Blog Entry: 3/25/2006 2:23:08 PM
Glad it is working.. for anyone reading this the customer bascially did this
http://support.cjwsoft.com/forum/forum_posts.asp?TID=36& PN=1
That being said asp photo gallery actually has a few more places that send email that you going to need to modify as well. Off hand the reply to album, admin massemail, admin send email,and postcard features come to mind possibly as 3 of them.
using a multiple file search and replace utility like ReplaceEm would be the easy way to do all of this in one step and find all the instances
http://www.orbit.org/replace/
cwilliams38420.4424537037, Thanks Chris.
Your solution worked!
,
Hey, I run a business and I will not have things like that mentioned in these forums.
, I am trying to set up ASP protect 6 and have a problem that when a new user registers their email is not transferred to the database.
I can see the rest of their entries both in the database and in the admin/edit form but not the email.
Any ideas?
, Actually it would because you would just count records for that user that are also active
and yes, users cant delete albums.. they can only turn them off which really means the albums lose their active status
only the admin can truly delete an album the way the code is
(that's just the way I did it for some reason.. I don't remember why)
cwilliams38433.0343865741, Hi,
I can't seem to find the code where it limits the upload file size. I want to limit the upload size to 1.5 mg for all users. Also I've noticed that the 500 pix doesn't seem to work. As in if an image is bigger than 500 pix the script still uploads it. i am using Upload_post_VBSCRIPT.ASP.
Thanks
, If I would like a link on my web page that will take someone to the login page (I would also like this page to contain forgot passord? and register) I am not entirely clear what file to link to to do this. Would it be check_user_inc.asp?
Thanks in advance?
cwilliams38456.0972106481, it is an email server/setting issue most likely
your email server probably requires outgoing authentication or something like that and that is why internal emails can be sent to but nothing else
its something along those lines
this will help you see the real error instead of the generic 500
http://support.cjwsoft.com/code/moreinfo11-1.htm
, I've downloaded this neat little app, but I'm having troubles understanding what I should be using. Cassinni or IIS, can you help? I've tried to look at the help, but it is very vague on what to use in each situation.
Any help is appreciated.
Cheers
, Hi Chris,
I've got a page with a form that includes an input field with
'type="file"' for uploading an image. The page posts back to
itself to save the info to the database and run the code necessary to
upload and resize the image.
I need to limit this page to a group. So like usual, at the top of the page I put:
<% GROUPACCESS = "1" %>
<!--#INCLUDE FILE="../check_user_inc.asp"-->
This gives me the error: "Cannot call BinaryRead after using Request.Form collection"
I have used ASPUpload and SA-FileUP before and know that this is caused
by the components having their own .form collection. This script
is using "Pure ASP File Upload" from DMXZone for the upload which I'm
not familiar with.
So...my question is, do you know a way around the BinaryRead problem wtih ASPProtect?
Thanks,
Michelle
P.S. PLEASE don't send me to DMXZone for help....they've got notoriously bad support!
, I'm all set - after thinking about your replies - i checked a bit more and changed the email component type -- thanks again for all your help.
, thank you for such a quick response -- It sounds straight forward - so I should be all set. Thanks again., I would like to have the ability to give a user 1 album with the default # of photos in it.
Is the best way to implement this to just add in an album creation
routine during the sigup/registration process and turn off the ability
to create a new album? Or is a user setting prebuilt into the
system for this?
, How about the option to add an unsubscribe link to the end of newsletters that are sent out and a function that will uncheck the newletter field for that record if they click on the link?
Please??? 
Thanks,
Michelle , It is common when testing a site that this happens because of the nature of session variables.
Admins have access to EVERYTHING so it is very important when testing different user accounts that you specifically log out... and then close every single browser window before logging in as a different user. This is to ensure session info from the previous user does not overlap in any areas.
(The session variable for admin access being the main one)
Under normal circumstances a user would not log in with many different accounts on the same computer this this would only be a problem for a developer who is testing.
So make sure you go to the to log-off page and log off.. then close all browser windows.. then test another user.
If all this is not the case then something else is going on and I will need more information. I pretty much know the level checking code for ASPProtect Version 6 is correct as there has been no reason to change any of it in over a year. I would have heard reports of problems with it. , Ok, I started the database tables from scratch. I did everything using sql enterprise manager and query analizer..
