Blog Entry: 3/25/2006 4:55:44 PM
I am using v7 with other software written in ASP.NET. When I include the the "checkfor" and include file, I'm receiving a compliation error.
Here is the include I have on the .aspx file:
<% CHECKFOR = "4" %>
<!--#INCLUDE FILE="../../ASPProtect/check_user_inc.asp"-->
Here is the error:
Compilation Error
Description: An error occurred during the compilation of a resource required to service this request. Please review the following specific error details and modify your source code appropriately.
Compiler Error Message: BC30689: Statement cannot appear outside of a method body.
Source Error:
Line 15: <%
Line 16: ' This is part of the too many login attempts lockdown code which sets a cookie to block login attempts for a certain amount of time
Line 17: If LoginLockDown Then
Line 18: If Request.Cookies("PASSWORDSYSTEMCOOKIETRIAL")("LoginTries") <> "" Then
Line 19: If Cint(Request.Cookies("PASSWORDSYSTEMCOOKIETRIAL")("L oginTries")) = Cint(LoginLockDownAttempts) Then
Source File:
D:\Sites\resadmin\NetOptions\testsite.com\www\ASPProtect\che ck_user_inc.asp Line: 17
, I've had an error I saw described here, couldn't figure out what it
was. My SQL statement was being cut off, though a bit differently
because it was created on multiple lines with the amper-underscore
string construction design; my statement had no UPDATE, only started
with the junk screen characters of the encrypted password.
So, from what you said above about the vbNullChar, Chris, it looks like
I've hit the same problem, maybe from an old version (downloaded March
22, 2005). Could I request a copy of the updated logic?
Thanks a lot.
,
question 2 is answered best here
http://support.cjwsoft.com/code/code_info.asp?TID=319&KW =paypal
Ok, got it. Didn't know if there was something already set up for this that I was missing.
>>I should also mention that the paypals scenarios used in ASPProtect can not be tested using PayPal's sandbox.
Ok. Thanks.
>>Also test using two real PayPal accounts and on a live setup. (You'll allowed two paypal accounts) then you can log into the other and refund the transctions and of
course it makes sense to use low amount like 1 cent and what not.
Yeah, been messing around with
that. Got everything going except the return page which I can't
do until the site is live. 
>>Also, I'd love to see what you came up with with the
integration. I have been working on it here as well and took it in a
different direction as I plan to sell directions for it as an add-on
for aspprotect.
Ok. Will email you with a username and password for access to the site once it's live.
Sounds like a great add-on for ASPProtect!
Thanks!
Michelle
, I am trying to import a file, and I get this error:
Microsoft VBScript compilation error '800a03f9'
Expected 'Then'
/aspprotect/password_admin/upload_post.asp, line 6
If Session("Admin") <> "True"
-----------------------------^
Any suggestions on how to fix it?
Thank you.
, I encountered the same problem and eventually found out that my Norton protection was not allowing scripts to work so I had to uncheck the setting before the banners reappeared., I'm using Groups and would like to assign all new users to a particular group. How is this done? cwilliams38298.5087384259, like I said... you would have to modify the code
(and really I dont think it is possible, how could it be when images uploaded are of all shapes and sizes)
How are pictures of various shapes and size going to resized to a fixed width and height without distortion on either a horizontal or vertical level ? Uness the image uploaded matches the fixed thumbnail ratio you have set there is going to be distortion.
There is no component that is going to make it any easier. You are already using an image resizing component.
I give you two options the way the code ships.
fixed width and height for thumbnails
or
fixed width / dynamic height for thumbnails
The only other possible option would be
fixed height / dynamic width for thumbnails
and that you would have to code on your own because that option is not there
The last thing I will say is this. Sorry, but I do not support custimizations to the code. It's just not easy to explain. Its a lot of code work. Its a lot of time.
