Blog Entry: 3/25/2006 4:43:58 PM
well, I was curious myself so I just tried it.
Good news is it worked just as I thought.
Only problem is your changing things to allow authentication info to be passed over the net in a url. If you can live with the security implications then it will work. I mean a sniffer could see that and end up knowing the username and password.. not likely but just putting that out there.
Of course now that I think about it unless you are running under SSL (https://) when you log in normally that info is in the post info anyway and possible to get at.. course not right out in the open like when you put it in the url and less likely to be noticed.
As long as your not doing it to access critical areas like the admin pages... and you monitor the log files once in a while it's probably nothing to worry about.
, I think its great to share a mod.
I will have few with the new album.
,
download the free version...
check out this tutorial...
http://support.cjwsoft.com/code/moreinfo169-1.htm
If your application can post to the page and provide all the form variables needed to log in it may work out for you..
You'll have to try it out... all the form variables needed are in that login form example.
Basically you'd be posting to a protected (.asp) page..
and providing the following for the most part.. how your app creates it post data is on your end...
<input type="hidden" name="Status" value="Checkem">
<input type="text" name="Username" value="Yourusername">
<input type="Password" name="Password" value="YourPassword">
As an alternate scenario...
Now, by default the "check_user_inc.asp" file is looking for posted form data... for security reasons it is not looking for querystring info..
If you change this bit of code in that file
from
Username = Replace(Request.Form("Username"),"'","''")
Password = Request.Form("Password")
to
Username = Replace(Request("Username"),"'","''")
Password = Request("Password")
It will then grab either form or querystring data...
Meaning you wouldn't necessary have to create a true post to the page with form data. You could just access the page via a querysting like so
http://www.mysite.com/somepage.asp?Status=Checkem&Userna me=Yourusername&Password=Yourpassword
Of course that introduces security risks as the username and password would be passed in plain text over the net
Another option is...
You can also make a copy of the "check_user_inc.asp" page called whatever with those modifications just to use in pages you need your little application to post to... thus reducing the security concerns a a bit as the rest of yoru site could still have its pages protected under the normal scenario.
I hope this answers your question... I havent really ever tried any of this but that is how I think it would work... , This has not been officially released yet, but it is ready.
Here is the overview...
http://www.aspprotect.com/demo3/paypal_signup2/overview.asp
And the Code for the IPN Subscription Pack is 30.00.
http://www.aspprotect.com/ipn_subscription_support_pack.asp
A few people are using it and say it works very well.
Like the IPN Single Purchase System it is a separate directory you copy into the web site. One change must be made to your database so it’s pretty easy to get working.
Though I am not guaranteeing this you should be able to accept Single IPN payments and IPN Subscriptions at the same time without the two bothering each other. I haven’t tested it but one customer is doing it and said it is working fine. It just involves manually specifying the IPN URL for one of the systems so it overrides the default IPN URL on your paypal settings. (As each system needs its own IPN URL) Its easy to do… just a form field you would add to the subscription form. I already looked it up. See below.
Specifying Your Notification URL
If you only need to receive your IPNs at a single URL, you can enter that URL in the Preferences section of your Profile. If you would like to receive payment notifications for different payments at different URLs (i.e. if you need to separate payments made to different websites you run), you can manually pass the IPN URL with each payment by including it in that payment’s HTML code. Use the notify_url field to pass this information. The notify_url for a specific payment will be saved, and any subsequent updates to that payment (e.g. cleared eCheck) will be sent to that notify_url. When you pass a notify_url in your HTML code, it will override any preferences you set in your Profile.
Anyway.. the Code for the IPN Subscription Pack is 30.00.
http://www.aspprotect.com/ipn_subscription_support_pack.asp
cwilliams38342.8775578704, Oh big deal !!... John mentioned some site and you feel like you proved some sort of point. Aren't you special ?