Same thing happens... certain passwords just do not work.
So I did a lot of testing and I have come to the conclusion that this has something to do with the regional settings of that SQL server.
Here is an example.. see the screenshot below.
Username "admin" password "petepetepete"
The top query done in Enterprise Manager is valid and shows the user.
The bottom query is also valid but it does not show the user.
And that is exactly what is happening from the ASP codes point of view.
Now, this means that even though that encrypted password is getting saved to the databse correctly this particular SQL server just cant deal with it from a QUERY.
It works fine on two different SQL servers that I have. It's just got to be something regional related like unicode characters not being dealt with correctly or something odd like that.
I tried changing the collation data for the "Password" field type on that SQL server and it looks right. I don't know what else to do but it is something about that SQL server. There may be a way to change the regional setting through the connection string but I cant find any articles on that right now.
One solution I have for you to get this working there is to eliminate the encryption factor then I dont think you will have these issues.
It's either that or find another SQL server with US type settings or use MSAccess. ASPProtect runs nearly as fast on Access as long as you do not have over 10,000 users or whatever. The system hardly ever accesses the database so it performance under MSAccess is always good.
Let me know what you want to do. I can shows you how to eliminate the encrypytion factor if you want to try that. I think if I make you a custom version of the RC4 function you can just replace that and then the system will use plain passwords.
Your call..
,
Both
the NET and Classic ASP versions of this application are designed for
fine granularity protection of individual apsx extension files.
ASPProtect.NET is not designed or intended to protect sub directories,
or non aspx content such as Adobe Acrobat .pdf files etc etc.
I
completely disagree with your statement that “most sites” have a login
box on the left hand side of the page. I suspect you thinking of the
ever popular php based forums and “Nuke” type CMS systems which are set
up that way but if you look at any site written entirely using .NET
that’s rarely if ever the case. (Granted I cant say for sure because I
personally haven’t looked at >50% of the estimated 18 billion + web
pages on the internet) Just off the top of my head www.CafePress.com
come to mind as a pure .NET site. If you take a look the login button
it takes you to its own login page there is not global login form used
throughout the site. Reason being that .NET introduced this thing
called a “view state” which is used to store things like your session
ID (and way more) and must be posted back to the server in order to
keep track of visitors. This technology comes in especially handy when
you have a web farm in place and your content is being spit out out by
more than one server at the same time
I
can think of loads of scenarios where the web servers need to know who
you are even though you are never directly contacting them via http.
This approach is a very smooth and actually very clever solution for
enterprise level websites that simply can’t be handled with a single
web server.
On
a practical level I know what you are saying but that application sets
up all sorts of things when a protected page is accessed and the user
is not yet authenticated. That’s the entire reason you need to put that
snippet of code at the top of a page you want to protect. That code
snippet calls the ASPProtect.NET class and runs through all the logic
to see if you are able to access the page. If you are the subroutine
exits and the server continues to process the remaining logic on the
page. AKA you are able to access its content. If you are NOT
authenticated ASPProtect will setup all the proper session and
viewstate info and redirect you to the login page for authentication.
You may have also noticed a parameter on the login page called
ReturnURL. The application looks for that info and if you do have a
user ID and password the application automatically redirects you to the
page you were trying to access in the first place.
Really
I have no idea what you are trying to do, but there is a world of
difference in how something looks verses how it works. Lets just say
there was a simple way to do what your thinking, what are you going to
do with that login form after the person logs in? Just keep displaying
it on the entire site so people get confused and don’t know if they are
logged in or not? Just that little part of the equation will require
making some changes to either ASPProtect.NET or your application will
have to have some logic built into it to stop displaying the login
forum.
It
sounds to me like your basically looking for a super simple 101 type
deal that allows people to sign up for an event and you the admin can
see that information? I’m guessing they can also log in again and check
out their details and see what event they signed up for?
If
that’s the case you’re trying to take a very sophisticated protection
application and downgrade it into something that would be one heck of a
lot easier to write all from scratch in about an hour.
