How do I change the character length for the description field?

Hi Chris,

The password is HANNAH.  If you're into trouble shooting mode and would like the key, I can send it to you.  If not, no big deal, I've email the guy a new password.  We'll see how many rounds it takes him to get it right. 

Thanks,
Mick

Hello,

for an admin..
you view albums for a user.. make a new album... then click manage pictures

for a regular user you log in.. go to user user area.. create an album..then click on manage your albums

Can I have the logon be in a top frame while having the protected pages displayed in a main frame?

Using frames with forms based authentication is not the best thing to be doing. Your much better off not using frames and using includes files to do a virtual frames sort of thing (search google) but if you are going to use frames I would suggest password protecting the frameset page as well as any pages it contains.

If you want to have a login form in a non protected top frame all the time.. that posts to a lower frame that is password protected.. you would do this
http://support.cjwsoft.com/code/moreinfo169-1.htm
but change the target of the form to one of your frames

personally though I think that would be a somewhat goofy setup to have going on


Also, how will it behave if a user moves in between a protected page to a public page and back to the protected page again?

As long as they have cookies enabled which is required for session variables to work... then you will have no issues because once they come back to a page they have permission to they will just be allowed in without login.. at least while that session is still active.. or for a longer time if they choose the remeber me option which keeps track of them with a cookie .

Really, the best thing to do is expirment and see how things behave.

Thanks Chris.

Your solution worked!

I had never noticed this before, but a customer sent me email to say that they had set up their aspclassifieds profile such  that they be contacted by email and not by phone.

However, in their ad, their phone number still appears. The lines in view_ad.asp that check for True values for the Contact_Via_Email and Contact_Via_Phone before displaying that information seem to always evaluate to True, regardless of their setting in the database.

I'm using an Access2000 DB for this. When I open the DB in access, I see the checkboxes correctly unchecked for phone and checked for email. However, if I do a quick test to display the retrieved values in the view_ad.asp (<%=contact_via_phone%> <%=contact_via_email%> they both display True.

What gives? I have had nightmares with Access and its weird handling of true/false 0/1 yes/no fields, but this is driving me nuts.

The only other thing I can think of if you are not getting any errors.

Is that you may have the path to the server include file correct but ASP server side code is not executing in that part of your web site.

You can do a simple test to tell if it is...

Make a simple ".asp" page in the same folder.

Put only this code in it.

<% Response.Write ("ASP is executing") %>

then run the page via the web browser thru the server..

If the text prints out ASP is running... if you don't see anything it is not

Different Versions of the Access Database

Below is a zip file with many alternate versions of the Access Database provided to help with installation and general usage.

2005-02-20_155310_ASPProtect_Database_Versions.zip

ASPProtect.mdb is saved as an Access97 database (password "temp")
ASPProtect_access2000.mdb is saved as and Access 2000 database (password "temp")
ASPProtect_access2000.mdb is saved as and Access 2002-2003 database (password "temp")
ASPProtect_access2002_no_password.mdb is saved as and Access 2002-2003 database with no password set on it

Try to use the newest version as server odbc drivers sometimes have to use the newest version for everything to work correctly. No password version is provided because sometimes there are issues connecting to a database with a password set on it.

Default username for access databases is of course "admin" but you really dont use that except in the data connection information.

BTW.. I dont know what is going on But I keep getting all these returned emails. My forum is sending you emails and they are coming back as undeliverable saying your storage space is exceeded on your server.

I was actually able to do similar thing by allowing our dedicated search engine to access the site unchallanged.

<%
If Trim(Left(Request.ServerVariables("HTTP_USER_AGENT"),11)) = "MYPASSWORD" Then  
 SearchFlag = True
End If
 
If SearchFlag <> True Then
If Session("Access_Level") > CHECKFOR or Session("Access_Level") = "" Then 
%>
<!--#include virtual="/Auth/check_user_Code.asp" -->
<head>
<title>My Title</title>

</head>

<body>

My Protected stuff here

</body>

</html>

For this to work, the search engine must pass the PW to the web site. I just was not sure how to do the same thing with IPs. I will play with the code and see what happens. If it works, I will post it here to help others, if this is OK with forum rules.

