(User Search & Contact Mod) for ASPProtect Version 7.x

This will allow an individual user to search for other users as well as email or call them.

Notes: This is a down and dirty mod. The users page from the admin area was used as a starting point. I then edited it up real quick to be used as a user search. The way it is it shows the user email as a regular email link. If you want to set it up so emailing is done from the application and emails are not actually shown you will have to do some extra work. If you don't want phone numbers shown you will have to remove that column which is not very difficult.

Directions:
Back up your existing ASPProtect installation.

copy "search.asp" into your "users" folder

2006-03-10_143253_User_Search_Contact_Mod.zip

Direct your users there. They will have to be logged in to view the page.

WARNING: This has not been extensively tested for SQL Injection attacks.
I think it is perfectly fine the way it is by looking it over quickly, but use it at your own risk.

when you get back to work.. your   "redirect.asp" needs the password include file at the top of it.. or that wont work either..

and of course those pages you send people to all need to be repaired

Looks great. I can't wait until this will be released. Will there also be an easy way to migrate my current version ?

Hans

Hi all,

I have the photo gallery set up at www.kashabowieoutposts.com/gallery

It's great - love to work with it.

But I've never been able to get those with just User permissions to be able to upload... Only an administrator is successful in uploading.  This was no problem in the past, but now this client would like to give their guests a means to share their pictures on their site - so now I have to figure out the bug...

... this is the error I keep getting...

Your upload did not succeed, most likely because your browser does not support Upload via this mechanism.

Your browser must support a standard called RFC 1867. Please check with your browser vendor for support of this standard.

------- anyone else experienced this?

Many thanks all!!

Doug

I downloaded the skins, ftp'd them to the skins folder and can see them in the list of available skins. No matter which one I try to apply it keeps solid_color_black.

Al

ya, that firewall could mess that up.

just edit which ever style include you are using
(with a text editor)

it will be one of these depending on your settings.. and they are located in the "scripts" directory

view_album_style1_inc.asp
view_album_style2_inc.asp
view_album_style3_inc.asp

find this section of code and remove the part in red


If Last_Counter_IP <> Request.ServerVariables("REMOTE_ADDR") Then
 
 Set CmdUpdateCounter = Server.CreateObject("ADODB.Recordset")
 cmdTemp.CommandText = "SELECT " & tbl_label_albums & ".* FROM " & tbl_label_albums & " WHERE (Album_ID = " & Album_ID & ")"
 cmdTemp.CommandType = 1
 Set cmdTemp.ActiveConnection = ConnGallery
 CmdUpdateCounter.Open cmdTemp, , 1, 3
 
 CmdUpdateCounter.Fields("Album_Counter") = (Album_Counter + 1)
 CmdUpdateCounter.Fields("Last_Counter_IP") = Request.ServerVariables("REMOTE_ADDR")
 
 CmdUpdateCounter.Update
 CmdUpdateCounter.Close
 
 Album_Counter = Album_Counter + 1
 
End If

ACCESS DENIED

INVALID Username & Password

Username HAS EXPIRED

Sorry, there is not any documentation on that.. it is basic asp/database work and customization like that is not supported. I recommended looking at what is already there and using that as a guide to produce more fields. etc etc

This has not been officially released yet, but it is ready.
Here is the overview...
http://www.aspprotect.com/demo3/paypal_signup2/overview.asp

And the Code for the IPN Subscription Pack is 30.00.
http://www.aspprotect.com/ipn_subscription_support_pack.asp

A few people are using it and say it works very well.

Like the IPN Single Purchase System it is a separate directory you copy into the web site. One change must be made to your database so it’s pretty easy to get working. 

Though I am not guaranteeing this you should be able to accept Single IPN payments and IPN Subscriptions at the same time without the two bothering each other. I haven’t tested it but one customer is doing it and said it is working fine. It just involves manually specifying the IPN URL for one of the systems so it overrides the default IPN URL on your paypal settings. (As each system needs its own IPN URL) Its easy to do… just a form field you would add to the subscription form. I already looked it up. See below. 

Specifying Your Notification URL

If you only need to receive your IPNs at a single URL, you can enter that URL in the Preferences section of your Profile. If you would like to receive payment notifications for different payments at different URLs (i.e. if you need to separate payments made to different websites you run), you can manually pass the IPN URL with each payment by including it in that payment’s HTML code. Use the notify_url field to pass this information. The notify_url for a specific payment will be saved, and any subsequent updates to that payment (e.g. cleared eCheck) will be sent to that notify_url. When you pass a notify_url in your HTML code, it will override any preferences you set in your Profile. 

