Protecting ASP Pages

To protect a page without using the Access_Level or Groups feature simply add this code to the top of that page.

Put this under the <%@ LANGUAGE="VBSCRIPT" %>

<!--#INCLUDE FILE="check_user_inc.asp"-->

This is an example of a File Server Side Include. You could also use a Virtual Server Side Include.

The following URL explains what Server Side Includes are.
http://www.powerasp.com/content/code-snippets/includes.asp

Now when someone runs that page they will prompted to login. They will not be allowed access to that page until they successfully logged in.

An example of doing this is provided in the "default.asp" file included in the root of the Password System.
Look at the source code with a text editor to see the working code. It is quite simple.

 Protecting ASP Pages Using Access Levels

To protect a page using the Access Level feature simply add this code to the top of that page.
You simply specify the Access Level before the include file is called. In this example we are protecting the page with Access Level 4.

Put this under the <%@ LANGUAGE="VBSCRIPT" %>

<% CHECKFOR = "4" %>
<!--#INCLUDE FILE="check_user_inc.asp"-->

This is an example of a File Server Side Include. You could also use a Virtual Server Side Include.

The following URL explains what Server Side Includes are.
http://www.powerasp.com/content/code-snippets/includes.asp

Now when someone runs that page they will prompted to login. They will not be allowed access to that page until they successfully logged in as a Level 4 user.

Examples of managing Access Levels are provided in the "multiple_access_levels" folder included in the root of the Password System.
Look at the source code of the ASP pages in that folder with a text editor to see the working code. Again, It is quite simple to follow.

Protecting ASP Pages Using Groups

Please see the code generators in the admin are for the code to do that.

The main users screen... the 1st screen you see when you go to the admin area..  where you email an individual user..

The settings I am referring to being the various emailing settings on the settings screen, The settings you showed me.

As for emailing via a remote server over dsl. It may not be working because the ISP's block the port (25) to stop people from running email servers over their dsl.

Your POP3 works because POP3 uses port 110.

If you want to send emails from your local server on your dsl you should probably install the SMTP service of IIS if you have not and send emails using that with CDOSYS. Either that or get a commerical DSL account with a static IP that allows for running email servers.

Okay, so I copied the txt file into the export file and tried the import users option and it timed out on me as well. 

Would it be easier to figure out if you were able to look at the iis server?

as far as permissions are concerned I wrote two large articles about permissions that cover everything in detail on how to properly set them

http://support.cjwsoft.com/code/info11.htm

see the windows 2003 and windows xp permission threads

From things you are saying I assume this is your server. My comments about the path looking funny are because very few commercial hosts would use the "c:\inetpub\wwwroot\" directory. If you are using that and that is correct info then that is fine.

as for knowing whether or not the filesystem object is working the best thing to do is to try to write  a text file somewhere in your web and see if it works. Testing something under the most basic scenario is the key to troubleshooting asp issues.

http://www.devasp.com/samples/writetofile.asp

I have set up a user to be redirected to a different page when logging in for the first time.

I assumed this function would count the number of times a user has logged in. When the login count was greater than 1, the user would be taken to the default.asp 

This isn't happening. The user is always redirected.  The user login count in the database is now 9.

What am I missing?

I installed the ASPProtect.NET project no problem.  I am using VS.NET 2003 on Windows XP SP2 (and fully patched).  I am able to build the project successfully, however I cannot debug the project.  I get an error "Unable to start debugging on the web server. The project is not configured to be debugged."  The web app runs fine just browsing to it.

I know this is an isolated problem particular to this project.  I have MANY other .NET projects that I can debug without any problems.  I have tried going into IIS and turn on the debugging for server-side script debugging and making sure my IIS application setting were configured correctly.

Can anyone shed any light on this at all?  Christopher, is there any reason I should not be able to debug this?  (i.e. the aspprotectlicense.dll)

Thanks,

K

All fixed and working

Thanks

Hi

I've tried almost anything here... I'm using an online SQL SERVER database with ASPProtect 7, and I can't login after my initial creation of the admin account.