, One of my users is looking to do mass updates (multiple records). He wants to be able to update the "Expiration Date" for a group of users who work for the same company. , Chris:
Quick question. I'm currently using navigation style 1 which
keeps everything within the 1 window. I'd like to take the text
descriptions and place them under the main photo when it is
displayed. Before i modify anything, I'd like to check if I'm in
the right neighborhood first. It looks like I need to:
- modify the behaviour of the 'onmouseover' function in the file 'view_album_style_1.asp'
- add in a few lines of code to take
FixStr(UserArray1(PicIndex - 1),"PrepareForJavaScript"), put it into a
text string and do a response.write under (or over) the photo in
question.
Question Part 2 -- if i wanted to use the first line of the description as a title could I:
- add in an input to the photo upload
- concatenate the 2 strings together (title and description)
- display the title under the thumbs
- bold the display of the title over the large version of the image.
Pretty complicated questions, but I'm coming along nicely (IMHO). Have a look at
http://www.iphotosite.com/galleryapp/default.asp
I really like the progress that I've been able to make with this app without really spending a huge amount of time.
Kurt
, Need to know more about ASP ?
Check out these links.
| |
15 Seconds
Free resource for developers working with Microsoft Internet Solutions. 15 Seconds is the biggest IIS and ASP development resource in the world. |
| |
ASP FAQ
Have a question about ASP? Check the ASP FAQ site. They've probably got the answer. |
| |
ASP Free
Your 1st source for free ASP and ASP.NET live demos, downloads and more!!! |
| |
ASP Connections
ASP Connections Conference for the ASP Developer features sessions on ASP Performance, IIS 5.0, ASP 3.0, XML, ADO, E-Commerce, VID, COM, COM+, MTS, DHTML, load balancing, and more. Speakers include Mike Amundsen, Wayne Berry, Charles Carroll, Michael Corning, Jeff Niblack, & Ken Spencer. |
| |
4GuysFromRolla
4GuysFromRolla: Web Technology, Programming, Humor... All this and it counts as work! |
| |
CoverYourASP.com
A great new site. It's got some great stuff and is using JScript! A must see! |
| |
askASP
Promising new site! Check out the question archives! |
| |
CodeHound
CodeHound ASP - The ASP Developer's Search Engine! |
| |
CodeAve.com
A neat ASP reference with some interesting features. Check out their "Script Writers" |
| |
ASPZone
The website for advanced ASP developers. |
| |
DevASP
A relatively new ASP site. Straight forward and informative. |
| |
www.LearnASP.com
This in another site maintained by Charles Carroll, and it specializes in Active Server Pages programming issues. Contains links to a wide range of resources and articles. |
| |
ASPin.com
The ASP Resource Index. Here you will find the stuff you need to take advantage of ASP and make your website an interactive mecca. |
| |
ASP Sites
A great place to go to find ASP resources fast! |
| |
Macromedia - DevNet
While much of the content is Dreamweaver MX-centric, they also have a fair amount of plain vanilla ASP.NET content as well. |
cwilliams38431.8787152778, you not seeing the real error
http://support.cjwsoft.com/forum/forum_posts.asp?TID=11& PN=1
, you actually dont touch any of those
UploadDirectory = CmdGetConfiguration("UploadDirectory")
They get set from the config table in the database which gets edited in the admin area.
so...
I am talking about the settings area in the admin area of the applicaton.
Every setting there is descibed in detail. You get there and change serttings there via the web browser and by logging in as the admin.
Log in to the online demo as admin and check out the settings area if you are confused.
http://www.aspphotogallery.com/demo_pro.asp
, New question...
When someone edits their personal information, such as address, is there any way to set it so that someone in the office can receive an e-mail noting the changes?
Thanks.
, ok...
you got problems if you cant import a file created by the system..
You using SQL or MSACCESS and do any of the users data have apostraphes in it ?
, We have a site that currently runs ASPProtect and would like to install a second instance of it. The reason is that the current one is set up to manually authorize new users (it is for applying discounts to the Trade), but we want a second instance that will allow new users to register freely (this is for personalization).
