Blog Entry: 3/25/2006 4:56:59 PM
Sorry about earlier post in wrong area-
I have followed instructions to set up access levels (adding the
<% CHECKFOR = "4" %> for user level 4 for instance.) The database is connecting properly and the basic check for login is taking place, but it seems that all users have access to all levels no matter what is on the database; i.e I set up a test page with "checkfor=4" and all users have access to it, even those with lower leve access.
Any ideas?
Thanks
, Thanks Chris.
Your solution worked!
,
OK, I just spent like an hour in your site.. I almost gave up
1st off... I don't know what FTP Program/Settings or what OS you are using but all the ASP Protect Files had been reformatted in a odd way which was causing some issues and the database also had problems. Your somehow introducing all sorts of UNIX line breaks to all the files and the database was actually missing some crucial parts of itself and was corrupted. So I had to update everything which means a new database. I have never seen anything like it but I fixed it all. Its something you are doing but I do not know what. Maybe your unzipping method again ?
So to get back into the admin area...
admin
test
Now, the reason the albums were not showing is because you are using the ole connection string which causes problems like that. However because you host has like the worst setup ever with that network path crap for the site that was the only connection string that would work for some reason.
I highly suggest a new host with a proper setup for running ASP. www.alentus.com
Your hosting companies setup is horrid as far as I am concerned.
Access Databases are not meant to be connected to via a network path.
http://www.aspfaq.com/show.asp?id=2168
Anyway, I rewrote some of the code because of the ole connection and got the albums showing up for you.. who knows what other problems that OLE connection may bring up in the future.. for now things I tested seem ok.
As for your broken image in the your header/footer... You cant link to images and links using virtual pathing in those includes because the files are called from different directories and will work in some and not others
so when your in the root you see the image, when in a different folder you see a broken image
In other words.
link to
http://www.vickerylightning.com/gallery/vickery_template5_r2 _c1.jpg
not just
vickery_template5_r2_c1.jpg
The same goes for hyperlinks.. use the full url paths
Whatever you do...Back up the gallery folder with my changes before you go doing anything.
, I have imported like 50,000 users into an access database when testing... it took like 4-5 minutes but worked..
course it really all depends on the setup how many you can get away with
something must still be wrong
have you tried just importing 1 or 2 users for troubleshooting sake ?
I would also recommend that after any timeout you reboot the server or at the very least do an "iisreset" to get things back to normal
, i've got a client who has handed me a 151 character banner URL, and i see that the database is designed to take 150 characters. i took the obvious step of just increasing the size of that text field in the database, but i still get this error when i try to enter the URL in the proper form field:
Multiple-step OLE DB operation generated errors. Check each OLE DB status value, if available. No work was done.
/banners/aspbanner/save_banner.asp, line 200
now, line 200 is just this:
If Banner_Link_URL = "" THEN
CmdEditBanner.Fields("Banner_Link_URL") = NULL
Else
CmdEditBanner.Fields("Banner_Link_URL") = Banner_Link_URL
End If
which tells me that something is blocking the assignment of that long value to that field, even though i believed i had extended the length of that field in the source database.
where else might i look?
, Hello,
Again, enspecified error are not very helpful.
An error usually tells you at least a line number and page or something.
Please read this as it might help do tell me more.
http://support.cjwsoft.com/forum/forum_posts.asp?TID=11& PN=1
As for only happening once in a while. It could be a lot of things.
Version being used (when did you purchase.. what name/email was it under and I can look) ?
What banner method being used?
Access or MSSQL ?
How busy the site is ?
Server Resources ?
cwilliams38414.6114930556, I assume that if I am using this product, search engines such as Google cannot access and index my content. Can somebody confirm that; I want to be 100% sure.
In case it matters, I am using a basic, cheap ISP setup where my site is on a shared server.
Thanks in advance.
, Can you incorporate a secure log in within the scripting. I would like the account information to be secure without having to have the whole site using running through a secure (https://) path. If this is possible, the scripting is perfect!
, ok, I got it all sorted out for you and aspupload seems to be working now.
Basically they seem to have an odd version of it installed and I had to tweak the code a little. I also uploaded the server info page in the admin area to test for it.
Just back up the gallery folder so you have a backup copy of the modified code.
CJW , ... doesn't seem to be working on my site. I expect I did something wrong.
I've created some groups, "week", "month", and "year". Their IDS are 6, 5, and 4, respectivelty. When someone goes through the PayPal signup, he's assigned to one of those groups based on his subscription.
When I see a new subscriber and check the relevant group the person's supposed to be in, that person's not in that group. I'm adding them manually for now, but I'd sure like a solution for when I go to sleep...
My subscription code looks like this:
input type="hidden" name="custom" value="5,*4*,<% =User_ID %>
One-off code looks like this:
option selected value="7,4.95,1,*6*"
I've created the groups in my management console. Is there anywhere or anything else I'm missing?
