After taking another look at this and trying your suggestions without success, it appears that in Windows 2003 server it is nearly impossible to remove the READ ONLY attribute from the _database folder.  I'm wonder if this could the cause?

Thanks 

Ahhh....yes, I always forget about the cache.  That's exactly what it was. 

 I had made modifications to the import_pics.asp file, because I added more fields to the db, and made the import folder path dynamic, but I seem to have forgotten to add in the response.expires=0

Once I added this back in it has stopped messing up.

What was happening was, it wasn't overwriting the files, nor were they too big, but you would click on one thumbnail in an album(category) and it would display a picture from a totally different category.  It seems browser cache was the culprit, however.

Thanks for the quick reply, great product tooo!!!

Christopher

Thanks for a speedy reply.  This is what I have used most recently...

ListingsConnectionString = "DSN=longreach;UID=lradmin;PWD=skipper;"
DatabaseType = "SQL"

but that throws an error of:

 [Microsoft][ODBC Driver Manager] Data source name not found and no default driver specified

I have private messaged you my SQL server IP address.  I am a fast learner with ASP (I think!) but some things really catch me out!

cool.. let see if that works.  This was the command line that I had to enter in order for it to register.  Chris, as you stated before, you can try one of the other emailers, but you need a email server to tie to. 

"regsvr32 cdonts.dll"

I was actually able to do similar thing by allowing our dedicated search engine to access the site unchallanged.

<%
If Trim(Left(Request.ServerVariables("HTTP_USER_AGENT"),11)) = "MYPASSWORD" Then  
 SearchFlag = True
End If
 
If SearchFlag <> True Then
If Session("Access_Level") > CHECKFOR or Session("Access_Level") = "" Then 
%>
<!--#include virtual="/Auth/check_user_Code.asp" -->
<head>
<title>My Title</title>

</head>

<body>

My Protected stuff here

</body>

</html>

For this to work, the search engine must pass the PW to the web site. I just was not sure how to do the same thing with IPs. I will play with the code and see what happens. If it works, I will post it here to help others, if this is OK with forum rules.

Thanks,

Mo

Humm, Did you change something in a bad way? Thats my guess.

I need more information on what is going on because by default it does not do that ?

The only possible way I can think of that could cause that is if you changed things around too much and the config_inc.asp file is getting run/included twice on that page your logging in to.

Also, when you sign in "where" ? What page ?

Glad it worked

It's seems to work fine after renaming the file, rebuilding the application, and editing the web.config file to point to login.aspx. It looks like I can use your fine product and thanks again for the help. It was unusually easy. Merry Christmas…

Ok, so I checked to see if ASP is running on the server and it is.  then I added code to the top of a page and this is what i can see when 'view Source' on the web browser:

<%@ LANGUAGE="VBSCRIPT" %>

<!-- Begin ASPProtect Code -->
<!-- Groups with access to this page. ( * Admins * ) -->
<% GROUPACCESS = "4" %>
<! #INCLUDE FILE="check_user_inc.asp">
<!-- End ASPProtect Code -->

<html>
<head>
<title>TeamManagers</title>

Yet I get no challenage for a password and no error message!

(Indemnification Agreement Mod)

This very simple mod will add an Indemnification Agreement Pop-up to the registration signup form which must be agreed to before continuing. This is often done for legal reasons to help cover yourself if something should come up later on.



Instructions:

Download 2006-03-19_212700_Indemnification_Agreement_Mod.zip which contains "terms.js" and put it in your scripts folder. It contains the text that will be displayed in the pop-up. You can of course carefully edit it with a text editor to say whatever you like.

Now carefully edit "users/register.asp" with a text editor. Add this bit of code in blue right after the include to the "footer_inc.asp" file like so. It will be near the bottom of the page.


<!--#INCLUDE FILE="footer_inc.asp"-->

<% If ErrorMessage = "" Then %>
<script language="JavaScript" src="../scripts/terms.js">
</script>
<% End If %>

Your done, that's it. Now when "users/register.asp" is run for the 1st time the pop-up will come up.

