yeah.. I cant say for sure.. as I have never really tried to get it working in xp pro.

Last time I actually used cdonts locally was on a 2000 box

I would do a google search on xp pro, smtp service, and cdonts and let us know what you find out.

All of our apps can use free 3rd part emailing components as well so maybe try some of those. Course you need a valid email server to connect to.

Just installed software,  when I attempt to log on I get the following error (actually this is after I moved some of the include files to user).

Active Server Pages error 'ASP 0131'

Disallowed Parent Path

/gallery_admin/default.asp, line 25

The Include file '../dataconn_inc.asp' cannot contain '..' to indicate the parent directory.

What do I need to do to fix?

thanks.

Perfect. Thanks buddy :)

far as I can tell it does... that session abandon thing called in the logoff page should be enough to cover everything

once thing to be careful about

If you log in.. then log off... then go back to a page and do a refresh... you  may in fact be reposting the username and password from before.. thus logging yourself right back in

Perhaps not.. all depends on what your doing... but it is something to be careful of when testing 

It's not working because i guess im copying the viewstate also...and it comes up

Validation of viewstate MAC failed. If this application is hosted by a Web Farm or cluster, ensure that <machineKey> configuration specifies the same validationKey and validation algorithm. AutoGenerate cannot be used in a cluster.

That carrot doesn't really exist in the file, so I'm not sure.

I did download and place the ASPTEST file in www.drsweisberg.com/asptest and when I try to load the 2 pages it fails to load.  I have another site on the same server and I uploaded the same exact set of files and the asp pages load.  www.klarman.com/asptest

http://www.drsweisberg.com/asptest/server_info.asp

http://www.klarman.com/asptest/server_info.asp

This is how I set the connection:

ConnectionString = "DBQ=D:\clients\rklarman\klarman\asptest\_database\asptest.m db;Driver={Microsoft Access Driver (*.mdb)};UID=Admin;Password=temp"

ConnectionString = "DBQ=D:\clients\rklarman\drsweisberg\asptest\_database\aspte st.mdb;Driver={Microsoft Access Driver (*.mdb)};UID=Admin;Password=temp"

I don't believe that the iframe method is supported in a .NET (aspx) implementation, is it?

JDooley

If you bought ASPBanner Unlimited Version 7.3 Before August/01/2004 this file needs to be updated.

It fixes a bug where CODE type banners do not work correctly with a weight higher than 1.

Basically, blank banners will rotate and you will see nothing sometimes.

Copy this file into your ASPBanner folder over the existing file of the same name.

2004-08-03_045728_appinfo_inc.zip

no, that only applies to random pictures and stats..

The issues you are talking about usually relate to issues created by switching back and forth between a local install and a live server install and not being careful about changing the paths in the settings depending on where you are running it from.

For example.. it trying to use a url at the server level that is only valid when you are running it locally

After taking another look at this and trying your suggestions without success, it appears that in Windows 2003 server it is nearly impossible to remove the READ ONLY attribute from the _database folder.  I'm wonder if this could the cause?

Thanks 

<compilation defaultLanguage="vb" debug="false" />

change it to this

<compilation defaultLanguage="vb" debug="true" />

When you run the code in a production environment change it back though

More Info
http://support.microsoft.com/default.aspx?scid=kb;EN-US;3061 56

Our knowledge base which is hosted at a remote location is protected by ASPProtect Full Version 6. I would like to allow our employee to access the knowledge base from within our internal network unchallenged. Is there a way which I can modify the code "check_user_inc.asp" to allow any one coming from say 10.1.X.X to access the site unchallenged?

Thanks,

Mo

Can we get access to the source project files for ASPProtect.net since we'd like to put in some of our own branding on the pages and not everything can be done in HTML.

Thanks

--------------------------------------------
(( TRY THIS AT YOUR OWN RISK !!))
--------------------------------------------

2004-08-19_122127_ASPBanner_V7.3_code_banner_encode_decode_m od.zip

This is an Expirmental MOD for ASPBanner Version 7.3 Only
Do not use it on other versions....

It encodes CODE Banner information before saving it into the application variables that handle banner rotation. It then decodes that information before displaying them on your web pages.

The reason for this is SOME very complex javascript does not always save correctly into the application variables that rotate banners (even when not using the JavaScript Method to display the banners)

This way the javascript or whatever you entered comes out on your web page exactly as you entered it and runs correctly.. but there is little more processing going on to handle the encoding and decoding. But its probably nothing to worry about and won't effect performance at all.

