What am i supposed to do now... i do have another member server that is not a domain controller-

However, i have like 5 websites running on this domain controller already. I have thought about this before how its a HUGE security risk but it will take too long to configure everything on the other computer :(

<%@ LANGUAGE="VBSCRIPT" %>
<!--#INCLUDE FILE="check_user_inc.asp"-->
 
<%
    Response.Write(Session("Groups"))
%>

Or at least I think so.  I have been trying to get this software to work so I can see if it meets our needs for an upgrade purchare. Here is my error.

Microsoft JET Database Engine error '80040e10'

No value given for one or more required parameters.

/aspprotect/scripts/populate_config_variables_inc.asp, line 15

My provider says that the problem is NOT on there end, that it is a problem with the code.  I think that it is a database connection problem.  Can you please help.  Below is my connection string based on what the setup page directed me to do:

ConnectionString = "data source=\\NAWINFS03\home\users\web\b1347\rh.957theride\asppro tect\data\database\ASPProtect_access2002.mdb; Provider=Microsoft.Jet.OLEDB.4.0;Jet OLEDB:Database Password=temp"

When I first set up the program I got this error:

Provider error '8000ffff'
Catastrophic failure
/aspprotect/scripts/populate_config_variables_inc.asp, line 11

Once again, the looked into it and said the permissions were fine and that the code was most likely bad.  But then the errror changed to the one that I first listed.  Which is the one I am currently getting. 

BTW here is the page address

http://www.957theride.com/aspprotect/password_admin/get_me_i n.asp

Thank you!

That's exactly what it was.

The site owner couldn't see their own ads because Norton was blocking anything with the word ad in it.

On another note: I changed the word 'ad' to 'listing' and got it to show even with Norton.

The default database password is "temp"

This is noted in the docs. You can also see the current password by looking at your connection string.

UPDATE... on very very busy sites these methods have been reported to fail once in a while..  meaning .NET gets overloaded and instead of a banner its shows some error code.

its not the banner system .. its the .net engine and the calling method

Protecting ASP Pages

To protect a page without using the Access_Level or Groups feature simply add this code to the top of that page.

Put this under the <%@ LANGUAGE="VBSCRIPT" %>

<!--#INCLUDE FILE="check_user_inc.asp"-->

This is an example of a File Server Side Include. You could also use a Virtual Server Side Include.

The following URL explains what Server Side Includes are.
http://www.powerasp.com/content/code-snippets/includes.asp

Now when someone runs that page they will prompted to login. They will not be allowed access to that page until they successfully logged in.

An example of doing this is provided in the "default.asp" file included in the root of the Password System.
Look at the source code with a text editor to see the working code. It is quite simple.

 Protecting ASP Pages Using Access Levels

To protect a page using the Access Level feature simply add this code to the top of that page.
You simply specify the Access Level before the include file is called. In this example we are protecting the page with Access Level 4.

Put this under the <%@ LANGUAGE="VBSCRIPT" %>

<% CHECKFOR = "4" %>
<!--#INCLUDE FILE="check_user_inc.asp"-->

This is an example of a File Server Side Include. You could also use a Virtual Server Side Include.

The following URL explains what Server Side Includes are.
http://www.powerasp.com/content/code-snippets/includes.asp

Now when someone runs that page they will prompted to login. They will not be allowed access to that page until they successfully logged in as a Level 4 user.

Examples of managing Access Levels are provided in the "multiple_access_levels" folder included in the root of the Password System.
Look at the source code of the ASP pages in that folder with a text editor to see the working code. Again, It is quite simple to follow.

Protecting ASP Pages Using Groups

Please see the code generators in the admin are for the code to do that.

Triple check the upgrade instructions because I think you missed something important.

line 227 on "/password_admin/save.asp" refers to the "Password" field

the error your getting most likely means it is not there..

Pay close attention to the areas in the upgrade instructions regarding renaming your existing "Password" field to "Old_Password"

Then making a new "Password" field and carefully following the instructions needed to convert your old passwords for use with the new system.

If you don't everything carefully and perfectly this is the sort of error you will get.

Your SQL statement to the database is the key.

You want to change the sortby hyperlink on that page so that it will in turn change the dynamic sql statement to sort the way you want

Find

?SORTBY=Date_Created

change it to

?SORTBY=Date_Created+ASC

or maybe

?SORTBY=Date_Created+DESC

One of them is the default anyway, but I cant remember which is which off hand so just try them both till you get the desired result

near the top you can also change the default sortby when thet page is loaded

SORTBY = Request("SORTBY")
If SORTBY = "" Then
 SORTBY = "Name"
End If

there you would use a space though.. not a "+" sign when adding the ASC or DESC

The + sign is only used in the hyperlinks because it means a space for browsers that can't deal with spaces in links

Testing for XML Parser Support

the microsoft xml parser is generally installed by default on all new server setups..