, I have set up a user to be redirected to a different page when logging in for the first time.
I assumed this function would count the number of times a user has logged in. When the login count was greater than 1, the user would be taken to the default.asp
This isn't happening. The user is always redirected. The user login count in the database is now 9.
What am I missing?
, well, thats a network drive path and in my opinion a very poor way for them to have set things up. It can work as long as permissions get set there and they have the anonymous webserver accounts set up correctly to handle that scenario, but performance isn't the best because your accessing the access database over the network. Access databases are not just not meant to be connected to over the network in a web based scenario. Quality ASP hosting companies do not set up their servers that way and it can often be difficult to get things running as it is a more complex setup on their end. Meaning if they dont synchronize the IUSR_machine accounts correctly you'll have permission issues.
http://www.aspfaq.com/show.asp?id=2168 , can add photo album but after i upload a pic, nothing shows.
where do i look to research why pics aren't showing in the albums
, Thank you...I thought I was doing something wrong - and thanks for the tip on the virtual path., also.. the log out page shouldnt really need this
but you can try adding this to it where all the other ones are set to nothing..
<% Session("Groups") = "" %>
cwilliams38341.7215046296, Christopher,
I have a follow-up to this question.
Is there a way to get the photo descriptions to save with actual spaces instead of the HTML space code all of the time?
I know that is does this if you hit Enter while typing a description, because it creates a 'br' tag. The main reason I am asking is because if the user does not enter a line break, the description is saved a single long string and the pic_window.asp page is generated with one long description which makes the page very wide.
I tried to get around this by changing the description style in pic_window.asp to reflect a value like 50% or 200 pixels, and I have tried putting it into a table with a fixed width, but there is no effect.
Thanks!
- Jason
, The mass picyure import does not work like that. It involves no uploading component.
Only an admin can do a mass import on an album and they have to ftp the images into the site in that upload folder before they go do the mass import thing. , ya,
any variation of a site url is going to have its own set of application and session variables.. soy you have to be consistant with your navigation links
example (for anyone that comes across this thread)
http://www.examplesite.com/somepage.asp
is going to have a different set of application and session variables then
http://examplesite.com/somepage.asp
even though they are basically the same page
, dsn-less is the way to go..
http://support.cjwsoft.com/code/moreinfo9-2.htm
you also need to use newer versions of the database as the odbc drivers on the server are sometimes very new and no longer work with access 97 databases
, If you want to have a login form on a non protected page that posts
to a protected ".asp" page use code like this.
Change the action of the form to the page you want them to log into.
Make sure the page you send them to is protected by the "check_user_inc.asp" file.
<center>
<table border="0" width="400" height="200" bgcolor="#000000">
<tr>
<td bgcolor="#F4F4F4">
<form method="POST" action="memberarea.asp">
<input type="hidden" name="Status" value="Checkem">
<p align="center"><font face="Arial">ASPProtect Login</font></p>
<div align="center">
<center>
<table border="0" bgcolor="#C0C0C0">
<tr>
<td bgcolor="#EBEBEB"><strong><small><font face="Arial">Username</font></small></stro ng></td>
<td><input type="text" name="Username" size="10"></td>
</tr>
<tr>
<td bgcolor="#EBEBEB"><strong><small><font face="Arial">Password</font></small></stro ng></td>
<td><input type="Password" name="Password" size="10"></td>
</tr>
<tr>
<td bgcolor="#EBEBEB" colspan="2"><font face="Verdana, Arial, Helvetica" size="-1"><input type="checkbox" name="KEEPMESIGNEDIN" value="True">Keep
me signed in on this computer unless I log off.</font></td>
</tr>
</table>
</center>
</div>
<div align="center">
<center>
<p> <input type="submit" value="Login"></p>
</center>
</div>
</form>
</td>
</tr>
</table>
</center>
cwilliams38411.453912037, The Read-only attribute i was referring to is at the windows explorer level when looking at the folder properties under the general tab.
ASPNET and IUSR have full access to the _database folder as you suggested - Yet still I get the permission error noted above.
,
Hello,
I want to create a user for my manager. This user should be able to see
all statistics (Reports) and all (Banners). But, he should not be able
to edit anything.
How can I create the type of user described above?
Best regards,
Mohammad Al-Mohsin
, in the version you have changing it is not something we covered
I believe you will find it the "config_inc.asp" file in the root though... be careful with naming it though because if you use any spaces or weird characters it might cause issues with various functions in the application like emailing.. I recommend just using letter, numbers, and maybe dashes
, Is the user ID case sensetive? In my case I use the user email as the login ID., yes, usernames and passwords are both case sensitive. It increases security.
, The application is only intended for use with $ the way it comes.
Use of other currencies is not supported.
