Hi there,

Well, that is why we added the PayPal subscription pack where all of that is taken care of and customers get put under a recurring billing cycle.
The more people you get to pay that way the less you have to do.

We also have routines for the two other supported payment methods so people can look up their account and add time to it whether it is active/expired or not.

Other than that, yes it is something you need to sort out on your own based on how you want to run your system. You have the source code and the sky is the limit on how you want handle all of that.  You send out an email to users about to expire. Whether they come back to the site/look up their account and add more time to it is up to them. I really just do not see any way ASPProtect could handle that whole process automatically.

As for batch changing to users in the database. We give you the source code and we also use an open database structure. You can run any query you want on the database whether with ASP code or directly in your database using the tools that come with it, You can write any code you like to do whatever you like to the database. You can even tie other systems and code into the database via OBDC and manipulate data. The sky is the limit like I said. I also don't really see how batch changes to the database relates to individual users paying again for access or not especially since we include payment  pages were a users can look up their accounts and pay for and add more time to it automatically ? At least not regarding the payment routine we provide support for.

ASPProtect can not handle everything every person would need to do. It is meant as a solid starting point for any project, but there are going to be times when more functionality will need to be added by the customer based on their specific needs.

Running in parallel for testing is actually a smart way to do it, but the truth is you don't use anything from version 6 except the upgraded database (we have a tutorial on how to upgrade the database)

Version 7 was a drastic change /rewrite to all of the asp files that come with the application. So you will be starting out with fresh version 7 ".asp" files and folders... You will also find that once you get version 7 running that editing certain things like the look of the users area and the login screens is much easier to do.

That being said any of your own ".asp" pages that you protect use the same protection code they always did, so there will be no drastic changes needed there when you do finalize the upgrade.



If using MSACCESS as the database I suggest installing the application somewhere in your web and using a fresh ASPProtect 7 database. Once you are familiar with the setup and everything is working fine. Attempt the database conversion and when your done stick your converted database in there and see if everything is ok.

Also, if you already purchased the application download the latest version before doing the install. It's the same download URL. If you don't have it email me and I can hook you up. I have added some new features and fixed a couple minor things since it's release.

So far the feedback on version 7 has been awesome..

I would highly suggest setting up a DSN-LESS connection.

That system dsn is most likely the source of your trouble It is probably that or permissions are still not correct.

I can't tell you how many people have had trouble with system dsn's and finally set up a dsn-less connection and everything then worked as it should.

The location of your database is fine as long as permissions are truly set correctly like I mentioned.

Also, be sure you are setting the database type correctly in the dataconn_inc.asp file. That can cause problems as well as some people have been known to delete that line.

See my articles...

http://support.cjwsoft.com/code/moreinfo9-1.htm

http://support.cjwsoft.com/code/moreinfo136-1.htm

http://support.cjwsoft.com/code/code_info.asp?TID=40&KW= system+dsn

Please forgive any ignorance on my part.

Using the live demo, it seems that with the banner software my advertisers would only have access to reports, but no ability to upload banners, specify keyword triggers or zones, what have you. Is this correct?

The other thing I couldn't quite figure out, assuming I had a categorized directory on my site, is this system configurable to display different banners based on category? Perhaps through keyword triggers?

Thank you in advance for any assistance.

also.. the log out page shouldnt really need this
but you can try adding this to it where all the other ones are set to nothing..

<% Session("Groups") = "" %>

It seems that if a user attempts to access a page that is not in their access level or they do not have the group permission they are redirected to the login page.  Re entering their ID generates an eror and they cannot go back to the pages they are alowed to access.  Is there a way for them to simply be blocked and return to the previous page or to a defined page so they can continue using the site?

thankyou 

Access Database Password

By default all of the Access Databases we give out have a default password of "temp"

The Default username that and Access database uses is "Admin" but you should not be concerned with that except in your connection strings.

The default password for the Access Database can only be changed using Microsoft Access to do so. If you have security concerns it would make sense to change the password. The help system built into Microsoft Access best explains how to do that.

Hi,

I don't fully understand what you are explaining ... the part about showing a user but not working???? but if you PM me the details I will glady go into your live webserver and see if I can get it working.

Not really sure how to do this.... i think you know what i am looking to do.. is there anyway you can show me or create that solution for me? It would prob. take you minutes as its been taking me hours

lets get back to using the forum and not the pm's  please only use the PM's for sensative information. its too hard for me to keep track of all of this as well as help everything else when I got an inbox full of pm's

Ok, so you say no paypal subscription info is being put in the database at all.

I know we have a bunch of people using the paypal subscription code with no issues so I know it works but obviously you got something wrong.

It could be a few things.

Did you enable IPN in the paypal system and put in a postback url like my directions say ?

Are you sure you are not getting paypal single payments and paypal subscriptions mixed up ?

