Blog Entry: 3/25/2006 4:56:42 PM
Chris,
I have had a couple of users log out of the system as they are supposed to, move to another computer and not be allowed to login because of "they are currently logged in using another IP address" when in fact they logged off properly. Is there anything that they should be doing differently?
Thanks,
Jess , You cant do it from initial lohin, but you can do it from the time of registration signup.
http://support.cjwsoft.com/code/moreinfo170-1.htm
As for the emailing thing it is most likely an email sending issue more than a code problem. For example spam filters incorrectly grabiing those emails or something of that nature..
Best thing to do is try different things for emailing options until you get something that works. I suggest using CDOSYS with a real email server and using a valid email account for yourself at that email domain. SMTP authentication if necessary. This will ensure the emails sent have valid MX records and dont get treated as spam.
,
it probably means the page you are trying to protect is (not in an iis application or not in the same iis application) which it needs to be
for a situation like using ASPProtect you really want your root of your virtual directory set up as one big application in IIS. (after you inquired about it your hosting company probably went and set the ASPProtect folder as an application in IIS which means any pages you protect need to be in there as well. (truth is they should have had your entire web starting from the root set as one in the 1st place..... its standard practice for any experienced hosting company) cwilliams38456.9306828704, remeber too.. you might have to edit code you used on your existing pages in your site so they still call the "check_user_inc.asp" correctly.. though it may very well work out so it works the way it is at the new site
any redirection code you might have done may need the redirection urls changed if you used full domain urls..
things like that... etc etc etc, All of the fields with the expected paths show the correct file structure, so now I've put them in them in the boxes , OMFG,
Chris,
I'm setting up the subscription locally so I can't test it out until I
put the site live. I have a question in how the paypal
subscription works.
1. What is telling paypal to return the info to the ipn.asp page for
processing? Is that something I have to set up in my paypal
account?
2. I'd like to use Paypal's
auto return. I assume the return page would be ipn.asp?
Would I just need to add a redirect to the login page at the end
of the appropriate txn_type if/then statement?
Thanks,
Michelle
P.S. I did finish the integration of the webwizforum with
ASPProtect. Thanks for the great headstart on that! Will be
putting everything live in a couple weeks.
, Not a problem. Have a good time at your wedding.
thanks! , [QUOTE=cwilliams]
Is that a real term or just something you named it cause they have like a zillion people using that SQL server?[/QUOTE]
yeah thats it, you buy into a part of the sql server so it's an sql server hotel... , Are you aware ASP can run on any machine running win95/95,2000,xp pro, 2003. You really should test all asp code locally before running it on live servers but anyway... that is your deal
I am not sure if memory alone will be enough for that server but it could help. I saw a decent amount of free memory when I looked. Its just about an 8-10 year old system on every aspect (processer,OS,Hard drives, memory etc etc) and not only that something is tasking the heck out of the resources left over for asp database access. Something is just wrong. I don't know what it is but I am pretty sure it is not aspprotect. I got rid of my last nt 4 server about 4-5 years ago but the application always ran great on NT and I still have some customers using NT 4. Not many though.
if you email me the import file and the encryption keys you are using I will make a database for you.. just zip it up and send it to chris-cjwsoft.com
replace - with @ , ok, then I need more information.
Was the code changed ? Thats the big one. If it worked and now it doesn't something must have changed. Things just don't stop working on their own. I would try putting the original files back in there for everything but the config and dataconn files just to make sure and see and if it works with the original files. (back up your old ones 1st so you can copy them back of course)
Also, perhaps PM me the site info so I can go look as well. , Hi,
1. Two months ago, we have set up to use the Subscription services exclusively for all new members and renews. and removed the regular payment service, a carry-over from v6.
2. Many from the "pre-subscription" service have yet to expire, thus have a populated expiry field.
3. With a 10 month bridge before we get all the members onto the Subscription service the "Send email to users that are soon to expire."
is used to remind these.
3. When members RENEW using the subscription service, the Expiry Field is not Nulled and they become targets for future reminders although they have renewed as Subscribers.