It allows ASP code to make calls to other pages anywhere on the new as well as a lot of other handy things..

download and run this ".asp" page to verfiy that it is installed and be sure it is available for you to use

2004-12-10_132620_test_xmlparser.zip

Make sure you run it from your web server through the web browser

Humm, Did you make any changes to the code ?
Solid Black is not the default so it must have changed at least once.

Otherwise it might be some sort of application variable problem.
I would make sure the web is and "application" in the IIS console.

SQL Server Datareader Datawriter Permissions..

here is a screenshot that shows how to set datareader and datawriter permissions on a database using "SQL Enterprise Manager"

In this example we are making sure the aspbanneruser has those permissions on the aspbanner database in the SQL Server

((TITLE EDITED BY ADMIN))


it would be nice if there was an option for login abuse, where a login account would be flagged if it logged in from x number of different IPs over a period of time. I know many have dynamic IPs, but there's got to be a balance between legitimate logins and logins that are 'shared' for the sake of saving money (I sell subscriptions), in the end costing me.

Maybe searching the first two number groups in the IP (example, 209.168.*.*), and if finding more than an admin specified number of logins per week from IPs with different first two groups, the record would be flagged or locked...

When a user 1st signs up a proper case function is run on certain fields.
This is only once on user signup and never done in the admin area.

It's goal is to keep things entered in Proper Case,

so if someone enters "chris williams" it becomes "Chris Williams"

It's not perfect but it helps a lot to keep the data clean and more consistent. Since it only happens during registration those values can be changed later by the admin or the user if someone wants to.

The function is only applied to the fields that it makes sense to apply it to.... 
In your case adding a drop down menu means you want exactly what is in your drop down to appear so you wouldn't want it happening.

That being said, it is really easy to remove this situation from any field it is happening to during registration.

So edit "users/add_new_account.asp" with a text editor

find

CmdAddUser.Fields("Company_Name") = PCase(Company_Name)

and change it to

CmdAddUser.Fields("Company_Name") = Company_Name

That is all that is needed to made the change

If you are using an ACCESS Database try to avoid using a system DSN. They are much slower because they go through ODBC which then uses the Jet Drivers to access the database. They also have to do a registry lookup.

ttp://www.4guysfromrolla.com/webtech/070399-1.shtml

http://www.powerasp.com/content/database/dsn_vs_dnsless.asp



It's funny because in the 4guys article they ask the question..

"Hmmmm... so who was right, Microsoft or Wrox?"

I'll tell you who was right and who said it 1st.  It was me and I said it on my old powerasp.com site before anyone else ever did.

I found it out on my own by experimenting when I was the Systems Analyst for an large ISP. We we had web servers that were not running well. I didn't read about this solution anywhere because no one was talking about it at the time. Microsoft said use System DSN's so everyone just took their word for it.

I took a lot of heat for saying that back in the day but over time everyone started saying it.

Yeah, its working great witht he Access database. Now I just need to get it all set up. I like how the config file is set up with all the comments, it really helped allieviate the 40k thumbnails, .

The album ID thing is completely normal and by design. Once an ID in the database is used it can not be used again. That is how autonumber fields in a database work.

As far as not being able to delete images... Are you by chance using ASP.NET to show dynamic thumbnails... Because if you are you must turn that feature off and wait 20 minutes or so (maybe more) before you will be able to delete any of the images. It is because the current version of the ASP.NET script used to make the thumbnails locks the images on the server temporarily anytime it creates a thumbnail.

It is a known issue... and there is no fix at the moment other than what I told you above.

Hello,

You are correct regarding what you noticed.. ASPBanner only allows one person to administrate. If if did what you are asking about it would probably cost more.
(you get the ASP source so if you really wanted that you could always add it on your own fairly easily, but it all depends on your skills)

AS for keyword advertising and different ads based on certain pages ASPBanner does not get into that. The main reason being performance as I built ASPBanner primarily as a performance banner rotation solution.
http://support.cjwsoft.com/forum/forum_posts.asp?TID=144& ; ; ; ; ;PN=1

Like that thread says, you could make different zones for different conditions.. then surround the banner calling code with if else logic so a different banner zone was called under certain conditions.

Regardless, if you really need something that has every bell and whistle. BanManPro is where it is at.

I believe what happened is we received the older copy of ASP Banner iwht our purchase of ASP Protect and were notified of a free update to download aspbanner_unlimited_v8.2_feb_26_2005.zip which we did, and that's the one i recently put on our site.

  Sounds from your reply that something technical is going on to the point where I will have to hire one of our Web consutants to dissect for us.  We'll try again and track our issues and send another request for information when we can show you a specific example of what is happening.  I'll be in touch.

