Home | Advertising Info33 USERS CURRENTLY ONLINE   
PowerASP
   Site Search Contact Us Thursday, October 17, 2019  

Active Server Pages what is asp programming how to sample asp example code scripts software asp forum mail sessions applications global.asa CJWSoft ASPProtect ASPBanner ASPClassifieds



Blog Entry: 3/25/2006 1:37:59 PM

If you have found out that parent paths are disabled on the web server you can still use the application.

Before you continue.

If it is your server consider enabling parent paths to solve the problem.

If it is not your server consider asking them to enable parent paths for your web site to solve the problem.

If that is not possible please download this zip file.
2005-02-20_150703_aspprotect_v7.x_alternate_include_file_pat hs.zip

This zip file contains 3 sets of alternate files depending on your situation. You simply replace your existing aspprotect v7.x files with these new ones.

The zip file contains the following folders and files.



Below is the contents of the readme.txt file which explains everything.

The following folders each have a version of all the files in the ASPProtect system that might need to be edited in case you need to change the paths for the server side include files. There are 3 different scenarios.


(parent paths enabled) - This is the way the application comes.
The files in this folder have FILE server side includes containing "../" information. While these includes will work when the applicaion in is any location of a website they will not work if parent paths are disabled on the web server. Generally you will want to use these on your xp development machine. You can of course use them on your real server if parent paths are enabled. Parent Paths are now disabled on II6 by default and some hosting company will not enable them.


(domain root)
The files in this folder have VIRTUAL server side includes in them.
These includes only work when the applicaion is installed in the root of your web domain. For example if your domain was called "www.somedomain.com" the following aspprotect files and folders would end up like this
"http://www.somedomain.com/check_user_inc.asp"
"http://www.somedomain.com/password_admin"
"http://www.somedomain.com/users"


(domain directory)
The files in this folder have VIRTUAL server side includes in them.
These includes only work when the applicaion is installed in a directory called "aspprotect" in the root of your web domain. For example if your domain was called "www.somedomain.com" the
following aspprotect files and folders would end up like this
"http://www.somedomain.com/aspprotect/check_user_inc.asp"
"http://www.somedomain.com/aspprotect/password_admin"
"http://www.somedomain.com/aspprotect/users"

You can change the name of the "aspprotect" directory but you will will have to edit the includes in the files.


Lastly, if you are on a local machine and insist on using the VIRTUAL INCLUDES you would also use the (domain directory files) even though you dont have a domain on your local machine most likely
For example if your site was installed like so.
"http://localhost/aspprotect/check_user_inc.asp"
"http://localhost/aspprotect/password_admin"
"http://localhost/aspprotect/users"


cwilliams38403.6836342593, yes, any page you want protected needs to be edited..

You can probably have a login box on a non protected page. Just copy the generated source html form code for the login box of a protected page. Then put it on your non-protected page, but change the action to the page you want them to log in to.

In other words go to a protected page. See the login box, view the html browser source and use that to make your login form on the main page.

I have not tried it with .NET but I am pretty sure you can do it since it pretty much works the same as the classic asp version of ASPProtect.

try it.. see if it works.. If I have time tommoro I will test it out.,



sounds like trouble with the SQL database.

Did you create it using the SQL scripts we provide as that is extremely important ? ,

I am still a little confused... one thing I would like to mention is that the passwords in the aspprotect database are encrypted... meaning you cant just add a password to the user database by hand because it wont be the encrypted value and wont work.

It is something the application takes care of when you add a user via the web based interface.

You can however still add users manaully or with careful import/exporting... but you will have to use the existing password conversion technique which is covered at the end of our upgrade instructions in these forums.
http://support.cjwsoft.com/code/moreinfo174-1.htm

Basically you want to add a field to the "ASPP_Users" table called "Old_Password" and that is where you enter the password in plain text. Then after you are finished adding users to the database manually you do this.

You want to run a special page via the browser.

http://www.mysite.com/password_admin/convert_to_encrypted.asp


Which will convert the passwords to the encrypted value for you.
See the bottom of this thread for all the info on that.
http://support.cjwsoft.com/code/moreinfo174-1.htm

,

The application automatically generates all the code for you for each method of calling banners. It does this on the zones screen.

If you are using flash it also possible that the actualy flash file is what is causing things to slow up.

It really all depends... it could also be server resource related

using sql server or access.. ? etc etc

all important details

cwilliams38362.6615972222,

Suprising I started this tread off on ASPImage, but I resolved my issue and forgot to change the thread topic.  I will try your suggestion.