Look, I am telling for the 3rd time you can't do what you are talking about with ASPProtect.NET. Are you braindead cause I really am beginning to think you are and I for one am done trying to be somewhat nice to you ??????
I am also willing to bet you had no idea what viewstate even was until I mentioned it and then you probably went and read up about it so quit trying to pretend like you know what is going on! If you knew what was going on you would not be asking more questions about ASPProtect.NET than any customer in the history of selling the application.
As a matter of fact you should send me like 400.00 just for all my time you have taken up because you are totally frigin clueless !!!!!
I should have cut you off the instant you offered me illegal software from p2p right in a forum post., thanks!, Glad it is working.. for anyone reading this the customer bascially did this
http://support.cjwsoft.com/forum/forum_posts.asp?TID=36& PN=1
That being said asp photo gallery actually has a few more places that send email that you going to need to modify as well. Off hand the reply to album, admin massemail, admin send email,and postcard features come to mind possibly as 3 of them.
using a multiple file search and replace utility like ReplaceEm would be the easy way to do all of this in one step and find all the instances
http://www.orbit.org/replace/
cwilliams38420.4424537037, Perfect. Thanks buddy :)
eeye38433.0629976852, The version of aspbanner you have should not matter.
What you are doing here is wrong.
<PARAM NAME=movie VALUE=" http://www.innovationtools.com/aspbanner/aspbanner/banner_re direct.asp?Banner_ID=25">
PARAM NAME=movie is supposed to link to your ".swf" file.
And thats why all you see is black.
I don't think you quite understood all of that information fully.
Your ".swf" files needs to be coded in FLASH to link to the aspbanner redirect url. You don't change that flash calling code like that.
The ".swf" file links to the aspbanner redirect url which tracks the click and then redirects the user to the Link URL
You basically need to code your ".swf" flash file to go to that aspbanner URL or code your flash file so it can take a parameter for the url it clicks to (like the macromedia article talks about. This has to be done when editing the flash file in the flash editor before the file is saved.
If you dont have access to the original ".swf" to edit it and re-save it.. your out of luck as far as tracking clicks goes
, The PayPal feature that is in ASPClassifieds has always been labeled as experimental and has never been supported as the documentation says. About a year ago I stopped even mentioning the feature on the product pages or in the live demo because I didn't like how it worked and I decided I would just market the application as a free based classifieds. It’s just not something I can support or talk about. To work really well it really needs to be coded to use PayPal IPN and a credit system. Where ads and various extra features cost so many credits and people have to buy credits before they can post any ads.
That’s about all I can tell you. It's just not something I support.
, The ASP error on the home page has been solved -There was aproblem with the path that was including the home page file and we fixed it.
However the error on the member page remains - any ideas/suggestions would be appreciated. This is the error:
Microsoft OLE DB Provider for ODBC Drivers error '80004005'
[Microsoft][ODBC Microsoft Access Driver]General error Unable to open registry key 'Temporary (volatile) Jet DSN for
process 0x748 Thread 0xad8 DBC 0x214734c Jet'.
/aspboard/forum/global.asp, line 15
, I uploaded the files designed for an aspprotect folder at the root of my site (mysite.com/aspprotect) and went to mysite.com/password_admin/get_me_in.asp and receive this error:
Microsoft OLE DB Provider for ODBC Drivers error '80004005'
[Microsoft][ODBC Microsoft Access Driver]General error Unable to open registry key 'Temporary (volatile) Jet DSN for process 0xf54 Thread 0x908 DBC 0x90c41dc Jet'.
/aspprotect/scripts/populate_config_variables_inc.asp, line 11
I am assuming my host has still not set rights properly and that is why I receive this error. Am I correct?
I will definitely recommend hosting company you suggested for our businees site.
, SQL Server Database Information Mod
This mod is only for customers running SQL server. It is a new stored procedure and a new version of the "server_info.asp" file that will display information about your SQL database on the Server Info page.
