SQL Server Datareader Datawriter Permissions..

here is a screenshot that shows how to set datareader and datawriter permissions on a database using "SQL Enterprise Manager"

In this example we are making sure the aspbanneruser has those permissions on the aspbanner database in the SQL Server

Right,  I've done that.  My concern is that it will time out again while I'm trying to import the file.

The import/export manager does not show up under the users tab when I log in normally.  I have to pull up the page in frontpage and then preview it a browser to get it to show.

thx for posting this..


Just a few notes... more than 100 pictures specified in the config file is not supported. You are of course on your own if you specify more than 100

Also, technically the post above should say more than 102 pictures... "I think" as you wont need more html cell code until then..

The loop in the code is probably how I should have done it in the 1st place but I was in a hurry to get this finished and I also never expected/wanted anyone to specify more than 100 pics per album.

Lastly.. depending on what style you are using in the config file the code above may not work as some of the styles do not use cells but line breaks instead..   At least from what I remember.

I appreciate the offer to beta test... but its really more a matter of me getting it ready..

I have a lot done.. but a lot of things are hard coded to only work on my machine and some things have not been sorted out. Giving it to someone else to test would be a waste of time at this point as I they probably couldn’t even run it.

Lately the reason this project has fallen behind has all to do with my main webserver where I collocate.

1st it got compromised (we think by certain competitors who are always up to no good)... then windows 2003 server which I decided to go with on the new server gave me random problems... then the Cisco hardware firewall was acting up and making the sites run slow....then SQL server attacks on port 1433 from Korea when I took the firewall down....and as of the last few days I think the server just needs a new power supply. I swear for the last 2 months I have spent more time administrating my servers than working on code. Yesterday it was locking up every 30 minutes. There have been a lot of days like that and it takes up all my time until I get it situated.  Especially since its over 100 miles to the collocation center. The APC unit I installed that allows me to remotely cut the power to hard reboot is a life saver.

Fun... I tell ya... and expensive.. (hardware, software, lost sales, and time) I am pretty much completely broke at the moment. It has been a very expensive few months.

But I like running my own servers... I run dns servers, email servers, sql servers, web servers.. I do it all. It's keeps me in touch with the latest software/hardware. Regardless , my servers ran well for years and they will again.


anyway.. hopefully I can actually get a new version of the photo gallery out before the month is over. It will probably be the last classic asp version. The version after that will most likely be ASP.net.

I just took a look and that is definetly what happened.
It has nothing to do with the registration process as far as I can see.

Just running this page triggers it and I know it does not do that the way it comes.
http://www.myvirtualtutor.com/aspprotect/users/user_area.asp

Please back up what you changed and put the user area back the way it came..

If error still happens then I can help you.. It it works fine with the default files from the zip archive then you messed something up in the code.

You have to be really careful when working with ASP code.

Also: just in case you did this. " you should not be password protecting any files in the users area that are already there " the users area does it's own thing and there is no reason to be doing anything like that to the files that are already there. You can do whatever you like to files you add on your own.

(User Photo Upload Mod) for ASPProtect Version 7.x

This will allow an individual user to upload a user picture instead of just the admin.

Notes: This is a down and dirty mod. The user upload code was copied from the admin area and there are no safeguards. Meaning there is no limit on the file size a user uploads and there is no confirmation process in case something they upload is inappropriate. etc etc etc

If you want that you will have to work on that on your own.

Directions:
Back up your existing ASPProtect installation.

copy these files into your "users" folder

2006-01-24_111305_User_Upload_Mod.zip

ok, well if you want to test on your own....  in the ipn.asp file for the subscription folder you will see this area of code used for testing