It works fine with Access... I believe I have checked all the fields created by the sql statement (which was run with no errors),

What could be the problem here? could it be a problem that I run my local IIS against the online sql server?

sincerely,

Morten

I got ya. Well hey, that's what's great about the iframe right?

Can you incorporate a secure log in within the scripting.  I would like the account information to be secure without having to have the whole site using running through a secure (https://) path.  If this is possible, the scripting is perfect!

I downloaded the skins, ftp'd them to the skins folder and can see them in the list of available skins. No matter which one I try to apply it keeps solid_color_black.

Al

User Information

After a user logs in there are variables that you can always access.
They can be used to check various things or to display information
dynamically based on who has logged into the system.

   Session("PasswordAccess")
   Session("Access_Level")
   Session("Admin")
   Session("Active")
   Session("Expiration_Date")
   Session("User_ID")
   Session("Groups")
   Session("Redirection_URL")
   Session("Password")
   Session("Username")
   Session("First_Name")
   Session("Last_Name")
   Session("Company_Name")
   Session("Email")
   Session("Address")
   Session("City")
   Session("State_Province")
   Session("Zipcode_Postal_Code")
   Session("Phone")
   Session("Custom1")
   Session("Custom2")
   Session("Custom3")
   Session("Custom4")
   Session("Custom5")
   Session("Custom6")

You can display them on a page at any time using Response.Write like so

<% Response.Write(Session("FIRST_NAME")) %>

or like this

<% = Session("LAST_NAME") %>

Chris:

The string is being saved and I get a .wav ring sound to confirm.  I have tried editing in "notepad" and then running the "data/show_path_info.asp" file after with the same results.

Ken

How can i get to this to register someone in the database only after the Paypal payment has been accepted.  I was testing it out to see if it makes it to my Paypal account (which it did just fine) then I closed Paypal before paying.  I logged in as the administrator and looked at the member list and the account was created anyway.  How can I stop this from being created until "only" after the Paypal payment has been "approved"?

What if this person never comes back to "try again"? Now the username he used (and is inactive) is not available for anyone else to use.  And it takes up database space.

I am using the Paypal (non-subscription)

Thanks in advance,
scottyFlasher

I assume that if I am using this product, search engines such as Google cannot access and index my content. Can somebody confirm that; I want to be 100% sure.

In case it matters, I am using a basic, cheap ISP setup where my site is on a shared server.

Thanks in advance.

We would like to use some of the variables from the user account in our web pages after they log in (something like, 'hello <user>"), but for professional printout reports using company name and user.

Could you offer some help as to what variable string we use to print that information on logged in pages?

By the way,  the program is working great!!!

Adding Support For ServerObjects ASPMail

ASPProtect as you know does not support ServerObjects ASPMail component by default.

Here are directions to make it work.

In the ASPProtect admin settings area simply pretend as if you are using the softartisans sasmtp mailer component. ASPMail and that sasmtp component share the same properties… and the code used for them is nearly identical.

So search through the code for any place where email is sent and simply change

Set Mailer = Server.CreateObject("SoftArtisans.SMTPMail")

To

Set Mailer = Server.CreateObject("SMTPsvg.Mailer")

It is about 4 places. They are not too hard to find.

That’s the easy way to get all the emailing functions working with ASPMail

I am not sure totally understand your question.
I need you to explain it differently.

Any ".asp" page that is protected is going to automatically prompt them for a login box or log them in automatically depending on if they set that option.. In the end returning them to that same page.

So, it really all takes care of itself for the most part.. It doesn't even matter if the bookmark a protected page deep in your site. The system is smart enough to keep them at that page as well as handle their access.

Now of course if they are at an unprotected page of your site and navigate to a protected page they get a loin prompt or are allowed in if they already logged in...

Also.. when you say unprotected page ? do you mean ".htm" or ".asp"

It's custimization work. and just not something I can support.
Basically it is basic ASP/Database work.