XYZ signed up on Nov. 05 2004, we send him a reminder in Oct 2005 and he renews as a SUBSCRIBER. His expiry date field is not nulled and he will keep getting notices although he has paid for another year.
Hope this is clearer... Thanks
, After taking another look at this and trying your suggestions without success, it appears that in Windows 2003 server it is nearly impossible to remove the READ ONLY attribute from the _database folder. I'm wonder if this could the cause?
Thanks , in Control_pic.asp is there way to wrap the description field so that it doesn't go outside the table.
Thanks , You should not have single quotes around the "-1" because Album_Active is not a string field in the database. It's true/false or bit field in the database depending on the database you are using (MSSQL or ACCESS)
I'd do it a little more like this I think.
SELECT COUNT(Album_ID) AS Alb_Count FROM " & tbl_label_albums & " WHERE User_ID = " & CmdListUsers("User_ID") & " AND Album_Active = 1"
I took out the parentheses as well since I dont believe they are needed in a simple case like this
but is hard to say unless your the one testing it... my version might have a mistake as I am a little rusty with my SQL at the moment
also: in case your wondering...
depending on the situation and the odbc drivers the 1 and -1 should work either way but sometimes it's picky and you have to do it one way or the other cwilliams38433.0564930556, I just installed ASPProtect on my site. The instructions were definately on the target. Very very good instructions.
But... Isn't there always a but ??? 
I needed to setup my site with MS SQL and it is hosted so I don't have Enterprise Manager. I tried the web based Enterprise Manager and any other one I could find. But, I kept getting errors when trying to use the SQL Script.
I finally had to go back to my work where we do have the licenses and get an SQL Admin to use Enterprise Manager to run the script and it worked finally.
I don't know if this is a common problem ??? But, maybe you would want to look at the SQL Server script or make a different version that would work with the Web Based SQL manager.
Thanks , Can ASPClassifieds display the ads by city?
I have a web directory that lists websites and companies by city. Is it possible to have specific ads shown to the user depending on what city they click on? For example, only ads in New York would be shown to users that have already clicked on that city in my directory.
thanks, , Humm.. that should have worked fine
why are you getting a "OLE DB" error I wonder ?
I need more information.
Database being used and version ?
Server OS Version?
Connection String being used ?
etc etc , How and where does one add countries/cities to the list so that they appear in the Drop-Down list that advertisers see when they are placing a new ad?, As I'd said in my previous response, I found those databases and they didn't work. All three databases in asptest do work., Actually, as far the "aspprotectnet.dll" file goes it makes sense because of the following.
The "aspprotectlicense.dll" is something we do not provide the source code for. We also do not compile it in "debug" mode because you not want dll's running in "debug" mode in a production environment and we also do not want that dll in debug mode because of reverse engineering reasons.
Now, that being said that DLL is no different than any other 3rd party dll "so to speak" that you would use in a project. Many of which will not be in debug mode and you will also not have the source for.
"Microsoft.Data.Odbc.dll" being an example
Regardless, there must be a way to do what your trying to do. I am just not sure at the moment. It is nothing anyone has brought up before and I personally have never had any issues like that when I work on the application so I am just not sure.
It probably has something to do with the way you set up your project., humm, I dont know.
If you want me too I would be glad to go into your web site and troubleshoot. If so PM me the info I need and I will take a look and see if I can figure it out.
CJW
, Encountered another issue. When entering a user name correct but the wrong password get the following error:
Microsoft OLE DB Provider for ODBC Drivers error '80040e14'
[Microsoft][ODBC Microsoft Access Driver] Syntax error in string in query expression '(Username = 'ROBERT') AND (Password = 'ZŁ$'.
/check_user_inc.asp, line 115
Did I do something else wrong?!
Thanks , ASPProtect v7 comes with working example code of protecting an image from being downloaded and also protects the true file location of the image on your server..
This comes with the system as an example folder with some files in it.
