Blog Entry: 3/25/2006 4:53:58 PM
Probably not... javascript calling complex javascript is not a good thing and is often a problem.
I would try one of the other methods such as the xml parser if possible.
, all that docmunetation is online as well right here so you dont really need the chm file
http://support.cjwsoft.com/code/info24.htm
the chm format is a windows format that can only be viewed on windows pcs. I do not know why you can not see it. I would do reseach on viewing CHM files on whatever operating system and version you are running because perhaps you are using a mac or linux operating system which can not natively view chm files ?
,
How can i get to this to register someone in the database only after the Paypal payment has been accepted. I was testing it out to see if it makes it to my Paypal account (which it did just fine) then I closed Paypal before paying. I logged in as the administrator and looked at the member list and the account was created anyway. How can I stop this from being created until "only" after the Paypal payment has been "approved"?
What if this person never comes back to "try again"? Now the username he used (and is inactive) is not available for anyone else to use. And it takes up database space.
I am using the Paypal (non-subscription)
Thanks in advance,
scottyFlasher
, again.. more custom code work would be required to handle it
, Do what it says so you can see the real error and then post that information here. It could be anything from incorrect permissions to whatever.cwilliams38454.4272916667, Our webhost changed converted all sites from c: to d:, and without us doing anything else, our customers now get the following error message when trying to access our Classifieds site:
***********
Microsoft][ODBC Microsoft Access Driver] Not a valid password.
This means there is most likely a problem with the "ConnectionString" info that you specified.
If you are using a DSN-Less Connection with MSACCESS.
Check that the physical path to the database has been specified correctly.
It has to be perfect and correct. It cannot be specified using "http://" or by using "server.mappath".
It has to be specified like the following example.
ConnectionString = "DBQ=D:\Inetpub\wwwroot\advpass_pro\_database\passwords.mdb;Driver={Microsoft Access Driver (*.mdb)};UID=admin;PASSWORD=Xpass"
If this is running on an NT server or Win2000 Server make sure that permissions have been set on the database.
Only the server admins can do this. If you are not the admin you will have to ask for this to be done.
If you are using a System DSN
It is not set up correctly. Again, make sure the permissions have been set for the database and that the system DSN has been set up correctly by the server admins.
************************************************************ *********************
We did everything the web host asked us to do, that is, changed all references to the C drive to new references to the D drive, but the error is still there. We also never changed any passwords (as far as we can remember). Can someone please tell us where to look (also which file might tell us what the correct password is in case it has in fact been changed.
Scaramouche38306.4845833333, Is there any way to extend the limit multiple login feature to a certain number instead all or none? In other words, i need to have a user be able to use the same login for x number of people. My customers are institutions and want to be able to have a single login for however many users they purchase for.
, no the "expected path" is something that gets generated for you if you have parent paths enabled. to help you fill things in correctly...
basically if parent paths are enabled it shows you what the path should be for each path field on the settings page... if parent paths are disabled there will be nothing to the right of expected path for technical reasons (lack of being able to do a "../../" to figure out the paths more or less)
in that case there is a file called "expected_paths" in the data folder that you can run to tell you the expected path info
, User Registration
The "users" folder allows users to sign themselves up and edit there accounts as well as retrieve lost passwords..
In the settings tab of the ASPProtect admin area there are options for which fields are used and which are mandatory when a user signs up. The only validation the system performs by default is checking for mandatory status. If you want to add more validation so reduce the chances of input errors that is up to you.
You can add additional server side validation by doing server side checks on the save pages... you can also make the field sizes larger in the database if you think you need to. You'll need to be good with ASP to do this.
Always backup your files before making changes to them so that you can revert back to a working copy if you mess something up.