Something you kind of need to figure out on your own. It's not difficult work for a good asp coder but there is no easy way and it is time comsuming.

I wouldn't use the custom fields though. I would make your own.
It's simpler that way.

Thank you....  yes it does

Is there a limit in the number of Zones you can have in the database.

thanking you

On second thought guys, it would must easier to change the code using modulus as follows:

<% If PicIndex mod 6 = 0 THEN %> 
      </tr>    
      <tr>
<% End If %>

This will end each row and create a new row after each 6th picture. It'll be must easier code to work with and change.  This code must be placed in the PicIndex For Loop.

If you have any questions, JPortnoy@Checkernet.com

If I would like a link on my web page that will take someone to the login page (I would also like this page to contain forgot passord? and register)   I am not entirely clear what file to link to to do this.  Would it be check_user_inc.asp?

Thanks in advance?

It's seems to work fine after renaming the file, rebuilding the application, and editing the web.config file to point to login.aspx. It looks like I can use your fine product and thanks again for the help. It was unusually easy. Merry Christmas…

The only reason no one else asked this many questions is possibly because they didnt NEED the functions i am TRYING to do.

We offer tech support for installation of the base application purchased in it's native form.  In other words were not planning on spending weeks holding your hand and teaching you how to build your application or modify the one you bought. Not because anyone wants to make it hard on you but because there is a practically infinite number of things someone could be trying to do and the only way to give you the exact answer would pretty much involve either writing it for you or having a look at your code to see what the heck your doing. Sorry but my time isn’t cheap nor do I have a lot to spare. I already gave you my approach on what to do and what you should be looking at but obviously you’re not catching on. SO ONCE AGAIN, PLEASE LOOK AT THE SOURCE CODE AND DECIDE HOW YOU WANT TO HANDLE YOUR END OF THINGS BASED ON HOW THE APP DOES ITS THING. I really don’t know how I can be more clear that that. I don’t have a crystal ball that can tell me where you’re going with your own code, what the final requirements are... what field you want to add or remove for the database etc. There is a demo up that everyone can look at and play with so they can get a feel for how the things behave and look. It’s not my fault your naivety led you to believe you could do anything with it in ten seconds. I mean if I just add some wings to my car maybe it will fly, and if you just add a shopping cart and a few products maybe you can start your own Amazon.com with that software right? Sounds good to me…

It would take me longer to re-write YOUR code than it would to have LEARNED ASP.NET and made MY OWN.

Well thats one thing we both agree on, I bet it would take you a long time to rewrite the code when you dont know how to write it in the first place. By you own admission you dont know enough about what your doing to be messing with a .NET app at this point. Maybe you should take your own advice and LEARN SOMETHING ABOUT IT. What’s even worse is that application isnt even complicated, its 101 stuff honestly. One class, thats it! Your not looking at thousands and thousands of them that you will have to read and comprehend. If you can actually “read” the code we kept it lean and mean and to the point. Nothing strange or random, no references to a zillion things all sprinkled here and there. Its reads like a book if you know the language. That’s why developers buy these apps all the time. Not because they couldn’t write one themselves, but because they know their time is valuable as well and for $150 which is less than most get paid an hour they couldn’t be bothered. Furthermore we both spend a lot of time making sure these apps are "dumbed down" so that the average programmer without a lot of object oriented background can pick up the coding style tweak it if they need to. Some people do modify things to suite their needs and others are happy with our apps "as is".

Just to recap we already wasted two days yappin about your jacked up servers and after you went through THREE of them and finally got one working you said the code was working. Red lights started flashing in my office by the time you got to the second screwed up machine, but hey weird things happen so at that point I wasn’t 100% concerned. Technically we could have and possible should have cut you off there as the policy in place is pretty clear about us not being your tech support crew when it comes to getting your machine working properly (especially one we cant even look at). Go check those posts again both Chris and I were answering your questions and being as helpful as anyone could possibly expect.