' Un-comment this section and give this directory proper permissions to enable logging to a text file
' Very helpful for troubleshooting
'   Set ObjMyFile = CreateObject("Scripting.FileSystemObject")
'   LogFileName = ("paypal.txt")
'   'Open Text File.. If doesn't exist create it and append to it .. If exists just append to it
'   Set WriteMyData = ObjMyFile.OpenTextFile(Server.MapPath("paypal.txt"),8,True)
'   RowHeaderString =  ""
'   RowHeaderString =  RowHeaderString & OrderID & vbTab
'   RowHeaderString =  RowHeaderString & Custom & vbTab
'   RowHeaderString =  RowHeaderString & User_ID & vbTab
'   RowHeaderString =  RowHeaderString & subscr_id & vbTab
'   RowHeaderString =  RowHeaderString & txn_type & vbTab
'   RowHeaderString =  RowHeaderString & subscr_date & vbTab
'   RowHeaderString =  RowHeaderString & Access_level & vbTab
'   RowHeaderString =  RowHeaderString & Groups
'   WriteMyData.WriteLine(RowHeaderString)
'   WriteMyData.Close

now that folder will need modify permissions for the text file to be written to but this is a good way to test if the ipn.asp page ever gets hit by paypal.

ITS REAL IMPORTANT THAT THE TEST FILE CAN BE WRITTEN TO OR DOING THIS WILL JUST CAUSE MORE ISSUES

To ensure the text file can be written to and permissions are correct for that folder you can make a new .asp in there and run this to see if the text file writing works

   Set ObjMyFile = CreateObject("Scripting.FileSystemObject")
   LogFileName = ("paypal.txt")
   'Open Text File.. If doesn't exist create it and append to it .. If exists just append to it
   Set WriteMyData = ObjMyFile.OpenTextFile(Server.MapPath("paypal.txt"),8,True)
   WriteMyData.WriteLine("the file was written to")
   WriteMyData.Close

Now, you can even change the location of the text file to place that does have permissions if you like.

This is what I would do if I was in there... then I would make some test payments using 1 cent and another paypal account (your allowed 2)

and see what happens

it is always possible the subscription code may have a bug in it. The last time I tested I only tested the single payment folder which worked perfectly. If I have time in the next couple days I am going to test the subscription stuff again. If there is something wrong I can cure it quickly.

The two routines share a lot of code in common.

1st: try it with a normal dsn-less connection like we show in the example.. dont use that OLEDB.4.0 connection string.. connecting like that can cause a lot of problems and is not as great as everyone thinks it is and it can sometimes be difficult to get it working when the database has a password set on it

For the sake of troubleshooting just connect like so: (fixing the path of course)

ConnectionString = "DBQ=C:\Inetpub\wwwroot\aspprotect\data\database\ASPProtect_ access2002.mdb;Driver={Microsoft Access Driver (*.mdb)};UID=Admin;Password=temp"

ASPProtect will generate the actual connection string you should use when you run this page

http://www.mysite.com/data/setup_info.asp

Replacing the part in blue with your website info.


2nd: any IIS server setup to have the access database over the network path like that has a poor setup... and that can cause all sorts of problems as well, access is not designed to run over the network like that.. for more on that read this thread -  Start 5 posts down
http://support.cjwsoft.com/code/code_info.asp?TID=479&KW =OLEDB%2E4%2E0

3rd: If the app does not run using the connection string like I say to use then the problem is 100% on their end and is either related to permissions or the fact they are keeping the access database on a network path which is BAD BAD BAD... no quality host that knew what they are doing would set it up that way.. ultimately you don't want to host asp with a place that has a setup like that

4th: If you want to try some other stuff out we have a free guestbook, asptest, and a free version of aspbanner you can try out as well... www.cjwsoft.com

5th: If you need a quality asp host that knows what they are doing and offers great asp support www.alentus.com is the place

6th: Your right, it is not the code, its the data connection

FYI:

The articles you references were read over by me like 3 hours ago... way passed that and prob. in deeper sh*t than i was since im trying everything possible without knowing the true reason this is not working.

You can't do that. ASPProtect 7 does not work with ASP.NET.

It is a classic ASP application. As the web site states it can only be used to protect ".asp" pages written using vbscript.

ASP and ASP.net are completely different animals.

Thats why we have a .NET version.
http://www.aspprotect.com/more_info_net.asp

Hope the wedding went well.  I have one this weekend.