Okay, this also shows at the bottom of the import/export page

I've got the IUSR account with modify permissions on this data folder as well.  Is the "this directory needs change permission" line just a general reminder?

Files are being stored in "D:\missourirealtor.org\members\aspprotect\data\export\\"

This directory needs change permissions for the anonymouse webserver account.
Those permissions can only be set by your hosting company.
These features will not work without those permissions being set.

it is an email server/setting issue most likely

your email server probably requires outgoing authentication or something like that and that is why internal emails can be sent to but nothing else

its something along those lines

this will help you see the real error instead of the generic 500
http://support.cjwsoft.com/code/moreinfo11-1.htm

I just installed ASPProtect on my site. The instructions were definately on the target. Very very good instructions.

But... Isn't there always a but ???

I needed to setup my site with MS SQL and it is hosted so I don't have Enterprise Manager. I tried the web based Enterprise Manager and any other one I could find. But, I kept getting errors when trying to use the SQL Script.

I finally had to go back to my work where we do have the licenses and get an SQL Admin to use Enterprise Manager to run the script and it worked finally.

I don't know if this is a common problem ??? But, maybe you would want to look at the SQL Server script or make a different version that would work with the Web Based SQL manager.

Thanks

well, you should probably be backing up the SQL database on a regular basis. That is between you and hosting company. If they let you connect via SQL Enterprise Manager you can do backups on your own.

As far as the aspprotect files and folders go back them up somewhere, and then only worry about backing them up again if you change some of the files.

That's really all there is to it. None of the ASPProtect files change on their own except the generated log files that you may or may not care about backing up.

I mean the important thing is the Database, and then of course any your own .asp pages that you protected as well as any custimizations you made to the users area or your site...

MySQL Database Setup

Use of MySQL is 100% unsupported as you can see from the site.
http://www.aspbanner.com/mysql.htm

Even still I recently had an encouter with an extremely Jerky person (read the thread above for more on that) and because of him I am adding this tutorial showing one way to set things up on a windows server using the official MySQL tools available.

Let me just say as well that there are 100's of 3rd party tools to work with MySQL databases and many ways to create the database and apply the database creation script. In the past it had to be done via the command line, but now there are a lot of visual tools you can do it with. Furthermore all hosting companies set MySQL up differently and give you access to varius interfaces to manage it which are all different, and that is primarily why I do not support it. How the hell could I support all those different interfaces many of which are totally custom?

The fact is 99% of the people that purchased ASPBanner to use with MySQL have done so without issue and love how it runs. Regardless here is how I set up a working MySQL database on a windows server proving it does indeed run with a MySQL database.

1st of all if you are setting up the server you need to download some things from http://www.mysql.com/ 
(btw: you local developers can install this on XP Pro as well if you like.)

For this article we are going to download the current non beta windows version of MySQL which is 5.0. ALso known as the Windows Essentials (x86) download. It's about 17 meg.

Because ASPBanner uses the MyODBC drivers (now called Connector/ODBC) to connect to the MySQL database you need to download those as well. (Our site flat out says this is required for MySQL use)

So I download those from here. http://dev.mysql.com/downloads/connector/odbc/3.51.html
Version 3.51 has been the current version for a couple years now.
You want the windows driver install which is about 2 meg.

The two downloads should look like this.



Now, on the webserver you run the version 5 setup (mysql-essential-5.0.19-win32.msi) I will guide you through it step by setp.



Hit Next



I am going to choose typical for the sake of this article.

Hit Next



Hit Next



Wait for a bit



I skipped this part.



Choose to configure the MySQL Now

Hit Finish

Hit Next

I am going to choose Detailed Configuration



Since I am on a development machine for this install I am going to choose Developer Machine. For a Real Server choose one of the server options.



For this article I am going to choose Multifunctional Database: You may want to pick one of the other options. That is up to you. ASPBanner will work under any of the scenarios.



