| Blog News Main Page |
NEWS FROM 2006-03-25
Blog Entry: 3/25/2006 1:46:47 PM
I assumed when it said "expected path" that it understand that was the default and unless I wanted it in a different directory I could leave that blank. I'm checking on it now.,
also.. the log out page shouldnt really need this
but you can try adding this to it where all the other ones are set to nothing..
<% Session("Groups") = "" %>cwilliams38341.7215046296,
Again, enspecified error are not very helpful.
An error usually tells you at least a line number and page or something.
Please read this as it might help do tell me more.
As for only happening once in a while. It could be a lot of things.cwilliams38414.6114930556,
Version being used (when did you purchase.. what name/email was it under and I can look) ?
What banner method being used?
Access or MSSQL ?
How busy the site is ?
Server Resources ?
it is an email server/setting issue most likely
your email server probably requires outgoing authentication or something like that and that is why internal emails can be sent to but nothing else
its something along those lines
this will help you see the real error instead of the generic 500,
I was told by my ISP to use localhost and it should work and it does not. It does not require authentication to send e-mails.
Any other ideas?
Thanks, Hey CJWSoft,
We're helping out some clients of ours in a server transfer and we
really need some assistance from you guys. We've got everything
transfered and running, except for the ASP.NET banner. Do you
have any directions on how to go about moving the install from one
server to another? We've sent a couple emails through the site
but haven't gotten any responses back.
, I posted this in the wrong forum. Sorry.
I have installed ASPProtect on a client's website and I have been
notified that some of their customers have been unable to login to the
On testing it seems that the issues seem to be related to how cookies are being stored by IE 6.
ASPProtect is being used to protect particular template files within a
Content Mangement System. 90% of the time it is working fine but on the
odd occassion particular cutomers are unabe to login.
After quite a bit of testing I have managed to find the scenario in
which it starts to have problems and was hoping you may be able to
provide a solution.
If a customer enters the wrong password, then reenters the correct
username and password, they receive a message "template can not be
found" from the Content Management System. This message is generated
when a url is entered that contains a link to a template file that does
not exist. In this case the template does exist. If I remove the
ASPProtect code the page opens without error.
Everytime they re-enter the details they receive the same message.
If they close down the browser and then reenter the correct details in some instances the page will open correctly.
More often than not, they have to delete cookies and temporary files
and close the browser. This seems to fix the problem again for
most users. For users who's web access is heavily cached by an internal
server, even this does not work.
Have you come across this problem before and can you suggest a remedy.
If you can email me privately I can give you the URL and access codes.
need more info..
are you using aspimage to resize images and make true thumbnails..
(because if you have it turned on and it isnt actually installed on the server you will get broken thumbnails.)
what kind of images are you using ? gif or jpegs
are you uploading images over existing images ?
really need to know exactly what to do to reproduce the situation from scratch and then I can give you a better answer ??
(Password Expiration Mod) for ASPProtect Version 7.x,
This Advanced Mod requires decent knowledge of Databases and working with ASP. I originally wrote something like this for a customer on a custom project. I then took the time to re-write all the code from scratch so it could easily be plugged in to the current version of ASPProtect as an option. All in all this mod took me over 15 hours of time to develop and will save you a ton of time & money if you were planning on writing something like this on your own. Some parts of this were so difficult to get working that I would never have written this code if I was not paid to do so. (The encrypted array that rotates through the last 12 passwords was quite frustrating to get working)
The price on this is 19.95. I am not incorporating this into the base product because it makes things more complicated and isn't for everyone.
Security is a big concern and making your users change their password every so often is a good idea. Keeping track of previous passwords they used and making them choose something they haven't used before takes the concept even further.
This Mod will add a password expiration date to the application. When the password expiration date is hit the user must confirm their old password as well as pick a new one before they can log in again.
There is a new password expiration directory where they must choose a new password that has not been used before. The new password must be confirmed during this process. (It remembers 12 old passwords the way it is coded) The old passwords are stored in the database in an encrypted array.
Back up your existing ASPProtect installation.
Add two new fields to the "ASPP_Users" table in your database.
For an MSAccess Database
Password_Expiration_Date (Date_Time Field)
PreviousPasswords (Memo Field)
For a MSSQL Database
PreviousPasswords (nvarchar 160 characters)
once that is done
Copy all the new ".asp" pages into your site.
Edit the "PasswordExpirationURL" variable in the "check_user_inc.asp" file
It needs to be the full URL to to the "change_password/default.asp" file
Now edit the "change_password/processchange.asp" file
There are 3 variables you can edit.
