Blog Entry: 3/25/2006 2:44:21 PM
1st of all when I look at the site I see a lot of non US characters and I can see the regional settings of the site are foreign.
ASPClassifieds in only intended to run under US and Canadian regional settings as stated on the site.
Thus the BIG notice on the purchase page.
http://www.aspclassifieds.com/purchase.asp
It won't run right like that for a lot of reasons and it is not supported like that as that notice says.
The categories showing 0 is just one of the problems you will have.
If I help you fix this it will just lead to 4 more issues right after.
If you would like support with the classifieds application you need to run it on a server with US or Canadian regional settings like the site says. , Same here. Thinking it might be server load or the bandwidth to the server.
Thanks for checking!
Lance
,
Login failed for user 'aspgallery'.
Okay, shouldn't this be trying to use aspgalleryuser?
Lance
cwilliams38325.8848263889, So do I just replace the four folders that came with aspprotect with the four (in my case domain directory) folders in the patch or just move the files?, Can we get access to the source project files for ASPProtect.net since we'd like to put in some of our own branding on the pages and not everything can be done in HTML.
Thanks
, well, I just tried a password using "abcdefghi" and like you said it did not work
I am looking into that.
Also, it seems I had the SQL scripts creating the "Old Password" field just in case someone needed it and I forgot about that. , I have written asp.net application pages- obviously i knew what viewstate was, or else when they made a mistake on that page it would not have saved their filled in info. Same thing for after they submitted, when they hit the back button their info would be gone.
For someone who wrote this software it seems you are not able to do simple things. Im begining to think you didn't write it. The only reason no one else asked this many questions is possibly because they didnt NEED the functions i am TRYING to do.
I know how the log boxes work. Esp. reg ASP... they all allow you to enter your username and password and then when you hit submit it gets verified and transfers you to your destination. ASP.NET has that capability also.. i didn't purchase a program to go and have to re-write it in visual studio. It would take me longer to re-write YOUR code than it would to have LEARNED ASP.NET and made MY OWN.
The program seems to have some great complex features, however, your not able to incorporate this easy login from a diff. page function... fishy
, OK. If no return page is set, do they end up on a PayPal confirmation page and have to navigate back to my site by going Back or typing the web address?
Nick
, You would set the groups during users signup the same way you would do the expiration in the following example.
http://support.cjwsoft.com/code/moreinfo170-1.htm
The groups field need to be set the exact same way it would look like in the database of course
So, if a user was part of groups 1, and 2
You would look in the database and see this in the groups fields for that user
*1*,*2*
so in the signup code you set that like so
CmdAddUser.Fields("Groups") = "*1*,*2*"
This info only applies to resgitrations and signups using the "users" folder.
if you wanted to make different sceanrios you would need to carefully make a copy of the users folder and adjust it accordingly
, This may be an old question ??? If it is please point me to the post or documentation where I can find the answer please.
When creating protected pages I am using the following to protect them:
<%@ LANGUAGE="VBSCRIPT" %>
<!--#INCLUDE FILE="/aspprotect/check_user_inc.asp"-->
But that is not working. I get the following error when I try to access the members logon page in the directory that I wish to add the pages to:
Active Server Pages error 'ASP 0130'
Invalid File attribute
/filelocation/filename.asp, line 3
File attribute '/aspprotect/check_user_inc.asp' cannot start with forward slash or back slash.
However if I create the pages in the root of the AspProtect directory and use a link to the same page that exists in the AspProtect directory and the following include:
<%@ LANGUAGE="VBSCRIPT" %>
<!--#INCLUDE FILE="check_user_inc.asp"-->
The pages work fine.
I really do not want to put all of my protected pages in the root of the AspProtect directory.
I would like to mix protected and unprotected pages throughout the site in order to #1 make it easier to administer. #2 keep the AspProtect directory solely for authentication. And, #3 keep any user authentication pages out of the AspProtect directory.
TIA
, I know what is happening.. its the old single quote thing messing up the query string..
but it shouldnt be happening with the newer code as I fixed it.
If you like I can go in and reproduce/fix the issue. I can not think of any other way I can help you as other users have not reported the issue.
Chances are if it is happening in one situation it will happen again in the future.. it really all depends on the passwords being used and your encyrption key... other passwords may produce the issue even if the password is correct
basically once the password gets encrypted it by chance has a single quote in it... then it messes up the query
I take care of the situation by replacing the single quote with a double quote but it looks like you found a situation where that didn't work out
cwilliams38453.8921990741, Ok...thanks., Ohhh...
I was thinking it worked like this; A user goes to that page and logs in.. and from there they can then browse the site and do what they want..