, ok, here is what is going on
you are password protecting an ".asp" page that requires querystring info to run correctly (example - "somepage.asp?ID=3"")
that is something I never intended anyone to do.. while it does handle and repass the querystring info along during successful login it does not re-pass that info during a failed login as you have found out
this is all by design.. the only reason the system re-passes the querystring info at all is because I wanted to make it smart for the sake of the remember me/cookie feature.. so if someone was using that and bookmarked a page deep in your site with querstring info...then when they went back to that bookmark they would get authenticated and still see the page as intended with the querystring info in tact
it was a nice feature never intended to handle any situations other than what I just described...
now...
notice the url in the browser after failing a login.. then logging in successfully.. it is missing the querystring info
that more than anything is what is going on.. browser caching can cause some confusion when dealing with this because the browser likes to return you to the page minus the querstring info... when that happens a simple browser refresh at that time may very well solve the problem and then you see the page you are supposed to see...
To avoid all of this...
One solution to this is to always start people logging in to an ".asp" page that has no querystring info. That way this won't happen. Once they are logged in you can then offer them links to the pages they need to go to. (you of course still want to password protect those pages)
Another solution is to log them into a page with no querystring info and then do a response.redirect to the page with quersytring info.. thus accomplishing the same thing but without the possibility of the issue because of a failed login.
Another solutions is to do checks in your asp page for missing querstring info.. and if it isn't there do something about it like send them somewhere else.. or display a message about there being an error... etc etc
So,basically you don't want to tell people to login into such and such page with querstring info... and providing a username and password..... You can do it but like you found out it can cause an error if they mess up logging in the 1st time. The system just was not designed to handle that. There are complex reasons for that involving security that would just take me too long to explain.
I hope this makes some sense to you.. it is very hard to try and explain
, MSACCESS 2000
server: windows
option pack: yes (after the install I have this problems with groups and edit users )
host permissions: yes
MESSAGGE:
Active Server Pages error 'ASP0113' Script time out/password_admin/groups.asp The maximum amount of the time for a script to execute was exceeded. ...
vaghelis38300.5484143519, Hi,
I did some layout customizing on the register page on my site. ( http://www.lonestaricon.com/aspprotect/paypal_sub_signup/reg ister.asp)
Now when I tried to register, it seems like it goes to the next page, but it is blank.
( http://www.lonestaricon.com/aspprotect/paypal_sub_signup/add _new_account.asp)
If I log in under administration, it shows that I have registered. I can't seem to figure out what part of the code is wrong, so that the new account page will not load.
I'd would greatly appreciate any help with this.
Thanks,
Allison
, Well I have the web hosting tech looking into the memory issues at this point. Unfortunately I don't have another machine to be able to run the asp on that would run it correctly so that I can just publish it over.
, Got it. Thanks Chris!
Michelle
, Okay, hopefully I'm posting in the correct area this time.
Currently we are utilizing ASPProtect 7.x
When using the Newsletter function, many members are indicating they are not receiving email. No evidence of email in SPAM folders. Also, when checking with email provider, they insist it is not being filtered prior to delivery to member's email address.
The following message does appear when a newsletter is sent.
error '8004020f'
/newsite/ASPprotect/scripts/emailing_subs_inc.asp, line 124
Line 124 is the line of code to 'send' the emails. We have approx. 860 members who are on the list to receive the newsletter emails. I have no way of knowing how many are not getting the email. Based on anecdotal evidence, I'm guessing it could be as high as 20%.
We are using CDOSYS / SMTP authentication with a real external email with MX records. Our website is hosted by Cbeyond. They insist it isn't at their end. (for what it's worth)
Thanks for your assistance.
NPA
, No I didn't...
The one I tried is the hosted one at my provider which I gave you the link for.
Thanks very much. 
I will get that one and it may be much easier if I need to get into the Nitty Gritty of the database at some time.
Thanks
, IFRAME is just an client side html thing...
has nothing to do with .NET
will work with any page extension or server side technology
As you see from that compatibilty chart I posted a link to.
Nearly every modern browser supports it.
cwilliams38155.4462847222,
Error when click on banner. (I remove on error resume next in config_inc.asp)
The conversion of a char data type to a datetime data type resulted in an out-of-range datetime value.
banner_redirect.asp, line 36
Database - MS SQL Server.
