Home | Advertising Info293 USERS CURRENTLY ONLINE   
   Site Search Contact Us Thursday, October 17, 2019  

PowerASP active server pages asp.net microsoft .net framework sdk learn asp what is asp tutorial learn asp.net CJWSoft ASPProtect ASPBanner ASPClassifieds

Blog Entry: 3/25/2006 1:41:25 PM

Yes, I was referring to ASP Protect.

I had about a dozen people access the same account, but it is highly unlikely that they would all try at the same time (unless there were several hundred people who had access). Having an enhanced login abuse would be nice.



Terribly sorry, but we are not software-technical.  So can you please tell us exactly which folder the database would be in.

Thanks in advance.


Lastly, I put there information here to help, but please don't ask me any questions about it.

I am not microsoft SQL server support. If this doesn't work for you simply start troubleshooting and doing google searches like I do. ,

Yeah sorry you are right. It works for me

http://www.rottys.net/gallery/default.asp?CatLevel=2&Cat 1_ID=5




The source code comes with it.
They are the.vb files.

I don't give out any project files for reasons stated in the article below.

Please read this in full if you want to edit the application in Visual Studio.NET



ok, here is what is going on

you are password protecting an ".asp" page that requires querystring info to run correctly   (example - "somepage.asp?ID=3"")

that is something I never intended anyone to do.. while it does handle and repass the querystring info along during successful login it does not re-pass that info during a failed login as you have found out

this is all by design.. the only reason the system re-passes the querystring info at all is because I wanted to make it smart for the sake of the remember me/cookie feature.. so if someone was using that and bookmarked a page deep in your site with querstring info...then when they went back to that bookmark they would get authenticated and still see the page as intended with the querystring info in tact

it was a nice feature never intended to handle any situations other than what I just described...

notice the url in the browser after failing a login.. then logging in successfully.. it is missing the querystring info

that more than anything is what is going on..  browser caching can cause some confusion when dealing with this because the browser likes to return you to the page minus the querstring info... when that happens a simple browser refresh at that time may very well solve the problem and then you see the page you are supposed to see...

To avoid all of this...

One solution to this is to always start people logging in to an ".asp" page that has no querystring info. That way this won't happen. Once they are logged in you can then offer them links to the pages they need to go to. (you of course still want to password protect those pages)

Another solution is to log them into a page with no querystring info and then do a response.redirect to the page with quersytring info.. thus accomplishing the same thing but without the possibility of the issue because of a failed login.

Another solutions is to do checks in your asp page for missing querstring info.. and if it isn't there do something about it like send them somewhere else.. or display a message about there being an error... etc etc

So,basically you don't want to tell people to login into such and such page with querstring info... and providing a username and password..... You can do it but like you found out it can cause an error if they mess up logging in the 1st time. The system just was not designed to handle that. There are complex reasons for that involving security that would just take me too long to explain.

I hope this makes some sense to you.. it is very hard to try and explain

, You cannot use server mappath in the connecting string of the application. If you want to know why read my article.

Make your connecting string just like in my example.. do not use the oledb connection string either as it will cause other problems.

If you need to find out the path to the mdb file you can use server.mappath to get that info but do not put server mappath in the connecting string. See my article again.

then if the database folder has proper permissions and the path to the mdb file is valid it will work... otherwise you get useless errors,  its really that simple.

You also may want to download ASPTest from www.cjwsoft.com it is designed to show a person how to setup a working data connection.,

Regarding (ASP Photo Gallery Pro)

If you are looking to import a very, very, large number of images, the upload feature might not be sufficient for you. I have done some work using a unix terminal to be able to upload as many images as I would like by simply placing the images in the directory and renaming the images. There are other ways to rename the images, but I am very familiar with Linux, so I chose to do it this way. If you are running Linux, MacOS, or another Linux-based OS, you can simply pull up a terminal and run the following command in the appropriate directory. If you run Windows, I'd suggest CygWin, which creates a Linuxenvironment (Linux shell). It can be found at www.cygwin.com In order to be recognized by the ASP software, the images must be in the format of pic_"Album Number"_"Picture Number".jpg . Therefore, the following code is run to accomplish the file name change (on one line without wordwrap):

ls -1 DSC* |
sed 's/DSCN//g'
sed 's/.JPG//g' |
awk '{print "mv DSCN"$1".JPG pic_9_"$1".jpg"}'
This command will change all files beginning in "DSCN" to "pic_9_*Picture Number*".