PageSentToAfter = "http://localhost/aspprotectmods/password_admin/default.asp"
PassMinLength = 4
PassMaxLength = 8
The "PageSentToAfter" is where you want them sent to after they change the password. It can be whatever you like.
If it is a protected page they should automatically get logged in with the new password they just changed to which is nice.
The other two values should be obvious.
Just remember the password change thing is not used in the admin area...
You could easily add code for that on your own though by looking at the the password expiration code I added to the publics "check_user_inc.asp" file
You will see a new field to edit on the user edit screen for the Password Expiration of course.
When someone edits their personal information, such as address, is there any way to set it so that someone in the office can receive an e-mail noting the changes?
Thanks., that erorr in no way means what it says.. it is just a generic error because something failed.
if you want to PM me info on how to get into your site and I will take a look.. I don't think it is something that can be figured out otherwise especially when you are not telling much about what is going on. There are a lot of factors and settings that are relevant. ,
Is there a possibility to build in a option that the administrator will be notifed when a banner expired.
The redirection at 1st login feature is supposed to work like I explain in this thread.
Though what you just said is a bit confusing it sounds like you have some sort of browser problem and it is doing the redirect every single time. ?,
I would suggest reseting all your browser settings to normal and making sure cookies are enabled because forms based authentication uses session variables and cookies must be enabled for session variables to work correctly. If not something like this could happen as the redirection at 1st login would happen over and over every time.
So try it on other computers and try with firefox as well as IE. Many people go nuts with their browser settings and way too much stuff blocked which can cuse all sorts of issues. Also some script blocking and firewall software can cause problems so disable all of that when testing.
You may also have created some sort of endless loop. (I really need to know way more information on what you did to know that for sure)
You may also want to consider doing your redirects manually meaning you protect a a page and right after the protection you use regular ASP redirect statements to redirect the user whevever you like based on their session info which is available to easily check immediatly after someone gets through the authentication.
I still stand behind my statements that redirection is not good site design. You really really need to understand and plan your ASP pages as well as have a very good understanding of the session and how all of that works if you use redirection with a password authentication scenario. You should never be redirecting someone to an ".htm" pages except during testing because you wont be able to stop users who are not supposed to go there from going there directly.
Yesterday when I would access the get_me_in page with the password key, I was then taken to the default login page. It did not give me the option to create a user.
Today, when I entered the password key into the get_me_in page, I was taken right to the create user page. So, yes the problem has been resolved. I have no idea why though.
just leave the databse where it is, use the connection string generated for you and most importantly... put in a request with alentus for permissions to be set
tell them "D:\Websites\www.mysite.com\aspprotect\data" and all of its child folders need change permissions (r,w,x,d) set so aspprotect can do its thing
until the permissions are set that connection string can not work
this is all noted in the installation docs...,
How to bring up Banner Calling Code Generators
Simply go to the zones screen.cwilliams38325.7399537037,
Select a Zone from the list.
Check the "Show Banner Code" option.
Click on "Display Banners in Selected Zone"
Just bought ASPProtect 7.0 last week and just got around to installing it. I've gotten through the installation and am now trying to test the (Forgot Password) functionality.
I get the following error when I type in the e-mail (or in some cases the username) and Post the form.
Error was  Valid name, no data record of requested type
I know that the add user functionality is pointing to the correct database (I see the additional rows via SQL Enterprise Manager) and that the e-mail address I am looking for is in the SQL database. ,
Any ideas? Any other information you need?
New Version 8.1 Released
Upgrade at your own risk. Though we try new versions are not always perfect due to minor bugs we may miss.
Back up your old setup so you can revert back if necessary..!!!
Save your data connection string info in a text file so you have it.
You can get that by viewing the system info page in the admin area.
Carefully copy all the ".asp" files from the new version to the old.
Your going to want all the .asp files in the aspbanner folder.
Your going to want all the .asp files in the aspbanner/scripts folder
Copy the aspbanner/images folder because there are some new images
Be sure to also copy the "data/config" folder files.folders as well as a lot of that is new including the actual config file. If you dont get the new config file copied in there you will have problems later on with some of the new features.
Be sure to create a new folder in the "data" folder called "tempstats"
Make sure it has proper permissions if you plan on using the delayed stats feature as the stats gets temporarily stored there.
Go back to the area where you originally setup the data connection and do that again...
From the web browser run the following URL
Replace "yoursite" with the proper url info relevant to your web site location.
When run via the web server that page will ask for a password. By default it is "temp". You should change it later on for security reasons. That page tells you how.