(some of the initial purchaser's of the system might not have that directory.. if that is the case please ask)
Here is how it works...
Basically we protect the image in 2 ways.
- We use Javascript right click disabling code that works in both IE and Firefox.
- We stream the image via a special password protected ".asp" page and use an image tag to call it. This hides the true location of the file. You can therefore keep your images out of your web or keep them in a folder in your web that does not allow file browsing. Under this scenario even if someone looks at the img tag html source they can not tell where the file came from. Doing all of this allows you to offer certain images only to people that are logged in.
All in all this is should be very effective protection. Yes, there are still ways to get the images like doing screen captures, but this will ensure that people viewing images are logged in to your site. This will in most cases keep them from right clicking and saving the images. This will ensure that people can not tell other people the image's url location and it will ensure other sites can not leach your images and bandwidth.
For the image protection examples to work you may need to edit some values
in the stream_pic.asp file that are valid for your setup.
Look at the source. The values you can edit are commented.
Now, you also need to call a valid "image file name" from the call_pic.asp file which is an example of how you protect a page with javascript and call a streamed image using an image tag.
Lasty, here is a great article I found on image protection and some of the things you can do about it and some of things you cannot.
http://pubs.logicalexpressions.com/Pub0009/LPMArticle.asp?ID =41 , I encountered the same problem and eventually found out that my Norton protection was not allowing scripts to work so I had to uncheck the setting before the banners reappeared., Hi Chris,
We installed our key onto the live server.
However, since our temp key has expired, we can't access our application on our development machine because the login won't work anywhere except on the live server.
Of course we can access the application on dev, if we remove the aspprotect tags, but if we need to log in to do something unique to the user, then we have a problem.
Can we get another temp key from you? And would there be a better long term solution to this debug/maintanence issue?
--JP , Does ASPProtect 7 work with SQL 2005?, Upgrade from V6 to v7.x with an MSSQL SERVER DATABASE
1st of all, backup your existing ASPProtect files and database before performing this upgrade. Please be really careful while performing this upgrade. Version 7.x is a highly advanced application compared to any previous versions. CJWSoft under no circumstances is responsible if you lose information or have website downtime.
BOTTOM LINE: (PERFORM THIS UPGRADE AT YOUR OWN RISK)
To do this upgrade you're going to need to have SQL Enterprise Manager and SQL Query Analyzer
That being said, on with the upgrade..
Open your SQL database in SQL Enterprise Manager
Regarding the following Tables
Rename "Users" to "ASPP_Users"
Rename "Groups" to "ASPP_Groups"
If you do not have a "Groups" table do not worry about it right now.
Now right click and DELETE the Config Table.
Yes, delete it..
Now, go into Design View for the "ASPP_Users" Table.
Rename the "Password" field to "Old_Password"
Be sure to spell it perfectly using the Underscore
If you have a "Groups" Field... leave it alone
If you do not have a "Groups" Field add one and make it a "nvarchar" field with a lengh of 255.
Now, we are going to add a few more new fields.
Add a field called "Redirection_URL" make it a "nvarchar" field with a lengh of 150.
Add a field called "PayPal_Subscriber_ID" make it a "nvarchar" field with a lengh of 100.
Add a field called "Newsletter" and make it a "bit" field
Add a field called "Password" and make it a "nvarchar" field with a lengh of 100.
Now close that window and save the changes..
Download these scripts.
2005-02-23_171110_aspprotect_v7_sql_upgrade_scripts.zip
Now open up SQL Query Analyzer
Connect to your SQL server.
Then load the script "aspprotect_v7_config_table.sql" into the Query Analyzer. Click the green play button at the top. If everything goes well the response should read something like this.
******************************************************
(1 row(s) affected)
******************************************************
Now, if you had a Groups Table your done with the database changes.
If you didnt have a groups table.
Then load the script "aspprotect_v7_groups_table.sql" into the Query Analyzer. Click the green play button at the top.
Now, go back to your database in Enterprise Manager and make sure all 3 tables are there and look ok. You might need to do a refresh or two to see them.