Unless your having a problem don't use this mod. It is not officially supported in any way.

-- DIRECTIONS --

( COPY THESE FILES INTO YOUR ASPBANNER DIRECTORY AND BACK UP ALL THE FILES THAT YOU WILL BE REPLACING ))
(( SO YOU CAN REVERT BACK IF THERE IS TROUBLE ))

If you are wondering if the "appinfo_inc.asp" included has the weight banner bug fix applied to it already. That is a bug mentioned in our forums

ALSO:

(( YOU CAN NOT USE THE INCLUDE METHODS OF CALLING BANNERS WITH THIS CODE ))

(( YOU CAN NOT USE THE JAVASCRIPT METHOD OF CALLING BANNERS WITH THIS CODE ))

(( USE ONE OF THE OTHER METHODS ))

Chris:

I just got done trying it myself and it worked great for me too. I was aware of the security issue, but I'd already planned on using SSL for this particular call, as well as for the secured pages accessed through the normal process, so the bad guys will be kept at bay.

Thanks for the help.

New Features added to 7.x

1. Entire application gone through and updated.
2. New graphics, new look and feel
3. Passwords and Cookies are now encrypted using separate keys individual to each customer install.
4. Groups Feature... powerful way to protect pages based on group access
5. Ability to upload a picture for each user.
6. New printable profile user screen.
7. Supports 13 email components as well as outgoing authentication for a few of the email components
8. New Lockout option. "However many" try’s to login and you are locked out for a certain amount of time.
9. PayPal signup routines for both single payments and subscriptions integrated into the application. Everything is handled automatically. Charging for membership couldn't be easier. 
10. New Newsletter Feature allows you to send newsletters to those subscribed. 
11. New ability to Email users soon to expire
12. HTML emailing for people using CDOSYS. This includes an inline html editor so you can send out some really professional looking emails.
13. Ability to redirect a user anywhere on 1st login
14. Option to turn off Login Remember Me Feature
15. Login Form now very easy to edit
16. All paths for places that need permissions can be easily changed.
17. Works with Parent Paths Disabled on the web server.
18. Company Name is now an optional field
19. Handy javascript popup date selectors
20. All date functions now internationl date friendly
21. Password conversion routine to upgrade existing users to the password encryption
22. Import / Export of user database built in
23. Protection Code Generators
24. Notes Feature. Javascript Popup on users screen that allows you to quickly see information without going to their edit screen
25. Mass email users incuding ability to send them usernames and passwords all at one time.
26. Option to not allow concurrent logins by the same username
27. Optional feature to keep track of recent users that have logged in as well as allow you to view the information.
28. Optional feature to keep track of recent users that have logged in, what pages they accessed, and when, as well as allow you to view the information.
29. Ability to protect other files types other than just protecting the viewing of the ".asp" pages. We provide working example code showing you how to protect images and file downloads in your protected ".asp" pages. You can protect nearly any type of file from downloading and viewing. (gif, bmp, jpg, zip, exe, pdf, rar, mp3,etc..)

The "forgot your password" feature is not sending passwords to users when they put in their emails.

Any suggestions?

Thanks

Is this the full version 7.
Did you make any changes to the code ?
Is the User_ID field still an autonumber field in the Access database ?

I do not see how this could happen unless somehow the autonumber field setting for User_ID was changed in the database?

probably.. better than what we are accomplishing here LOL

or if you like send me the import file and your encrpytion key and I will try it out here and see what happens

either way PM me any sensitive info if any

This issue came up once before and when I investigated I could find no error in the html that aspprotect generates and those files do exist where they are supposed to. We concluded it was a parsing error from the log file system.

There just really isn't anything I can do about it. I spent a week trying to figure it out. It is just the log parser screwing up under certain circumstances where there is no reason anything is wrong. They have trouble dealing with some of the complex URL/querystrings that the ASPProtect admin area uses. They think there is a 404 eror when there isn't... etc etc

Chris,

Another question on V7.  I set up all the paths as required for the extras like user pics and exports on my site.  They were working fine.  I created an export, then as you recommend, deleted the file on the site to ensure it doesn't get in the wrong hands.  I did this a few times to test it after a number of people logged in.

About 2 days later, I went to do it again and the system came back with an error saying the directory didn't exist.  I know it did because I created it and it worked fine.  I then created the directory again thinking I was losing it.