Anyway.. the Code for the IPN Subscription Pack is 30.00.
http://www.aspprotect.com/ipn_subscription_support_pack.asp

I was actually able to do similar thing by allowing our dedicated search engine to access the site unchallanged.

<%
If Trim(Left(Request.ServerVariables("HTTP_USER_AGENT"),11)) = "MYPASSWORD" Then  
 SearchFlag = True
End If
 
If SearchFlag <> True Then
If Session("Access_Level") > CHECKFOR or Session("Access_Level") = "" Then 
%>
<!--#include virtual="/Auth/check_user_Code.asp" -->
<head>
<title>My Title</title>

</head>

<body>

My Protected stuff here

</body>

</html>

For this to work, the search engine must pass the PW to the web site. I just was not sure how to do the same thing with IPs. I will play with the code and see what happens. If it works, I will post it here to help others, if this is OK with forum rules.

Thanks,

Mo

[/QUOTE]

I just added couple of lines and it works fine

If (Request.ServerVariables("REMOTE_ADDR")) = "xxx.xx.xxx.xxx" Then 
 ' Session("PasswordAccess") = "Yes"
 SearchFlag = true
End If

Hi Chris

After turing off the delayed stats feature the internal errors have stopped and it still serves banners, although I havent checked the logs yet. I will and post any errors.

I left my test page up last night at say 11pm serving 4 banners of different sizes rotating every 15 seconds, now at 9am the page is just displaying 1. If I refresh the page they all reappear.

Regards
Colin

Humm, I can see all those pages loading just fine at both domains so you got me pretty confused at this point as you just said they didnt load.

regardless, the data connection tests are failing with both of them.

so let me ask you again how are you setting permissions on the database folders?

Our webhost set the permissions, but the error is still there, so that is obviously not the problem.  We now have both our webhost and our asp support technician trying to figure out the problem and everyone is stumped.  Can you please provide us with the following information to help us out:

1) what is the name of the file that sets the connection string?

2) what is the name of the file, if it is different from above, that sets the password of the database?

thanks

Probably not... javascript calling complex javascript is not a good thing and is often a problem.

I would try one of the other methods such as the xml parser if possible.

Not a problem.  Have a good time at your wedding.

thanks!

I wonder if this could this be a FrontPage problem. I deleted the skins folder and re-ftp'd the original one that only contains default and Solid Black. I logged in and tried to change it back to default but it won't. I'm going to try making this folder a Frontpage subweb to see if that makes a difference.

Al

trust me, they (serverobjects) do not check processors.. as a matter of fact they haven't answered support emails for about 3 years. All they do is sell those components like hotcakes and take in mad crazy cash. But I will say the stuff does work well and always has. (that guy probably took all the money he made/makes from those components and took off to Jamaica or something sitting on the beach drinking margaritas)

regardless,
ASP just cant resize pictures on it's own.
It' just not possible. You need a 3rd Party component.

There isn't much to say about the ASP.NET thing.

If your server has ASP.NET installed (meaning you can run aspx pages on your server and the ASP.NET framework is installed) and running you just pick that option in the config file and ASP Photo Gallery will use ASP.NET to make dynamic thumbnails for you.

To run ASP.NET it must be a 2000 or 2003 server.

someone has to do something other than me.. i've given up

if i give u the username/pw can you set this up on the network solutions host and ask them to set whatever permissions are needed?

cant do it anymore....

Testing for XML Parser Support

the microsoft xml parser is generally installed by default on all new server setups..

It allows ASP code to make calls to other pages anywhere on the new as well as a lot of other handy things..

download and run this ".asp" page to verfiy that it is installed and be sure it is available for you to use

2004-12-10_132620_test_xmlparser.zip

Make sure you run it from your web server through the web browser

here is the answer
http://www.iisanswers.com/IIS51.htm

CDONTS

CDONTS (Colloaborative Data Objects for NT Server) is a feature of NT and W2K that allows you to easily send mail from a web page using the SMTP server. The simplicity of the code and widespread availability of free scripts employing CDONTS has resulted in  CDONTS being widely adopted.

Quite a surprise to many administrators to discover that IIS 5.1 does not support CDONTS as do IIS 4.0 and IIS 5.0. This has been replaced by CDOSYS which appears to have more capability, but it is not quite as simple to use. See: http://support.microsoft.com/default.aspx?scid=kb;EN-US;q195 683 for more details.

You can enable CDONTS on XP by copying CDONTS.DLL from a Windows 2000 installation to your XP system’s Windows\System32 folder (default name). Then at command prompt Windows\System32 run REGSRV32 CDONTS.DLL. The extent of my testing on this was to deliver one piece of mail, so this should not be construed as a complete analysis of the effectiveness of this technique.