Now make sure an existing or new SQL user has (public / datareader / datawriter) permissions for all three tables. You reference this user in the asp code connection string so this user must be set up correctly. You may need your SQL server admins or hosting company to help you on this step as you may not have access to do this. You may not need to create a user and set permissions as the sql user you were logged in as to use query analyzer may by default get the correct permissions on anything you create.
Regardless, as you can see from this screenshot I have a SQL user called "aspprotectuser" and proceeded to set the permissions for that user. Under database access giving him (public,datareader, and datewriter permissions).
Now, you are done upgrading your SQL Server Database.
The existing passwords still have to be encrytped and moved from the "Old_Password" to the "Password" field
To that we have a special page we run in the application that will take care of that.
So, for now... go install the application, but using the database we just created.
Follow these instructions for the most part...
http://support.cjwsoft.com/forum/forum_posts.asp?TID=181& ; ;PN=1
When you get to the part where you finally get into the admin area and need to make an admin account you will notice that your existing user database is there but none of the users have passwords if you look at them in the edit screen.
That is normal. Simply do what the instructions say and create and admin account using a username that does not exist..
Then log off... then back in as that new admin account. If that works you are ready to convert the passwords.
This part is very easy.
You want to run a special page via the browser.
http://www.mysite.com/password_admin/convert_to_encrypted.asp
Replacing the part in blue with your website info.
Once you get the page running you will see a login prompt and one form field just like before with the "get_me_in.asp" page
You will need to paste the "PasswordEncryptionKey" value that you used in the "config_inc.asp" file in the form field and hit enter.
If all goes well you will see a page telling you to click here to encrypt the passwords and copy them over.
So do what it says... dont click more than once and wait.
Eventually it should say it is finished. So go log in to the admin area of the system using the new admin account.
Now edit some users but dont save... you want to see if the passwords are showing up. If they are the conversion worked. If you see nothing or a garbled mess it did not work and you made a mistake during this whole process.
If things went well backup and delete the conversion file below.
http://www.mysite.com/password_admin/convert_to_encrypted.asp
You do not need it anymore.
Once you are positive every thing is running smoothly and everyone's passwords are ok you can go in and delete the "Old_Password" field as well.
If things didnt go well.. try again from scratch and go slowly.
If they still dont go well get ahold of us for help.
We are here to help, but if you really want us to we can be hired to do the conversion. ,
IMPORTANT UPDATE - READ THIS
http://support.cjwsoft.com/forum/forum_posts.asp?TID=205& ;PN=1
The IPN Subscription Pack which is built in to ASPProtect 7 contains all the pre-built scripts you need to implement PayPal IPN Subscriptions with ASPProtect. IPN stands for (Instant Payment Notification). It allows you to set up scripts on your server so whenever a PayPal payment is processed the PayPal server sends info to your server regarding the transaction and vice versa. This is a fully automated process and allows you to charge users for access by the month or however long you like.
The Subscription feature of PayPal handles recurring billing automatically. The PayPal server will communicate with the ASPProtect system and keep everything up to date with users and their subscriptions.
This Support Pack basically gives you an additional signup and registration directory "paypal_sub_signup" and it should not interfere with any changes or customizations you have made to your ASPProtect setup. New users can register in this directory and sign up for a subscription at the same time. Existing users whether active or expired can be sent to this directory where they can lookup their account and start a subscription. You can also assign various Access and Group Levels during signup and you can set up various prices for various amounts of time as well. This is a real-time setup for the most part. As soon as a user pays via PayPal your system is updated and they will have access.
To use this all you need to do in ASPProtect 7 is enter your PayPal account name into the settings screen. It will be an email address. You'll need a business or premier account with PayPal and you will need log into your PayPal account and turn on IPN in you profile. They make you enter a default IPN URL. We do not use that so if you already have something there leave it there. If you dont have something there you can type in any the full url to any page on your server. It's probably best to send it to an empty ".asp" page or something.