Your
not going to be able to “plug and play” a simple form into a page and
turn that application as a magic universal login solution for a
website, while its 100% possible to use the application that way if you
choose, you need to check out the source code and plan your custom
integration accordingly.
, ok.. Chris.. I am now kicking myself in the butt. In the setting section, I had to redirect certain urls and directories to the right spot. I forgot that I renamed the root folder.
Thank you, thus far for your continued help. It is greatly appreciate.
, There are several pages on my website that a user may go to that are not protected (e.g. home page). If the user has indicated that they want to be saved on this computer (until they explicitly log off), and their 1st entry point is to an unprotected page, how do I determine whether they have logged in before, and extract the info from the cookie / session variables without forcing them to log in or making the entry page protected?
, I have no idea to be honest, I just like the way it looks 
Good deal on the remote install, just dont pull the old "hangman" move
shutdown the machine on yourself around 4AM. Otherwise you be getting
in the car and going for a drive LOL
, I tried the iFrame method that you have shown, and it works great!!!!, Hi, I have not gotten anything from you about it.
click on the PM button below and send it that way through the forums.
Thanks
, Oh snap. Tried the blank database and got the same errors. Fixed THE
FILE PATHS to conform to the AspProtect 7 setup, and it worked like a
champ. I still need to copy and paste the info, but it's working just
fine with the ones I add manually.
Moral of the story: FOLLOW INSTRUCTIONS TO THE LETTER. 
, The file check_user_inc.asp as the lines: (which include Session("groups")
Here we set some valus about the user into session variables
Session("PasswordAccess") = "Yes"
Session("Access_Level") = CmdCheckUser("Access_Level")
Session("Admin") = CmdCheckUser("Admin")
Session("Active") = CmdCheckUser("Active")
Session("Expiration_Date") = Expiration_Date
Session("User_ID") = CmdCheckUser("User_ID")
Session("Groups") = CmdCheckUser("Groups")
Session("Redirection_URL") = CmdCheckUser("Redirection_URL")
Session("Password") = RC4(CmdCheckUser("Password"), PasswordEncryptionKey)
Session("Username") = CmdCheckUser("Username")
, If you PM your site info and I can go in and troubleshoot. I have no more ideas. Usually people have zero issues installating this application as I got it pretty tweaked so I need to see what is going on in order to help., the txt file is only lke 624 kb...so I'm not sure, Thanks for that. The upload size is just as effective and possibly a better solution to maintain server space.
What about individual gallery permissions. So only 1 member can post in only 1 gallery. I have a forum of 500 plus members so if they want to add a gallery than setting a permission would be idea for each gallery.
, Or at least I think so. I have been trying to get this software to work so I can see if it meets our needs for an upgrade purchare. Here is my error.
Microsoft JET Database Engine error '80040e10'
No value given for one or more required parameters.
/aspprotect/scripts/populate_config_variables_inc.asp, line 15
My provider says that the problem is NOT on there end, that it is a problem with the code. I think that it is a database connection problem. Can you please help. Below is my connection string based on what the setup page directed me to do:
ConnectionString = "data source=\\NAWINFS03\home\users\web\b1347\rh.957theride\asppro tect\data\database\ASPProtect_access2002.mdb; Provider=Microsoft.Jet.OLEDB.4.0;Jet OLEDB:Database Password=temp"
When I first set up the program I got this error:
Provider error '8000ffff'
Catastrophic failure
/aspprotect/scripts/populate_config_variables_inc.asp, line 11
Once again, the looked into it and said the permissions were fine and that the code was most likely bad. But then the errror changed to the one that I first listed. Which is the one I am currently getting.
BTW here is the page address
http://www.957theride.com/aspprotect/password_admin/get_me_i n.asp
Thank you!
, Hi, lets start with about when did you purchase and download the application so I know what version of the code you have., Chris.
After I had you install ASPProtect I added the ASP protecting code to the top of my home page:
<%@ LANGUAGE="VBSCRIPT" %>
<% CHECKFOR = "1" %>
<!--#INCLUDE FILE="../../check_user_inc.asp"-->
Then I made my index.html page my login page buy using the script "Login form on a non protected page" on that I changed <form method="POST" action="memberarea.asp"> to <form method="POST" action="home.html">.