Then today, I went to do another export and the directory is gone again!  Can you help me understand why this might be happening?  I am the only one with FTP access to the site so there is no way that it could be someone else doing it.  The error I get is:

Microsoft VBScript runtime error '800a004c'

Path not found

/password_admin/export.asp, line 78

Thanks,
Dave

I have noticed that during the file import, that some of the pictures get messed up.  I can import aroun 150 pictures into different albums, say 3 albums with 50 each.

I have noticed however that some of the get messed up.  What is happening is...the thumbnail will be correct, but after you click it the picture that shows up is one form a different album.

Any cure for this?

Hello -

Believe it or not I finally can access the photogallery. You were right Chris regarding the unzipping of the files.

Now onto the next challenge! I have set up three categories and proceeded to create a test album. I uploaded a couple of pictures (yeah that worked!!!) but the album does not show up on the default.asp page under the category.

Please advise -
Rhona (rookie)

Thanks for the info.  We'll do as you suggest.

NPA

(Capcha Security Image Mod)

This mod will add a Capcha Security Image to the registration signup form.



Instructions:

Download the latest version of the ASP Security Image Generator from this site. http://www.tipstricks.org/

Unzip that download and copy "aspcaptcha.asp" and "aspcaptcha_distort.asp" into the aspprotect "users" folder.

Now edit "users/register.asp" with a text editor and add the code shown below in blue. The code to add goes near the bottom of the form right above the submit button. Just add the blue code. The code around it is shown to help you find the area of code where it gets placed.


    <tr>
      <td valign="top" align="right"><font face="Arial" size="2"><strong>
  Newsletter</strong></font></td> ; ; ; ; ; ; ;
      <td valign="top">
  <input type="checkbox" name="Newsletter" value="True" checked>
  <font face="Arial" size="1">Do you want to be subscribed to the
  newsletter ?</font></td>
    </tr>

    <tr>
      <td valign="top" align="right"></td>
      <td valign="top">&nbsp;<img src="aspcaptcha.asp" alt="" width="86" height="21" />
   <font face="Arial" size="2" color="#000000">Type the characters shown in image for verification.</font><br>
   <input name="strCAPTCHA" type="text" id="strCAPTCHA" maxlength="8" /></td>
    </tr>

    <tr>
      <td colspan="2" bgcolor="#FFFFFF">
        <p align="center"><input type="submit" value="Register"></p>
      </td>
    </tr>


ok, now edit "users/add_new_account.asp" with a text editor and add the code shown below in blue. Just add the blue code. The code around it is shown to help you find the area of code where it gets placed.

If User_Custom6_Used = True Then
 If User_Custom6_Required = True Then
  If  Custom6 = "" Then
   ErrorMessage = ErrorMessage & Server.URLEncode("You need to enter a " & User_Custom6_Name &".\n\n")
  End IF
 End If
End If
 
 strCAPTCHA = Trim(Request.Form("strCAPTCHA"))
 if strCAPTCHA = Trim(Session("CAPTCHA_" & Session.SessionID)) then
 else
  ErrorMessage = ErrorMessage & Server.URLEncode("You did not type in the verification info correctly.\n\n")
 End If 
 
If ErrorMessage <> "" Then
 Response.Redirect "register.asp?" & Request.Form & "&ErrorMessage=" & ErrorMessage
 Response.End
End If

Your done. You just added a Capcha Security Image to your signup form. If you would like a more distorted image that is more difficult for an automated program to figure out change the image tag to call the "aspcaptcha_distort.asp" page instead. It will look more like this.

Chris,

When I set up a test user name it does accept name and passwords and the passwords are encrypted, no problem there.

All I want to do is to restrict access to the protected pages to the members only. Only those users will be accepted and allowed to view.

I have entered all of thier names, address, phone number, email and company in the database, which is still named ASPProtect_access2002.mdb and in the fpdb directory of wwwroot. To get it there I uploaded via FTP.  I hope I expained the situation well enough.

I did a google search and it turns out that error very well might have to do with ASP trying to send an email and that process failing.

That tells me your emailing from the application is not working so it is probably not something you edited incorrectly.

see this article...

80040211
http://www.aspfaq.com/show.asp?id=2026

Emailing was working as when I did your installation (I think I did it months ago, didn't I) so it must be some incorrect changes to your email settings in the admin settings screen. Try sending an individual email to a user from the admin users screen and see if it works. My guess is you will get the same error and means your email sending options are no longer correct or valid.

If that is the case I would ask you if you changed them or possibly something changed as far as your email setup goes. Passwords ? EMail Server .. etc etc etc