Has anyone set up such a goofy scenario themselves? Is this even possible?
Thank you!
, Hi,
I have just one quick question, I know this works with Paypal but does this work with Merchant Account?
How difficult it is to make it workable with Merchant account? I appreciate your answer.
Thanks.
, I had both ASP Listings & Classified on the same website. The categories seem to be getting mixed up. I removed ASP Classified but classfieds categories is still appearing in the student of ASP Listing.
How do I fix this?
Thanks
, Does emailing work under the simplest scenario ? (directly from the users screen)
Thats the way to test it..
All that error means is whatever reason the settings you have chosen are not working. It could be the server. It could be what you chosen. (and yes I realize your pop info from outlook should probably work with the settings you chose)
Whenever I do installs I often have to try 3-5 different emailing scenarios before I come across one that works.
Each time making some changes and sending out test emails from the users screen until I get somewhere. Often time getting a working example of how your Hosting Company wants you to send email from ASP is the info to get your hands on. (what method and settings)
In this case they may have blocked the usee of a remote server and want you to use some other settings for sending email from asp. A lot of times they put that info in their help system.
If I were you I would start by trying the other two CDOSYS options for starters, and then try the remote server option again but using "localhost" as the server, if none of those work consult your host for example code and settings to send email from asp. If you still have no luck I can help for sure.
Realize too when testing the emails may take a bit to arrive. A delay of sorts. Best to type in a quick note about which method you are trying in the email text. That way when you finally get one delivered you'll know which method worked.
, UPDATE: read whole thread..
Version has been delayed
These are my personal notes on the new version of ASP Photo Gallery that should be out sometime in May/June 2004. Please ingore any typos.
This version may be more expensive than the current pro version as this is a major re-write and there will be a ton of new features.
Regardless, special pricing will be offerered to existing users.
If you see any features not listed that you think would be nice please post them here. We will of course consider them.
ASP Photo Gallery Version 4
------------------------------------------------------------ --------------------------------------------
Finished Improvements:
new setup page makes setting up the data connection easier than ever
it attempts to determine the possible data paths and makes suggestions for what to try
when you finally get the data connection working it gives you a link to the admin area of the application
so you can get started using the application
all database table names can be specified in the config_inc.asp file for advanced users that they may need
to change the table names in the database.. helpful for sql installation where one sql database must be
shared by many applications
new data folder is the only folder that needs permissions set
before multiple folders needed permissions
now everything can be put in this folder... database,logfiles,configuration files,picture upload folders...
eventually all cjwsoft applications will do this allowing multiple cjwsoft applications to use that same folder
therefore making it easier than ever to setup more applications without asking your host to set more permissions
new text based config file makes it easier to add new options to the program without making changes to
the database structure... therefore the need for the configuration table in the database has been eliminated
this also reduces system resources needed to load the config data for each page because it eliminates calls to the
database for config data
added voice effects for data connection page, intro users page, and settings page
made it so ratings color was an option (red or blue)
fixed minor bug that wasn't showing fixed category heights when that was selected and am image wasn't originally sized that way during initial upload
changed logfiles dates so they always show up in the proper order 09 vs 9
added config option to change bit query value to 1 or -1
default it to 1.... this is a technical thing
added the extra options currently in the config file to the settings page so people do not have to manually edit that
file any longer...
added new persits email option and authentication options to the settings page
added new CDOSYS emailing option
added support for dundas emailer
added support for ASPSMARTMAIL
fixed word filter so if it is empty it doesn't mess up
also make editing it part of the main settings
made email functions include file and edited all page that email to use it
added css/style sheet support and removed a lot of the old font tags
seperated the settings page into sections because it was too big and confusing
added ability for text watermarking when using the ASPImage component
made the picture upload error message no longer mention browsers that do not support picture uploading
as that is confusing people... and the problem is never that anymore
Made the ASPImage test page delete the bar graph before creating it so if it is already there they will
not think it is working
added crystal ball feature to admin users screen... shows additional user info when you hold the mouse over it
Made search function highlight search word in results.