Gignutyi38368.5403935185, My server is Server2003. I could not find the folder settings you mentioned. I did find a iuser which I added as specified. I retried to perform an upload. Still same message. But it does move the JPG to the picture folder. So, part of it is working. , I have reviewed the permissions requirements for folders from the support documentation but do not see the 'internal guest' account shown in our system to allow internet access to read/write to the access database.
How else can we locate the proper account (or is it possible there is none?) to use to allow permissions to access the Data directory if it doesn't show up as 'Internal Guest'?
cwilliams38417.7773032407, Also, I found this page which specifically talks about hidden IPN form values to change currencies
https://www.paypal.com/us/cgi-bin/webscr?cmd=p/acc/ipn-info
| mc_currency |
For payment IPNs, this is the currency of the payment. For non-payment subscription IPNs, this is the currency of the subscription. |
| "USD" |
The currency of the payment is U.S. Dollars. |
| "CAD" |
The currency of the payment is Canadian Dollars. |
| "GBP" |
The currency of the payment is Pounds Sterling. |
| "EUR" |
The currency of the payment is Euros. |
| "JPY" |
The currency of the payment is Yen. |
cwilliams38459.9616087963, (User Search & Contact Mod) for ASPProtect Version 7.x
This will allow an individual user to search for other users as well as email or call them.
Notes: This is a down and dirty mod. The users page from the admin area was used as a starting point. I then edited it up real quick to be used as a user search. The way it is it shows the user email as a regular email link. If you want to set it up so emailing is done from the application and emails are not actually shown you will have to do some extra work. If you don't want phone numbers shown you will have to remove that column which is not very difficult.
Directions:
Back up your existing ASPProtect installation.
copy "search.asp" into your "users" folder
2006-03-10_143253_User_Search_Contact_Mod.zip
Direct your users there. They will have to be logged in to view the page.
WARNING: This has not been extensively tested for SQL Injection attacks.
I think it is perfectly fine the way it is by looking it over quickly, but use it at your own risk.
, It really means just what it says. Your connection string is just not valid and the sql server speicifed can not be reached. The username and password could also be invalid. Since you already had a database set up you should use the same username and password you have always been using. You also need to use the same database name you have always been using. Without actually knowing more and seeing what you are doing it is pretty hard to tell you anymore than that.
The directions and sql scripts given are for setting up a new sql database. Applying them to an existing sql database requires a slightly different approach. Modificiations to the SQL scripts elimintating references to the usernames/password/database we suggest in the scripts is also a good idea.
A data connection is a low level as it gets. Until you get that working you are really not even touching any of the code in the ASPListings application.
If you want I have no problem going into your sql server and web and setting up for you correctly.
cwilliams38301.7362037037, I want to try this on the machine im using now; which is windows XP.
Is this possible? I don't think i can set folder permissions on XP... there is no option to do so...
Is there a way to do it?
, The login page sends the user to redirect.asp (which is as follows)
<%@ LANGUAGE="VBSCRIPT" %>
<!--#INCLUDE FILE="check_user_inc.asp"-->
<%
If InStr(Session("Groups"),"*1*") Then
Response.Redirect("gp01.asp")
End If
%>
<%
If InStr(Session("Groups"),"*2*") Then
Response.Redirect("gp02.asp")
End If
%>
I am not being redirected to gp02.asp if I am a member of group2. Also, we wish users who are part of group 2 and 3 to go to a different page (ie. gp2-3.asp)
Thanks in advance.
, Access Database Password
By default all of the Access Databases we give out have a default password of "temp"
The Default username that and Access database uses is "Admin" but you should not be concerned with that except in your connection strings.
The default password for the Access Database can only be changed using Microsoft Access to do so. If you have security concerns it would make sense to change the password. The help system built into Microsoft Access best explains how to do that.
cwilliams38403.6820833333, that is because passwords in the import/export files are encrypted.. if you make one of your own you need to use the rc4 function in the "config_inc.asp" to encrpyt your passwords just like the aspprotect system does (requires knowledge of vbscript and integration into your export system)
now, there is a way around this
if you want to import a file you made with clear text passwords edit "import.asp" beforehand and change
If UserArray2(5) <> "" Then CmdAddUsers.Fields("Password") = UserArray2(5)
to
If UserArray2(5) <> "" Then CmdAddUsers.Fields("Password") = RC4(UserArray2(5), PasswordEncryptionKey)
that way it should convert your clear text passwords to encrypted while it does the import
this post also addresses this but in the reverse scenario
http://support.cjwsoft.com/code/code_info.asp?TID=261&PN =1&TPN=1
I hope this helps you because I really do have to leave the office like right now. Very late for a dinner meeting.