(this is noted on the product page)
However, it can probably be used fairly easily with UK customers.
You'll probably want to look into setting the currency to UK in the code generated for the PayPal buttons which is in "view_item.asp". There is probably a hidden form variable you add to it to specify the currency. PayPal's shopping cart documentation and help system would have more info on that.
Doing a search real quick there I came up with this.
<input type="hidden" name="currency_code" value="GBP">
Then you may also want to change the LCID settings for the web site to UK. (I think)
To do that edit the "config_inc.asp" file with a text editor.
Add this code between the <% and %> tags.
Near the top is good
Session.LCID = 2057
There may also be hard coded dollar signs in the code that you will need to change to whatever.. If after you do the above to steps you see then you'll know where to change them based on the named of the page you on.
It is quite possible that simply changing the LCID will take care of everything, but I am not sure.
Those are the tips I can give you. , Sounds to me like you got some bad databases or something. Or your trying to open a database with too old of a version of msaccess.. not sure
Everything is stored in one database. And yes there is more than just the users table.
Also, removing the "temp" password should be a piece of cake.
Email me for a new copy of the download file ? Use the contact from on the cjwsoft site. Please tell me your order details as well so I know who you are.
, When I attempt to upload, it appears that the image uploads. I get a "Original Image Size 0 X 0 pixels"
they don't appear in the web pages, any thoughts? I am using VBscript to upload, my host has safileup but I am unable to use it in this script, thanks for any help
http://mcintoshcounty.org/real_estate/extras/server_info.asp
here's the site link
Never mind, had the path to the image folder screwed up
, Gotcha.
Can you set an expiration date on a subscription?
Thanks,
Jess
, Hi,
No, only ".asp" files can be protected. It is the nature of Forms Based Authentication when using web based scripting technologies whether those scripts be ".cgi", ".asp", ".php", or whatever.
To protect entire direcotries at once you really need to run your own webserver and use NTFS permissions and user accounts..... or if something special is installed on the server there may be ways to do it as well. That usually isn't going to happen under a shared hosting account but there are special authentication products for such a thing that some hosting companies do purchase and allow their hosting customers to use.
Using aspprotect we do give working examples of ways to stream and partially protect images and downloads while a user is logged in to an ".asp" page.
Also, any ".htm" pages can simply be renamed to ".asp" if you need to protect them. Links to each other need to be updated of course because of the extension change.
In my opinion the truth of the matter is most high end sites use Forms Based Authentication with scripts. Not directory protection as it is fairly primitive/old school as well as sometimes being confusing for the users of the site because of how the login window from the server often gets stuck behind the browser.. etc etc
If you have a lot of pages in a site that you need to add protection code to then if can often be helpful to use a good Multiple file search and replace program to carefully add the protection code to the top of the source code of the pages. There are even multiple file search and replace programs that can rename extensions which can be helpful for large sites.
For images and graphics you want protect you have to do some work and set up and intelligent system for yourself.
Lastly whether you use https:// or not is no concern to ASPProtect as it works the same under https:// as it does under http://
, Ok, so I checked to see if ASP is running on the server and it is. then I added code to the top of a page and this is what i can see when 'view Source' on the web browser:
<%@ LANGUAGE="VBSCRIPT" %>
<!-- Begin ASPProtect Code -->
<!-- Groups with access to this page. ( * Admins * ) -->
<% GROUPACCESS = "4" %>
<! #INCLUDE FILE="check_user_inc.asp">
<!-- End ASPProtect Code -->
<html>
<head>
<title>TeamManagers</title>
Yet I get no challenage for a password and no error message!
, ok,
when you say "we have set up to use the Subscription services exclusively for all new members "
I am sorry to have to ask this again but what does that mean exactly ?
how was that accomplished ?
The reason I say this is because when a subscription is created by a user through the normal channels.. meaning they went to the paypal subscription directory and either started a new account or found their old one to start a subscription with.. either way the PayPal Subscripber ID that paypal assigns is added to the database for that user and the expiration date is set to null.
Now, that being said the function that sends expiration emails to users will NEVER send an expiration to a user that has info in their PayPal Subscriber Field in the database. I just double checked that.
So that is where I am confused ? How did all these users get set up to use subscriptions and not have the PayPal Subscriber ID field popluated in the database ?
Seems to me the only way this could happen is if you set some stuff up manually and the PayPal Subscriber ID for each user never got put in the database. That and the expiration date didnt get set to null.
Again, I am sorry to keep asking this but it just seems to me that something else must be going on that I am not clear on regarding how you upgraded these people to use subscriptions.
In the end I think the answer may be to manually make sure each old user now using subscriptions has their PayPal Subscription ID set in the database as well as their expiration date from before set to null.
