at this point I would say install a fresh untouched copy in the web in a different directory and lets see if it acts weird from scratch.. the we can go from there.. I dont know what is going on

Is it actually possible, with your product, to password-protect the folder that has the actual database without having to require customers browsing the listings to enter a password, or will password-protecting the database folder prevent customers from browsing the classifeds listings?

(FREE) Nov 23 2005 Update Files

If you purchased ASPProtect Version 7.x before Nov 23 2005 then you can download these Update Files.

(These are non-critical updates.. only update if you want the described changes below)

These updates do the following..

• Make the Tabs in the Admin area move up and down as you navigate around so they look more like tabs used in a file cabinet.
  
• Updates the import/export process so the tab delimited text files created now store the passwords in plain text instead of encrypted. I have been thinking about this one for a while now and I think it is better this way as it was confusing a lot of people. If can also kill the whole process if by chance the encrypted output of a password contains a line break of sorts. There is no way to deal with that scenario so this is way the import/export process is going to work from now on. This also means you should be VERY carfeful about leaving export files lying around as they will have the passwords in them.
  
• Updates the "expected_paths.asp" in the data folder because the paths it was generating had an extra "data/" in it.
  
• Updates the users page so it will not show the import/export link if you have not entered a path for the export files in the settings.
  
• Adds an Activity Tab if using the Activity Tracking features instead of the links it used to put on the users page that most people didn't see.

To install these just copy them in over the old files.

Now of course back up your existing files so can revert back if there is a problem or you do not like the changes. If you made any custom changes to any of your pages use your head and realize that copying these in over your existing files will overide any custom changes you made. (that is your business, I am just warning you)

2005-11-23_163025_ASPProtect_v7_11-23-2005_update.zip

False alarm. Dumb user alert (both the classifieds customer and me).

When I test fixes, I need to be looking at the right Ad_ID to get correct results

let's try this... edit that page with a text editor like notepad...

Carefully replace any instance of "Cint" with "CDbl".. I may have missed some of those when testing the last time I edited the code.

[QUOTE=spider]At the bottom of my "users" list page, it asks the question "number of users displayed per page"?  After hitting a larger number than the default of 1-25, it increases the number of users per page to that number.  But as soon as I leave that page, it goes back to the default.  Any thoughts?[/QUOTE]

That is how it is supposed to work. It is not supposed to remember that info after you leave. If you want it to always start at some default number simply copy the URL info after picking a number. You'll see the querystrings that tell the page what to do in the address field of your browser. Take that entire URL and  edit the button in the admin area to link to that. The links for the buttons are in the "header_inc.asp" file and you should edit that file with a text editor.

That's the easy non technical way to set a default on the users page and that applies to anything including doing a sort or whatever.

example...

you might change this

<a href="default.asp"><img src="../images/users.gif" border="0" alt="Users"></a>

to something like this

<a href="http://www.yoursite.com /aspprotect/password_admin/default.asp?SORTBY=Email+DESC& ;MyPageSize=500="><img src="../images/users.gif" border="0" alt="Users"></a>

SQL Database Creation (NEW INSTALL)

If you are creating a new database do so using SQL enterprise manager.
Create a new database called whatever you like and keep all the default settings. If using an existing sql database skip that step.

Now open up SQL Query Analyzer

unzip the following sql script and open it in query analyser.
2005-02-20_132116_aspprotect_v7_sql_script.zip

VERY IMPORTANT
On the drop down box at the top right make sure your intended database is selected. Otherwise your changes may effect the wrong database in your SQL server.

Then load the script  into the Query Analyzer.  Click the green play button at the top. If everything goes well the response should read something like this.

******************************************************
(1 row(s) affected)
******************************************************

If so the tables have been created in your existing database.

Now make sure an existing or new SQL user has (public / datareader / datawriter) permissions for the new tables. You will be referencing this user in the asp code connection string so this user must be set up correctly. You may need your SQL server admins or hosting company to help you on this step as you may not have access to do this. You may not need to create a user and set permissions as the sql user you were logged in as to use query analyzer may by default get the correct permissions on anything you create.

Regardless, as you can see from this screenshot I made a SQL user called "aspprotectuser" and proceeded to set the permissions for that user. Under database access giving him (public,datareader, and datewriter permissions).


Now, in the ASP files provided with ASPProtect edit "dataconn_inc.asp" with a text editor and modify the connection string info. Be sure to change the info to match your server,username, and password.

Below is an example of valid connection string.

ConnectionString = "Provider=sqloledb;Data Source=poseidon;Initial Catalog=aspprotect;User Id=aspprotectuser;Password=temp;"

The  "Data Source" setting is either the Network Name for the SQL Server or the IP Address. For local servers you can sometimes use an IP of "127.0.0.1" or the name of the local server.

"Initial Catalog" is the name of your database.

Now, in the ASP files provided with ASPProtect edit "dataconn_inc.asp" with a text editor and set the DatabaseType variable to SQL like so.

DatabaseType = "SQL"

That being said, ASPIN has a lot of problems with anonymous reviews so if you can please sign up with them and post an Authentic review as they carry a lot more weight. Authentic reviews involve responding to their validation email so when doing so use a real email address that you regularly check.

