Blog Entry: 3/25/2006 4:49:51 PM
Is there a way to set various members to upload a limit of photos. So, one member can only upload 5 photos in 1 album and another can upload 30 photos in 2 albums. Even if you just set a permission for the number of uploads for each member.
Thank you , User Information
After a user logs in there are variables that you can always access.
They can be used to check various things or to display information
dynamically based on who has logged into the system.
Session("PasswordAccess")
Session("Access_Level")
Session("Admin")
Session("Active")
Session("Expiration_Date")
Session("User_ID")
Session("Groups")
Session("Redirection_URL")
Session("Password")
Session("Username")
Session("First_Name")
Session("Last_Name")
Session("Company_Name")
Session("Email")
Session("Address")
Session("City")
Session("State_Province")
Session("Zipcode_Postal_Code")
Session("Phone")
Session("Custom1")
Session("Custom2")
Session("Custom3")
Session("Custom4")
Session("Custom5")
Session("Custom6")
You can display them on a page at any time using Response.Write like so
<% Response.Write(Session("FIRST_NAME")) %>
or like this
<% = Session("LAST_NAME") %> cwilliams38419.533900463,
sometimes those emails take a bit... all depend on wht you are using to send them and whether a pickup directory is involved
as for the other I do not know.. PM me the site details I can look
if it is a 2003 server parent paths must of course be enabled.. its a requirement of aspclassifieds , Hello,
I do not really understand what you mean?
There are no country and city lists in ASPClassifieds. cwilliams38391.0301388889, Hi
I've tried almost anything here... I'm using an online SQL SERVER database with ASPProtect 7, and I can't login after my initial creation of the admin account.
It works fine with Access... I believe I have checked all the fields created by the sql statement (which was run with no errors),
What could be the problem here? could it be a problem that I run my local IIS against the online sql server?
sincerely,
Morten , Please Note : Users with the option pack a new feature called groups that is much more powerful than access levels.
More On Access Levels
Again, Examples of managing Access Levels are provided in the "multiple_access_levels" folder included in the root of the Password System. Look at the source code of the ASP pages in that folder with a text editor to see the working code.
Access Levels and how they work can be re-coded to work in many different ways. However, you have to be a good ASP developer to make changes to it. Here is some information on how they work by default and also info on an alternate scenario we have provided.
In the "check_user_inc.asp" that comes in the root of this system Access Levels works as follows.
Level 1 has Access to - Level 1
Level 2 has Access to - Level 1,2
Level 3 has Access to - Level 1,2,3
Level 4 has Access to - Level 1,2,3,4
Level 5 has Access to - Level 1,2,3,4,5
Level 6 has Access to - Level 1,2,3,4,5,6
Level 7 has Access to - Level 1,2,3,4,5,6,7
Level 8 has Access to - Level 1,2,3,4,5,6,7,8
ADMIN has Access to - Level 1,2,3,4,5,6,7,8,ADMIN
The "check_user_inc.asp" included in the "extras" directory is an example of changing the access level checking code
to work differently. In that "check_user_inc.asp" Access Levels works as follows.
Level 1 has Access to - Level 1
Level 2 has Access to - Level 2
Level 3 has Access to - Level 3
Level 4 has Access to - Level 4
Level 5 has Access to - Level 5
Level 6 has Access to - Level 6
Level 7 has Access to - Level 7
Level 8 has Access to - Level 8
ADMIN has Access to - Level 1,2,3,4,5,6,7,8,ADMIN
If you get creative you can create some interesting access level checking scenarios.
Here is some additional info..
If the access levels are too restrictive you can ignore them all together and create your own totally custom solutions.
Here is a quick rundown of some of the things you can do.
Ok... so if you want to be really specific about what each user can see and
can't .. here's an example of what you can do
Don't use the access levels before the include file..
Don't worry about what you set a user to in the admin area since the access levels won't be used.
Do something like this..
Every time a user logs in session variables are set that you can access at
any time.. thus allowing you to know who they are.