This does have a slight problem however. If there is a large number of pictures, 0's become a problem. For example, if there are 200 pictures, picture 1 will show up as pic_9_001.jpg. This can be fixed by the following command, which will eliminate unneccesary 0's (All on one line once more):

ls -1 --color='never' pic_9_0*
|sed 's/_0/_/g'
|sed 's/pic_9_//g'
|sed 's/.jpg//g'
|awk '{print "mv pic_9_0"$1".JPG pic_9_"$1".JPG"}'

This command eliminates 1 zero. It should be run as many times as needed to eliminate all zero's.

Please Note: These commands will only show the resultant set (The list of picture names). In order to execute them, they must be output to a shell script using the ">" character as follows:

ls -1 DSC* |
sed 's/DSCN//g'
sed 's/.JPG//g' |
awk '{print "mv DSCN"$1".JPG pic_9_"$1".jpg"}' > temp.sh

Then, the shell script must be run using the following command:

sh temp.sh

This might take a few moments, depending on the amount of picture names that are being changed.

IMPORTANT: BACK UP all files before changing file names. Also, view the resultant sets to make sure it's what you want before outputting to a shell script.

If you have any questions, please feel free to post or e-mail me @ JPortnoy@checkernet.com

cwilliams38210.5703009259, Come on the threats are not necessary- i got the point the first time you said it.. i thought i made a friend thru this and felt comfortable to say something like that... i am not a big online chatter just do the web stuff as a hobby... i am a network / computer hardware guy (yet i work for a mortgage co. go figure...),

Is there a way to set various members to upload a limit of photos. So, one member can only upload 5 photos in 1 album and another can upload 30 photos in 2 albums. Even if you just set a permission for the number of uploads for each member.

Thank you


You would set the groups during users signup the same way you would do the expiration in the following example.


The groups field need to be set the exact same way it would look like in the database of course

So, if a user was part of groups 1, and 2

You would look in the database and see this in the groups fields for that user


so in the signup code you set that like so

CmdAddUser.Fields("Groups") = "*1*,*2*"

This info only applies to resgitrations and signups using the "users" folder.
if you wanted to make different sceanrios you would need to carefully make a copy of the users folder and adjust it accordingly


False alarm. Dumb user alert (both the classifieds customer and me).

When I test fixes, I need to be looking at the right Ad_ID to get correct results

, This user has notified me that the issue has been resolved based on what I told him.,

really all depends on the sql connection string you are using and the names of your sql user you are using...

you really havent described very much..

I'd double check all of it.. something is wrong


(Capcha Security Image Mod)

This mod will add a Capcha Security Image to the registration signup form.


Download the latest version of the ASP Security Image Generator from this site. http://www.tipstricks.org/

Unzip that download and copy "aspcaptcha.asp" and "aspcaptcha_distort.asp" into the aspprotect "users" folder.

Now edit "users/register.asp" with a text editor and add the code shown below in blue. The code to add goes near the bottom of the form right above the submit button. Just add the blue code. The code around it is shown to help you find the area of code where it gets placed.

      <td valign="top" align="right"><font face="Arial" size="2"><strong>
  Newsletter</strong></font></td> ; ; ; ; ; ; ;
      <td valign="top">
  <input type="checkbox" name="Newsletter" value="True" checked>
  <font face="Arial" size="1">Do you want to be subscribed to the
  newsletter ?</font></td>

      <td valign="top" align="right"></td>
      <td valign="top">&nbsp;<img src="aspcaptcha.asp" alt="" width="86" height="21" />
   <font face="Arial" size="2" color="#000000">Type the characters shown in image for verification.</font><br>
   <input name="strCAPTCHA" type="text" id="strCAPTCHA" maxlength="8" /></td>

      <td colspan="2" bgcolor="#FFFFFF">
        <p align="center"><input type="submit" value="Register"></p>

ok, now edit "users/add_new_account.asp" with a text editor and add the code shown below in blue. Just add the blue code. The code around it is shown to help you find the area of code where it gets placed.

If User_Custom6_Used = True Then
 If User_Custom6_Required = True Then
  If  Custom6 = "" Then
   ErrorMessage = ErrorMessage & Server.URLEncode("You need to enter a " & User_Custom6_Name &".\n\n")
  End IF
 End If
End If
 strCAPTCHA = Trim(Request.Form("strCAPTCHA"))
 if strCAPTCHA = Trim(Session("CAPTCHA_" & Session.SessionID)) then
  ErrorMessage = ErrorMessage & Server.URLEncode("You did not type in the verification info correctly.\n\n")
 End If 

If ErrorMessage <> "" Then
 Response.Redirect "register.asp?" & Request.Form & "&ErrorMessage=" & ErrorMessage
End If

Your done. You just added a Capcha Security Image to your signup form. If you would like a more distorted image that is more difficult for an automated program to figure out change the image tag to call the "aspcaptcha_distort.asp" page instead. It will look more like this.