And sorry I made you use the forums, but as you can see this is exactly the sort of thread that will help someone else later on.. and that is why I require people to use the forums now instead of just email support. That way the conversations are out in the open where they can help everyone instead of buried in my outlook where no one will ever see them. And of course if information is sensitive you can always do a Private Message as you did earlier.

It is all about creating a knowlegebase of valuable information.

no, its part the concurrent login checking system.

currently when that is on logging off does not come into play..
(pretty much because it is such a complex system I wasnt able to make it quite that intelligent this time around)

when concurrent login checking is enabled the only way to log in again at another system with the same username and with a different IP is to wait till that time period is over

sorry

as you may recall it was rush feature at the last moment before I got version 7 finished. Hopefully I can improve on the feature in the next version but I dont really see it as being a big issue at the moment. Sometimes when you want maximum security you have to make some tradeoffs and that is why the feature is optional.

It really means just what it says. Your connection string is just not valid and the sql server speicifed can not be reached. The username and password could also be invalid. Since you already had a database set up you should use the same username and password you have always been using. You also need to use the same database name you have always been using. Without actually knowing more and seeing what you are doing it is pretty hard to tell you anymore than that.

The directions and sql scripts given are for setting up a new sql database. Applying them to an existing sql database requires a slightly different approach. Modificiations to the SQL scripts elimintating references to the usernames/password/database we suggest in the scripts is also a good idea.

A data connection is a low level as it gets. Until you get that working you are really not even touching any of the code in the ASPListings application.

If you want I have no problem going into your sql server and web and setting up for you correctly.

My Admin user got corupted, and I need to reset the password and user, what is the defualt password for this database, as I do not think I have changes this (hopefully) as of yet.

Regards,

Paul

Help!.. I need to export the username and password fields to a mail merged letter so everyone knows their username and passwords. However whenever i access the database or do an export. The passwords showup as encrypted. Is there a way to access the list, un encrypted?

thanks

It probably is. You would have to look at the paypal documentation for IPN and see what needs to be changed in the form code.

You can get all that info from PayPal's website.

There are tons of variables and options you can use with all of their code.
They have detailed PDF files full of information on all of them.

I'm trying to use CDOSYS.

It seems to work fine on the web page, however the mail never gets
delivered.

I can see my messages sitting in c:\inetpub\mailroot\pickup but they never leave it.

I found another folder after doing a search for "pickup".... it is:
d:\program files\Exchsrvr\Mailroot\vsi 1\PickUp     If I paste the files
into there, they get delivered.

How can I get the email to be delivered without doing the cut and paste?

I've tried it both with and without authorization.

I am running a Windows 2000 server with Exchange 2000.

Thanks.

Microsoft VBScript compilation error '800a03f9'

Expected 'Then'

/aspprotect/password_admin/upload_post.asp, line 6

If Session("Admin") <> "True"



If I upload the text file by FTP and then try to import it it only tends to import the first two existing rows.

All collumns match but not sure if I need to add "User_ID". I have added it and created consequecutive numbers.

Any assistance would be appreciated.

Thanks

I would kile to see more support for the groups function:

1. on the password_admin/default.asp page have a coulmn listing groups

2. ability to change groups in bulk eg change the expiry date for all group x members

Cheers

I was actually able to do similar thing by allowing our dedicated search engine to access the site unchallanged.

<%
If Trim(Left(Request.ServerVariables("HTTP_USER_AGENT"),11)) = "MYPASSWORD" Then  
 SearchFlag = True
End If
 
If SearchFlag <> True Then
If Session("Access_Level") > CHECKFOR or Session("Access_Level") = "" Then 
%>
<!--#include virtual="/Auth/check_user_Code.asp" -->
<head>
<title>My Title</title>

</head>

<body>

My Protected stuff here

</body>

</html>

For this to work, the search engine must pass the PW to the web site. I just was not sure how to do the same thing with IPs. I will play with the code and see what happens. If it works, I will post it here to help others, if this is OK with forum rules.

Thanks,

Mo

5300 users honetly wouldn't even phase the database or the code... even with MSAccess...you got other problems and I can say that with 150% certainty

my guess is permissions on the database folder are not quite right or the odbc drivers have issues.. something along those lines..

access databases act up when full modify permissions are not given to the folder they are in.... they can also act up if the odbc drivers are very new and you are not using a newer version of the access database such as 2002 version as opposed to a 97 or 2000 version

using a system dsn as opposed to a dsn-less connection can also cause BIG issues. always use a DSN-LESS connection

you can also have big problems if just the database file is given permissions instead of the whole directory it is in

also, the script timeout has nothing to do with it.. if that is happening something is wrong with the data connection like I said... no amount of changing timeouts is going to cure it...

how permissions are correctly set
http://www.powerasp.com/content/new/windows_2003_server_and_ permissions.asp

why system dsn's with access databases are bad news
http://support.cjwsoft.com/code/moreinfo9-1.htm

I know it worked at 1st but it can still be related to all of this because when permissions are not perfect databases will work ok for a while and then act up. it all has to do with the temporay lock files that access creates and deletes on a regualr basis

The stat not show when  impression over  xxxxxx

I use  aspbanner v8.1   MS SQL version

Total Impressions	83523
Total Clicks	7
Total Clickthru	.0%

Microsoft VBScript runtime error '800a0006'

Overflow: 'CInt'

/aspbanner/stats_window_admin.asp, line 257

Okay,  I deleted out the aspprotect folder and started over.  I also took out the dsn connection to the ecommerce database and deleted out the subweb that had it, I decided to use another provided where the database is resident on thier servers not mine.

