IMPORTANT UPDATE - READ THIS
http://support.cjwsoft.com/forum/forum_posts.asp?TID=205& ; ; ; ; ; ; ; ; ; ; ;PN=1

The 2Checkout Support Pack which is built in to ASPProtect 7 contains all the pre-built scripts you need to implement 2Checkout Payments with ASPProtect. You must be using version 2 of the 2checkout system. They are phasing out version 1 regardless so everyone will be using version 2 very soon if they are not already.

THIS IS NOT INTENDED OR DESIGNED TO USE 2CHECKOUT SUBSCRIPTIONS. (see bottom of this thread for more info on that)

This Support Pack basically gives you an additional signup and registration directory "2checkout_signup" and it should not interfere with any changes or customizations you have made to your ASPProtect setup in general. New users can register in this directory and pay for membership at the same time. Existing users whether active or expired can be sent to this directory where they can lookup their account and buy additional membership time online. You can also assign various Access and Group Levels during signup and you can set up various prices for various amounts of time as well. This is a real-time setup for the most part. As soon as a user pays via 2Checkout your system is updated and they will have access.

The 2checkout pack is NEW.. and was released on March 19, 2005. If you don't have it and would like it please just ask.

To start using this edit the "2checkout_signup/2checkout_config_inc.asp" file

You will be entering your 2Checkout Account number in that file as well as the URL you want a user to go to after payment. It is all commented in that file. (There is also a testing variable you can set to True if you want to do testing without real charges being applied)

After editing that file run this page.

http://www.mysite.com/2checkout_signup/show_postback_path.asp

Replacing the part in blue with your website info.

It will report back that postback url you need to use in the 2checkout system.

Log into your 2checkout version 2 account and under the "look & feel section" enter that postback url for both the "Approved URL" and the  "Pending URL"

Trust me: You want the URL there for a pending URL because the 2Checkout system is quite random and 95% of the payments that come in go to the pending URL and end up being legitimate sales. (at least for me they do)

Now make sure the Direct Return option on that page is on as well. 

If set to Yes buyers will be immediately directed to your URLs below once they click the Complete Order button. If set to No the buyers will have to click a button to return to your URLs below.

Save that page... and leave 2checkout.

Now, delete this page from your ASPProtect setup.
http://www.mysite.com/2checkout_signup/show_postback_path.asp

It's a minor security risk and is no longer needed needed.

The basic setup is finished. All you have to now is set up payments options the way you want them.


Changing Payment Options

In the "2checkout1.asp" file there are form options set up.

They look like this and you can have as many as you like.

<option selected value="30,9.95,3,">30 Days, 9.95</option>

In this option... A user has the option to purchase 30 days for $9.95 and he will be set to Access Level 3 when payment in completed.

Here is how it works.

The value setting (red) is essentially and array that can be made up 4 elements separated by comma's
They must be separated by a comma and there can be no spaces. In this example the 4th value was not used but the last comma must still be there. If you didn't want to set an access level and left out the "3" there would 2 commas at the end.  etc etc
Basically there must always be 3 commas but you only have to set the 1st 2 values which are days and price.

days,price,access level,groups

The 1st value is the amount of days.
The 2nd value is the price for the amount of days.
The 3rd value is the access level you want to user assigned to.
The 4th option is the groups you want the user assigned to. (see PayPal subscription thread for examples of specifying group info)

Now, the label for the option in (blue) can say whatever you like.

For all you advanced users..

Here are two examples of ASP.NET code you can use on your ".aspx" pages to call banners from the ASP 3.0 version of ASPBaner Unlimited V8

This code is not supported... and you of course must change things accordingly like the variable names and zone numbers to match the zone you want to call banners from as well as the url.

2004-08-27_153832_asp.net_examples.zip

did you fix it because I see all the pictures just fine ?

http://mcintoshcounty.org/real_estate/view_item.asp?Ad_ID=1

Yes, I was referring to ASP Protect.

I had about a dozen people access the same account, but it is highly unlikely that they would all try at the same time (unless there were several hundred people who had access). Having an enhanced login abuse would be nice.

You really should just look at the documentation that came with the application. It tells you everything you need to know.

it is in the docs folder in html format.. it is also linked to from the aspclassifieds website

http://www.aspclassifieds.com/demo/docs/

And I'm the one who finds those rarities!   I'm not surprised. 

Oh well...this should be interesting trying to get an 80 year old man to change his password.

Thanks for your quick responses Chris.  This is still an awesome membership system!

Mick

you not seeing the real error

http://support.cjwsoft.com/forum/forum_posts.asp?TID=11& PN=1

Than you 

I'm happy after changing to XML parser for two of the ads. Later I'll change the other codes to XML, never to use iframe again!

