Blog Entry: 3/25/2006 4:53:06 PM
Is there any update to this ?, yes, How can I have fixed size height and width image without distortion. Is there a component that I can use or how can I change the existing code.
yes, unless its ratio matches
how could it not be ?
Please keep questions like this in the forums... thx.
there is no need for this to be a private message
-- Previous Private Message --
Sent by : eeye
Sent : April/29/2005 at 2:19pm
If I choose fixed width and height is the thumbnail image going to be distorted?
-- Previous Private Message --
Sent by : cwilliams
Sent : April/29/2005 at 1:17pm
that is not possible unless you rewrite the code.
You onlyahve the two options we give in the config file for thumbnails
fixed width and height all the time
or
fixed width / dynamic height
-- Previous Private Message --
Sent by : eeye
Sent : April/29/2005 at 1:07pm
Hi William
One more questions for you. is there a way to make sure that all the thumbnails are the same size without distorting the images (in the thumbnails). Or if a picture's height is bigger than its width is there to create the thumbnail such that the height of the orginal becomes the width of the thumbnails and vice versa.
Basically I just want the thumbnail pictures to be in a perfect row with all the picture heights the same and all the pic width the same.
Thanks
Sean ,
Ok nevermind that... i got by that wasn't paying attention...
The problem is even before this which i didn't know until now.
I placed the protect tag in a page i called members.aspx
When i go to this page is says ACCESS DENIED etc etc etc.
When i go to login to view this page i get the error..which i DIDNT know because i assumed it was working. This is the error im getting:
Server Error in '/MAP' Application.
The resource cannot be found.
Description: HTTP 404. The resource you are looking for (or one of its dependencies) could have been removed, had its name changed, or is temporarily unavailable. Please review the following URL and make sure that it is spelled correctly.
Requested URL: /map/users/aspprotectlogin.aspx
Version Information: Microsoft .NET Framework Version:2.0.50727.42; ASP.NET Version:2.0.50727.42
btw it says /map because that is the subfolder within the root folder , LOL , I would also double check that you changed the field size correctly and on the correct database that is being used in the connection string
, You would set the groups during users signup the same way you would do the expiration in the following example.
http://support.cjwsoft.com/code/moreinfo170-1.htm
The groups field need to be set the exact same way it would look like in the database of course
So, if a user was part of groups 1, and 2
You would look in the database and see this in the groups fields for that user
*1*,*2*
so in the signup code you set that like so
CmdAddUser.Fields("Groups") = "*1*,*2*"
This info only applies to resgitrations and signups using the "users" folder.
if you wanted to make different sceanrios you would need to carefully make a copy of the users folder and adjust it accordingly , Once you have the LANGUAGE = VBSCRIPT and Checkfor = 1 on your page,
you'll have it secured. I've got over 1600 pages secured in such a
manner, thanks to ASPProtect!
, Hi,
I have a question re ASP Protect, I have got it up and running on a dev server which also hosts a e-com engine (ASP / Access), when users check out they are presented with the e-com log in screen (which is sharing the same ASPP_User table). All's well and registration and editing user details is fine both in the Admin section and the front end of ASP and if I request an email reminder from the ecom scripts I get back the encrypted password.
I'm using <% = Session("Email") %> and <% = Session("Password") %> to populate the fields on the ecom log in page so users can click though and progress, the checkout process needs the username/password, all user info shows up ok, however, when I proceed with these credentials, it doesn't work, even though I know these to be correct and even without requesting a password reminder and using the one that gets me in everywhere else, I still can't get through? do I need some code re the crypto so the ecom can decode??
Any help would be great - I've been on it for about 10 hours, and checked through the posts here but can't fathom it out?
Thanks Craig , nice. I love learning at least 1 thing every day, glad it is working now
sorry ya had trouble. cwilliams38418.6886342593, I just made a new admin account and I still can not log in using it ?
Did you by chance edit the code by adding LCID info or something like that ? Something is just very wrong.
The simple example protected pages can not even be logged into ?
, well, like I said.. I am leaving in about 5 minutes for the wedding.
If you put this up on a live server that I can connect to I will look at it tommoro for you. I have told you everything I could possibly tell you so I dont think your going to figure it out based on the things you have told me so far.
Only other thing I can think of is make sure your not running anything goofy on that server 2003 box. Norton Antivirus script blocking... various ad blockers.. anti spyware applications... etc etc... They can cause problems as well. , thanks.. it was not taken as a complaint.