Purchase Page
This is for Advanced SQL Users only that understand how to add a Stored Procedure to a SQL Database as well as assign permissions and what not.
To install this mod you should have access to SQL Enterprise Manager and Query Analyzer as well as be able to grant your SQL database user EXEC permissions on the new stored procedure. , This is a great article for newbies..
Hints & Tips when working with ASP
http://www.powerasp.com/content/hintstips/common_sense.asp
cwilliams38436.5949768519, check the connection string in the dataconn_inc.asp file. If using MSAccess it will show the location. If using SQL Server it will show the SQL Server details in which case there is no physical database file., Chris,
Ok new puzzle
. I have now managed to gonfigure it to get the admin screen and update members. All excellent news. Seems to work a treat.
But have used the code you give in your getting started guide to add at
the very top of an aspx page to be protected. The path is configured
correctly I am sure. the aspx file is in the root, the protect program
is in a folder now configured as an application (hence the steps
forward to get to the admin screens) on the root, so address should be
foldrname//protectpage.ascx.
Proble when I load that aspx page is as above. The exact same config error
,oww!
I am sure its a setting on my server now, but I dont know what to ask for, Any ideas...
So close now!
Andy
, we ended up resolving it...
the physical path being used was invalid, More info on the groups session variable.
Session("Groups") will contain the ID numbers of whatever groups the user is a part of.
It does not store the descriptive name of that group. It will show the same data that is actually stored in the "Groups" field in the database.
for example it might hold a value like this
*2*,*5*,*9*
meaning a user is part of groups 2, 5, and 9
so if you wanted to check to see if a user was part of a particular group you would do something like this
<%
If InStr(Session("Groups"),"*9*") Then
Response.Write("You are a member of group 9")
End If
%>
Taking this even further, if you really wanted to get a particular group's name or description you would have to query the database like so. In this case we ask it the name and description for group 9.
Group_ID=9
Set ConnPasswords = Server.CreateObject("ADODB.Connection")
ConnPasswords.Open ConnectionString
Set cmdTemp = Server.CreateObject("ADODB.Command")
Set CmdEditGroup = Server.CreateObject("ADODB.Recordset")
cmdTemp.CommandText = "SELECT " & tbl_label_groups & ".* FROM " & tbl_label_groups & " WHERE (Group_ID = " & Group_ID & ")"
cmdTemp.CommandType = 1
Set cmdTemp.ActiveConnection = ConnPasswords
CmdEditGroup.Open cmdTemp, , 0, 1
Group_Name = CmdEditGroup("Group_Name")
Group_Desc = CmdEditGroup("Group_Desc")
, Hi,
Sorry, but the way the system works you can not call an individual banner like that. It just not something the system was meant to do.
If you wanted a specific banner to show up at all times you would have to make an individual banner and a zone just for that.
After looking at your site since you have so many banners there I dont know if that is the greatest option for you. It would also put a lot of stress of the Version 7 software because it is not really meant to call so many banners zones at one time on one page.
If you could live with tracking clicks on the home page but not displays I would suggest making banners for the home page in one zone. Then hard coding the banner images into your homepage like you already do but linking to the tracking part of aspbanner instead of where they would usually link to. That way you could at least track clicks and there owuld be no performance issues.
for example.. one of the images might link to
http://www.poconocommuter.com/aspbanner/banner_redirect.asp? Banner_ID=4
which would track clicks for you.. and then send then wherever they are supposed to go
, You can mix and match banner calling methods all you want.
Try it and see what happens.
However, the only method that is going to work on non ".asp" pages is the javascript or the new iframe method listed in the support forums.
cwilliams38209.532349537, I have been working on this. 2Checkout is like the most confusing and worst payment processing company on the planet. There are things about that page I just don not understand as many times as I read through it.
Doesn't seem like this stuff is mandatory just yet. (I asked)
I should have something soon.