 

 

,

Hi,

Ok, well... you have a lot of stuff going on there.

More importantly than that.. you cant even log into the admin area using the admin account. There is something majorly wrong with the installation.

I also notice you havent even saved any path settings in the settings page of the admin area. I am looking that over now and filling in the missing info. That information needs to be populated.

, You know what, you really are frigin goofy to say you might think we didn't write the software. I got source code to the license dll as well as about 12 revisions of the application sitting on my development server as well as about 1200 emails between John & Myself as we worked on it. Not to mention all those .vb files that come with the application. What do you think those are ? I bet you don't even really know based on something you said in one of your earlier forum posts.

Did you even read this cause this is YOU... !!!
http://support.cjwsoft.com/code/moreinfo234-1.htm
And we say right on the ASPProtect.NET product page to read that article before making a purchase.

Moving on... it basically says on the site ASPProtect.NET works the way it is shown to work. You can use it that way or you can further edit the code with Visual Studio.NET. If you are so good with asp.net then you should be editing the code to work differently or writing your own authentication that works exactly how you want it to. End of story. You keep arguing about things your done... you are so done !!! I won't keep putting up with you.,

Is there a way to protect other virtual sites on the server that are not under the default web site considering people may have different websites running off one server?  I get the following error:

Parser Error Message: Cannot use a leading .. to exit above the top directory.

Source Error:

Line 1:  <%@ Register TagPrefix="aspprotect" TagName="checkaccess" Src="../../protectpage.ascx" %> 
Line 2:  <aspprotect:checkaccess level="4" groups="null" runat="server"></aspprotect:checkaccess>
Line 3:  

Thanks!

 

 

,

I think you getting all confused about dsn's and what they really are.

A system dsn gets created via the ODBC control panel and gets listed there. A system dsn is nothing more than a registry entry telling information about where the database is an how to connect to it. Then every time code accesses the database it has to do a registry lookup. The whole process adds a lot of delays, causes very poor performance and is unnecessary.

A dsn-less connection simply connects directly to the database by specifying the driver being used, where the database is, and some other information like the password if there is one.

To get aspprotect or any other ASP application using a database all you have to do is make sure the database folder has correct permissions and then make a connection string like so. (with the correct info for your directory structure of course)

DBQ=c:\inetpub\wwwroot\aspprotect_6\data\database\ASPProtect _access2002.mdb;Driver={Microsoft Access Driver (*.mdb)};UID=Admin;Password=temp

If you are wondering Access databases always use the same username.

So, basically if permissions are set correctly and the directory is valid it will work.
It is really that simple. 99% of the time when people have problems it is one or the other.

That being said, don't worry about the odbc control panel and what is listed there for connections. All we really care about is that odbc drivers are installed and somewhat current.


One last thign for reference: even if you do make a system dsn the database folder still needs the correct permissions.

cwilliams38417.7371643518,
I am having difficulty properly securing pdf's using 7.x
I used the example file and have been able to secure images and word docs, but the pdf's give users the error "There was an error opening this document. The file cannot be found."

The kicker -- it works fine on my computer, just not anyone else's. I put a link up to the same file without any security and that works on everyone's computer. The word file links and redirects work too. I've tried my log-in on other computers, then attempting to download the pdf and that doesn't work.

The client wants a site where users must register before downloading pdf's. They should be able to view all the pages without registering.

I don't know what I'm doing wrong. But I can't complete the site until this issue is resolved.

Help appreciated.


,

the reason being is because when I do installs I do not touch any of your existing content. I only install the base application and make sure everything in it working correctly and also that the example protected pages are working. I do not integrate it with your existing site or edit any of your existing web content. That is up to you

sorry about that, but it would be way too time consuming and editing people's existing pages is a good way to cause a lot of headaches for me and the customer if something goes wrong. Not only that but everyone uses the system differently and it wouldnt make sense for me to be the one doing that based on access levels, groups.. etc etc  which will all be custom to how you want things set up.

more on installation policies here.
http://www.cjwsoft.com/installation_service.asp

, thats intertesting.. I have never heard of the concept until now..

I did a search for ASP examples or ASP components that can help with the process and just couldn't find anything about it.,

Testing for XML Parser Support

the microsoft xml parser is generally installed by default on all new server setups..