So in order for it to work i need to edit a page say... members.aspx (i assume it needs to be an asp.net page) and in the header put that protect code and when a user accesses it, it will prompt them for their un and pw and then if correct will allow them to view the page... and likewise if they are still logged in will be able to use the page?
If that is how to works as i mentioned above thats great...
I understand the redirect principle...but say i have a log in box on the main page... you know like most pages have a user log in on the left hand side... i wanted to do that. But i cant obviously protect the main home page or else normal users will not be able to view it without logging in or registering
, Thank you for the response to my question. In the mean time if I can figure any workaround I will post it here.
, ya,
any variation of a site url is going to have its own set of application and session variables.. soy you have to be consistant with your navigation links
example (for anyone that comes across this thread)
http://www.examplesite.com/somepage.asp
is going to have a different set of application and session variables then
http://examplesite.com/somepage.asp
even though they are basically the same page
, I have ASPProtect up and running and I was able to log in with little to now problem after following all of the directions.
I imported my data base of users (approx 5300) into the access db, and now it times out just letting me log in.
I've got full access to the web server to make any changes on that end that I need.
any ideas?
, Personally, I think that is something you should work into your existing site code or something you should handle on your own.
It's basic site maintenance issues.. and something every webmaster must deal with on an individual basis. If you are going to upload a new version of some large file of course you should go disable wherever people are dloading it from and then wait/re upload/turn things back on.. etc etc
It is not going to be a feature of ASPProtect and I don't see why it should be. If you want to have some sort of global site is temporaily down thing you should have a common server side include on all your pages right after the password protection include file. In that include file you could easily stop site access with a response.end and also show a message.
Or you should disable a file download page manually on a file to file basis.
Really, big busy sites that have their sh*t together use versions of files for a reason. Every new upload is a slightly new version revision and has a slightly different file name They do this partially to eliminate the problem your talking about and also because that is the way it should be done. Nothing gets uploaded over itself ever. Even if there is a mistake in a file they upload a new revision and document it in the revision/changes file. And of course they dont show users a link to a new file revisions until it is uploaded.
, I will actually explain how to set access_levels and/or groups...
in "users/add_new_account.asp"
carefully edit with a text editor
find this part
CmdAddUser.Fields("Access_Level") = "4"
that is where the acess level gets set...
you can change the level or remove that line all together if you dont want one set
now for groups you would add this line in the same area
CmdAddUser.Fields("Groups") = "*3*"
or
CmdAddUser.Fields("Groups") = "*1*,*2*,*3*"
Groups access for a user is stored in one field in the database like you see above. If you are confused what you should be saving in that field I suggest simply setting a user to whatever groups you want via the admin area and then looking in the database to see what got saved in that field. It's pretty simple really how they are stored.
*1*,*5*,*9*
that user would be a member of groups 1,5, and 9
, Hi Chris
Unfortunately the bl**dy server was down and unavailable for 17 hrs so I couldnt even get to see what the settings were!
It is on, the relevant users appear to have all rights for the data/tempstats folder.
I'm guessing you're going to suggest turning it off and see if the problem still appears.
Colin
, humm, yea thats a data connection error..
really not related to the asp code in the application for the most part.
that is low level
If using MSACCESS
I would make sure permissions are set correctly on the database folder (not just the database file itself)
I would make sure your using at least a 2000 version of the database. 2003-2003 format being better..
I would make sure the server has up to date mdac/odbc drivers.. (that is really the server admins responsibility)
As for permissions there are articles in our forums about exactly how they need to be set. Improper permissions can cause a ton of random errors like that.
cwilliams38414.6528240741, Aspprotect issue
I need the ability to allow users to view url links on a page, based on the
group(s) they are a member of. If the user is the member of one group (group 1 in the following example) the code works fine.
<% If Session("GROUPS") = "*1*" then %> "view link #1"
However, if the user is a member of more than one group (let's say 1 & 5), I cannot make the code work.
I have tried various versions of wildcards, nothing seems to get me there.
I fairly new at ASP, and I am sure I'm missing something simple.
Any help would be appreciated.
, Yeah sorry you are right. It works for me
http://www.rottys.net/gallery/default.asp?CatLevel=2&Cat 1_ID=5
, recently i've been getting a lot of unspecified errors. i've been running aspbanner for about a year and a half now. i don't know what would have caused all these problems. also, for some reason it won't maintain my log-in, ever time i got from page to page or try to submit a form it asks me log-in again.