I pull that crap on myself once and a while... or my favorite is leaving a bootable CD in the drive and then wondering why the heck the OS doesn’t come back up. I pretty much promised myself back in 2002 that I would never mess with anything minor after 10PM. For whatever reason I always start messing around trying to "fix" something and end up sorry... Granted if it’s an emergency I am all for it, but I get dresses in advance anticipating the practically inevitable drive down to the datacenter.

Good luck with that, I am sure you will be much better off in the long run.

Weird

If you bought ASPBanner Unlimited Version 7.3 Before August/10/2004 this file needs to be updated.

It fixes a bug where the JavaScript method is not properlly closing an html Image tag. It can cause other hyperlinks on your web page to link to the same place the banner links to. This does not always happen but this fix is the way the code should be so it is best to update it.

Copy this file into your ASPBanner folder over the existing file of the same name.

2004-08-10_125304_injectbanner.zip

I am not sure totally understand your question.
I need you to explain it differently.

Any ".asp" page that is protected is going to automatically prompt them for a login box or log them in automatically depending on if they set that option.. In the end returning them to that same page.

So, it really all takes care of itself for the most part.. It doesn't even matter if the bookmark a protected page deep in your site. The system is smart enough to keep them at that page as well as handle their access.

Now of course if they are at an unprotected page of your site and navigate to a protected page they get a loin prompt or are allowed in if they already logged in...

Also.. when you say unprotected page ? do you mean ".htm" or ".asp"

The file check_user_inc.asp as the lines: (which include Session("groups")

 Here we set some valus about the user into session variables
   Session("PasswordAccess") = "Yes"
   Session("Access_Level") = CmdCheckUser("Access_Level")
   Session("Admin") = CmdCheckUser("Admin")
   Session("Active") = CmdCheckUser("Active")
   Session("Expiration_Date") = Expiration_Date
   Session("User_ID") = CmdCheckUser("User_ID")
   Session("Groups") = CmdCheckUser("Groups")
   Session("Redirection_URL") = CmdCheckUser("Redirection_URL")
   Session("Password") = RC4(CmdCheckUser("Password"), PasswordEncryptionKey)
   Session("Username") = CmdCheckUser("Username")

For pay signups you set the groups during signup it like this thread tells you to

http://support.cjwsoft.com/code/moreinfo186-1.htm

only difference is you need to specify the groups info like so
(basically getting rid of the commas and just leaving behind the group numbers with a * around everything)

Also be sure to have no double asterisks

so, *1*,*2* would just be *1*2*

so, *1*,*2*,*5* would just be *1*2*5*

Hope the wedding went well.  I have one this weekend.

I was successful at performing an upload.  The free upload software was either not configure properly (probably) or not working.  I downloaded the trial version of softartisan's upload (which is like over $300) and it started working. 

Can more than one photo be uploaded at one time (like a whole folder full of photos) or does each have to be done individually?

User Information

After a user logs in there are variables that you can always access.
They can be used to check various things or to display information
dynamically based on who has logged into the system.

   Session("PasswordAccess")
   Session("Access_Level")
   Session("Admin")
   Session("Active")
   Session("Expiration_Date")
   Session("User_ID")
   Session("Groups")
   Session("Redirection_URL")
   Session("Password")
   Session("Username")
   Session("First_Name")
   Session("Last_Name")
   Session("Company_Name")
   Session("Email")
   Session("Address")
   Session("City")
   Session("State_Province")
   Session("Zipcode_Postal_Code")
   Session("Phone")
   Session("Custom1")
   Session("Custom2")
   Session("Custom3")
   Session("Custom4")
   Session("Custom5")
   Session("Custom6")

You can display them on a page at any time using Response.Write like so

<% Response.Write(Session("FIRST_NAME")) %>

or like this

<% = Session("LAST_NAME") %>

If you are developing using Windows XP Pro and running the NTFS file system setting proper permissions on a folder in your website requires that you 1st disable simple file sharing.

To do so open up "my computer". At the top open up "tools/folder options"

Then the "view" tab.

Then at the bottom uncheck "use simple file sharing"

After that that is done... using "my computer" browse to the folder in your web that you need to set permissions on.

Right click on that folder and then choose the "security" tab.
(If simple file sharing is on that tab wont be there)

Give the "Internet Guest Account" Modify Permissions
This will check all the boxes under modify as well.

You can also give permissions to the everyone account and accomplish the same thing.



BTW:
If you are using ASP.NET you need to give permissions to an account called ASPNET. It wont show up in the user list. You'll need to click "add" and then type in "ASPNET"

I purchased and installed the full version ASPProtect 6.0 in Feb 05 (must have been just before 7.0 came out) and have been using CDONTS for email authorization during the registration process.

It was working fine for about three months. Now, after registering, the  email  authorization is NOT delivered to the new registrant. There are no error messages.It just doesn't arrive.

Any thoughts on the subject would be appreciated.