Now... moving on..
There were no changes to the database except for SQL Server users so you can use your existing database.
SQL Server users that want to use the new stored procedures feature (it's optional) will need to update their SQL database with the stored procedures.
Scripts to do that are provided.cwilliams38291.7372800926,
ALSO: I have been running this new version using SQL Server Stored Procedure mode for a 1 week on a special banner server that serves banners to many of my own sites. I have also been using the new Delayed Stats feature.
All I can say is it is running like a champ and the SQL server is using less memory than it ever did before.
Really, only you or your hosting company would know that information...
It is usally installed in the "_database" folder but the physical path including the drive letter to that can only be known by asking your hosting company or by using server mappath to learn the path on you own.
That folder also needs special permissions. The permissions it needs are covered in the documentation for the software and generally only your hosting compnay can set those permissions.
The online support forums here are full of information and resources on correctly setting up data connections. It is ASP 101 and something you really need to have an understanding of.
I am happy to answer questions and try to help, but if you dont want to deal with it or can't we do offer installation services.
My Admin user got corupted, and I need to reset the password and user, what is the defualt password for this database, as I do not think I have changes this (hopefully) as of yet.
I don't see any good reason to rename any of those files.,
Changing them though may involve changes to the code recompiling, etc etc... it is not something I support.
Access Database Password
By default all of the Access Databases we give out have a default password of "temp"cwilliams38403.6820833333,
The Default username that and Access database uses is "Admin" but you should not be concerned with that except in your connection strings.
The default password for the Access Database can only be changed using Microsoft Access to do so. If you have security concerns it would make sense to change the password. The help system built into Microsoft Access best explains how to do that.
Its still not there as labeled 'internet guest'. There's a 'guest' and a host of others. Is there a way to identify it as the proper guest account to use with ASPProtect?
Also, looking through support documentation, I see other possibilities it could be (http://www.powerasp.com/content/hintstips/permissions.asp). Is there a way of telling which the problem is and whether we use a dsn connection or not?
The error we are getting is
Microsoft OLE DB Provider for ODBC Drivers error '80004005'
[Microsoft][ODBC Microsoft Access Driver]General error Unable to open registry key 'Temporary (volatile) Jet DSN for process 0x1340 Thread 0x17a4 DBC 0x162becc Jet'.
/aspprotect/scripts/populate_config_variables_inc.asp, line 11 ,
YES.. you need to edit your SWF file to link to the aspbanner system... ,
example.. the link may look something like this
of course you need to put in the right information for your site and whatever banner ID it is in your system
Like it says above.. if you save the new banner at least once and then come back to edit that link will be generated for you at the bottom of the edit page.
then when your flash banner is clicked on it will go track the click and then send them to the "link_url" specified for that banner when you edited it.
(you need to enter the final destination url there if you want that to work)
If you are developing using Windows XP Pro and running the NTFS file system setting proper permissions on a folder in your website requires that you 1st disable simple file sharing.
To do so open up "my computer". At the top open up "tools/folder options"
Then the "view" tab.
Then at the bottom uncheck "use simple file sharing"
After that that is done... using "my computer" browse to the folder in your web that you need to set permissions on.cwilliams38203.582337963, Unfortunatley, I dont have an easy answer for you. It is certainly doable but adjusting the code so people assigned to certain groups get specific expiration dates means a lot of code work and time. It would probably even take me a long time to figure out.
Right click on that folder and then choose the "security" tab.
(If simple file sharing is on that tab wont be there)
Give the "Internet Guest Account" Modify Permissions
This will check all the boxes under modify as well.
You can also give permissions to the everyone account and accomplish the same thing.
If you are using ASP.NET you need to give permissions to an account called ASPNET. It wont show up in the user list. You'll need to click "add" and then type in "ASPNET"
The fact that users can belong to more than one group also greatly complicats the whole idea.
You can certainly assign an expiration level when someone signs up. That is easy and explained in the forums. ,
It's seems to work fine after renaming the file, rebuilding the application, and editing the web.config file to point to login.aspx. It looks like I can use your fine product and thanks again for the help. It was unusually easy. Merry Christmas…,
no, that only applies to random pictures and stats..
The issues you are talking about usually relate to issues created by switching back and forth between a local install and a live server install and not being careful about changing the paths in the settings depending on where you are running it from.cwilliams38394.7554976852,
For example.. it trying to use a url at the server level that is only valid when you are running it locally
The parent paths things really should not be an issue.
This is an article from the troubleshooting section of the documentation that takes care of it all very easily.