I downloaded the skins, ftp'd them to the skins folder and can see them in the list of available skins. No matter which one I try to apply it keeps solid_color_black.

Al

Hi,

Could you please advise what may be causing this error:

Microsoft OLE DB Provider for ODBC Drivers error '80004005'

[Microsoft][ODBC Microsoft Access Driver]General error Unable to open registry key 'Temporary (volatile) Jet DSN for process 0x57a4 Thread 0x5474 DBC 0xf03a704 Jet'.

/ASPProtect/check_user_inc.asp, line 292

Funny thing is that if I refesh the page with the above error it gives me the following eror:

/ASPProtect/check_user_inc.asp, line 292

and after few times of refreshing the page it shows me the page I am after.

Is this my promlem or ISP's.

Thank you

Why all the pages at the directory .../password_admin/ are very slow to open online?

The ASP error on the home page has been solved -There was aproblem with the path that was including the home page file and we fixed it.

However the error on the member page remains - any ideas/suggestions would be appreciated. This is the error:

Microsoft OLE DB Provider for ODBC Drivers error '80004005'

[Microsoft][ODBC Microsoft Access Driver]General error Unable to open registry key 'Temporary (volatile) Jet DSN for

process 0x748 Thread 0xad8 DBC 0x214734c Jet'.

/aspboard/forum/global.asp, line 15

Here are three known bugs and their fixes...

If you have any of these symptoms these fixes will most likely take care of them.
If you don't have a symptom do not make any changes as you most likely have an updated copy of the application.

Technically if you bought that app on or after April 27th 2004 these bugs should all have been corrected.

Description Fix

(no descriptions showing in pop up window)

Edit pic_window.asp with a text editor

Change

Set f=fs.OpenTextFile(Server.MapPath("pictures/Album_ID_" & Album_ID & ".txt"), 1)

To

Set f=fs.OpenTextFile(Server.MapPath("../pictures/Album_ID_" & Album_ID & ".txt"), 1)

Slideshow Fix…

(last image in slideshow it not showing)

In slideshow.asp

Change

<% For PicArrayIndex = 0 To Ubound(PicArray) - 1 %>

To

<% For PicArrayIndex = 0 To Ubound(PicArray) %>

Add To Favorites fix

(add to favorites feature doesn’t work at all)

Edit "album_uppermenu_inc.asp" in the scripts folder

Change

<a href="users/favorite_albums.asp?Album_ID=<% =Album_ID %>"><img border="0" src="<% =application("skinpath") %>add_to_favorites.gif"></a>

To

<a href="users/favorite_albums.asp?Album_ID=<% =Album_ID %>&Action=Add_To_Favorites"><img border="0" src="<% =application("skinpath") %>add_to_favorites.gif"></a>

Weird

Understood.... can you point me to a place where there are other methods of calling banners?  Do you mean not use Flash?  I am new to this and will need some pushing over the cliff!

Thanks

Dave

(Password Expiration Mod) for ASPProtect Version 7.x

This Advanced Mod requires decent knowledge of Databases and working with ASP. I originally wrote something like this for a customer on a custom project. I then took the time to re-write all the code from scratch so it could easily be plugged in to the current version of ASPProtect as an option. All in all this mod took me over 15 hours of time to develop and will save you a ton of time & money if you were planning on writing something like this on your own. Some parts of this were so difficult to get working that I would never have written this code if I was not paid to do so. (The encrypted array that rotates through the last 12 passwords was quite frustrating to get working)


 
The price on this is 19.95. I am not incorporating this into the base product because it makes things more complicated and isn't for everyone.

Purchase Page

Security is a big concern and making your users change their password every so often is a good idea. Keeping track of previous passwords they used and making them choose something they haven't used before takes the concept even further.

This Mod will add a password expiration date to the application. When the password expiration date is hit the user must confirm their old password as well as pick a new one before they can log in again.

There is a new password expiration directory where they must choose a new password that has not been used before. The new password must be confirmed during this process. (It remembers 12 old passwords the way it is coded) The old passwords are stored in the database in an encrypted array.


Directions:
Back up your existing ASPProtect installation.

Add two new fields to the "ASPP_Users" table in your database.

For an MSAccess Database

Password_Expiration_Date (Date_Time Field)
PreviousPasswords (Memo Field)

For a MSSQL Database

Password_Expiration_Date (smalldatetime)
PreviousPasswords (nvarchar 160 characters)

once that is done

Copy all the new ".asp" pages into your site.


Edit the "PasswordExpirationURL" variable in the "check_user_inc.asp" file

It needs to be the full URL to to the "change_password/default.asp" file


Now edit the "change_password/processchange.asp" file

There are 3 variables you can edit.