Made the search function search the image description text files as well
Eliminated the guestbook directory as there was no need for the guestbook to be in it's own directory. This also simplified the menu.asp file as the guestbook section could be removed.
------------------------------------------------------------ --------------------------------------------
Possible Improvements:
eventually make new and much better directions/documentation... html based for multiple reasons
Eliminate the need for parent paths to be enabled on the web server.
(THIS MAY NOT BE POSSIBLE)
Many hosting companies disabled parent paths and will not enable them for their users.
On Windows 2003 Server Parent Paths are disabled by default.
make it so users ability to upload pics can be optionally disabled
possibly make some of the special functions in the extras folder built in to the admin area
Make the category picture uploader smarter because of the jpg gif issue when reuploading cat icons
A jpg loaded over a gif.. doesn't delete the old gif graphic and vice versa
Reduce number of ".asp" pages in general.
Use more functions for redundant tasks.
Optimize all instances of the old filefound function which is using more resources than are necessary
option.explicit the entire application and get all the variables dimmed once and for all
possibly incorporate the new category system I am working on which allows for unlimited categories and levels
also simplifies the heck out of the pages that call the categories
possibly add some cool image manipulation functions such as rotation for the various image components supported
possibly add the ability to move pictures around in an album. and maybe between albums
I must also remember to move the ratings and desc as well for that image.
possibly add the ability to make individual pictures require approval
possibly add the streaming image ability (asp page called from image tag) I came up with as an option for
people that can use it. this will better secure images in password protected albums and also possibly make
it so images can only be viewed from certain urls.. and maybe make an interface for a list of allowed urls
improve the .net support to also resize the larger images.. currently it does not
possibly add a feature to store 3 versions of images uploaded
thumbnail, medium res, and high res/original
this will appeal to professionals or people that may want to sell prints
storing a large version will be optional
possible support for multimedia content other than gif and jpg images
fix... url to link to.. problem on control pics page when both a jpg and a gif are present... which also relates to a another slight
bug that needs to be taken care of
make interface in admin to listen to installed midi files
and also to upload / delete them
possibly make per album guestbook... or call it something else like disussion or comments
add option to store the images orginal name in the images description area during upload
may be helpful to people that name their images in a somewhat descriptive way
change approval settings so they work on a per user basis
eliminate access levels from edit user screen and get rid of the level 4 stuff mentioned
possibly add a per user option for individual pic approval as well if I get that feature implemented
add support for the ibulc bulk upload client that I recently discovered
it is very cool
cwilliams38325.8264583333, Is this the full version 7.
Did you make any changes to the code ?
Is the User_ID field still an autonumber field in the Access database ?
I do not see how this could happen unless somehow the autonumber field setting for User_ID was changed in the database?
, all that docmunetation is online as well right here so you dont really need the chm file
http://support.cjwsoft.com/code/info24.htm
the chm format is a windows format that can only be viewed on windows pcs. I do not know why you can not see it. I would do reseach on viewing CHM files on whatever operating system and version you are running because perhaps you are using a mac or linux operating system which can not natively view chm files ?
, Hello,
VBScript is the most popular ASP scripting language, and has the most support available. I estimate that less than 5% of the ASP coders out there use anything other than vbscript
That being said it specifically says on the aspprotect site ASPProtect is only for use in protecting asp using "vbscript" as the language.
http://www.aspprotect.com/more_info_full_v7.asp
http://www.aspprotect.com/comparison.asp
it is something I specified very clearly for this very reason.
Sorry, but you can not use ASPProtect to protect pages using Language="Javascript". The code is too complex to be mixed with server side Javascript.
To password protect asp pages written using "Javascript" you really need a an application specifically written in and designed to work with ASP pages written using "Javascript". And then of course that application would not be able to protect ".asp" pages written using "vbscript." (I mean never say never, but it would be a ton of work to get both working and I doubt you will ever see a commercial application that does both)
as for switching back and forth between vbscript and javascript you really can't except with very simple code. Doing so with anything complex can be extremely problematic because the order of execution sometimes gets all mixed up because of the complexity of the code being used.