I am going to leave the location at its default

Hit Next



Since this is a development machine these options are fine.

Hit Next



These options are fine as well.

Hit Next



Standard is fine for my development machine.

Hit Next



I am going to choose both of these options. The 1st one is Important and should be enabled on a real server so MySQL always runs. The 2nd is not so important.

Hit Next



Set the "root" password and do not forget it. You will need it to manage your MySQL server. I do not advise creating an anonymous account unless it is a development server and you just do not care. Whether you enable root access from remote machines or not is up to you so do some research on that. For this articles needs I am not choosing it.

Hit Next



Hit Execute and wait



If all goes well you will see this. (I actually got an error message about not being able to connect... I went to to Administrative tools/services and restarted the MySQL service and hit retry which cured that... it probably only did this to me since I have installed this before.. new installs probably will not have any trouble)

Hit Finish

Your done.. You just installed the MySQL Server (TIP: its usally a good idea to reboot and make sure the MySQL servce is running by default)

Now, moving on..

Lets install the MyODBC drivers.. (now called Connector/ODBC)

This one is a bit of a no-brainer so I am not going to go into detail.
Just run (mysql-connector-odbc-3.51.12-win32.msi) and run through all the defaults until it is done.. Choose typical when that comes up.

Your done setting up MyODBC on the server. If its not your server I guess you don't need to worry about installing all of this as its your hosts job to do that.

A mod like this would improve tracking by leaps and bounds.

Do you think this addon would be availalbe anytime in the near future? If/when this feature or mod becomes availalbe, it certainly would be ideal if some script was made to import all the log file data.

Hi Chris,

Thanks for the answer. No, I am not using Paypal since these are employees and sales reps. I guess i'm on my own on this one. :)

Thanks
Sylvain

http://support.cjwsoft.com/code/moreinfo286-2.htm

http://support.cjwsoft.com/code/moreinfo391-1.htm

http://support.cjwsoft.com/code/moreinfo385-1.htm

Can I have the logon be in a top frame while having the protected pages displayed in a main frame?

Using frames with forms based authentication is not the best thing to be doing. Your much better off not using frames and using includes files to do a virtual frames sort of thing (search google) but if you are going to use frames I would suggest password protecting the frameset page as well as any pages it contains.

If you want to have a login form in a non protected top frame all the time.. that posts to a lower frame that is password protected.. you would do this
http://support.cjwsoft.com/code/moreinfo169-1.htm
but change the target of the form to one of your frames

personally though I think that would be a somewhat goofy setup to have going on


Also, how will it behave if a user moves in between a protected page to a public page and back to the protected page again?

As long as they have cookies enabled which is required for session variables to work... then you will have no issues because once they come back to a page they have permission to they will just be allowed in without login.. at least while that session is still active.. or for a longer time if they choose the remeber me option which keeps track of them with a cookie .

Really, the best thing to do is expirment and see how things behave.

Chris: You are right about a little extra coding to make it work. I am still learning .ASP coding, so I did a little web searching and used IF THEN statments to confirm a member logged in with a valid Access Code. If valid, the protected page executes, with the Member's Name and Access Level on a single line at the top of that page. Looks sharp! If not logged in, or a non member (who found the page via Google), I used a Redirect to send s/he to a login page with optional links as you suggested (http://www.vspa.com/aspprotect/vspa-password-failed.asp) . I couldn't get it to work when using Group Access, but I am sure that is just because I am a novice at .ASP (I will post that example when I figure it out). Meanwhile, here's the code I used that works:

<%@ LANGUAGE="VBSCRIPT" %>
<!--#INCLUDE FILE="dataconn_inc.asp"-->
<!--#INCLUDE FILE="check_user_inc.asp"-->
<!--#INCLUDE FILE="config_inc.asp"-->
<% =Session("First_Name") %>&nbsp;<% =Session("Last_Name") %>:
<%
If Session("Access_Level") = "6"  Then
    Response.Write "VSPA Active Member Access Level 6"
 End If
If Session("Access_Level") = "7" Then
    Response.Write "VSPA Life Member Access Level 7"
 End If
If Session("Access_Level") = "8" Then
    Response.Write "VSPA Officer/Staff Access Level 8"
 End If
If Session("Access_Level") < "6" Then
    Response.Write "Access Level 1-6 NOT AUTHORIZED RESTRICTED AREA ACCESS"
    Response.Redirect("vspa-password-failed.asp")
End If
%><!-- http://www.vspa.com/aspprotect/vspa-password-enter.asp -->
<!-- *** End ASPProtect Code *** -->
<html>
<head>

When using this code:

<!------- ASPBanner Ad code ------------->
<script language="JavaScript"> var code = '';
var now = new Date();
var nIndex = now.getTime();
document.write('<s' + 'cript src=" http://www.poconocommuter.com/aspbanner/injectbanner.asp?Ban nerZone=6&nocache=' + nIndex + '">');
document.write('</' + 's' + 'cript>');
</script>
<script language="JavaScript">document.write(jscode);</script& gt;
<!--------- End ASPBanner Ad code --------------->

I receive an error that jscode is undefined. The banner will not display.

Any ideas how to fix this?

Hello-

I'd like to set up the system to redirect to a landing page (say home1) after the user logs in.

I have looked at all the documentation and can't find something that explains how to do this. I am thinking that I can set up a log in as the default in my root directory that will have a form with an action=check_user_inc.asp. I have looked at the code there but cannot find a place where I would place a redirect to home1.

Help please

Thanks

Nope,

No changes to any scripts - just a response.write added to Email_Password.asp to print out the SQL.

Sure - here's the address.

www.omegaphibeta.net/aspprotect/users/Email_Password.asp

-Toni

P.S.  E-mail address to look for is serena_5@hotmail.com

IMPORTANT UPDATE - READ THIS
http://support.cjwsoft.com/forum/forum_posts.asp?TID=205& ; ; ; ; ; ; ; ; ; ; ;PN=1

The 2Checkout Support Pack which is built in to ASPProtect 7 contains all the pre-built scripts you need to implement 2Checkout Payments with ASPProtect. You must be using version 2 of the 2checkout system. They are phasing out version 1 regardless so everyone will be using version 2 very soon if they are not already.

THIS IS NOT INTENDED OR DESIGNED TO USE 2CHECKOUT SUBSCRIPTIONS. (see bottom of this thread for more info on that)

This Support Pack basically gives you an additional signup and registration directory "2checkout_signup" and it should not interfere with any changes or customizations you have made to your ASPProtect setup in general. New users can register in this directory and pay for membership at the same time. Existing users whether active or expired can be sent to this directory where they can lookup their account and buy additional membership time online. You can also assign various Access and Group Levels during signup and you can set up various prices for various amounts of time as well. This is a real-time setup for the most part. As soon as a user pays via 2Checkout your system is updated and they will have access.

The 2checkout pack is NEW.. and was released on March 19, 2005. If you don't have it and would like it please just ask.

To start using this edit the "2checkout_signup/2checkout_config_inc.asp" file

You will be entering your 2Checkout Account number in that file as well as the URL you want a user to go to after payment. It is all commented in that file. (There is also a testing variable you can set to True if you want to do testing without real charges being applied)

After editing that file run this page.

http://www.mysite.com/2checkout_signup/show_postback_path.asp

Replacing the part in blue with your website info.

It will report back that postback url you need to use in the 2checkout system.

Log into your 2checkout version 2 account and under the "look & feel section" enter that postback url for both the "Approved URL" and the  "Pending URL"

Trust me: You want the URL there for a pending URL because the 2Checkout system is quite random and 95% of the payments that come in go to the pending URL and end up being legitimate sales. (at least for me they do)

Now make sure the Direct Return option on that page is on as well. 

If set to Yes buyers will be immediately directed to your URLs below once they click the Complete Order button. If set to No the buyers will have to click a button to return to your URLs below.

Save that page... and leave 2checkout.