I was successful at performing an upload.  The free upload software was either not configure properly (probably) or not working.  I downloaded the trial version of softartisan's upload (which is like over $300) and it started working. 

Can more than one photo be uploaded at one time (like a whole folder full of photos) or does each have to be done individually?

Below is the email I received when testing the self-registration. Does anyone know what setting I configured incorrectly?

I received the email to confirm the registration but the link to activate is invalied.

Thanks!

Your registration still has to be validated.
Go to
?u=bubbaj&v=4579
to verify your registration.

<%@ LANGUAGE="VBSCRIPT" %>
<!--#INCLUDE FILE="check_user_inc.asp"-->
 
<%
    Response.Write(Session("Groups"))
%>

Or at least I think so.  I have been trying to get this software to work so I can see if it meets our needs for an upgrade purchare. Here is my error.

Microsoft JET Database Engine error '80040e10'

No value given for one or more required parameters.

/aspprotect/scripts/populate_config_variables_inc.asp, line 15

My provider says that the problem is NOT on there end, that it is a problem with the code.  I think that it is a database connection problem.  Can you please help.  Below is my connection string based on what the setup page directed me to do:

ConnectionString = "data source=\\NAWINFS03\home\users\web\b1347\rh.957theride\asppro tect\data\database\ASPProtect_access2002.mdb; Provider=Microsoft.Jet.OLEDB.4.0;Jet OLEDB:Database Password=temp"

When I first set up the program I got this error:

Provider error '8000ffff'
Catastrophic failure
/aspprotect/scripts/populate_config_variables_inc.asp, line 11

Once again, the looked into it and said the permissions were fine and that the code was most likely bad.  But then the errror changed to the one that I first listed.  Which is the one I am currently getting. 

BTW here is the page address

http://www.957theride.com/aspprotect/password_admin/get_me_i n.asp

Thank you!

These are 4 valid examples of calling a flash movie.

The more simple examples may cause problems for people that don't have the flash plugin installed. I really do not know as I am no flash expert. All these work fine for me. Of course I have the latest flash plugin installed. Perhaps some of you can shed some light in this. The 3rd and 4rth examples are obviously only slightly different and mention different versions of flash as far as downloading the plugin goes.

<EMBED src=" http://www.aspbanner.com/test/aspbanner/images/banners/power asp.swf" WIDTH="468" HEIGHT="60">

<object width="120" height="22">
<param name="movie" value=" http://www.aspbanner.com/test/aspbanner/images/banners/power asp.swf">
<embed src=" http://www.aspbanner.com/test/aspbanner/images/banners/power asp.swf" width="468" height="60">
</embed>
</object>

<OBJECT classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase=" http://download.macromedia.com/pub/shockwave/cabs/flash/swfl ash.cab#version=6,0,40,0"WIDTH="468 " HEIGHT="60" id="myMovieName">
<PARAM NAME=movie VALUE=" http://www.aspbanner.com/test/aspbanner/images/banners/power asp.swf">
<PARAM NAME=quality VALUE=high>
<PARAM NAME=bgcolor VALUE=#FFFFFF>
<EMBED src=" http://www.aspbanner.com/test/aspbanner/images/banners/power asp.swf" quality=high bgcolor=#FFFFFF WIDTH="468" HEIGHT="60" NAME="mybannername" ALIGN="" TYPE="application/x-shockwave-flash" PLUGINSPAGE="http://www.macromedia.com/go/getflashplayer">
</EMBED>
</OBJECT>

<OBJECT classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase=" http://active.macromedia.com/flash2/cabs/swflash.cab#version =4,0,0,0" ID=banner WIDTH="468" HEIGHT="60">
 <PARAM NAME=movie VALUE=" http://www.aspbanner.com/test/aspbanner/images/banners/power asp.swf">
 <PARAM NAME=quality VALUE=high>
 <PARAM NAME=bgcolor VALUE=#FFFFFF>
 <embed src=" http://www.aspbanner.com/test/aspbanner/images/banners/power asp.swf" quality="high" bgcolor="#3CBDCD" WIDTH="468" HEIGHT="60" TYPE="application/x-shockwave-flash" PLUGINSPAGE=" http://www.macromedia.com/shockwave/download/index.cgi?P1_Pr od_Version=ShockwaveFlash">
</OBJECT>

Here are three known bugs and their fixes...