, I tried the iFrame method that you have shown, and it works great!!!!,

no, that only applies to random pictures and stats..


The issues you are talking about usually relate to issues created by switching back and forth between a local install and a live server install and not being careful about changing the paths in the settings depending on where you are running it from.

For example.. it trying to use a url at the server level that is only valid when you are running it locally


Just wanted to say how much I like the program! I hunted for days and finally purchased a Perl based product. After several days of goofing with it I gave up. ASPPhoto worked right on first install!!!!


Way to go!


After taking another look at this and trying your suggestions without success, it appears that in Windows 2003 server it is nearly impossible to remove the READ ONLY attribute from the _database folder.  I'm wonder if this could the cause?



Humm, Did you make any changes to the code ?
Solid Black is not the default so it must have changed at least once.

Otherwise it might be some sort of application variable problem.
I would make sure the web is and "application" in the IIS console.



The company is called Eschelon - there customer service leaves a lot to be desired. I have contacted them again and they said that they require the account holder to manage permissions, they won't make changes. I wish they would have told me that a week ago when I asked them about changing the permissions. They haven't responded to me yet how I am to do that though.

Frontpage ext. are not installed.

Once I hear back from them about how I connect to manage rights I should be all set.

Thanks again for all your help!


Has any one used the aspmail function to send emails from within your site? If so what did you use as the AspMail_Host string in the connections database?

thank you


Adding Support For ServerObjects ASPMail

ASPProtect as you know does not support ServerObjects ASPMail component by default.

Here are directions to make it work.

In the ASPProtect admin settings area simply pretend as if you are using the softartisans sasmtp mailer component.
ASPMail and that sasmtp component share the same properties… and the code used for them is nearly identical.

So search through the code for any place where email is sent and simply change

Set Mailer = Server.CreateObject("SoftArtisans.SMTPMail")


Set Mailer = Server.CreateObject("SMTPsvg.Mailer")

It is about 4 places. They are not too hard to find.

That’s the easy way to get all the emailing functions working with ASPMail

cwilliams38419.7864351852, Yes, you are right.  That was the problem.  Sorry  


when you get back to work.. your   "redirect.asp" needs the password include file at the top of it.. or that wont work either..

and of course those pages you send people to all need to be repaired

, i was only kidding!! , ok, that is what you are suppose to do... not having that path info set can cause all sorts of trouble.,



Flash Code Generator

Until I have time to make one I suggest using the one on the banmanpro support site as it is pretty nice.




Ok i am having an issue with my other comp. I have spent ANOTHER 3 hours researching this one.... it WONT START THE IIS SERVICE!!!

I get this error:

The service did not respond to the start or control request in a timely fashion


I decided to use one of my client's hosts; which happens to be Network Solutions.

ANYWAY again-

I uploaded the whole thing there and they advised me they cannot do the explicit permissions on that _database folder. This is what they said: I would also would like to point out that ASP.NET applications and permissions do not extend to any other folder, other than the root, (/htdocs/), and the bin, (/htdocs/bin/) folders.  Sub-directories and folder after bin and htdocs will not have ASP.NET permission (read or write).


If you could move or reconfigure your application to save all your code behind, include and dll files onto the root or bin folder, your application could work or possibly run as you would expect.  Please have this done and retest your application. If and when you get a different problem or another error after doing so, please let us know, and we shall be happy to help you troubleshoot any problems that you may have.


There is a 'create database option'  where i can create a database..create a dsnname, user name, password and have to specify the database file name. Once i do this i need to place the database file (aspprotectnet2002.mdb) in the /db folder within the root. I also tried this and made the appropriate change in the web.config but it STILL DOES NOT WORK. I AM PULLING MY HAIROUT WHY WONT ANYTHING WORK.






I just installed the software, but I can't find any place where I can see when users logged in, can someone please tell me where I can do this?



It turns out that I never enabled ASP.net on the site. After doing that the skins work much better. I'll have to poke around and see what other functionality is now available.




just leave the databse where it is, use the connection string generated for you and most importantly... put in a request with alentus for permissions to be set

tell them "
D:\Websites\www.mysite.com\aspprotect\data" and all of its child folders need change permissions (r,w,x,d) set so aspprotect can do its thing

until the permissions are set that connection string can not work

this is all noted in the installation docs...


I have sent an registration email (as test) to both a yahoo account and also my own email server and in both cases I get the same issue, all else is working great. I am sure its somthing simple, perhaps I am over looking somthing else. the site url is www.rochestertek.us/asp/users/register.asp if this helps

Again thanks.