Thanks,

Mo

[/QUOTE]

I just added couple of lines and it works fine

If (Request.ServerVariables("REMOTE_ADDR")) = "xxx.xx.xxx.xxx" Then 
 ' Session("PasswordAccess") = "Yes"
 SearchFlag = true
End If

On the banner rotation order screen it says:

"The Order Of These Banners Will Change Randomly From Time To Time"

Can you tell me the function that does this? I'd like to increase the frequency with which the rotation order changes.

Thanks!

[QUOTE=cwilliams]
something weird is going on
[/QUOTE]

Yeah that's my impression too. I've done a lot of searching before posting this problem, but haven't solved it. Maybe it has to do with the sql-server/hotel?

Though I have compared carefully what goes on (and it should all be good) it could still be the problem? I have now made it work on a local msde sql server too..

ALL FIXED.. tested with real paypal accounts and a live system
works perfectly

THIS FIX IS ONLY FOR PAYPAL SUBSCRIPTIONS

Download this file "ipn.asp" and put it in the "paypal_sub_signup" folder
2005-03-10_164645_aspprotect_subscription_fix.zip

Basically somehow an older version of the this file was in the original download archive.

I am VERY SORRY

Anyone who purchased ASPProtect 7 before March 11, 2005 should download this fix.

Hi all

I logged in myself to my website, and I tried to log in to another with same username and password. But I was able to log in again.

It was supposed to block me from logging in, but it let me to log in.

there has got to be some configurations I must have missed.

Could you instruct me on this Concurrrent login so mine works as well...

thanks

An email I just received from eastcoastguy.. to keep this thread up to date

Does emailing work under the simplest scenario ? (directly from the users screen)

Thats the way to test it..

All that error means is whatever reason the settings you have chosen are not working. It could be the server. It could be what you chosen. (and yes I realize your pop info from outlook should probably work with the settings you chose)

Whenever I do installs I often have to try 3-5 different emailing scenarios before I come across one that works.

Each time making some changes and sending out test emails from the users screen until I get somewhere. Often time getting a working example of how your Hosting Company wants you to send email from ASP is the info to get your hands on. (what method and settings)

In this case they may have blocked the usee of a remote server and want you to use some other settings for sending email from asp. A lot of times they put that info in their help system.

If I were you I would start by trying the other two CDOSYS options for starters, and then try the remote server option again but using "localhost" as the server, if none of those work consult your host for example code and settings to send email from asp. If you still have no luck I can help for sure.

Realize too when testing the emails may take a bit to arrive. A delay of sorts. Best to type in a quick note about which method you are trying in the email text. That way when you finally get one delivered you'll know which method worked.

Ya, you must have tried to upgrade from a really really old version like you said which wouldnt really work out because those instructions are specifically for upgrading a version 6 database to version 7.

That line error you had was looking for the User_ID field and I bet the version you had was so old that you didnt have a field named that as a few years ago the field "ID" got renamed to "User_ID"

As for all the cool stuff... yup there is a lot of cool stuff in this version... glad ya like it so far

I used Dreamweaver4 to make my site is there anything I can do to make it work?

Connecting user is dbo of database.

User_ID is primary key with auto increment identity.

SQL Script of current table:
CREATE TABLE [dbo].[Security_Users] (
 [User_ID] [int] IDENTITY (1, 1) NOT NULL ,
 [First_Name] [nvarchar] (100) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
 [Last_Name] [nvarchar] (100) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
 [Company_Name] [nvarchar] (100) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
 [Username] [nvarchar] (75) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
 [Password] [nvarchar] (15) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
 [Access_Level] [nvarchar] (30) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
 [Notes] [nvarchar] (1000) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
 [Admin] [bit] NOT NULL ,
 [Active] [bit] NOT NULL ,
 [Expiration_Date] [smalldatetime] NULL ,
 [Email] [nvarchar] (100) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
 [Address] [nvarchar] (100) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
 [City] [nvarchar] (100) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
 [State_Province] [nvarchar] (100) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
 [Zipcode_Postal_Code] [nvarchar] (20) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
 [Phone] [nvarchar] (20) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
 [Counter] [int] NULL ,
 [Last_Access] [smalldatetime] NULL ,
 [Login_Limit] [int] NULL ,
 [Custom1] [nvarchar] (255) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
 [Custom2] [nvarchar] (255) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
 [Custom3] [nvarchar] (255) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
 [Custom4] [nvarchar] (255) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
 [Custom5] [nvarchar] (255) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
 [Custom6] [nvarchar] (255) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
 [ValidateEmailCode] [nvarchar] (50) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
 [Date_Created] [datetime] NULL ,
 [Validated] [bit] NOT NULL
) ON [PRIMARY]
GO