When I try to log on to that page I get en error page HTTP Error 405 - The HTTP verb used to access this page is not allowed. Internet Information Services (IIS). I checked with my hosting company GoDaddy.com and they informed me that due to the fact that they do not have ASPProtect instaled on there systems they can not support it. In recent conversations you told me that you have customers that do use godaddy and you products.
Can you please tell me what I can do to get this working?
Thank you for your time and help.
, While attempting the database connection test, I receive the following error:
Server Error in '/' Application.
Security Exception
Description: The application attempted to perform an operation not allowed by the security policy. To grant this application the required permission please contact your system administrator or change the application's trust level in the configuration file.
Exception Details: System.Security.SecurityException: Security error.
Source Error:
An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below. |
Stack Trace:
[SecurityException: Security error.]
aspprotectnet.DBConnectTest.Page_Load(Object sender, EventArgs e) +0
System.Web.UI.Control.OnLoad(EventArgs e) +67
System.Web.UI.Control.LoadRecursive() +35
System.Web.UI.Page.ProcessRequestMain() +2112
System.Web.UI.Page.ProcessRequest() +218
System.Web.UI.Page.ProcessRequest(HttpContext context) +18
System.Web.CallHandlerExecutionStep.System.Web.HttpApplicati on+IExecutionStep.Execute() +179
System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +87
|
Version Information: Microsoft .NET Framework Version:1.1.4322.2300; ASP.NET Version:1.1.4322.2300
My guess is that this is an issue with the fact that I'm in a shared hosting environment that is restricted by CAS. Before I move to a dedicated server, I'd like to verify that this is the issue. I'd appreciate your input.
My host is 1and1 Internet. You may find this FAQ helpful: http://faq.1and1.com/scripting_languages_supported/_net/16.h tml.
, Hi,Just to let you know that i figured out my problem. I had to modify the connection in the email code and get the correct path from my provider.
I hope you enjoyed your vacation.
See, and that's what I thought. What's interesting is that if I call either an aspx page or an asp page in the iframe tag, it asks me if I want to open the page, it doesn't display it. I'm using IE6 so there's not problem with the support for the tag.
I'll keep looking to find out what's going on. I think the iframe method might work best.
You have old code I think.
It's probably because his password used with your encryption key by chance creates a single quote and messes up the database query
A notice went out about this. I will PM you the latest download with the updated files.
, If you have an album with more than 96 pictures, the spacing in the tables can become incorrect, with pictures touching each other. (This program is not designed to handle more than 96 pictures due to server speed, but it can handle more than 96 with minor changes to the code.) Also, after 96 pictures, the pictures will not have 6 on a line, but rather 6 on a line up to 96 pictures and then the rest of the pictures on one line next to each other extending to the right of the screen endlessly. To fix this, I simply edited the ASP code using the following loop. It can be a perminent fix, because I used the maxpicsperalbum variable to define the spacing.
<% If PicIndex = 6 or PicIndex = 12 or PicIndex = 18 or PicIndex = 24 or PicIndex = 30 or PicIndex = 36 or PicIndex = 42 or PicIndex = 48 or PicIndex = 54 or PicIndex = 60 or PicIndex = 66 or PicIndex = 72 or PicIndex = 78 or PicIndex = 84 or PicIndex = 90 or PicIndex = 96 Then %>
</tr>
<tr>
<% End If %>
This code can be found in scripts/view_album_style*STYLE NUMBER*_inc.asp . (STYLE NUMBER depending on which style you are using (found in config file))
This change in code will enter a new table row after each 6th picture. You can have more or less than 6 pictures per line depending on the width of your files and preference by changing changing the number 5 in this line of code: SixInterval = SixInterval + 5
when I go to that url is seems fairly fast and somewhat normal.. even when I try to log in it pops right back up asking for login info again..
I would check to make sure you are not running anything that might be effecting your web browsing.. software firewalls.. ad blockers.. script blockers... norton internet security.. zone alarm... anything like that
they can all effect a lot of things regarding how web browsers act.
, issue resolved.. new files did the trick, yes, PM me the encryption and cookie keys if you don't mind.
I can add it to my combinations that cause trouble.
it might help me to figure this problem out.
, 