So you could do something like this...
<%@ LANGUAGE="VBSCRIPT" %>
<!--#INCLUDE FILE="check_user_inc.asp"-->
<%
If Session("USERNAME") = "bob1267" or Session("USERNAME") = "carl45" or Session("ADMIN") = "True" Then
Session("PASSWORDACCESS") = "Yes"
Else
Session("PASSWORDACCESS") = "No"
Response.Redirect(Request.ServerVariables("script_name"))
End If
%>
The following URL explains what Redirects are.
http://www.powerasp.com/content/code-snippets/redirects.asp
That would in effect create totally custom access levels.. but you would
have to do it manually for each user.
You can also do things like this after a person logs in
Show custom html to any specific user based on either their username or
access level ... like so
say there was a menu and a certain link should only show up to username
"paully67"
you could do something like this
<HTML>
<HEAD>
<TITLE></TITLE>
</HEAD>
<BODY>
<br>
<a href="main.asp">Home Page</a>
<%
If Session("USERNAME") = "paully67" Then
%>
<br>
<a href="paullys_page.asp">Pauls Stats Page</a>
<%
End If
%>
<br>
<a href="links.asp">Links Page</a>
</BODY>
</HTML>
Or you can show custom HTML or links based on Access Levels or any other info.
You can do just about anything with if-then statements and
using the built in vbscript functions..
Hopefully this info will help to give you some ideas...
Bottom line is you have to do some work within your site to make the Access Level system really come alive. cwilliams38114.6506712963, I am a little confused here. I am in the process of understand how this all works, mainly the email portions as I am running this through a home server (Windows XP). I have tried test emails, but they are not going threw. I ran the server_info.asp and it is telling me that I do have CDONTS installed, version 2.8. Then I tried running, the test_mailer_component.asp. This page is telling me it is not installed. This process lead me to start looking at my components for my IIS. Everything appears to be there.
Any ideas, where I should go next. It appears the CDONTS code is in every page that it needs to be in, and it appears that I have it installed, but there is a disconnect between the two..
, I am trying to understand how/where the "Log_Off_URL" variable is set
I have searched the forum for that string but don't get real good
results...I think the _'s are replaced with spaces for the search.
I am learning how to use the groups options and have modified some of
your example access level examples to test out group stuff. At the
bottom of the default.asp page I see a "LOG OFF SYSTEM" link that is
filled with a link stored in the Log_Off_URL variable and it looks
like that is being set back to the default.asp file somehow. So when
I click on it it just refreshes the page and appears to keep my user
logged in.
Seems like it should log out the user and redisplay the
login page. Is there a way to log totally off and have the login page
show up again? I am sure I am missing some obvious thing
somewhere...I can see where the Log_Off_URL variable is being created
in the config_inc.asp file but did'nt know where to look for more
info. Can you point me to an existing forum link?
Thanks!!
, Hi,
That is not enough to go on. I need details in order to help. , in that file "upload_post.asp"
change
<%
If Session("Admin") <> "True"
Response.End
End If
%>
to
<%
If Session("Admin") <> "True" Then
Response.End
End If
%>
, Lastly, I put there information here to help, but please don't ask me any questions about it.
I am not microsoft SQL server support. If this doesn't work for you simply start troubleshooting and doing google searches like I do. , Awesome -thanks - I'll give it a try , Hi,
The source code comes with it.
They are the.vb files.
I don't give out any project files for reasons stated in the article below.
Please read this in full if you want to edit the application in Visual Studio.NET
http://support.cjwsoft.com/code/moreinfo85-1.htm , actually, passwords can be up to 75 characters long in ASPProtect.
the only requirement when entered from a non admin user is that they are at least 4 characters long.
what does MSAccess have to do with this ? Are you trying to convert and old system or something? I noticed you created and "old password" field in there ? Is there something I do not know about as far as what you are trying to do?