I just wanted to explain
When you said you tried using the web version of sql manager. Did you use the microsoft one I link to here "just curious"
http://support.cjwsoft.com/code/moreinfo127-1.htm
, I had not rebooted after installing the Jet driver updates, so I tried that and the asptest page worked fine, and said that all the tests were successful and that the data connection was setup correctly. I then installed aspprotect again, but with the same results. I cannot log-in from the get_me_in.asp page. It still says that it is opening the page, but does not respons for an indefinite period. The asptest page is in the same directory.
I have looked for alternate databases for this product on your site, but I cannot seem to find them. , well, I was curious myself so I just tried it.
Good news is it worked just as I thought.
Only problem is your changing things to allow authentication info to be passed over the net in a url. If you can live with the security implications then it will work. I mean a sniffer could see that and end up knowing the username and password.. not likely but just putting that out there.
Of course now that I think about it unless you are running under SSL (https://) when you log in normally that info is in the post info anyway and possible to get at.. course not right out in the open like when you put it in the url and less likely to be noticed.
As long as your not doing it to access critical areas like the admin pages... and you monitor the log files once in a while it's probably nothing to worry about. , Encountered another issue. When entering a user name correct but the wrong password get the following error:
Microsoft OLE DB Provider for ODBC Drivers error '80040e14'
[Microsoft][ODBC Microsoft Access Driver] Syntax error in string in query expression '(Username = 'ROBERT') AND (Password = 'Z£$'.
/check_user_inc.asp, line 115
Did I do something else wrong?!
Thanks , My hosting company uses ASPEMAIL - and I am trying to setup the mailing settings on ASPPROTECT - but cant seem to get it to work. I've tried many different options - here are two that are the closest - but have issues:
1. If I use the settings:
email component: aspemail
Mail remote server: my internal server name
*no smtp authentication
email mail notification - my email address on my internal server
***I get the following results:
I can get get notified when a new user logs in, email a user from aspprotect user screen if they are in my company and have a valid email -- but I can not send to the outside world - I get an relay prohibited error.
2. If i try to change the setting to use the Hosting Website email server - I get the following results: I dont get notified when a new user registers, I cant send to internal company people - but I can send to the outside world.
**any suggestions on what to do? I'm trying to work with the people who manage the mail servers - but since I dont know anything about them - its a bit difficult.
, Installed latest verison Doesn't seem to have corrected problem. Still with same message. I wonder if deleting this user and putting him back in might help. I have not however tried any other user names and passwords. , Oh, to clarify the above. We did not change any columns in your [Users] database or any other table., Makes sense to me. I used the ASPProtect_access2002.mdb supplied.
(I am using 2003). Only added more names and other personal info
to it for test. Uploaded the amended db with FTP. This did not
restrict someone not listed in db from logging in.
Would each individuals' information need to be added to the code in
order to have it check the database first to find out if the person is
authorized to view?
Part of the problem is I dont know which ASP page or script links the
db to the rest of the web, or how one page relates or links to the
other.
Sometimes I wonder if problems I encounter originate with the server.
Thanks for patience.
, I really can not support it because you made that modification and it probably directly relates to the issue your having.
There are many issues that can be caused when dealing with encryption. Sometimes the encrpted passwords can end up with problematic characters. etc etc Maybe the users are changing there passwords to ones that do that... after you fix them.. Its hard to say
I know as I had to sort things like out when I designed version 7 which has built in encrpytion.
It could be anything really.. since you made changes like you sorta need to figure out what is backfiring. There has to be a reason.
Chris , Rather than bill customers through my PayPal account in $$$ can I get ASPProtect to send through the amount to PayPal in £ (pounds sterling)?
I am using PayPal (non-subscription) [paypal_signup]
Many thanks
Ian , Have you thought about language file so users dont have to go into the code to put it in their language?? , This article from my old powerasp.com site explains what Server.MapPath is and also why you can't use it to specify the data connection in any of the CJWSoft applications.
Use ASP to determine the Physical Path Of Your Virtual Website
As this article mentions you can still use it to determine the path, but you can't use it in our data connection strings because the data connection page is an include file and server.mappath will report back different paths for the different directories....... meaning it will work in one directory level but not another as the path will be different.
cwilliams38084.7454282407, Is there anyway to limit the number of Albums each user can make? , I have reviewed the permissions requirements for folders from the support documentation but do not see the 'internal guest' account shown in our system to allow internet access to read/write to the access database.