I broke my txt file into groups and it's loading sort of.  The first 1000 users uploaded fine...the second said it timed out, but when I looked at the access database it showed 2000 people.   The login still times out and every page seems to load incredibly slow still.

ERROR [HY000] [Microsoft][ODBC Microsoft Access Driver] Operation must use an updateable query.

Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

Exception Details: Microsoft.Data.Odbc.OdbcException: ERROR [HY000] [Microsoft][ODBC Microsoft Access Driver] Operation must use an updateable query.

Source Error:

An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.

Stack Trace:

[OdbcException: ERROR [HY000] [Microsoft][ODBC Microsoft Access Driver] Operation must use an updateable query.] Microsoft.Data.Odbc.OdbcConnection.HandleError(IntPtr hHandle, SQL_HANDLE hType, RETCODE retcode) +27 Microsoft.Data.Odbc.OdbcCommand.ExecuteReaderObject(CommandB ehavior behavior, String method) +838 Microsoft.Data.Odbc.OdbcCommand.ExecuteNonQuery() +80 aspprotectnet.aspprotectlogin.Login_Click(Object sender, EventArgs e) +2284 System.Web.UI.WebControls.Button.OnClick(EventArgs e) +108 System.Web.UI.WebControls.Button.System.Web.UI.IPostBackEven tHandler.RaisePostBackEvent(String eventArgument) +57 System.Web.UI.Page.RaisePostBackEvent(IPostBackEventHandler sourceControl, String eventArgument) +18 System.Web.UI.Page.RaisePostBackEvent(NameValueCollection postData) +33 System.Web.UI.Page.ProcessRequestMain() +1292

Version Information: Microsoft .NET Framework Version:1.1.4322.2300; ASP.NET Version:1.1.4322.2300

I am getting this error message when trying to log in as admin or registering a new user. I am using Windows Server 2003 and it is a DOMAIN CONTROLLER.

I have read that there is NO ASPNET account for a domain controller. In its place is the IIS_WPG account. I have given this account and the IUSR account FULL CONTROL.

STILL GETTING AN ERROR. ANY SUGGESTIONS???

The Read-only attribute i was referring to is at the windows explorer level when looking at the folder properties under the general tab. 

ASPNET and IUSR have full access to the _database folder as you suggested - Yet still I get the permission error noted above.

I checked the option pack code as well and it looks correct.
I tested it and it acted as it should.

You can see it in active at the live demo
http://www.aspprotect.com/demo3/demo.asp

admin
test

go the the admin area.. you will notice 3 users with level 4 access
1 of them is inactive

then go to the mass email area and pick   active and level 4
it will say it is sending email to 2 users which is correct

then go to mass email again and pick level 4 and inactive
it will say it is sending email to 1 user which is correct

choose any status and access level 4 and it will send email to 3 users which is correct

When you do this please realize you can not choose a group as well.
That will cause a problem because you can not choose a group and an access level at the same time.


Anyway... perhaps you can private message or use the contact us form and and let me take a look at your system. Since I can't reproduce the behavior that is the only way we might figure this out.

Is there a simple way to upgrade from 7.x Lite to 7.x Full?  I was testing out the software and I just purchased it.  I have made some look and feel changes to the lite version (ie: login page), but no look and feel changes to the admin section.  Is there certian files that I can add to have the full version without shorting myself features or functionalbity? 

Thanks

You can mix and match banner calling methods all you want.
Try it and see what happens.

However, the only method that is going to work on non ".asp" pages is the javascript or the new iframe method listed in the support forums.

yes. what you are talking about has to do with norton ad blocking software.. it blocks images or paths that have the word "ad" in them.. and you see red x's where images should be on web sites.. usually

it is different then what this thread initially mentions which has to do with a code/server issue with the application variables.

ya,

any variation of a site url is going to have its own set of application and session variables.. soy you have to be consistant with your navigation links

example (for anyone that comes across this thread)

http://www.examplesite.com/somepage.asp

is going to have a different set of application and session variables then

http://examplesite.com/somepage.asp

even though they are basically the same page

You can't unless you plan on editiing and custimizing the code.

The application is only designed to have one kind of admin and that kind has full access to the admin area.

You can of course give any user access to stats for their banners via the bannerstats page.

That is how it works. There are no other levels of admin access.

Chris, if there is no way to change this, I understand. I just though maybe it might be possible and I can't find out if i don't ask.

Thanks Chris.

Let me know.

-john