Passwords in version 7 are encrypted so I hope you understand all of that and realize you can not enter or change passwords right from SQL server. Also if you import info you must handle that accordingly and convert the passwords to encrypted format for the new version., Our webhost set the permissions, but the error is still there, so that is obviously not the problem. We now have both our webhost and our asp support technician trying to figure out the problem and everyone is stumped. Can you please provide us with the following information to help us out:
1) what is the name of the file that sets the connection string?
2) what is the name of the file, if it is different from above, that sets the password of the database?
thanks , thats intertesting.. I have never heard of the concept until now..
I did a search for ASP examples or ASP components that can help with the process and just couldn't find anything about it., Terribly sorry, but we are not software-technical. So can you please tell us exactly which folder the database would be in.
Thanks in advance. , New Version 8.1 Released
Whats new..
http://www.aspbanner.com/v8_notes.asp
Upgrade Instructions...
Upgrade at your own risk. Though we try new versions are not always perfect due to minor bugs we may miss.
Back up your old setup so you can revert back if necessary..!!!
Save your data connection string info in a text file so you have it.
You can get that by viewing the system info page in the admin area.
Carefully copy all the ".asp" files from the new version to the old.
Your going to want all the .asp files in the aspbanner folder.
Your going to want all the .asp files in the aspbanner/scripts folder
Copy the aspbanner/images folder because there are some new images
Be sure to also copy the "data/config" folder files.folders as well as a lot of that is new including the actual config file. If you dont get the new config file copied in there you will have problems later on with some of the new features.
Be sure to create a new folder in the "data" folder called "tempstats"
Make sure it has proper permissions if you plan on using the delayed stats feature as the stats gets temporarily stored there.
Go back to the area where you originally setup the data connection and do that again...
From the web browser run the following URL
http://yoursite/data/config/aspbanner_unlimited.asp
Replace "yoursite" with the proper url info relevant to your web site location.
When run via the web server that page will ask for a password. By default it is "temp". You should change it later on for security reasons. That page tells you how.
Now... moving on..
There were no changes to the database except for SQL Server users so you can use your existing database.
SQL Server users that want to use the new stored procedures feature (it's optional) will need to update their SQL database with the stored procedures.
Scripts to do that are provided.
ALSO: I have been running this new version using SQL Server Stored Procedure mode for a 1 week on a special banner server that serves banners to many of my own sites. I have also been using the new Delayed Stats feature.
All I can say is it is running like a champ and the SQL server is using less memory than it ever did before.
cwilliams38291.7372800926, Well, thats not normal.
(it should work just like our online demo does)
Do you have everything turned on in the settings ?
Uploading needs to be enabled and you also have to pick a valid upload method. , We want to insert a hyperlink i the mesage area when we e-mail users from the Password Admin area. Is ther an easy way to insert the hyperlink so when the user gets the e-mail, they can just click on it and go the the page we want them to?
Thanks,
Andy cwilliams38456.0983101852, While attempting the database connection test, I receive the following error:
Server Error in '/' Application.
Security Exception
Description: The application attempted to perform an operation not allowed by the security policy. To grant this application the required permission please contact your system administrator or change the application's trust level in the configuration file.
Exception Details: System.Security.SecurityException: Security error.
Source Error:
An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below. |
Stack Trace:
[SecurityException: Security error.]
aspprotectnet.DBConnectTest.Page_Load(Object sender, EventArgs e) +0
System.Web.UI.Control.OnLoad(EventArgs e) +67
System.Web.UI.Control.LoadRecursive() +35
System.Web.UI.Page.ProcessRequestMain() +2112
System.Web.UI.Page.ProcessRequest() +218
System.Web.UI.Page.ProcessRequest(HttpContext context) +18
System.Web.CallHandlerExecutionStep.System.Web.HttpApplicati on+IExecutionStep.Execute() +179
System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +87
|
Version Information: Microsoft .NET Framework Version:1.1.4322.2300; ASP.NET Version:1.1.4322.2300
My guess is that this is an issue with the fact that I'm in a shared hosting environment that is restricted by CAS. Before I move to a dedicated server, I'd like to verify that this is the issue. I'd appreciate your input.