Now, delete this page from your ASPProtect setup.
http://www.mysite.com/2checkout_signup/show_postback_path.asp

It's a minor security risk and is no longer needed needed.

The basic setup is finished. All you have to now is set up payments options the way you want them.


Changing Payment Options

In the "2checkout1.asp" file there are form options set up.

They look like this and you can have as many as you like.

<option selected value="30,9.95,3,">30 Days, 9.95</option>

In this option... A user has the option to purchase 30 days for $9.95 and he will be set to Access Level 3 when payment in completed.

Here is how it works.

The value setting (red) is essentially and array that can be made up 4 elements separated by comma's
They must be separated by a comma and there can be no spaces. In this example the 4th value was not used but the last comma must still be there. If you didn't want to set an access level and left out the "3" there would 2 commas at the end.  etc etc
Basically there must always be 3 commas but you only have to set the 1st 2 values which are days and price.

days,price,access level,groups

The 1st value is the amount of days.
The 2nd value is the price for the amount of days.
The 3rd value is the access level you want to user assigned to.
The 4th option is the groups you want the user assigned to. (see PayPal subscription thread for examples of specifying group info)

Now, the label for the option in (blue) can say whatever you like.

Yes worked fine

thanks

• What kind of encryption do you use with version 7?
• If I purchase version 7 and use it on my site with a new SQL database then migrate the old records from version 6 so I can by-pass the issue with my home-grown Base 64 encryption, do you forsee other issues with the upgrade?

I appreciate the offer to beta test... but its really more a matter of me getting it ready..

I have a lot done.. but a lot of things are hard coded to only work on my machine and some things have not been sorted out. Giving it to someone else to test would be a waste of time at this point as I they probably couldn’t even run it.

Lately the reason this project has fallen behind has all to do with my main webserver where I collocate.

1st it got compromised (we think by certain competitors who are always up to no good)... then windows 2003 server which I decided to go with on the new server gave me random problems... then the Cisco hardware firewall was acting up and making the sites run slow....then SQL server attacks on port 1433 from Korea when I took the firewall down....and as of the last few days I think the server just needs a new power supply. I swear for the last 2 months I have spent more time administrating my servers than working on code. Yesterday it was locking up every 30 minutes. There have been a lot of days like that and it takes up all my time until I get it situated.  Especially since its over 100 miles to the collocation center. The APC unit I installed that allows me to remotely cut the power to hard reboot is a life saver.

Fun... I tell ya... and expensive.. (hardware, software, lost sales, and time) I am pretty much completely broke at the moment. It has been a very expensive few months.

But I like running my own servers... I run dns servers, email servers, sql servers, web servers.. I do it all. It's keeps me in touch with the latest software/hardware. Regardless , my servers ran well for years and they will again.


anyway.. hopefully I can actually get a new version of the photo gallery out before the month is over. It will probably be the last classic asp version. The version after that will most likely be ASP.net.

Hi -

We are trying to set up ASPProtect 7 so that the user is redirected to a specific web page based on their group membership.

For example, immediately upon successful login:

Group 1 members are directed to page A
Group 2 members are directed to page B
Group 3 members are directed to page C

Users will only ever belong to one group.

We tried to use the Redirect_URL feature but it causes the browser to loop.

Could you let us know exactly how to do this.  We are not ASP programmers and need to work from an example.

Thanks!

I am getting the same error looking at the previous post, I looked in settings and my Registration-URL is pointing at the correct location.

Is there any other thoughts on this issue

Thank you!

Matt2112

It should be released sometime late May 2004 or early June 2004 but no gurantees as I am pretty busy right now with some projects.

There will be upgrade instructions and it should be a fairly easy upgrade.

[/QUOTE]

Like I said no guarantee... I have a lot of things going on... it might not even be finished till the end of July... customers will always be able to get it for the difference in price

You have the version listed on the site when you purchassed it.
Version 3.0

in Control_pic.asp is there way to wrap the description field so that it doesn't go outside the table.

Thanks