Jason S.
cwilliams38389.8791550926, Sorry, not really.. not without a lot of changes to the code.
the recent activity info recycles.. it is not meant to be day by day
My suggestion there would be to look at both the log files and the user activty screens...
, I just made a new admin account and I still can not log in using it ?
Did you by chance edit the code by adding LCID info or something like that ? Something is just very wrong.
The simple example protected pages can not even be logged into ?
, I get this error, Any ideas?
Microsoft OLE DB Provider for ODBC Drivers error '80004005'
[Microsoft][ODBC Microsoft Access Driver] '(unknown)' is not a valid path. Make sure that the path name is spelled correctly and that you are connected to the server on which the file resides.
/guestbook/save.asp, line 109
, If by permissions ou are reffering to the IUSR with write/execute
permissions, they are already set. I get this error when I hit the 'Create New
Export File From Current User Database' link:
Microsoft VBScript runtime error '800a004c'
Path not found
/ASPProtect/password_admin/export.asp, line 76
Any other suggestions?, MODS are NOT SUPPORTED.. questions about them will not be answered in the support forums. If you want to use a MOD you are considered an advanced user and will need to sort out any issues that may or may not come up.
MODS are used at your own risk and may or may not require certain basic coding skills. , thanks thats what i was guessing.
, download the free version...
check out this tutorial...
http://support.cjwsoft.com/code/moreinfo169-1.htm
If your application can post to the page and provide all the form variables needed to log in it may work out for you..
You'll have to try it out... all the form variables needed are in that login form example.
Basically you'd be posting to a protected (.asp) page..
and providing the following for the most part.. how your app creates it post data is on your end...
<input type="hidden" name="Status" value="Checkem">
<input type="text" name="Username" value="Yourusername">
<input type="Password" name="Password" value="YourPassword">
As an alternate scenario...
Now, by default the "check_user_inc.asp" file is looking for posted form data... for security reasons it is not looking for querystring info..
If you change this bit of code in that file
from
Username = Replace(Request.Form("Username"),"'","''")
Password = Request.Form("Password")
to
Username = Replace(Request("Username"),"'","''")
Password = Request("Password")
It will then grab either form or querystring data...
Meaning you wouldn't necessary have to create a true post to the page with form data. You could just access the page via a querysting like so
http://www.mysite.com/somepage.asp?Status=Checkem&Userna me=Yourusername&Password=Yourpassword
Of course that introduces security risks as the username and password would be passed in plain text over the net
Another option is...
You can also make a copy of the "check_user_inc.asp" page called whatever with those modifications just to use in pages you need your little application to post to... thus reducing the security concerns a a bit as the rest of yoru site could still have its pages protected under the normal scenario.
I hope this answers your question... I havent really ever tried any of this but that is how I think it would work... , ok, well that should not be a problem then.. its meant to be able to be put in a folder like that.. just make sure the folder is not a subweb or anything like that... meaning dont set the folder up to have its own application in IIS. Just use a regular folder of course that is part of the root iis application.
Perhaps you just didnt edit the paths in the settings like I mentioned., I just told you a lot of different things to try... and I doubt you have tried them in the time since I mentioned them
, (customer replied aug-sep 2005)
OK, you have old code then... I will send you some updated files that you can try.. let me know here if it solves the problem. , let's try this... edit that page with a text editor like notepad...
Carefully replace any instance of "Cint" with "CDbl".. I may have missed some of those when testing the last time I edited the code.
, Oh, I just remembered something..
It's been a while since I did this... :)
Nevermind what I said above as that is a different sort of "debug"
When you want to debug like your talking about find this section in the "web.config"
<compilation defaultLanguage="vb" debug="false" />
change it to this
<compilation defaultLanguage="vb" debug="true" />
When you run the code in a production environment change it back though
More Info
http://support.microsoft.com/default.aspx?scid=kb;EN-US;3061 56
, Good Morning - I am receiving an Http 500 internal server error when I go to add a new user via the register.asp page. the url when the error appears is: .../users/add_new_account.asp
I think the error has to do with my email component setting - becuase it works fine otherwise.
I have the email component setting set to CDOSYS (using remote server) with the mail.remote.server set to email.cidra.com - email address set to webmaster@cidra.com
Note: I receive the email notification and the user does get added.
Post a request in the "custom code work" forum.
Perhaps another customer will want to do the work or help you out with some code.
I am just too busy to do any custom work for quite a while.
ConnectionString = "DBQ=C:\TradersReportsCom\aspprotect\data\database\ASPProtec t_access2002.mdb;Driver={Microsoft Access Driver (*.mdb)};UID=Admin;Password=temp"
I have already set the folder permissions as indicated in the documentation.
, 