Changing Payment Options
In the "paypal1.asp" file there are some sample payment options set up.
They look like this and you can have as many as you like.
<!-- Begin Payment Option Code -->
<form action="https://www.paypal.com/cgi-bin/webscr" method="post" target="_blank">
<% Label = "Membership (1 Month) $9.99 Recurring" %>
<!-- Begin Form Fields You Can Edit.. See PayPal Subscription Manual For Details -->
<input type="hidden" name="no_shipping" value="1">
<input type="hidden" name="no_note" value="1">
<input type="hidden" name="a3" value="9.99">
<input type="hidden" name="p3" value="1">
<input type="hidden" name="t3" value="M">
<input type="hidden" name="src" value="1">
<input type="hidden" name="sra" value="1">
<!-- Field Below must have 2 commas First two values are optional (access level,groups,user ID)-->
<input type="hidden" name="custom" value=",,<% =User_ID %>">
<!-- End Form Fields You Can Edit.. See PayPal Subscription Manual For Details -->
<!--#INCLUDE FILE="form_data_inc.asp"-->
<input type="image" src="https://www.paypal.com/images/x-click-but20.gif" border="0" name="submit" alt="Make payments with PayPal - it's fast, free and secure!">
</form>
<hr>
<!-- End Payment Option Code -->
To really understand what these form values mean it is best to look through the PayPal Subscriptions Manual which is a PDF file you can get from the PayPal Site.
This link was valid the last I checked...
Subscriptions and Recurring Payments Manual
It also may be helpful to use their wizard to create some subscription buttons with different settings and then look at the code generated.
Bascially these are the important ones..
|
a3 - amount to billed each recurrence
t3 - time period (D=days, W=weeks, M=months, Y=years)
p3 - number of time periods between each recurrence |
The custom field is something we are using to send info from ASPProtect to PayPal.
it allows you to set the access_level or groups access (groups support require the ASPProtect Option Pack)
<input type="hidden" name="custom" value=",,<% =User_ID %>">
or this example where we are setting the access_level to (2) and also giving the user access to groups (3 and 4)
<input type="hidden" name="custom" value="2,*3*4*,<% =User_ID %>">
Here is how it works.
The value setting (red) is essentially and array that can be made up 3 elements separated by comma's
access_level,groups,User_ID
If you do not want to set the access_level or groups access.. then you don't even need to edit the setting.
Values must be separated by a comma even if there is no value and there can be no spaces. If you didn't want to set an access level or groups there would still be 2 commas at the beginning. etc etc
Basically there must always be 2 commas but you only have to set last values which is the User_ID from the ASPProtect system.
The 1st value is the access level you want to user assigned to.
The 2nd option is the groups you want the user assigned to. (requires option pack)
The 3rd option is the User_ID which the system takes care of. Do not edit this option. Leave it as <% =User_ID %>
cwilliams38421.7141782407, Ok, for starters what is the real error ? Please read this.
http://support.cjwsoft.com/code/moreinfo11-1.htm
2nd I always recommend using CDOSYS before any other email component. All servers have it running by default and ASPProtect supports some a html editor if you use that component. I would give that a try as well. It's the best emailing option.
, I think I have successfully integrated Paypal but seem to have a slight
issue. Once a person has entered the Paypal site but cancels their
order, the ad is still placed on the site. The optimal way for my site
to work would be to cancel the ad once the Paypal process has been
cancelled. Any help would be great.
Thanks
, You not getting a blank page.. you getting an error. You just can't see it because it appears you edited the page background to black.
error '80040211'
/aspprotect/scripts/emailing_subs_inc.asp, line 174 , I purchased 6.0 in Feb 05. Is there an upgrade price to 7.0
I spent considerable time setting up 6.0 to work with my web site. From what I read in the forum, it sounds like I have to start over again to integrate the new version into our web site. I do not relish the thought of that, but I have to move to an email system with a valid MX record.
Will I be starting over from scratch with this upgrade?