It allows ASP code to make calls to other pages anywhere on the new as well as a lot of other handy things..

download and run this ".asp" page to verfiy that it is installed and be sure it is available for you to use

2004-12-10_132620_test_xmlparser.zip

Make sure you run it from your web server through the web browser

cwilliams38331.5621180556, Will purchasing an additional license resolve the issue which will allow another installation or is this a function of the application that it can only protect one site per server?, Yes, that worked... ,

If things are not perfect there will be no log files and no errors.. it can only be one of these things really
http://support.cjwsoft.com/code/moreinfo313-2.htm

You may also want to make your the filesystem on the server is working and not disabled by norton script blocking or anything random like that. Testing the filesystem object is best done by writing a simple text file to a folder. Plenty of examples of doing that can be found at www.aspin.com

Recent activity is temporary and admin activity in the admin area is not tracked. If your application in IIS has reset or there has been no activity in the users area or in pages you protected there will be nothing there. The busier your site the more chance something will be there. For example usually our online demo has something there except right after 4am when my server does an iisreset.

, ASPProtect version 6 does not officially support any sort of redirection or is it a feature.

You can however do redirection after login with some basic ASP if-else statements and ASP redirects. Basically you check the session variables after successful login and send users where based on that info. You of course also need to protect any pages you send users to and make sure any people that aren't supposed to go there do not go there directly and bypass your security.

I highly frown on Redirecting during login (In my opinion it is poor site design and it defeats the purpose of dynamic web pages, there is seldom a good reason to even need to do it if you design your site well) but you can check out this thread which should give you lots of good information.

http://support.cjwsoft.com/code/code_info.asp?TID=17&KW= redirect, Not sure how to response.write the session variable, sorry for the confusion, but I am not that good with the tech explantions yet.
what it boils down to is I have an Access Database containing over 100 members names.  I want only those people to be able to get into the secure pages.
Thanks.  Harvey
,

See, and that's what I thought.  What's interesting is that if I call either an aspx page or an asp page in the iframe tag, it asks me if I want to open the page, it doesn't display it.  I'm using IE6 so there's not problem with the support for the tag.

I'll keep looking to find out what's going on. I think the iframe method might work best.

JDooley

, Do what it says so you can see the real error and then post that information here. It could be anything from incorrect permissions to whatever.cwilliams38454.4272916667,

Banners no longer show up on my site ?

If banners were working fine and now they are just not showing up.
1st check to see that you are calling a valid zone with live banners in it.
If you are then most likely this it what hapened.

The web server must have crashed or lost power and now the application variables are in limbo/not working.

I have seen this happen a few times.

Basically the application variable system gets messed up because it was not shut down properlly.

The way to cure it are as follows.

Edit and save a banner in the system. Hopefully that gets things going again.

, I am not talking about image resizing. I need to know if it is possible to limit the upload to images where their height or width is less than 500 PIX. ,

do you have the smtp part of iis installed on your machine

cdonts needs that

then again I am not sure you can even use cdonts on a xp box without making some changes...

cdonts has kinds died out and as of windows 2000 basically got replaces by cdosys

, I am trying to understand how/where the "Log_Off_URL" variable is set
I have searched the forum for that string but don't get real good
results...I think the _'s are replaced with spaces for the search.

I am learning how to use the groups options and have modified some of
your example access level examples to test out group stuff.  At the
bottom of the default.asp page I see a "LOG OFF SYSTEM" link that is
filled with a link stored in the Log_Off_URL variable and it looks
like that is being set back to the default.asp file somehow.  So when
I click on it it just refreshes the page and appears to keep my user
logged in. 

Seems like it should log out the user and redisplay the
login page.  Is there a way to log totally off and have the login page
show up again?  I am sure I am missing some obvious thing
somewhere...I can see where the Log_Off_URL variable is being created
in the config_inc.asp file but did'nt know where to look for more
info.  Can you point me to an existing forum link?

Thanks!!
, it might.. I might be wrong though as I guess that could still be an issue with access not being able to keep up.. and then the xml parser just isnt getting the page it is requesting in time,

You can mix and match banner calling methods all you want.
Try it and see what happens.

However, the only method that is going to work on non ".asp" pages is the javascript or the new iframe method listed in the support forums.

 

cwilliams38209.532349537,

The login page sends the user to redirect.asp (which is as follows)

<%@ LANGUAGE="VBSCRIPT" %>
<!--#INCLUDE FILE="check_user_inc.asp"-->
 
<%
If InStr(Session("Groups"),"*1*") Then
    Response.Redirect("gp01.asp")
End If
%>

<%
If InStr(Session("Groups"),"*2*") Then
    Response.Redirect("gp02.asp")
End If
%>

 

I am not being redirected to gp02.asp if I am a member of group2.  Also, we wish users who are part of group 2 and 3 to go to a different page (ie. gp2-3.asp)

Thanks in advance.

