Timecard Entry: 3/25/2006 4:47:53 PM
*TaskForce, talk with Paul, corporate web site., organized tariff binders, Nortel Passport training, golf tourney, made address change for Penny on staff info web page, Filter CSR to gather numbers for Beth and for data entry., Telephone conference with Tim Badour, Paul Barton, & River Road Partners, lunch, Marketing / Online focus., Syracuse frame down again, called Bell, service request already submitted by Randy, Clayton to Watertown, off-site - make payroll backups, Back to getting software transfered and laptop setup for development., finish presentation for SLCC, Budget and power point for the Mc Nally Visit, PO'
PO's - ordered CCMI & TPM V & H , Staff Meeting. Worked on MBOs and Goals., TICC team meeting, blue moo - cd graphics - can't get fonts to work, tried to convert , tried to build, no luck., monday meeting, Answered phones, checked Dial Up Issues and RadLog.... called any voicemail back and answered an AUAQ., Worked on partners site and some of the pcbundle. Created a SQL database and getting it ready to be used for testing and updating, MOP AS5800 Firmware Upgrade, Unsuccessfully tried to attend Team meeting, called County re 911, called equinox, spoke w/Don, Checked email. Began writing welcome letter for Channel Partners. Updated lists of partners in excel including new additions., to Watertown, Very steady, Dinner with Anna of Nortel, Changed resolution on some photos, need to confer with jason on layout changes due to deletion of some ads, also if the Chamber is going to provide more ads, need to speak with Kelly and or Chris about questions with the Healthnet site and review design,