The ASP error on the home page has been solved -There was aproblem with the path that was including the home page file and we fixed it.

However the error on the member page remains - any ideas/suggestions would be appreciated. This is the error:

Microsoft OLE DB Provider for ODBC Drivers error '80004005'

[Microsoft][ODBC Microsoft Access Driver]General error Unable to open registry key 'Temporary (volatile) Jet DSN for

process 0x748 Thread 0xad8 DBC 0x214734c Jet'.

/aspboard/forum/global.asp, line 15

ok, I just sent you a private message with download information.

replace you existing

"check_user_inc.asp"

"admin/check_admin_inc.asp"

"admin/email_user.asp"

with the new versions in the download

Do some testing to make sure that HANNAH password works ok for you.

Hopefully this cures the issue...
If it works ok for you for a while I will offer the fixes to everyone and start using this code from now on

BTW:
"admin/email_user.asp" had an unrelated bug in it that only happened if its error handling got triggered... it was posting back to the wrong page when that happened and causing an error

I got ya. Well hey, that's what's great about the iframe right?

It a generic error that means something is wrong with your data connection.

http://support.cjwsoft.com/code/moreinfo27-1.htm

http://support.cjwsoft.com/code/moreinfo136-1.htm

Is there a way to protect other virtual sites on the server that are not under the default web site considering people may have different websites running off one server?  I get the following error:

Parser Error Message: Cannot use a leading .. to exit above the top directory.

Source Error:

Line 1: <%@ Register TagPrefix="aspprotect" TagName="checkaccess" Src="../../protectpage.ascx" %> Line 2: <aspprotect:checkaccess level="4" groups="null" runat="server"></aspprotect:checkaccess> Line 3:

Thanks!

Hello,

no default setting for something like that... what your thinking about doing is on the right track I'd say

ADODB.Recordset error '800a0cc1'

Item cannot be found in the collection corresponding to the requested name or ordinal.

/aspprotect/password_admin/default.asp, line 287

I'm doing an upgrade from an OOOOOOOOOOLD version (not sure if it was 6 or not) and it read my database OK prior to adding a new user. Now I get this error message. I was able to run the password encryption function OK, but I still get this error when I try to view the password_admin stuff. I can log in via the "get_me_in" asp page just fine, but I get the above error.

If I try to log in with my admin account, I get

ADODB.Recordset error '800a0cc1'

Item cannot be found in the collection corresponding to the requested name or ordinal.

/aspprotect/password_admin/check_admin_inc.asp, line 166

*****

OK, my question is this... if I retype all the info from the old DB into a brand new one, never before used, that would work, right? I only have 108 users, so that's about an hour of work. Or is there a 5-minute fix that I can try? I've done some messing around that got nowhere and returned all edited files to their original state, with the exceptions of the ones calling the DB location.

I'll start the C&P process and await your reply...

On a side note, I really love the new format and am excited about the new features. I'm not married to upgrading the DB and if copy and paste is faster (I just need first name, last name, username, password, email, and expiration date), then I'm using v.7 that much faster.

I am testing this now and there is something wrong.

PayPal is hitting the ipn.asp but the database is not being updated.

I will figure it out shortly though and post the anwer here.

I know what is happening.. its the old single quote thing messing up the query string..
but it shouldnt be happening with the newer code as I fixed it.

If you like I can go in and reproduce/fix the issue. I can not think of any other way I can help you as other users have not reported the issue.

Chances are if it is happening in one situation it will happen again in the future.. it really all depends on the passwords being used and your encyrption key... other passwords may produce the issue even if the password is correct

basically once the password gets encrypted it by chance has a single quote in it... then it messes up the query

I take care of the situation by replacing the single quote with a double quote but it looks like you found a situation where that didn't work out

That being said, ASPIN has a lot of problems with anonymous reviews so if you can please sign up with them and post an Authentic review as they carry a lot more weight. Authentic reviews involve responding to their validation email so when doing so use a real email address that you regularly check.

And sorry I made you use the forums, but as you can see this is exactly the sort of thread that will help someone else later on.. and that is why I require people to use the forums now instead of just email support. That way the conversations are out in the open where they can help everyone instead of buried in my outlook where no one will ever see them. And of course if information is sensitive you can always do a Private Message as you did earlier.

It is all about creating a knowlegebase of valuable information.

You can mix and match banner calling methods all you want.
Try it and see what happens.

However, the only method that is going to work on non ".asp" pages is the javascript or the new iframe method listed in the support forums.