,

I think I've got it to work somewhat.  I modified the 2checkout1 & 2 asp file to use and pass Product_id.  It now identifies the product correctly.  I'm good fo now. Thanks for the info though.

-Jason

,

when I go to that url is seems fairly fast and somewhat normal.. even when I try to log in it pops right back up asking for login info again..

I would check to make sure you are not running anything that might be effecting your web browsing.. software firewalls.. ad blockers.. script blockers... norton internet security.. zone alarm... anything like that

they can all effect a lot of things regarding how web browsers act.

,

sure and thats probably what you should do... that pure asp upload thing must not be able to handle the size of your import file... another thing which can very .. also some versions of IIS require registry changes to upload bigger files via asp code alone

, you can whatever you like but like I said those gif files are already in the correct place. The log parser is messing up. ,

SQL Server Datareader Datawriter Permissions..

here is a screenshot that shows how to set datareader and datawriter permissions on a database using "SQL Enterprise Manager"

In this example we are making sure the aspbanneruser has those permissions on the aspbanner database in the SQL Server

cwilliams38390.5986921296,

dsn-less is the way to go..
http://support.cjwsoft.com/code/moreinfo9-2.htm

you also need to use newer versions of the database as the odbc drivers on the server are sometimes very new and no longer work with access 97 databases

,

Gotcha.

Can you set an expiration date on a subscription?

Thanks,

Jess

,

I am running Windows 2000 server. I do believe asp.net IS installed as I have the .NET 1.1 framework installed.

Funny about the bounce backs. I am at about 10% of my limit, which I control as I am the network admin. I'll check into that.

,

pretty clever...

If anyone is interested in what the Mod function actually does this article explains it nicely. They even use it for the same purpose in the examples.

http://www.asp101.com/articles/steven/mod/default.asp

cwilliams38210.6791898148,

Hello,

Sorry
No, there is not.

not the way the code ships.. The program keeps tracks of everything by the way it ranames files. The system has been tested to work well with as many as 10,000 images files. Any more than that and you need something a little more serious meant for that amount of images.

You could certainly modify it do work that way if you are good with source code. There are actually as many drawbacks as doing doing it that way as there are advantages.
Take Care

 

,

How to bring up the Code Generators

Simply go to the zones screen.
Select a Zone from the list.
Check the "Show Banner Code" option.

Click on "Display Banners in Selected Zone"

,


Timecard Entry: 3/25/2006 1:37:59 PM

nortel access-node, did another setup. called some radlogs. some general questions, Responded back to dial up log, checked Rad log, anwered calls., answering phone, cheked emial, callsbacks from voicemail, cc report, invoice cancellations, taking sign ups. incident report. , Lowville still down. Received call from Logical Net and they said the line problem was a Tel.Co. problem. I relayed this to Ron. Received only a few calls from Lowville customers., trained bill how to do weekly reports, 39 cent cheeseburger day, helped a user set up email. helped a new customer with the software. had a billing question, worked on cosmetic changes for Wratten's store front (wrattenrvsales.com), VT payroll & funds transfers, answered incoming calls, call backs, finished weekly cancel review and faxed summary to Bill, filed pink sheets, my timecard and faxed to GWCC rsvp and dinner selections, Working on new WO system and cleanup of timecard system, lunch, email, voicemail, call backs, general admin, Talked to Jennifer Stevenson of slcmls.com about their site. Emailed Crispin a request for some changes., developed agenda for the albany show, inventory, Meet with Tim Badour regarding Allen employment contract and MBO plan, Finished Waites updating., Not too busy after 9 again, worked on some callbacks and general office stuff., Communicating Arts: develop and deliver production status report to Bill Martin, answered incoming calls, mailing, call backs, 7513, lunch, phones, radlog slow, TICC depreciation, mpbooth (SIIE), worked on creating admin/members portion of Allied Federated's web page (alliedcoop.com/members, programming, billable), sorted the mail,

   Active Server Pages Rule The World
Contact Us  
All artwork, design & content contained in this site are Copyright 1998 - 2019 PowerASP.com and Christopher J. Williams
Banner ads ,other site logos, etc are copyright of their respective companies.
STATS Unless otherwise noted - All Rights Reserved.

PowerASP active server pages asp.net microsoft .net framework sdk learn asp what is asp tutorial learn asp.net CJWSoft ASPProtect ASPBanner ASPClassifieds www.aspclassifieds.com, www.powerasp.com,www.cjwsoft.com,www.aspphotogallery.com,www.codewanker.com,www.aspprotect.com,www.aspbanner.com