If you have any of these symptoms these fixes will most likely take care of them.
If you don't have a symptom do not make any changes as you most likely have an updated copy of the application.

Technically if you bought that app on or after April 27th 2004 these bugs should all have been corrected.

Description Fix

(no descriptions showing in pop up window)

Edit pic_window.asp with a text editor

Change

Set f=fs.OpenTextFile(Server.MapPath("pictures/Album_ID_" & Album_ID & ".txt"), 1)

To

Set f=fs.OpenTextFile(Server.MapPath("../pictures/Album_ID_" & Album_ID & ".txt"), 1)

Slideshow Fix…

(last image in slideshow it not showing)

In slideshow.asp

Change

<% For PicArrayIndex = 0 To Ubound(PicArray) - 1 %>

To

<% For PicArrayIndex = 0 To Ubound(PicArray) %>

Add To Favorites fix

(add to favorites feature doesn’t work at all)

Edit "album_uppermenu_inc.asp" in the scripts folder

Change

<a href="users/favorite_albums.asp?Album_ID=<% =Album_ID %>"><img border="0" src="<% =application("skinpath") %>add_to_favorites.gif"></a>

To

<a href="users/favorite_albums.asp?Album_ID=<% =Album_ID %>&Action=Add_To_Favorites"><img border="0" src="<% =application("skinpath") %>add_to_favorites.gif"></a>

Good Morning, any suggestions on how to best "fake out the system" -- I would like to try to keep this clean so I can see the real errors?

My thought was to try to just move those .gif files to the directory that it thinks it should be in -- do you have any better suggestions? Or reasons why I really wouldnt want to do that?

I'm getting errors when clicking the Update Config Button in the System Info page and when clicking the log files button.

I'm not sure if it's a permission thing or not.  ASPNET and IUSR both have modify access to the _database folder and childs, yet I'm still getting the error:

Access to the path "D:\Inetpub\wwwroot\aspprotectnet\_database\xsd\aspprotectne t_config.xml" is denied.

Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

Exception Details: System.UnauthorizedAccessException: Access to the path "D:\Inetpub\wwwroot\_database\xsd\aspprotectnet_config.xml" is denied.

ASP.NET is not authorized to access the requested resource. Consider granting access rights to the resource to the ASP.NET request identity. ASP.NET has a base process identity (typically {MACHINE}\ASPNET on IIS 5 or Network Service on IIS 6) that is used if the application is not impersonating. If the application is impersonating via <identity impersonate="true"/>, the identity will be the anonymous user (typically IUSR_MACHINENAME) or the authenticated request user.

To grant ASP.NET write access to a file, right-click the file in Explorer, choose "Properties" and select the Security tab. Click "Add" to add the appropriate user or group. Highlight the ASP.NET account, and check the boxes for the desired access.

Any ideas?

Thanks

I believe I'm having trouble with Domain masking in that it appears to affect the ASP Photo Gallery login screen.

My address is forwarded and masked by my domain "company" (in this case: Godaddy.com). It is forwarded to a Win2000 Server running at my static home IP.

From outside of my network, the website appears to work fine...even the default.asp page works to the point of the login page. After entering a login and password - you hit the login button and the page simply reloads only with all of the header and footer information removed.

I found that by eliminating the domain masking feature at the domain company, the problem gets eliminated and the entrie site works fine.

Has anyone else run into this problem? I'm guessing it's the way the domain name is held in the browser cache but I'm not sure how to resolve it so that the ASPPhotoGallery scripts and pointers work correctly.