That doesn't mean it can not work....
You would really want to do something like this.
do not specify a default language at the top
surround the aspprotect include file with this
<SCRIPT Language="vbscript">
</script>
surround your javascript code with this
<SCRIPT Language="JavaScript">
</script>
then make sure none the code including the aspprotect include file has any <% or %> tags in it
that means you have to remove that sort of thing everywhere... that means a lot of work if you used a lot of that sort of thing instead of response.writes to write out html type stuff
and again... I don't know if you would ever get it all working
, Not without changing a lot of code. If you didn't want encryption you really should have went with version 6. Encryption is a big new feature of Version 7 and it is inter-mixed with it the code in a lot of places.
As for doing the export and import you have to create a valid export file and then read through this very thread which explains how to import an export file with clear text passwords.
This is from the admin area regarding the text file format
The import/export file must be tab delimited with no text qualifiers. The 1st row containing field names and the following each being a new user. To create your own import file it must be in this exact format. To find out what field names and their order are simply create an export file using ASPProtect and take a look at it.
Generating an import file from your own database requires good knowlege and understanding of Access's Importing and Exporting functions. It is not something I cover as the process is different for everyone and not really very hard. , If logfiles do not get created it is most likely one of 3 things
- invalid physical path specified
- permisssions
- filesystem object is disabled on the server
that path doesn't look correct to me for a live professionally set up server but only you or your server admins can know that for sure
you will not get any errors when things arent perfect.. just no physical logs
RecentActiveUsers and RecentPageRequrests are not related to the stored logfile feature.. Recent Activity is a different thing
, Banners no longer show up on my site ?
If banners were working fine and now they are just not showing up.
1st check to see that you are calling a valid zone with live banners in it.
If you are then most likely this it what hapened.
The web server must have crashed or lost power and now the application variables are in limbo/not working.
I have seen this happen 3 times. Twice on my own server when the power went out for 2 hours and once on a customers server.
Basically the application variable system gets all messed up because it was not shut down properlly.
The ways to possibly cure it are as follows.
Edit and save a banner in the system. Hopefully that gets things going again.
If not... keep reading for the more drastic cures..
Go to the command prompt on the server and type "iisreset"
Sometimes that is enough.
Reboot the server.
Sometimes that is enough.
Stop the web in the IIS console.
Sometimes that is enough.
Stop the individual processes for each web in iis
"you must really know what you doing and be very careful about doing this"
Remove and recreate new applications in IIS for the web in question.
And sometimes it just takes a combination of the things listed above and a few reboots. I don't know the best way to cure it but I do know why it happens and the steps listed above can get things back on track.
Again, this is because the server lost power or crashed as far as I know.
It was not allowed to shut down properly which sometimes happens.
You'll know things are ok again when you see your banners show up on your site.
cwilliams38295.0183101852, That bit about zones makes perfect sense and seems surpassingly simple for me to integrate due to our categories and page contents being based on the same if/then functionality.
Regarding the user, I guess you mean that I could simply recreate a limited admin interface for users based on the interface you have included for me, is that correct? I realize how subjective the question is, but do you think that this would be a bad idea?
I'm leaning toward your software here. I have a budget that could easily cover a variety of programs, but the UI for advertisers at banmanpro, for example, seems far too complicated for my users. Also, banmanpro doesn't have supporting compatible softare I am interested in, such as your classifieds software.
I guess I am trying to buy a good shell from which I can do my own customization and coding, and into which I can integrate future additions such as your classified ads. Does this seem like the right place to be?
Thanks much for your time!
, You can't do that. ASPProtect 7 does not work with ASP.NET.
It is a classic ASP application. As the web site states it can only be used to protect ".asp" pages written using vbscript.
ASP and ASP.net are completely different animals.