Nobody ever asked me, so i guess npegley sorted it.

The solution is indeed a single line added to your button form code ..

eg :

<input type='hidden' name='return' value='http://www.your-return-url/here.asp'>

This will overwrite any settings you have in your paypal preferences.

I posted this reply for anyone stumbling on here with the same problem. Hope it helps. :)



The Pop-Up Javascript Date Pickers will only show up of your server's regional settings are set to one of two lCID values.

1033 which is English - United States
mm/dd/yyyy date format


2057 which is English - United Kingdom
dd/mm/yyyy date format


Many servers are set to run the default LCID which is 2048 so the banner system will not show the date pickers.

This setting can however be easily overwritten when using the ASPBanner system.

Edit the "config_inc.asp" file with a text editor.

Add this code between the <% and %> tags.
Near the top is good 

Session.LCID = 1033


Session.LCID = 2057

depending on what date format you are looking to use

Save the file and go edit a banner. The date pickers should be there now.


Than you 

I'm happy after changing to XML parser for two of the ads. Later I'll change the other codes to XML, never to use iframe again!


Hi Chris,

I tried changing using Notepad in the config_inc.asp


If  Application("SERVER_SOFTWARE") = "" Then
 Application("SERVER_SOFTWARE") = Request.ServerVariables("SERVER_SOFTWARE")
End If


Application("SERVER_SOFTWARE") = "iis/6"

and the albums still do not show up under the categories

Rhona (rookie)



Sorry, I guess you did say you finally found them.
Regardless, sorry then, I tried

I dont know what else to tell ya.. except to search www.aspin.com

Perhaps you will find something you can use there.


yes, How can I have fixed size height and width image without distortion. Is there a component that I can use or how can I change the existing code.




yes, unless its ratio matches

how could it not be ?

Please keep questions like this in the forums... thx.
there is no need for this to be a private message

-- Previous Private Message --
Sent by : eeye
Sent : April/29/2005 at 2:19pm

If I choose fixed width and height is the thumbnail image going to be distorted?

-- Previous Private Message --
Sent by : cwilliams
Sent : April/29/2005 at 1:17pm

that is not possible unless you rewrite the code.

You onlyahve the two options we give in the config file for thumbnails

fixed width and height all the time


fixed width / dynamic height

-- Previous Private Message --
Sent by : eeye
Sent : April/29/2005 at 1:07pm

Hi William

One more questions for you. is there a way to make sure that all the thumbnails are the same size without distorting the images (in the thumbnails). Or if a picture's height is bigger than its width is there to create the thumbnail such that the height of the orginal becomes the width of the thumbnails and vice versa.

Basically I just want the thumbnail pictures to be in a perfect row with all the picture heights the same and all the pic width the same.




Timecard Entry: 3/25/2006 1:41:25 PM

Work with Dave on planning for NYSAR show, Reset Modem Pool, Review IIS scripting and ISP admin, Webb billing out, training , Henderson research, Working on SOftMLS...checking the realtor.com export file with a new revision they came out with to make sure everything is still going to work, teched calls and fishercast ISDN went red, Took some business calls, and put WIndows ME on Dad's laptop., Posted cancellations and did my timecard, general tech support did radlogs and as well i did expiring user callbacks, email, voicemail, phone leads, habitat for humanity,, MBO meeting, Meeting with NYAB concerning VPN and current network, check voice mail/email fishing charter- go over, WBDR.COM - The Border Top 40 updates, working on chatauqua database, Reading and responding to emails and voice mails, FrontPage support, tape for deposit for Cathy, Switchboard, billing calls, Posted account and id a detil of check and cash for a bank deposit. Counted my cahs drawer. Customer inquiries regarding their accounts and ans. phone., TRAVEL TO ALBANY, Spoke to Paul about the Corp partner plans etc obtained info from chris for dave etc, small break, printing posters for business fair, Checking e-mail, backing up servers, responding to voice-mail., got killed with calls if i remember correctly.., Lunch, Going through all customers for updating status sheet and ensure my vacation would be a little less restless.,

   Active Server Pages Rule The World
Contact Us  
All artwork, design & content contained in this site are Copyright © 1998 - 2019 PowerASP.com and Christopher J. Williams
Banner ads ,other site logos, etc are copyright of their respective companies.
STATS Unless otherwise noted - All Rights Reserved.

Active Server Pages ASP a directory of ASP tutorials applications scripts components and articles for the novice to professional developer. CJWSoft ASPProtect ASPBanner ASPClassifieds www.aspclassifieds.com, www.powerasp.com,www.cjwsoft.com,www.aspphotogallery.com,www.codewanker.com,www.aspprotect.com,www.aspbanner.com