My host is 1and1 Internet. You may find this FAQ helpful: http://faq.1and1.com/scripting_languages_supported/_net/16.h tml.
, You would have to carefully edit the asp code in the "add_new_account.asp" file. It you look that file over with a text editor it is pretty easy to see where the text to edit is. Just make sure you edit it in the section for the email component you are using. Back the file up before you make any changes to it so you can revert back if you mess anything up., that wont work the way you did it because groups are not stored like like.
groups are stored "*1*"
or "*1*,*9,*"
so if you test for them you must do so using the InStr function of vbscript
example:
If InStr(Session("Groups"),"*1*") Then
' do whatever
End If
also.. as for the session variable
it should be Session("Groups")
And in Version 6.... (its all ready to go in version 7) that session variable must be saved in the check_user_inc.asp file near where all the others are saved. If it is not there by default "I dont remember if it is or not" you have to add it like so near where all the others are saved
Session("Groups") = CmdCheckUser("Groups")
If you are wondering if it is being saved correctly you can always response.write out the Session("Groups") to see if it holds a value , nice. I love learning at least 1 thing every day, who knows, thanks for your input, I am further than I was when I started talking to you!, Could be a mod I guess - it would be nice to have an option on the admin settings page to lock down access of all pages and redirect to a specified "lockdown" page upon attempted login.
If I'm updating the large files on the server and someone attempts a download, they'll get a partial ZIP file or an error.
, Thank you for the response to my question. In the mean time if I can figure any workaround I will post it here. , thanks!, Just got back 10 minutes ago..
Missed plane yesterday because of traffic and the flight today was 3 hours plus 4 hours of driving
The fact that you are using Server 2003 is not relevant. I am very familiar with it and all my sites run on it.
The ASPNET account will be there by default once the .NET framework is installed. It won’t just show up in the list, you have to search for it like my article mentions.
http://www.powerasp.com/content/new/windows_2003_server_and_ permissions.asp
That error really means exactly what it says. You have to give that account permissions correctly. , [QUOTE=cwilliams]I would like to delete the SQL tables and set them up from scratch using enterprise manager and sql query manager and see what happens
If that is ok with you let me know.
Something is wrong like I said... almost seems like the database is caching old password info from the field.[/QUOTE]
Sure go ahead , CDOSYS is the way to go usually...
My article may shed some light on the different ways to send email using CDOSYS
http://www.powerasp.com/content/new/sending_email_cdosys.asp
As for eliminating the registration its pretty much like what you said.. manually remove the links and what not... etc etc and dont send users to the registration pages..
If you dont want people to be able to edit their info ever... or retrieve lost passwords.. you can delete the users folder completely..
though it's probably better to leave some of that stuff and just disable the registration links and page...
The paypal and 2checkout folders can be wiped out completley either way as you won't be using them at all. , good news.. like I said it is probably becuase aol blocks emails sent from IP's with no MX record in the dns system , Thanks Chris, That worked...but when I tried importing the test user, the password was imported in an add formated...like it was encrypted, and I can't log in using the User ID that I imported., Hello,
Yes, that is how it works. Unless you make modifications to the code there is no way to easily do what you are talking about.
If you design the site to be intelligent that scenario should never happen.
For example.. you should only be offering links to pages that the current logged in user has access to. You do this by checking the session variables and with simple if-else logic around your html links.
It requires some work but if you dont give them links to pages they dont have access to what you are talking about will not happen.
Here are some simple examples.
Here is an example using access levels.
<%
If Session("Access_Level") = "1" Then
' show links to pages that allow access level 1
End If
%>
And one for groups..
<%
If Instr(Session("Groups"),"*6*") or Instr(Session("Groups"),"*7*") Then
' show links to pages that allow groups 6 and 7
End If
%>
cwilliams38354.0786921296, A nice addition for the listing script would be if the script would allow a "featured ad" or ads that would appear on the default page. , Your suggestion worked - thanks - , UPDATE..