ALTER TABLE [dbo].[Security_Users] WITH NOCHECK ADD
 CONSTRAINT [PK_Security_Users] PRIMARY KEY  CLUSTERED
 (
  [User_ID]
 )  ON [PRIMARY]
GO

I am confused.

Humm, how did ASPBanner 8 come with your purchase of ASPProtect ? That is not something I am aware of or something I do. Please provide more information on how you obtained ASPBanner 8. If I gave yu a copy for some reason please refresh my memory so I can go look up th emails about it. I need to know you have a valid license.

Now, as for the two not working together and the login screens messing with each other. I am even more confused. Tell me more as I just do not understand what you did ? ASPBanner has it's own user database and login system so there is no reason you should be mixing the two together as far as logins go. The two applications can certainly be in the same web together and not bother each other. ASPBanner can certainly serve banners to any pages you protect with ASPProtect or don't protect, but you certainly should not be protecting any ASPBanner code with ASPProtect code.  ASPBanner already has code in it to do that. If that is the case don't do that. ASPProtect is not meant to protect code that already has a login system. That should just be obvious as far as I am concerned and hopefully you dintn't try to do that.

(you said you just put the directory in there but there must be more too this than that)

But again, tell me more. I can't really know everything  ??

I just dont see how your ASPProtect pages could be effected by ASPBanner unless you really did something wacky like included the ASPBanner "check_user_inc.asp" instead of the one that comes with ASPProtect or overwrote it... etc ect

If in the same web aspprotect can be wherever and aspbanner needs to be in a folder called "aspbanner". There should be no conflicts under normal use and the two will essentially run seperate of one another.

I checked the option pack code as well and it looks correct.
I tested it and it acted as it should.

You can see it in active at the live demo
http://www.aspprotect.com/demo3/demo.asp

admin
test

go the the admin area.. you will notice 3 users with level 4 access
1 of them is inactive

then go to the mass email area and pick   active and level 4
it will say it is sending email to 2 users which is correct

then go to mass email again and pick level 4 and inactive
it will say it is sending email to 1 user which is correct

choose any status and access level 4 and it will send email to 3 users which is correct

When you do this please realize you can not choose a group as well.
That will cause a problem because you can not choose a group and an access level at the same time.


Anyway... perhaps you can private message or use the contact us form and and let me take a look at your system. Since I can't reproduce the behavior that is the only way we might figure this out.

It's real easy actually if ya sniff around the source code.
ASP is so easy to (work with/edit) even if you dont know any code.


edit   "save.asp" with a text editor

change

If Request("First_Name") = "" Then
  ErrorMessage = ErrorMessage & Server.URLEncode("You must enter a First Name.\n\n")
End If

to

If Request("Company_Name") = "" Then
  ErrorMessage = ErrorMessage & Server.URLEncode("You must enter a Company Name.\n\n")
End If


From looking at that save code I dont see where Last_Name was required. The only name I saw required was a 1st name.

Also.. making the First_Name not required may break something somwhere else. I dont think it will but it might. You are warned.

Sorry, you cannot, that is how it works and that is how it has to work for reasons I am not going to try to explain as it is pretty technical. (it works the same way even when not using paypal and using email authentication... nearly every registration system out there does it that way under an email authentication scenario or a PayPal IPN thing.)

Basically, if you are concerned about it you need to periodically manually check for accounts that were never activated and delete them. Maybe when I get some time some day I will make a little interface to help find those and clean them up at once.

not really, aside from looking in paypal and manually adding each one for each user...

how many users are we talking about anyway ?

and were any of the users new sign ups from scratch because if they were and that field didnt get populated that is weird?

ultimately aspprotect does not use that field. I was just storing it for the sake of storing it... so its not a big deal but I would still like to figure out what is going on

removing the expiration dates from paypal subscripbers will be enough to fix the issue your having about them getting the expiration notifications

I am getting closer.