Several more days have been spent answering questions about how to modify your application and again that’s not our responsibility and we don’t support modified versions of the software for all the reasons that should be obvious. No software company does and if I have to explain why that is well this conversation is beyond hope.

Bottom line is the responsibility to support that application ends the moment you get it running the way it was shipped. Were pretty damn decent about going above and beyond and a lot of the time we go into things we shouldn’t have to. If you have well thought out and specific questions by all means ask, this isn’t some sort of thanks for your money now get lost operation. CJWSoft has been around since the beginning of Microsoft’s entrance into the web application market. We have thousands and thousands of happy customers because we are developers and enjoy working with other developers along the way.

You’re not the first N0oB to show up, but you’re the first one I can think of that ever tried to tell us we didn’t write the apps we sell and essentially wanted to argue that we don’t know what were talking about. Meanwhile you should have been done with your thing days and days and days ago, not in here yapping off and showing your ignorance to the other developers that regularly browse these forums. You trying to tell me how CafePress works is a joke, I happened to have been part of the team that worked on the first few revisions of that site and again you really didn’t even understand what I was getting at in that last post. LINK TO LOGIN PAGE not link to every protected page on the site.

If you think I am pissed off at you, your wrong. I'm just irritated with the whining about this and that and rather than admit your over your head you come back with half baked remarks that only make sense to you. If you think you can google a few terms and come back here talking smack like you’re actually someone that knows what you’re talking about your just making a fool of yourself. You sound like a guy from China trying to tell me how to speak English... My advice is get a few books and start learning or try actually reading up and listening to the other bazillion knowledgeable developers out there that do a great job posting articles about the subject. You might just learn something and actually get your project finished before 2010 and when you do please come back and re-read your posts with "enlightened eyes" so you can see what a goofball you are for saying half of the things you have said. I am not in the mood to keep helping you get your project done step by step. I have huge projects of my own going on and if I thought you could actually provide a descent project specification I might offer to make the changes for you at a serious discount so you could go away and everyone would be happy. Problem is I dont get the feeling you could explain your way out of a paper bag let alone provide a group of programmer the techinal specs for your project.

Your best bet is to post a link to the start of this thread at www.AngryCoder.com I'm sure a  few of  people over there would be more than willing to give you a ton of usefull advice

Google 4GuysFromRolla… a great resource site with example, just dont come back here  telling me those guys/ladies posted things that dont work either.

Chris has written hundreds of articles on PowerASP, a great place to start looking as well… www.powerasp.com I've been spitting out code for longer than I can remeber and I still look thing up on this site because its LOADED with great info. That happens to be one of the very first ASP sites that went up on the net so lets just say he knows a bit or two about the subject.

I'm sure your frusturated but your pushing your luck seriously. 38 posts about this subject in a week and your over there hacking away on your virus infested WaReZ machine which isnt exactally the ideal development rig. I mean we provide the code and your supposed to provide at the least a very basic knowlege of what your doing and a production grade platform to test it out on. To me thats like buying a car and then asking how to drive it... then bugging the dealer to teach you and when you smash the thing complaining because no one told you that your not supposed to drive into a wall. I have the same policy as the dealer, show me something wrong with the car from the factory and we will fix it for you NO QUESTIONS at all with our appoligies, but really once you take it off the lot what you do with it is your deal and its not our responsability in the least.

Chris -

Long time no talk, which is a good thing.  I have purchased another product from you, ASPVendor.  I am running into an issues.

When I try and remove the image through the image manager, it does not remove it.  Screen shot attached.

2005-10-19_194248_image_upload.zip

Thanks

someone has to do something other than me.. i've given up

if i give u the username/pw can you set this up on the network solutions host and ask them to set whatever permissions are needed?

cant do it anymore....

Chris -

Sorry, I am looking at your code on view_item.asp and I have noticed that you are calling 3 variable; start_date, end_date, and image_url that do not exist in the databases that you provided.  Do I have the updated package for ASPVendor?

LOL