Are the paypal links you made for paypal subscriptions in the correct format like are directions state ? That is critical and another example of something important that you have not shown me.

Did you populate all settings correctly for our paypal subscription code ?
This includes a correct and valid postback url because if that is not right paypal cant communicate with the aspprotect system and no info will get posted back from them at all.

You say your upgrade went well but if you did all all field names perfectly there could be issues with that.

There is just way too much for me to figure out under free support with the info you keep providing me.

I dont think we are going to get anywhere unless I go into your system and spend a considerable amount of time checking everything out. That is not something I do under normal support so if you are interested it is going to involve a fee paid via paypal. It's probably going to take me a while to check everything out and I need you to be 100% sure IPM is enabled in your PayPal account. If you are not sure how to turn it on search their help system as they have plenty of documentation on the process.

It's not working because i guess im copying the viewstate also...and it comes up

Validation of viewstate MAC failed. If this application is hosted by a Web Farm or cluster, ensure that <machineKey> configuration specifies the same validationKey and validation algorithm. AutoGenerate cannot be used in a cluster.

I did not make a mistake.. what I typed is what I meant to say. I think maybe you are taking it the opposite way as I explained it.

Regardless,

What you want to do... logging them in under https and then having them continue though the site under http is not possible.

It doesn't work that. way. As far as the webserver is concerned https is a totally different site than http and each have their own unique set of application and session variables.

In a sense no different than www.somesite.com is different then somesite.com (each has their own unique set of application and session variables as well).

Now, because of the nature of Forms Based Authentication session varibles created under one will not carry over to the over and thus no password access if you switch over from a secure url to a non secure url.

If you want them logging in under SSL you need to keep them under SSL.

That is not to say there is some ultra complex scenario to mimic the session variables on the non secure side of things (possible with a complex http post to a non secure page from the scure page telling it what variables to create and set), but doing so means a ton of work and also has security concerns of its own.

ok, well if you want to test on your own....  in the ipn.asp file for the subscription folder you will see this area of code used for testing

' Un-comment this section and give this directory proper permissions to enable logging to a text file
' Very helpful for troubleshooting
'   Set ObjMyFile = CreateObject("Scripting.FileSystemObject")
'   LogFileName = ("paypal.txt")
'   'Open Text File.. If doesn't exist create it and append to it .. If exists just append to it
'   Set WriteMyData = ObjMyFile.OpenTextFile(Server.MapPath("paypal.txt"),8,True)
'   RowHeaderString =  ""
'   RowHeaderString =  RowHeaderString & OrderID & vbTab
'   RowHeaderString =  RowHeaderString & Custom & vbTab
'   RowHeaderString =  RowHeaderString & User_ID & vbTab
'   RowHeaderString =  RowHeaderString & subscr_id & vbTab
'   RowHeaderString =  RowHeaderString & txn_type & vbTab
'   RowHeaderString =  RowHeaderString & subscr_date & vbTab
'   RowHeaderString =  RowHeaderString & Access_level & vbTab
'   RowHeaderString =  RowHeaderString & Groups
'   WriteMyData.WriteLine(RowHeaderString)
'   WriteMyData.Close

now that folder will need modify permissions for the text file to be written to but this is a good way to test if the ipn.asp page ever gets hit by paypal.

ITS REAL IMPORTANT THAT THE TEST FILE CAN BE WRITTEN TO OR DOING THIS WILL JUST CAUSE MORE ISSUES

To ensure the text file can be written to and permissions are correct for that folder you can make a new .asp in there and run this to see if the text file writing works

   Set ObjMyFile = CreateObject("Scripting.FileSystemObject")
   LogFileName = ("paypal.txt")
   'Open Text File.. If doesn't exist create it and append to it .. If exists just append to it
   Set WriteMyData = ObjMyFile.OpenTextFile(Server.MapPath("paypal.txt"),8,True)
   WriteMyData.WriteLine("the file was written to")
   WriteMyData.Close

Now, you can even change the location of the text file to place that does have permissions if you like.

This is what I would do if I was in there... then I would make some test payments using 1 cent and another paypal account (your allowed 2)

and see what happens

it is always possible the subscription code may have a bug in it. The last time I tested I only tested the single payment folder which worked perfectly. If I have time in the next couple days I am going to test the subscription stuff again. If there is something wrong I can cure it quickly.

The two routines share a lot of code in common.

Hi

ASPBanner is great...

I have a little problem I have a ASP site http://www.bythebeach.com.au/

I understand how Zones (location on a pages) works but i need only to display those banners that pertain only to that catorgries or sub catorgries.

How would i do that would ....  Would i have to add a new field in the database...?

Any help would be greatly apprecaited

regards

Domenic

Sydney, Australia

Hi all

I logged in myself to my website, and I tried to log in to another with same username and password. But I was able to log in again.