, I have just purchased ASP v7 and loaded. Followed instructions. Obtained codes not prob. Get to single field login screen, enter password and following page appears:
Method Not Allowed
The requested method POST is not allowed for the URL /temp/aspprotect/password_admin/get_me_in.asp.
Added folder aspprotect under (temp web) folder - temp, but also tried under root folder of web site.
Still no luck.
Apache/1.3.27 Server at www.didac.co.uk Port 80, you can whatever you like but like I said those gif files are already in the correct place. The log parser is messing up. , Yes, you are right.
We have now tested it using the DSN less connection with Access 2002 and it works fine. We have also tested it again with a DSN using 2002 and this also seems to work.
The comment about speed is a consideration although I have not noticed any differences. ( we only have a few database entries at this time).
Thanks for your help , question 2 is answered best here
http://support.cjwsoft.com/code/code_info.asp?TID=319&KW =paypal
I should also mention that the paypal scenarios used in ASPProtect can not be tested using PayPal's sandbox. Also test using two real PayPal accounts and on a live setup. (You'll allowed two paypal accounts)
then you can log into the other and refund the transctions and of course it makes sense to use low amount like 1 cent and what not.
Also, I'd love to see what you came up with with the integration. I have been working on it here as well and took it in a different direction as I plan to sell directions for it as an add-on for aspprotect. I have it all working here but so far I dont see an easy way to let other people do it as I had to change things in both systems in a lot of places. Utimately if done under a SQL environment triggers should be used at the database level and that is another consideration.
, Hello Chris:
Yes I'm using the Option Pack.
-Ricardo , My guess it they are runnign some sort of ad blocking software like norton ad blocking. Something on the client side blocking ads or anything with the word ad in it.
I would investigate that., (User Photo Upload Mod) for ASPProtect Version 7.x
This will allow an individual user to upload a user picture instead of just the admin.
Notes: This is a down and dirty mod. The user upload code was copied from the admin area and there are no safeguards. Meaning there is no limit on the file size a user uploads and there is no confirmation process in case something they upload is inappropriate. etc etc etc
If you want that you will have to work on that on your own.
Directions:
Back up your existing ASPProtect installation.
copy these files into your "users" folder
2006-01-24_111305_User_Upload_Mod.zip ,
Timecard Entry: 3/25/2006 4:56:42 PM
added new ZipLink numbers to home page and Numbers.txt file, manually added Feedback forms, Nortel, WWW.BSPP.COM REDESIGN OF SITE AND NAVIGATION CUSTOM BACKGROUND AND JAVASCRIPT MENU, more timecards, Working with servers. Supporting customer issues. Working with Matt on agencyideas., check e-mail, Adding code to odmls.com with Steve & Crispin, finished the cancels and faxed out summary sheet, Called expring users., Going over to IMC to reboot a server, also checked on a few things., fixed some modem issues on 4911......RNA's busied out 3 modems.....calls are getting past card 3 now., looped some circuits on the 5800 to stop rnas., talked to Terri about this week's billing and getting stuff from Andrea, TaskForce, modified original cover idea from photo sized image to full cover also afer critiqe with Jason, scrapped cover in cover idea to make better use of supplied photos and to keep overall look from being to busy, check modem status, Looking for drivers for an Osprey video capture card used for a streaming server on Windows 2000., training plus chamber dinner, **BHCP (fixed price) - looked over templates and seeing how asp graphs are going fit in, cphospital.org - physicians directory public pages complete, entered all category and physicians content, tested, good to go., Staff Mtg, General, worked with Gary on a small problem., lunch, to North Lawrence - 153 Miles (Trip + Class During Week), Had a few calls about the 5000 & 5500 numbers. Nothing on EMonitor., Worked on production schedule for closed boards, Finish changes for Batavia news, At home ... Visor came in that Jeff Wood ordered for me so I spent 2 hours trying to get the pocketrealestate export files to upload into it... with no success.. I will have to call them and see what I am doing wrong., BARTER: Burlington P&R site design, Admin (emails and organize),
|