How else can we locate the proper account (or is it possible there is none?) to use to allow permissions to access the Data directory if it doesn't show up as 'Internal Guest'? cwilliams38417.7773032407, Hi there,
Well, that is why we added the PayPal subscription pack where all of that is taken care of and customers get put under a recurring billing cycle.
The more people you get to pay that way the less you have to do.
We also have routines for the two other supported payment methods so people can look up their account and add time to it whether it is active/expired or not.
Other than that, yes it is something you need to sort out on your own based on how you want to run your system. You have the source code and the sky is the limit on how you want handle all of that. You send out an email to users about to expire. Whether they come back to the site/look up their account and add more time to it is up to them. I really just do not see any way ASPProtect could handle that whole process automatically.
As for batch changing to users in the database. We give you the source code and we also use an open database structure. You can run any query you want on the database whether with ASP code or directly in your database using the tools that come with it, You can write any code you like to do whatever you like to the database. You can even tie other systems and code into the database via OBDC and manipulate data. The sky is the limit like I said. I also don't really see how batch changes to the database relates to individual users paying again for access or not especially since we include payment pages were a users can look up their accounts and pay for and add more time to it automatically ? At least not regarding the payment routine we provide support for.
ASPProtect can not handle everything every person would need to do. It is meant as a solid starting point for any project, but there are going to be times when more functionality will need to be added by the customer based on their specific needs. , I will actually explain how to set access_levels and/or groups...
in "users/add_new_account.asp"
carefully edit with a text editor
find this part
CmdAddUser.Fields("Access_Level") = "4"
that is where the acess level gets set...
you can change the level or remove that line all together if you dont want one set
now for groups you would add this line in the same area
CmdAddUser.Fields("Groups") = "*3*"
or
CmdAddUser.Fields("Groups") = "*1*,*2*,*3*"
Groups access for a user is stored in one field in the database like you see above. If you are confused what you should be saving in that field I suggest simply setting a user to whatever groups you want via the admin area and then looking in the database to see what got saved in that field. It's pretty simple really how they are stored.
*1*,*5*,*9*
that user would be a member of groups 1,5, and 9 , Well you can put a link on all your pages that links to the login page?
modify the code in the login page so the return page is members.aspx or
whatever you need and thats it?
I dont see your point? probably because I understand how the program works and your not 100% up to speed on how it works.
, Christopher,
I can empathize. It can be a real pain to stablize a server and fend off hack attacks.
As for beta testing, I was referring to once you get to the point where you're ready to release it to the public whether it's this month, next month, etc.
Good Luck!
Al , ok, You not getting a blank page.. you getting an error. You just can't see it because it appears you edited the page background to black.
error '80040211'
/aspprotect/scripts/emailing_subs_inc.asp, line 174 , I posted this in the wrong forum. Sorry.
I have installed ASPProtect on a client's website and I have been
notified that some of their customers have been unable to login to the
protected pages.
On testing it seems that the issues seem to be related to how cookies are being stored by IE 6.
ASPProtect is being used to protect particular template files within a
Content Mangement System. 90% of the time it is working fine but on the
odd occassion particular cutomers are unabe to login.
After quite a bit of testing I have managed to find the scenario in
which it starts to have problems and was hoping you may be able to
provide a solution.
If a customer enters the wrong password, then reenters the correct
username and password, they receive a message "template can not be
found" from the Content Management System. This message is generated
when a url is entered that contains a link to a template file that does
not exist. In this case the template does exist. If I remove the
ASPProtect code the page opens without error.
Everytime they re-enter the details they receive the same message.
If they close down the browser and then reenter the correct details in some instances the page will open correctly.
More often than not, they have to delete cookies and temporary files
and close the browser. This seems to fix the problem again for
most users. For users who's web access is heavily cached by an internal
server, even this does not work.
Have you come across this problem before and can you suggest a remedy.
If you can email me privately I can give you the URL and access codes.
Thanks,
Stuart
,
ok, here's a test page:
http://www.galvinelectricity.org/download_link.asp
user: test
password: test
Our company just got new computers, so everyone here has the same set-up, all Dells, all about 3 weeks old, all Windows XP.
But I did realize after reading your post that I am using Firefox and everyone else was using IE. When I used IE, I was able to duplicate the error.
But, alas, I am unable to resolve it. Client will be using IE, no doubt.