, Has this been resolved ?, Hello,
As I have my site hosted by a web hosting company (1and1.com), I want to make sure the ASP Photo Gallery software runs correctly before I buy. I am not sure about whether or not they support parent paths because I can find nothing in the online faqs. But, I have two other ASP apps (Forum and News from Web Wiz) running on the site, both connecting to Access databases. I remember having problems initially setting these up because I kept trying to use paths like ../db/wwforum.mdb like I would normally do when referencing images or pages in other folders.
Anyway, here are the database connection strings for the two apps. The first is for the Forum, which is at /forum/common.asp connecting to a database in /db/wwForum.mdb. The second is for the News, at /news/common.asp accessing /db/news.mdb.
'Virtual path to database
strDbPathAndName = Server.MapPath("/db/wwForum.mdb")
'Database connection info and driver
strCon = "DRIVER={Microsoft Access Driver (*.mdb)}; DBQ=" & Server.MapPath("/db/news.mdb")
Thanks for your help, hopefully I'll be setting up my new galleries this weekend!
- Jason
, O.K. , I register myself as a user. No problem, Iget an e-mail saying account active. No problem. I click the link in the e-mail. No problem. I click sign in and get this message. Big problem!!
Microsoft VBScript compilation error '800a0411'
Name redefined
/aspprotect/config_inc.asp, line 15
Dim Address_Required,CDONTS_Installed,City_Required,Registration _Type,VerifyURL,Log_Off_Page
----^
cwilliams38456.0969444444, This is great documentaion for windows script 5.6
in windows chm file format for jscript and vbscript.
We use server side vbscript in all our our ASP 3.0 applications so this info can be a lot of help.
2005-02-18_150921_vbscript_docs.zip
cwilliams38401.6321990741, That would be great.
I am sure you know that many virus that are sent via email have the same property. (double extension). The code can be executed even though Windows identifies them as simple text files etc.
Thanks again
, Bingo! that did it. Somehow the data must have gotten corrupted.
Hopefully that will do for me. Seems like everything is humming along and looks great!
Thanks again,
Laura
, That helped very much. Thank you. Hope you enjoyed your dinner., ok.. Chris.. I am now kicking myself in the butt. In the setting section, I had to redirect certain urls and directories to the right spot. I forgot that I renamed the root folder.
Thank you, thus far for your continued help. It is greatly appreciate.
, ok, that is what you are suppose to do... not having that path info set can cause all sorts of trouble., I think I have successfully integrated Paypal but seem to have a slight
issue. Once a person has entered the Paypal site but cancels their
order, the ad is still placed on the site. The optimal way for my site
to work would be to cancel the ad once the Paypal process has been
cancelled. Any help would be great.
Thanks
, Hi,
Sorry, but if ".asp" pages download instead of run on a server then that means ASP is not working on the server and is not configured correctly. That is about as low level as it gets and it is really the hosting companie's responsibilty to sort that one out.
It is totally a system admininister's job to make sure that sort of thing is working. If this place supports ASP they really need to fix that for you. There really is nothing I can do for you until ".asp" pages at least run.
As for the Free install... that is no problem. Of course you need to get the hosting company to fix the web before I can be of any help. There is more to that problem then permissions.
For starters I would make a simple ".asp" page with hardly anything it (even some simple html text is fine) and ask them why it is downloading instead of executing and to please fix things.
, The main root of your web site needs a "aspnet_client" folder for .NET apps like ASPProtect.NET to run.
If this isnt quite right one of two things can happen.
1.) You'll get a pop-up error like this.
'Unable to find script library WebUIValidation.js'
2.) The ASPProtect login screen will come up but just not let you log in.
This folder only goes in the root. Not in subfolders and subwebs.
If you dont have this folder in the root of your web.
Read this article to learn how to properly create the folder.
http://msdn.microsoft.com/library/default.asp?url=/library/e n-us/cpguide/html/cpconconfiguringaspnetapplicationforaspnet version.asp
If the app is installed on a hosted server you'll need to ask them to do that for you.