As for a good host that knows ASP and does not mess around when you ask for something. I always recommened www.alentus.com
, the email address thing could be done many ways... personally I would remove the username field from the registration form.. and modify things so the email field got used for username and for email when everything gets saved on the page that register.asp posts to. ... it would all require some messing around with the code and time... nothing too hard really
as for the password thing it all happens in the register.asp file.. the same page the registration screen is on in the web browser.. again a little bit of fooling around and time but not difficult , nice idea. id be interested to see your modifications for ideas,
Flash Code Generator
Until I have time to make one I suggest using the one on the banmanpro support site as it is pretty nice.
I was actually able to do similar thing by allowing our dedicated search engine to access the site unchallanged.
If Trim(Left(Request.ServerVariables("HTTP_USER_AGENT"),11)) = "MYPASSWORD" Then
SearchFlag = True
If SearchFlag <> True Then
If Session("Access_Level") > CHECKFOR or Session("Access_Level") = "" Then
<!--#include virtual="/Auth/check_user_Code.asp" -->
My Protected stuff here
For this to work, the search engine must pass the PW to the web site. I just was not sure how to do the same thing with IPs. I will play with the code and see what happens. If it works, I will post it here to help others, if this is OK with forum rules.
Honestly cannot comment much about v7 since it was just installed on a new server. We have been running 5.03 for years so I'm looking forward to the new features in v7.
The source code comes with it.
They are the.vb files.
I don't give out any project files for reasons stated in the article below.
Please read this in full if you want to edit the application in Visual Studio.NET
I downloaded v7 3/7/2005
I entered a password that was supposed to be all caps with only first letter caps.
it is odd, if I go to other user and enter wrong password that does not come up. it apprpriately goes to a screen that says Access Denied.
You have mentioned in the past that several other methods might be a better option for asp pages.
Examples would be: XML Parser Method or asphttp method.
Or, is it possible to use the asphttp method on all pages, whether they are asp or not?
I'm just trying to figure out what is the most efficient way to use the banner system.
Any helpful feedback would be appreciated!
If a picture does not show after uploading it is one of the following things.
The upload method chosen is not supported on the server
The physical path specified to the pictures folder is not correct.
The URL to the Pictures folder is not correct.
Permissions to the pictures folder have not been set properly
Here is more information on how permissions are set.
Without more information and the settings you have entered and chosen that is all I can offer for now.,
We use ASP Protect to password protect the pages in the member area ( http://www.pti.org/members.asp )
Of late Once or twice every month our whole site goes down and it gives us a "Microsoft VBScript runtime error 800a006 Overflow: Clnt //global.asa line 33 " error message (with the friendly message turned off). When we reboot the web server things are up as normal.
But this is happening too frequently and creates a bad impression.
Any suggestions on how we could prevent this would be greatly appreciated.,
Okay thanks, I'll have to consider wether or not to go down the path of the upgrade or cut my losses as the Access cannot handle the pressure
It's just errored out again with the following message:
msxml3.dll error '80072ee2'
The operation timed out
/forum/banner.asp, line 15
Timecard Entry: 3/25/2006 1:46:47 PM
Getting my task list straight. Check e-mails, voice-mail, return a call. Clear up a NOC problem., Checked email, voice mails & relayed messages.
Worked on Tech Test.
Filing & Copies, Both of the online issue (people) could not be contacted. , Checked online issues as well, lunch .... studing dial up issues on the web , Got busy when we got food (go figure), working on a-links, Lunch, Review iMail documentation, Completing weekly report for Randy. Making changes as per Randy., teched phone calls, Answered the online issues that we had. Only had one all day, Gisco cashflow, travel back to clayton, Calls really started pouring in. , 100 Miles - PlesisNY to SyracuseNY for Nortel Training DMS500 Translations, REMOVE CONTENT FROM CEROW AGENCY, revise letter to customers, contact randy, Empl Weekly Report-Seth, filing, revieiwing A/P statements, vac, Finished lable files for approx 84 Channel Partners, Gathered info from Cortel on PRI order. Attempted to call Don Donahue, left message., had one account cancellation. a couple general calls, Assy of Office Chair, Prepare documents for Board and Shareholders' meeting, BASTASFLOWERS SCAN PHOTOS FOR WEB SITE, ADD INFORMATION TO PLANT CARE, ADD ORDERING FORM TO CATEGORY, COMPLETE STORE FRONT CATEGORY SELECTION FORMAT, phones, radlog, dial up issues., answering phone, callbacks from voicemial, checked emails, taking sign ups, quailty checked sign ups. , lunch,