It was supposed to block me from logging in, but it let me to log in.

there has got to be some configurations I must have missed.

Could you instruct me on this Concurrrent login so mine works as well...

thanks

When a new user adds themselves to the db thru the registration page, no user id is assigned in the User_id field.  I can't access the page on-line due to an user_id related error on the page.  I must use access itself and add the user id.  After that, everything works as expected.

What have I done?

i will probably end up doing this myself, but dropping all the log data in a sql table would be nice as it offers much more flexibility on how an admin can keep track and use the data. Browsing through each log file is very inconvenient. I can search for text in the files (server-side, others with a shared server would probably have to separately download all log files first), but with the current method I don't have the following important options:

• cannot sort by any criteria
• quickly see a list of all login attempts by a specific user (i need to search each log file individually for this info)

if you had an option during setup perhaps (or elsewhere) in a future version that allowed an admin to specify the preferred logging method (separate files or a table in sql) i'm sure many admins would find it very useful to have a database alternative of keeping track of users becuase it would offer the two benefits listed above, plus more.

I'll try to help when I get back tues night,, see the contact page for info on where I am
http://www.cjwsoft.com/contact/default.asp?Subject=CJWSoft+G eneral+Inquiry

SQL Server Datareader Datawriter Permissions..

here is a screenshot that shows how to set datareader and datawriter permissions on an aspbanner database using "SQL Enterprise Manager"

In this example we are making sure the aspbanneruser has those permissions on the aspbanner table in the database

Hi all

User activity screen shows history of logged-in users.

Is it possible to view only those users that are currently logged in ? not the all users that have logged in previously

thanks in advance

Is there a limit to how many access levels the program has?  We were thinking of having a different access level for each client that logs on our site so we can customize their web experience.  We see 6 in one place of the program, 8 in another, but is there any reason why we couldn't make 100 more?

Thanks again for the help!

I am using VS 2005, when i go to new project in visual basic folder asp.net web application is not there..

Can i add it somehow?

... in addition it is a virtual include not a file.  I just tried to use file instead of virtual and then the ../ includes worked on the asp pages.

This is strange because they used to work like that on the 2000 server I had these sites running on.

maybe this is the issue...

do you realize that the descriptive name you give a group is not always going to be the same ID in the database ? The two are not related.

Perhaps what you named Group 1 is really group ID 3

You can tell for sure by generating protection code for group 1 and see what ID it tells you to use..



You also need to remember that you are testing this with different users and it is really easy to get confused so you need specifically log off using the log off page to ensure session info from the previous login doesn't show up and cause confusion when you log in with a different user... etc etc

in addition to logging off that way you may also want clear the session and application info via the code at the bottom of my article
http://www.powerasp.com/content/new/displaying-session-and-a pplication-variables.asp

and do that in between any user you log in as

Sounds great, Sold!

Thanks Christopher!

sure, there are reasons AOL would block the email.. it might think it is spam or it might not like the fact that fact that a cdonts generated email has no MX records because it can not..

for more on MX records read my CDOSYS article
http://www.powerasp.com/content/new/sending_email_cdosys.asp


as far as the emails not being sent because notifications are off. I was not aware of that and will try to look into it.. Version 6 is no longer worked on but if I can find the time I will check that out

Regarding installation in a subfolder

Though this should be common sense and ASP.NET 101 "so to speak" One thing not mentioned in the docs..


If you do not install ASPProtect.NET in the true root of a web there a key in the web config you must adjust.

it looks like this

<forms name=".aspprotect~net" loginUrl="/aspprotectlogin.aspx" protection="All" timeout="60" path="/" />

The way it comes it is valid for a root installation..

lets say you installed the application in folder called.
"aspprotectnet"

the key would change to this

<forms name=".aspprotect~net" loginUrl="/aspprotectnet/aspprotectlogin.aspx" protection="All" timeout="60" path="/" />

The code is ok..

Your getting an error because no banners are showing up in that zones rotation.

run this directly in the browser and you will see that there are no banners being generated for that zone ID
http://www.poconocommuter.com/aspbanner/aspbanner_inc.asp?Ba nnerZone=6

As a matter of fact I dont see any banners showing up for any zones previous to 6 which tells me either you dont have valid banners in there or the application variable info got corrupted do to a server crash / power off or something.

http://support.cjwsoft.com/code/moreinfo95-1.htm

Has any one used the aspmail function to send emails from within your site? If so what did you use as the AspMail_Host string in the connections database?

thank you

Sorry, you cannot, that is how it works and that is how it has to work for reasons I am not going to try to explain as it is pretty technical. (it works the same way even when not using paypal and using email authentication... nearly every registration system out there does it that way under an email authentication scenario or a PayPal IPN thing.)

Basically, if you are concerned about it you need to periodically manually check for accounts that were never activated and delete them. Maybe when I get some time some day I will make a little interface to help find those and clean them up at once.