Eric

From: Mo Afifi
Sent: Sunday, October 23, 2005 4:47 PM
To: CJWSoft Support Info
Subject: Re: CJWSoft Support Info : SSL - Verisign Certifcates

The problem was that I did not have

ConnectionString = "Driver={Microsoft Access Driver (*.mdb)}.... in the connection string.

Thank You.

Triple check the upgrade instructions because I think you missed something important.

line 227 on "/password_admin/save.asp" refers to the "Password" field

the error your getting most likely means it is not there..

Pay close attention to the areas in the upgrade instructions regarding renaming your existing "Password" field to "Old_Password"

Then making a new "Password" field and carefully following the instructions needed to convert your old passwords for use with the new system.

If you don't everything carefully and perfectly this is the sort of error you will get.

how you connecting... lets see the connection string...

could be permissions related too.. if they are not set correctly
(always give them to the folder, never just the mdb file)

Some of this might help...

http://support.cjwsoft.com/code/moreinfo11-1.htm

http://support.cjwsoft.com/code/moreinfo136-1.htm

http://support.cjwsoft.com/code/moreinfo56-1.htm

you may want to download some of the different versions of the access database from the support area and try connecting to them as you may have older odbc drivers on the server

You may also want to try to get ASPTest from our website working before you go any further

Wondering what might be causing a long delay to display the login screen?  This does seem to be intermittent.  Could be server/ISP related? Have experienced enough times to justify posting this question.

I can count up to 20 seconds after clicking on the link.  After login all other selections zip right along without problem.

http://gibsoncity.us/aspbanner/

Thanks, Lance

Regarding hosting companies..

Now.. obviously if you are hosting on someone elses server you may not be able to set permissions like this.

Ultimately, if you are hosting somewhere and ASP and Database connectivity is part of your hosting plan. It is the hosting company's responsibility to set these permissions for you when asked or to give you a special interface to do so on your own. If they are not helping you do this then maybe it is time to get a hosting company that is serious about your ASP Hosting Needs.

Also... JUST TO BE PERFECTLY CLEAR

The permissions we are talking about cannot be set via FTP or Frontpage access to your web site. They must be set like shown above or via a special interface meant to set the permissions correctly. For all you people out there messing with the permissions you see in FTP and Frontpage.. you are wasting your time and possibly creating problems in your web.

All ASP scripts that communicate with an Access Database, Upload Pictures, Modify Text files.... are going to need these permissions set in some way or another. We have no control over that fact.

Great suggestion, routing the banner click through an intermediate page before the destination.  We use Deepmetrix LiveSTATS.xsp V7 and I should be able to configure a filter to capture the stats of the intermediate page.

Thanks for the help!
Lance

Change the action of the form to the page you want them to log into.
Make sure the page you send them to is protected by the "check_user_inc.asp" file.

<center>
  <table border="0" width="400" height="200" bgcolor="#000000">
    <tr>
      <td bgcolor="#F4F4F4">
        <form method="POST" action="memberarea.asp">
          <input type="hidden" name="Status" value="Checkem">
          <p align="center"><font face="Arial">ASPProtect Login</font></p>
          <div align="center">
             <center>
             <table border="0" bgcolor="#C0C0C0">
               <tr>
                 <td bgcolor="#EBEBEB"><strong><small><font face="Arial">Username</font></small></stro ng></td>
                 <td><input type="text" name="Username" size="10"></td>
               </tr>
               <tr>
                 <td bgcolor="#EBEBEB"><strong><small><font face="Arial">Password</font></small></stro ng></td>
                 <td><input type="Password" name="Password" size="10"></td>
               </tr>
               <tr>
                 <td bgcolor="#EBEBEB" colspan="2"><font face="Verdana, Arial, Helvetica" size="-1"><input type="checkbox" name="KEEPMESIGNEDIN" value="True">Keep
                   me signed in on this computer unless I log off.</font></td>
               </tr>
             </table>
             </center>
          </div>
          <div align="center">
             <center>
             <p>&nbsp;<input type="submit" value="Login"></p>
             </center>
          </div>
       
        </form>
      </td>
    </tr>
  </table>
  </center>