Thats why we have a .NET version.
http://www.aspprotect.com/more_info_net.asp
, What about browser caching ? It can happen easily especially if you update pictures over one another.
emtpy out the temp files of ie (take a while usually).. close all ie windows and go back..
Otherwise I need detailed info on the problem. What you told me is not enough to troubleshoot. There are so many factors like what image image rezie component you are using, the size of the pictures before conversion, server resources, what your doing regarding 3 albums.... etc etc
I have imported 100 pics at a time into an album on a fast server with no issues. Thats using any of the image resizing components.
If an album is new what your describing should never happen. Again, it think what your seeing is browser caching playing tricks on you. We have anticaching things in place so thumbnails never do that but not for the large images.
cwilliams38235.5737615741, For all you advanced users..
Here are two examples of ASP.NET code you can use on your ".aspx" pages to call banners from the ASP 3.0 version of ASPBaner Unlimited V8
This code is not supported... and you of course must change things accordingly like the variable names and zone numbers to match the zone you want to call banners from as well as the url.
2004-08-27_153832_asp.net_examples.zip
cwilliams38226.6523263889, I finally spoke with someone who knew what I was asking for and they set the rights and all is fine.
Thanks for your help. Wish all business' had customer support like here
, Login failed for user 'aspgallery'.
Okay, shouldn't this be trying to use aspgalleryuser?
Lance
cwilliams38325.8848263889, You shouldn't be renaming or moving anything... unless you really really understand what you are doing and are at an expert level expert as far as ASP coding goes.
like I said earlier..
http://support.cjwsoft.com/code/code_info.asp?TID=354&ge t=last#1130
redirecting with version 6 is not supported but this thread tells you exactly how to set it up (I showed you this thread in an that earlier post)
http://support.cjwsoft.com/code/code_info.asp?TID=17&KW= redirect
This thread below may also help in case the page you want to start on with a login form should not be password protected..
http://support.cjwsoft.com/code/moreinfo18-2.htm , Personally, I think that is something you should work into your existing site code or something you should handle on your own.
It's basic site maintenance issues.. and something every webmaster must deal with on an individual basis. If you are going to upload a new version of some large file of course you should go disable wherever people are dloading it from and then wait/re upload/turn things back on.. etc etc
It is not going to be a feature of ASPProtect and I don't see why it should be. If you want to have some sort of global site is temporaily down thing you should have a common server side include on all your pages right after the password protection include file. In that include file you could easily stop site access with a response.end and also show a message.
Or you should disable a file download page manually on a file to file basis.
Really, big busy sites that have their sh*t together use versions of files for a reason. Every new upload is a slightly new version revision and has a slightly different file name They do this partially to eliminate the problem your talking about and also because that is the way it should be done. Nothing gets uploaded over itself ever. Even if there is a mistake in a file they upload a new revision and document it in the revision/changes file. And of course they dont show users a link to a new file revisions until it is uploaded.
, also.. every once in a while I get some nervous person concerned about security... and the pros and cons of having parent paths enabled.
etc etc etc
so let me add this bit of info..
I don’t know what your hosting company will say because it is an iffy topic and those that understand it have a hard time explaining it to someone who doesn't. Also usually the hosting company doesn't have a clue except they heard it was a security risk.
Here is the low down from someone that really understands it...
(well, at least I think I do)
The only real security risks are from YOU and possibly other people hosting on the same server if they have parent paths enabled that is.
Meaning your site visitors can't possibly do anything with it unless of course you let them upload and run their own asp files to the server.
Anyway.. if YOU run malicious asp scripts you could potentially attack other sites on the server and look at things you shouldn't. As could other sites on the same server do to you I suppose.
So, unless you plan on doing that or some other site admin on the server does it to you its not really a concern. Just an advantage in coding abilities.
If you attack someone elses site on the server or lurk where you shouldnt then you are probably violating your hosting agreement.
99% of the time everyone gets all nervous over nothing.. half the people nervous about this have sites nobody would ever want to hack anyway.