This error actually does not have anything to do with the forgotten password feature or your database.

It has to do with the settings you chose for emailing.

it relates to aspmail and it not liking the remotehost you used, or something like that.... etc etc

These are 4 valid examples of calling a flash movie.

The more simple examples may cause problems for people that don't have the flash plugin installed. I really do not know as I am no flash expert. All these work fine for me. Of course I have the latest flash plugin installed. Perhaps some of you can shed some light in this. The 3rd and 4rth examples are obviously only slightly different and mention different versions of flash as far as downloading the plugin goes.

<EMBED src=" http://www.aspbanner.com/test/aspbanner/images/banners/power asp.swf" WIDTH="468" HEIGHT="60">

<object width="120" height="22">
<param name="movie" value=" http://www.aspbanner.com/test/aspbanner/images/banners/power asp.swf">
<embed src=" http://www.aspbanner.com/test/aspbanner/images/banners/power asp.swf" width="468" height="60">
</embed>
</object>

<OBJECT classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase=" http://download.macromedia.com/pub/shockwave/cabs/flash/swfl ash.cab#version=6,0,40,0"WIDTH="468 " HEIGHT="60" id="myMovieName">
<PARAM NAME=movie VALUE=" http://www.aspbanner.com/test/aspbanner/images/banners/power asp.swf">
<PARAM NAME=quality VALUE=high>
<PARAM NAME=bgcolor VALUE=#FFFFFF>
<EMBED src=" http://www.aspbanner.com/test/aspbanner/images/banners/power asp.swf" quality=high bgcolor=#FFFFFF WIDTH="468" HEIGHT="60" NAME="mybannername" ALIGN="" TYPE="application/x-shockwave-flash" PLUGINSPAGE="http://www.macromedia.com/go/getflashplayer">
</EMBED>
</OBJECT>

<OBJECT classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase=" http://active.macromedia.com/flash2/cabs/swflash.cab#version =4,0,0,0" ID=banner WIDTH="468" HEIGHT="60">
 <PARAM NAME=movie VALUE=" http://www.aspbanner.com/test/aspbanner/images/banners/power asp.swf">
 <PARAM NAME=quality VALUE=high>
 <PARAM NAME=bgcolor VALUE=#FFFFFF>
 <embed src=" http://www.aspbanner.com/test/aspbanner/images/banners/power asp.swf" quality="high" bgcolor="#3CBDCD" WIDTH="468" HEIGHT="60" TYPE="application/x-shockwave-flash" PLUGINSPAGE=" http://www.macromedia.com/shockwave/download/index.cgi?P1_Pr od_Version=ShockwaveFlash">
</OBJECT>

More Info in Case Anyone is Interested:

This bug was mentioned by a couple people. The cause of it was never really understood until I recently re-wrote some of the banner code for an upcoming version.

The fix for this bug was very simple. It was just one of those weird situations where code should have worked but did not. I added some code to do it a bit differently and it worked as it should have..

It really still makes no sense to me why it didnt work the way it was, but at least there is a fix.

This first one may be an obvious one, but is it only .asp files that I can protect as in no HTML files.

Can the program be set to protect my whole https directory contents (though the answer to the last question may have bearing here - there are html files as well as .asp in there) as in http://secure.mydomain.com

Thanks in advance

well, I was curious myself so I just tried it.

Good news is it worked just as I thought.

Only problem is your changing things to allow authentication info to be passed over the net in a url. If you can live with the security implications then it will work. I mean a sniffer could see that and end up knowing the username and password.. not likely but just putting that out there.

Of course now that I think about it unless you are running under SSL (https://) when you log in normally that info is in the post info anyway and possible to get at.. course not right out in the open like when you put it in the url and less likely to be noticed.

As long as your not doing it to access critical areas like the admin pages... and you monitor the log files once in a while it's probably nothing to worry about.

I just added this line to the paypal1.asp page

<input type="hidden" name="currency_code" value="CAD">

and it worked.  Clearly other values can be entered for other currencies.  Everything was listed in this manual https://www.paypal.com/en_US/pdf/subscriptions.pdf.

Cheers
Roy