PageSentToAfter = "http://localhost/aspprotectmods/password_admin/default.asp"
PassMinLength = 4
PassMaxLength = 8

The "PageSentToAfter" is where you want them sent to after they change the password. It can be whatever you like.
If it is a protected page they should automatically get logged in with the new password they just changed to which is nice.

The other two values should be obvious.

That's it...

Just remember the password change thing is not used in the admin area...
You could easily add code for that on your own though by looking at the the password expiration code I added to the publics "check_user_inc.asp" file

Also:
You will see a new field to edit on the user edit screen for the Password Expiration of course. 

here is a thread that may help you if this is what you were getting at

http://support.cjwsoft.com/code/moreinfo389-1.htm

How do I recover or reset admin password used for the aspprotected pages. I have installed it months and months ago, but now can not recall the password. Any help appreciated, as I do not feel like installing it again.

You should not have single quotes around the "-1" because Album_Active is not a string field in the database. It's true/false or bit field in the database depending on the database you are using (MSSQL or ACCESS)

I'd do it a little more like this I think.

SELECT COUNT(Album_ID) AS Alb_Count FROM " & tbl_label_albums & " WHERE User_ID = " & CmdListUsers("User_ID") & " AND Album_Active = 1"

I took out the parentheses as well since I dont believe they are needed in a simple case like this

but is hard to say unless your the one testing it... my version might have a mistake as I am a little rusty with my SQL at the moment

also: in case your wondering...
depending on the situation and the odbc drivers the 1 and -1 should work either way but sometimes it's picky and you have to do it one way or the other

This may be an old question ??? If it is please point me to the post or documentation where I can find the answer please.

When creating protected pages I am using the following to protect them:

<%@ LANGUAGE="VBSCRIPT" %>

<!--#INCLUDE FILE="/aspprotect/check_user_inc.asp"-->

But that is not working. I get the following error when I try to access the members logon page in the directory that I wish to add the pages to:

Active Server Pages error 'ASP 0130'

Invalid File attribute

/filelocation/filename.asp, line 3

File attribute '/aspprotect/check_user_inc.asp' cannot start with forward slash or back slash.

However if I create the pages in the root of the AspProtect directory and use a link to the same page that exists in the AspProtect directory and the following include:

<%@ LANGUAGE="VBSCRIPT" %>

<!--#INCLUDE FILE="check_user_inc.asp"-->

The pages work fine.

I really do not want to put all of my protected pages in the root of the AspProtect directory.

 I would like to mix protected and unprotected pages throughout the site in order to #1 make it easier to administer. #2 keep the AspProtect directory solely for authentication. And, #3 keep any user authentication pages out of the AspProtect directory.

TIA

Different Versions of the Access Database

Below is a zip file with many alternate versions of the Access Database provided to help with installation and general usage.

2005-02-20_155310_ASPProtect_Database_Versions.zip

ASPProtect.mdb is saved as an Access97 database (password "temp")
ASPProtect_access2000.mdb is saved as and Access 2000 database (password "temp")
ASPProtect_access2000.mdb is saved as and Access 2002-2003 database (password "temp")
ASPProtect_access2002_no_password.mdb is saved as and Access 2002-2003 database with no password set on it

Try to use the newest version as server odbc drivers sometimes have to use the newest version for everything to work correctly. No password version is provided because sometimes there are issues connecting to a database with a password set on it.

Default username for access databases is of course "admin" but you really dont use that except in the data connection information.

Perfect exactly what I was looking for.

Thanks

as I look at your installation more I notice that you are using MSSQl as the database type.

chances are that is the source of these problems. Fields in the sql database are most likely not all set correctly

it is very important that the sql tables and fields are set up exactly as described and that the sql script we provide runs without error

http://support.cjwsoft.com/code/moreinfo160-1.htm

if you create the sql database other than the way we tell you to or the sql script doesn't do its job setting all the field types/constraints/primary keys/etc..... for some reason .. then weird things like this can happen

at this time this is my best guess as to what is going on

I would examing the sql script we provide and compare the information set in it for each field and table to your existing SQL database to see if everything got set correctly.. I would start by checking these fields 1st of all as they are very important.... (username,password,expiration_date,admin,active)

in the meantime testing the ASPProtect system with an Access database will prove that all the ASP code is working as it is supposed to if you are interested in doing that

recent activity infomation is temporary and mantains itself per application start up.. when the web application restarts for whatever reason the info is reset

a reboot, an iisreset on the server, application pool restarts, etc etc
this is done because if that info was saved in the database your database would get huge real quick

logfiles however do not do that and are permanent