, Christopher
We are actually having a lot of problems with this software.
Apart from the above problem of the email not being in the database as details above we also do not get any reply emails from any forms, the mass email button does not appear and the forgotten password does not send emails either.
We have CDONTS Version: 2.80 Installed as the email system, this is operational on the server. I have tested this with server_info.asp to check.
I can email you direct any other information you may need.
Regards , If I also password protect the pricelist pages then someone will have to login twice.
nobody should have to log in twice... ?
session variables keep track of access... once your in - your in and you can browse to and from any password protected pages you like
If it is making you log in each time then cookies are most likely disabled.. session variables requires cookies being on to work.. cookies being on is a requirement of aspprotect and is how Formed Based Authentication works..
let me know if that is the issue there...
you shouldnt have to be logging in more than once per session
Thats the whole point of the application... , I really need more info on what you have going on?
This can sometimes be cause by a slow server / bad data connection.
Sometimes caused when someone is using the option pack but did not make the proper changes to the database.
Sometimes caused when a user adds users the database on his own and does some "incorrect" things..
The more details you can provide the better. Think of anything and everything and describe it.
SQL or MSACCESS... version of either
Server OS
Using Option Pack or not
Did you have your host set permissions...
etc etc etc cwilliams38300.5380092593, ok, I moved this thread..
The code in the ASP application handles all encryption and un-encrpytion of passwords in the database. I uses the vbscript RC4 function and the password encryption key specific to your installation to do this.
The whole idea is that if someone gets your database and opens it up that they will not get the passwords (utilitiies to crack access databases are common and work well so they can easily get by the main password)
That being said when you open the database manually your not supposed to see clear text passwords. Your also not supposed to have an easy way to make them clear text. It's a security thing.
Though I am not officially supporting it I will tell you what I think would be the easisest way to make an export file with clear text passwords in it.
Use the export fire creator in the admin area of aspprotect.
Mosdify "export.asp"
change
Password = CmdDataExport("Password")
to
Password = RC4(CmdDataExport("Password"), PasswordEncryptionKey)
Then make an export file and see if that worked.
you can then import the export file into and access database or do whatever you like with it.
, Okay thanks, I'll have to consider wether or not to go down the path of the upgrade or cut my losses as the Access cannot handle the pressure
It's just errored out again with the following message:
msxml3.dll error '80072ee2'
The operation timed out
/forum/banner.asp, line 15
Regards,
Dave , I did a sign up.. your verify URL is not saved/set in the application variables.
try saving the admin settings page again.. or reboot the server so the settings get reloaded
if you can make sure the web is it's own application in IIS
if it is your server do and "iisreset" from the command prompt
if all else fails you got iis application issues with the site... wait till tommoro to see if the setting gets loaded ,
Timecard Entry: 3/25/2006 4:53:06 PM
meet with Jim/Ed, research, calls to Seneca data, Community bank, redwood nat bank, gathering materials for Clayton Chamber brochure..., started daily, weekly, and monthly reports, new/close out w/o's, SoftMLS support, Velcrostore issues, billing reconciliation, entered deposit and pulled invoices, did reimbursement checks, and checks for Mary, E-Mail, Voice-Mail, catchup., printed open incidents, soon to expire, invoices. money readied for clayton, Lunch, Covered NOC., tech support phone and callbacks, billing. Some sign ups today. Invoices, Continued Employee Handbook work, E-mail, Voice Mail, Vermont Internet intranet dev, pj clarke, northland telephone, bills users group, flier, take reservations, channel 7, moved the crap in the basement into the store room -called George K to come and ge the recycle stuff, go over missing info with chamber, Black Creek Farms- left message for Yvonne
creat work order for the following:garlock realty, northcountry orthopeadic
schmerhorn landing- go over with steve
do timecard
, Meadiation Software - Ron, Carol Team, Talked to Crispin about time frame for Chautauqua DB conversion. He's trying to work out a system with Steve to do something w/Language lookup fields to change field labels on the realtor side, Consolidated and printed the list of potential wirelss customers for downtown Watertown- printed out lables for the mailing - list taken form Paul's Nortel phone customer List, recp., starting the daily backup on Venus, Switchboard, billing calls, call backs, Michele showed me how to balance manual check book and how to put a manual check in the computer--She thinks she will be going into labor-----right?, NOC Center, billing, sign ups, to Clayton, Timberview.Com - Finaly able to publish changes to trail conditions menu.,
| 