Many people with a really important/busy sites are going to have a dedicated server somewhere so the setting is not relevant..
The hosting companies of course have to warn you.
This setting was enabled by default for years on IIS4-IIS5. I never once heard one single real story about anyone attacking anything because of this setting. That doesn't mean it doesn't happen but I am just telling you what I know.
This is all my opinion so take it for what it is...
If you are a Hosting Company your better off turning it on at the customers request, giving them a warning about it, and in turn having happy customers.
The big hosting companies like Alentus and MaximumASP do it...
There are far worse things than this to let people do after all.
Beleive it or not I have actually been in servers where they gave the anonymous webserver acount modify permissions EVERYWHERE yet they disabled parent paths ????
No rush, I have it out on the internet, but have not gone live with the site yet.
One is for paypal subscriptions (recurring billing) and the other is for single payments
You can delete any of the 3rd party payment directories you are not using including the the 2checkout one... (all those folders really are is a copy of the users folder specially modified to handle a certain payment processor)
Just Don't delete the "users" folder though as there are things you do there that you can not do anywhere else.. quite a few things.. editing existing account info, looking up passwords... etc etc
you summed it up perfectly... everything you said really
As for the banner software custimizations.. you could just make another folder with a modified admin area (little tweaks here and there so the person logged in only controls their own banners) You'd probably want to add an approval process so nothing they did went live unless you really really trust them. That wouldn't be that hard either.
I always planned to do it someday but I just never have time.
OK, well, that error is pretty self explanatory really. There isn't anything else it could mean.
What you showed me in that screen shot all looked correct, but still permissions to that file just can't be correct. The paths are correct. The path to the file looks correct. The ASPNET (ASP.NET) account looks correct.
I would try settings permissions directly on that XML file. Perhaps child permissions did not go through the way you intended. (the advanced tab must be used for that) If that doesn't work try giving ASPNET and Everyone full permissions on the file directly.
Possibly check the paths in the web.config file just for the heck of it.
Last case scenario, you can edit that XML file directly instead of using the screens in the application. Of course if that file does not have correct permission chances are other things like log files will give you issues as well.
That is all I can think of right now.
, you are password protecting an ".asp" page that requires querystring info to run correctly (example - "somepage.asp?ID=3"")
that is something I never intended anyone to do.. while it does handle and repass the querystring info along during successful login it does not re-pass that info during a failed login as you have found out
this is all by design.. the only reason the system re-passes the querystring info at all is because I wanted to make it smart for the sake of the remember me/cookie feature.. so if someone was using that and bookmarked a page deep in your site with querstring info...then when they went back to that bookmark they would get authenticated and still see the page as intended with the querystring info in tact
it was a nice feature never intended to handle any situations other than what I just described...
now...
notice the url in the browser after failing a login.. then logging in successfully.. it is missing the querystring info
that more than anything is what is going on.. browser caching can cause some confusion when dealing with this because the browser likes to return you to the page minus the querstring info... when that happens a simple browser refresh at that time may very well solve the problem and then you see the page you are supposed to see...
To avoid all of this...
One solution to this is to always start people logging in to an ".asp" page that has no querystring info. That way this won't happen. Once they are logged in you can then offer them links to the pages they need to go to. (you of course still want to password protect those pages)
Another solution is to log them into a page with no querystring info and then do a response.redirect to the page with quersytring info.. thus accomplishing the same thing but without the possibility of the issue because of a failed login.
Another solutions is to do checks in your asp page for missing querstring info.. and if it isn't there do something about it like send them somewhere else.. or display a message about there being an error... etc etc
So,basically you don't want to tell people to login into such and such page with querstring info... and providing a username and password..... You can do it but like you found out it can cause an error if they mess up logging in the 1st time. The system just was not designed to handle that. There are complex reasons for that involving security that would just take me too long to explain.
I hope this makes some sense to you.. it is very hard to try and explain
, 