Upgrade from V6 to v7.x with an MSACCESS DATABASE

1st of all, backup your existing ASPProtect files and database before performing this upgrade. Please be really careful while performing this upgrade. Version 7.x  is a highly advanced application compared to any previous versions. CJWSoft under no circumstances is responsible if you lose information or have website downtime.

BOTTOM LINE: (PERFORM THIS UPGRADE AT YOUR OWN RISK)

To do this upgrade you're going to need to have the Microsoft Access Application.
To work with an Access .mdb file it can not be newer than the version of Microsoft Access you are running.

That being said, on with the upgrade..

Open you're existing Acccess Database up in Microsoft Access..
You should see this something like this.



By right clicking on then choosing rename
Rename "Users" to "ASPP_Users"
Rename "Groups" to "ASPP_Groups"

If you do not have a "Groups" table do not worry about it right now.

Now right click and DELETE the Config Table.
Yes, delete it..

You should now see this. (with or without the "Groups" table)



Now, right click on "ASPP_Users" and go into design view.
It should look like this.


Rename the "Password" field to "Old_Password"
Be sure to spell it perfectly using the Underscore
It will look like this.


Now scroll down to the bottom a bit It should look like this.



Now..

If you have a "Groups" Field... leave it alone
If you do not have a "Groups" Field add one and make it a memo field.

Now, we are going to add a few more new fields.

Add a field called "Redirection_URL" make it a "text" field with 150 field size
Add a field called "PayPal_Subscriber_ID" make it a "text" field with 100 field size
Add a field called "Newsletter" and make it a yes/no field
Add a field called "Password" and make it a "text" field with 100 field size

It should now look like this.
(you do not need to worry about the field descriptions.. that part is optional and only seen when working on the database)



Now close that window and save the changes..

Your now going to open up another Access Database while still leaving the one you have on your screen open. You going to open up one of the new databases that came with v7.x. This database has some info we are simply going to copy and paste.

You'll want to open it and put it side by side on your desktop like so.
(the old database is on the left.. the new one is on the right)



Now, for the fun part.

On the new database to the right.. right click on the "ASPP_Config" table and pick "Copy"

Then move your mouse over to the old database on the left. Right click in the open white area and click "paste"

It will ask you for a database name. Type in "ASPP_Config"
Leave "Structure and Data" checked and hit OK

Your old database on the left should now have a nice new "ASPP_Config" table.

OK, now for the "ASPP_Groups" table

If you already have a "ASPP_Groups" table in your old database you are done.

If you do not have one your going to copy and paste the table from the New Database to your old database just like we just did with the "ASPP_config" table.

Your old database should now look like this.



Now, you are done upgrading your database from within Microsoft Access.

The existing passwords still have to be encrytped and moved from the "Old_Password" to the "Password" field

To that we have a special page we run in the application that will take care of that.

So, for now... go install the application, but using the database we just created.
Follow these instructions for the most part...
http://support.cjwsoft.com/forum/forum_posts.asp?TID=181& ; ;PN=1

When you get to the part where you finally get into the admin area and need to make an admin account you will notice that your existing user database is there but none of the users have passwords if you look at them in the edit screen.

That is normal. Simply do what the instructions say and create and admin account using a username that does not exist..

Then log off... then back in as that new admin account. If that works you are ready to convert the passwords.

This part is very easy.

You want to run a special page via the browser.

http://www.mysite.com/password_admin/convert_to_encrypted.asp

Replacing the part in blue with your website info.

Once you get the page running you will see a login prompt and one form field just like before with the "get_me_in.asp" page

You will need to paste the "PasswordEncryptionKey" value that you used in the "config_inc.asp" file in the form field and hit enter.

If all goes well you will see a page telling you to click here to encrypt the passwords and copy them over.

So do what it says... dont click more than once and wait.

Eventually it should say it is finished. So go log in to the admin area of the system using the new admin account.

Now edit some users but dont save... you want to see if the passwords are showing up. If they are the conversion worked. If you see nothing or a garbled mess it did not work and you made a mistake during this whole process.

If things went well backup and delete the conversion file below.

http://www.mysite.com/password_admin/convert_to_encrypted.asp

You do not need it anymore.

Once you are positive every thing is running smoothly and everyone's passwords are ok you can go in and delete the "Old_Password" field as well.



If things didnt go well.. try again from scratch and go slowly.
If they still dont go well get ahold of us for help.

We are here to help, but if you really want us to we can be hired to do the conversion.

It's custimization work. and just not something I can support.
Basically it is basic ASP/Database work.

Something you kind of need to figure out on your own. It's not difficult work for a good asp coder but there is no easy way and it is time comsuming.

I wouldn't use the custom fields though. I would make your own.
It's simpler that way.

UPDATE

Version 8.1 has code generators for these new methods built in...