Installed a new rack mount 1u server this week.
3.2 ghz hyperthreading 1 mb l2 cache prescott cpu
2 gb pf pc3200 kingston memory
SATA Raid.. (2) 120 gb drives running hardware raid 1
It is a supermicro 1u server case and server motherboard.
The hard drives are SATA 150 120 gb 7200 rpm Diamondmax Maxtors
All high end server type stuff... It's a very powerful server and has been running great all week. 500+ hours uptime so far.
Running Windows 2003 Server Enterprise
SQL 2000 Enterprise SP3
SmarterMail
SmarterStats
Windows DNS
ZipEnable (which I am reviewing for them)
ServerMask (which I am reviewing for them)
A ton of ASP Components which I have purchased over the years.
So that means I can now focus my attention on creating software again instead of being a system admin. (Due to these server issues over the past few months I am now back to godly status as far as windows system administration goes.. not to mention I am now back up to speed on the latest processors and hardware)
So, getting back to ASP Photo Gallery...
I spent about 20 more hours this week on the new version of ASP Photo Gallery Pro.. I have another 40 or more to put into it as I have a lot I want to do.
I think it will be ready within the next three weeks. I know a lot of you have been waiting for something.
cwilliams38331.5907060185, FYI. There is a typo in the upgrade (6.0 to 7.0) instructions. It specifies adding a field named "passwords". Should be "password"., It sounds like permissions... to the database folder specifically
they are not correct
It could also be that your odbc drivers are very new and you are not using a new enough version of the access Database. I recommened using the 2002-2003 verison of MSACCESS
Now.. if using a SQL Server Database permissions to certain tables are handled in enterpise manager cwilliams38303.5892708333,
Timecard Entry: 3/25/2006 4:49:51 PM
lunch, went to jrecks, no more nasty mcdonalds for me, also noticed that my vehicle had been run in to in the parking lot...brake light covers were smashed....no matter, getting a new car tomorrow hopefully...., Drove back to Watertown, did a final check on the building, talked to techs, etc., brought lunch, responding to some callbacks from this morning. Few billing calls. Some DPEC, steady until about 9, then slowed right down, Greene charters- go with redesign- given to Tom
advane realty- appointmnet set for next wednesday at3:00 pm
Carthage Snowmobile club- register domain name and charge for front page and hosting for one year
Masseys- set up meeting Monday
Carthage savings- contact beginning of this year
Greg systems- meeting set today at 2:00pm
Bastas- go with proposal
Wendy's- Spoke wth kathy- send info/refer seth
Heritage Cheese- heuvelton-appointment set for tommorow
William christoherson- send info for web site
bresee chev- database problem- contact steve- change password to paradise
Timberview-meeting set for this friday at3:00 pm
, printing files for USA1net mailing, did some stuff for seth checked on some other stuff, Attempted to contact Virginia Myers at CP Hospital, not in, will try again after lunch., logins / radlog, Telephone conference with Telergy, still steady, a couple looong calls, VELCRO STORE REDO JAVASCRIPT NAVIGATION AND GRAPHICS, Answed phones... not too bad... pretty nice night... mostly normal cant get email calls., sick time, Bill Aigner/National Hanger: Inex support, Computer down most of the morning. cancellations, checked emails, callbacks from voicemail, taking sign ups, answering phone, phone system, teleconference with Bell on Burlington ATM, troubleshoot workstation problems, same as a.m., work Davidson issue, close out time cards, credit memos and went over acct, web billings, Driving to Massena., started putting together materials for mbo, creating evaluation. talked with cm about creating merge btwn word and excel for charts. , Worked on Ad copy for the Watertown Times Ad for the Job Fair, Timecards, emails, voice mail, bulk mailing, met with Jeff, customers, electricians., team meeting, email,, Techcalls, new users, Radlog,
|