I should be back on the computer later tonight or tommoro morning
, Hope the wedding went well. I have one this weekend.
I was successful at performing an upload. The free upload software was either not configure properly (probably) or not working. I downloaded the trial version of softartisan's upload (which is like over $300) and it started working.
Can more than one photo be uploaded at one time (like a whole folder full of photos) or does each have to be done individually?
, The setting I am most interested in is what you have for the "Pic_Max_Image_Width" used when the image resizing components resize the big image
setting it to nothing or zero could cause this
, Once doing that make sure to use Internet Explorer as you follow along with these directions.
Now, unzip your installation zip file that you downloaded from CJWSoft.
Use a program like winzip and be sure you have it set up to unzip the directories as well. You can also use windows xp's built in folder compression tools to unzip the archive.
When you unzip the application you should have all of the following folders and files. (more or less, it depends on the version)
Now save that user.
You should see a new user listed in the admin area. Click on Edit user to the left of the new account. On the edit screen check the "admin" checkbox and save the user.
You just created an Admin account.
Now click on the "log off" button on the top menu and click yes to log off.
Now close the browser. Then run this URL
http://www.mysite.com/password_admin/default.asp
Replacing the part in blue with your website info.
You should now be able to in to the admin area of the system using the new admin account you created.
You are now ready to go to the settings page so click on the settings tab in the menu. There are a lot of options and paths that need to be set on this page. Every setting is described in detail on this page. You need to go through the page and set things up properly. Anytime the page asks for a path to a url or file the page will auto generate what should be the path to use. (expected path) If your server has parent paths disabled a few of those auto generated paths will not show up. If that is the case run this url from your server and it should tell you the paths to use for those settings.
Replacing the part in blue with your website info.
Once your all done and the system seems to be running fine you should go back and delete the following pages as they are no longer needed and pose a potential security risk.
http://www.mysite.com/data/setup_info.asp
http://www.mysite.com/data/expected_paths.asp
http://www.mysite.com/password_admin/get_me_in.asp
You should back up the original zip archive you got from CJWSoft in case you ever need those files again.
VERY IMPORTANT: The user passwords from now on will be encrypted using the "PasswordEncryptionKey" you specified in the "config_inc.asp" file.
If you ever change that key all of your passwords will be invalid and you can not get them back unless you know the key and put it back, so plan on never changing that key unless you really know what your doing and know how to decrypt/re-encrypt the passwords using a new key. (something we do not cover at the moment but probably will when we have time to make a tutorial)
, enjoy the bar.. drink one for me.. cause that was the problem..
That being said asp photo gallery actually has a few more places that send email that you going to need to modify as well. Off hand the reply to album, admin massemail, admin send email,and postcard features come to mind possibly as 3 of them.
using a multiple file search and replace utility like ReplaceEm would be the easy way to do all of this in one step and find all the instances
http://www.orbit.org/replace/
OK, thanks.
noted.
1.) this has been explored and because of the way groups works is not feasable. Because us this I wrote code to allow you to view and sort all users for any group on the actual groups page. You pick a groups and then click the "Show Users" button
2.) noted
, Honestly cannot comment much about v7 since it was just installed on a new server. We have been running 5.03 for years so I'm looking forward to the new features in v7.
I do not think it it anything to do with the Application.
You most likely have some sort of ad blocking software that is doing it.
It is seeing the word "banner" or "ad" and blocking the images in your browser.
I doubt it is anything built into xp doing it. XP with SP2 has built in pop-up blockers but no ad blockers like that really. It is norton ad blocker or something of that nature.
, 