, cool.. let see if that works. This was the command line that I had to enter in order for it to register. Chris, as you stated before, you can try one of the other emailers, but you need a email server to tie to.
"regsvr32 cdonts.dll"
, Editing using Visual Studio.NET
Here are directions for editing the application using Visual Studio.NET
2002 or 2003 version.. either should work
Some of you are wondering why I didnt just give you the project files.
It is best you go through this process and really understand what is going on.
Also, I dont use VS 2002 so I wouldnt be able to give you project files that would work with that. Not to mention there is 100% chance my prject files wouldn't work for you anyway because of path differences and other things.
Anyway.. on with the instructions...
1st.. make sure IIS, ASP.NET, .NET Framework, and Visual Studio.NET are all installed correctly and up to date.
Open Visual Studio.NET
File - New Project
Select a New Visual Basic ASP.NET web application.
give the new web to be created a name.. I called mine "aspprotectdotnet"
Hit Ok..
Now. once the project opens up we need to delete a few things in the solution explorer window.
So delete "webform1.aspx" , "deletestyles.css", "Global.asax", "AssemblyInfo.vb", and "web.config"
Basically all the files under the project...
Now... you should have the aspprotect.net files unzipped somewhere on you hard drive...
open that folder and select all the files and folders like so
Now drag those selected files and folders to the solution explorer window of Visual Studio.NET right on to the name of the web. In my case "aspprotectdotnet"
It might say this folder already contains a folder names Bins.. just tell it to copy over and continue on any prompts like that.
You'll notice your project is now populated.
Open up the references tab in the solution explorer window as we need to add some references to the dlls in the bin folder of this project. This is needed so the compile process and function correctly.
Right click on references.. click add reference
Then browse....browse on your hard drive to the location of the new web and the bin folder within it.
In my case... "C:\Inetpub\wwwroot\aspprotectnet\bin"
Choose "aspprotectlicense.dll"
Hit open...
Now do the same thing again until you have added all the dlls in that bin folder to the references..
Now.. click add-references again and this time choose
"system.management" from the choices in the .NET tab
Once all of that is done your references should look like this
Now in the Visual Studio.NET menu system up top..
Choose Build - Build Solution
If you did everything right you will see something like this in the build window
------ Build started: Project: aspprotectdotnet, Configuration: Debug .NET ------
Preparing resources...
Updating references...
Performing main compilation...
Building satellite assemblies...
---------------------- Done ----------------------
Build: 1 succeeded, 0 failed, 0 skipped
You now have the visual studio side of things all set up.
To make the project actually run we now have to set some permissions and edit the web.config file.
Using windows explorer browse to the web the app is in. Right click on the "_database" folder and give that folder and all the child folders within it. Modify permissions for both the Anonymous webserver account and the ASPNET account. These accounts might not show up until you dig into the advanced tab and click find now to show all the accounts on the machine.
Permissions screen looks like this...
Once that is done go back the solution explorer window in visual studio.
Open the docs folder.. right click on "sysdiag.aspx" and choose view in browser.
It should complie the project again.. and then run that page in either the internal or external browser depending on how you have that set up.
That page will report back path information.
"BTW.. for security reasons this page should be removed from any production server after installation is complete.. this is very important"
In my case it looks like this.
Probabale AppRootPhysicalPath
c:\inetpub\wwwroot\aspprotectdotnet
Probabale AppRootUrlPath
http://localhost/aspprotectdotnet
Probabale Path to Access Database
c:\inetpub\wwwroot\aspprotectdotnet\_database\aspprotectnet2 002.mdb
Now we need to edit the web.config file... your going to need to know some of the path information above.
In solution explorer double click on web.config.
Now edit the AppRootPhysicalPath, AppRootUrlPath, and CN keys accordingly.
In my case they will look like this.
Notice tha part in bold that we added.
Now, you may also want to check the temp license key info while you are in that file and make sure it is not expired but I am not going to get into that here.
I am also getting the "Unspecified Error" message. I just transferred my site to IIS 5.0 and I get that error now. However it does not happen everytime. I can click on a page and it opens fine and then I hit refresh in the browser and I get the "Unspecified Error" message. What could be causing this?
... could you make a link from it to our website and is there a way to see what traffic goes from us to them. They are going to pay a commission on sales, however I need to be able to track who views their site...
Wishful thinking or could you add code to track their IP address and display in the report section? Not sure that would be enough to satisfy this request. Suggestions?
I have gone back to your original files and uploaded them to another server folder and instead of using a DSN I have tried this with a DSN less connection and changed the database to MS Access 2002.
This has corrected the problem.
I will check this out again using the DSN with access 2002 to see if this was the problem. It may be something to do with an older format of database on this particular server.
I will let you know what I find.
Thanks for your quick reply.
, I sent you a PM, Thank you so much that works great.
I will test with the other settings on the email server again thanks for the advice,