You can also try copying a the folder from your own machine after creating it the way the article above says.
or
here is a copy of my "aspnet_client" folder created under the latest framework at the time of this writing. v 1_1_4322
2004-11-03_134912_aspnet_client.zip
I am not sure if copying it in is as good as having created by the server as I haven't had time to really test all of that but it should work. Ultimately all this does is put some files .net needs in the web.
, its in this thread.. you use the InStr function
http://support.cjwsoft.com/code/code_info.asp?TID=17&KW= instr
Please use a little bit more descriptive subject the next time you post. "question" does not tell much to someone looking through threads.. and I like to keep things clean and organized in the forums
I edited it for you this time..
thx , While I originally thought the login form on a non-protected page idea may be similar in setup to how our Classic ASP version of ASPProtect works I could not have been more incorrect. Truth is I forgot that it works a lot differently.
ASP.NET Web forms are meant to post to themselves and there is thing called the viewstate. (google it.. its a hidden variable the server creates in the form code that is required when the form posts back to itself.. and hold all sorts of information the server uses) Doing what you are asking about means disabling the viewstate and that can have big consequences and break certain things.
Basically you cant just put a form on a non-protected page and post to a protected page if the viewstate is enabled. Disabling it can break certain web controls like data grids .etc etc.. and can also have an effect on how the session is managed at the site and sometimes disabling it is not possible depending on what is going on cause you need it.
I am still doing research on the whole thing, but it looks to me like doing that is going to have a tradeoff of some sort.
That does not mean this isn't possible somehow. I am still researching and I am also going to see what John Evans thinks.
I told you .NET was complicated.
As for your other question that is something you have to sort out on your own by editing the code and recompiling it based on your custom project needs. It is not something I can help you with. , Hi
I've tried almost anything here... I'm using an online SQL SERVER database with ASPProtect 7, and I can't login after my initial creation of the admin account.
It works fine with Access... I believe I have checked all the fields created by the sql statement (which was run with no errors),
What could be the problem here? could it be a problem that I run my local IIS against the online sql server?
sincerely,
Morten
, As I'd said in my previous response, I found those databases and they didn't work. All three databases in asptest do work., Same here. Thinking it might be server load or the bandwidth to the server.
Thanks for checking!
Lance
, I need more details... telling me you cant get it to work doesn't give me much to go on , Wondering what might be causing a long delay to display the login screen? This does seem to be intermittent. Could be server/ISP related? Have experienced enough times to justify posting this question.
I can count up to 20 seconds after clicking on the link. After login all other selections zip right along without problem.
http://gibsoncity.us/aspbanner/
Thanks, Lance
lancem38319.6117939815,
Timecard Entry: 3/25/2006 4:43:58 PM
pace picked up, steady,
various problems, Certificate renewal request for vtone.com, Fixing Bugs on Search page psearch1, *24 dollar domains html production/graphic design, Resetting open modems., checked online issues. watched rad log, check and reply to e-mail: return phone calls, Drive to Cortland (125 miles), Email/Newsgroups, Training Nortel Ottawa Passport 3285, voice & emails,copies & filing.
Recieving,& Data entry.
, review/update w/o trkr, phones, radlog, email, voicemail, dial up issues, , had a few general calls. not very busy, Working With ED, routing trouble, Errands, Discussing insurance and handing out forms, Lunch with the wife, admin duties, help pat, proposals, MEET WITH MARK FAVALARO, teched calls and had fishercast go red and radius4, phones, sign ups, meeting with Jim, Called first national bank of NNY, enter bills, timecards/payroll emails to the ones who have yet to turn in timecards, Review IIS performance monitoring, Cleaned bathroom downstairs and finished mopping upstairs., answered incoming calls, copying, edavisproducts.com - reworking public pages to detect between fragrance, description, and packaging field options. (billable), Research of products for CPE and IAD,
