Blog Entry: 3/25/2006 1:38:54 PM
I have run into the same problem with streaming pdfs to the browser
using the stream_download.asp example, but only when selecting the
option to open the file directly into the browser (after it's streamed
back) as opposed to saving it and then opening it (which works fine in
Firefox and IE). Then I ran across this Microsoft support article
It got me thinking that maybe a header needs to be included in
stream_download.asp that tells the browser to specifically cache the
file. Adding this suddenly got everything working
Response.CacheControl = "Public"
right after this line in the code
Response.ContentType = "application/octet-stream"
My asp is limited, but this seems to work at least for pdf
documents. Can someone confirm this? The other question I
have is if this is a solution, should the CacheControl be set to public
or private. Not sure on what the implications are.
Firefox by the way seems to open or save and open the file without
this, so you are right that the implementation between the browsers is
I am running Windows 2000 server. I do believe asp.net IS installed as I have the .NET 1.1 framework installed.
Funny about the bounce backs. I am at about 10% of my limit, which I control as I am the network admin. I'll check into that.,
that really does not make any sense...,
I dont know what else to tell you as this really shouldn't be anything too difficult to sort out...
redirection based on criteria is not something aspprotect does by default... I try to help a bit... I've shown everyone how to do it in this thread...I know plenty of people doing it... I've done it myself... I know it works
let me ask you this... are you using ASPProtect 6 with the Option Pack ?
I assume you must be or you would not have the Groups feature ?
And you asked this question in the ASPProtect 6 section.
but then maybe your using 7.. I do not know
this should all work the same either way
I think you’ll definitely like aspbanner. It's very easy to setup and use and it should work great with your portal.
You’ll have banners rotating in no time. All you have to do is add banner calling code in your pages where you want the banners to show. There are enough methods that you will definitely find a few that work well for you.
BTW, there are actually 7 methods now as we have a new one.cwilliams38455.9049884259,
Information about it can be found in our ASPBanner support forums
If you are using version 6 CDOSYS is not supported. That is one reason why version 7 came out. If you want to rewrite the code to work with CDOSYS in version 6 that is something you need to sort out on your own as I do not support custimization to the code.,
humm.. can I possibly see this happening ?
any changes to that part of the code ?
Thanks for the answer. No, I am not using Paypal since these are employees and sales reps. I guess i'm on my own on this one. :)
Thanks, sorry for the confusion, but I am not that good with the tech explantions yet.
what it boils down to is I have an Access Database containing over 100
members names. I want only those people to be able to get into
the secure pages.
You really can not do something like that. You can not use client side code to change a server side session variable.
To make changes server side a form must be submitted or a link clicked on to another page. Then you can do whatever you like but you cant have an onlci event update a session variable like that.,
Though I am not sure of exactly what you are trying to do I think you'll need to go about things a little differently.
Hi - I am a recent user of your software. I administer it for the owner. I probably missed something in your forums somewhere - but I'd like to know how to stop the software from sending an "accept registration" e-mail (after they fill out the registration page) from going out so fast - usually within minutes. I'd like to know how to defer the message for 24 hours, more or less, so that our company can go over the registration details and decide whether to allow the person registering to actually have access to our protected website pages. The program is working very well and we are excited about it. So far, no problems (knock on wood!).
Thanks so much for your help!,
Humm, I dont see how moving to a new server could have anything to do with that.
What method of displaying the banners are you using. Perhaps try some of the other ones.
no.., not unless you come up with some clever way to handle it on your own
read 2nd to last post
The way ASPProtect ships it is designed to either be in http:// the whole time or https:// the whole time.... (there curently is no solution from me allowing going from one to the other),
If a picture does not show after uploading it is one of the following things.
The upload method chosen is not supported on the server
The physical path specified to the pictures folder is not correct.
The URL to the Pictures folder is not correct.
Permissions to the pictures folder have not been set properly
Here is more information on how permissions are set.
Without more information and the settings you have entered and chosen that is all I can offer for now., download the free version...
check out this tutorial...
If your application can post to the page and provide all the form variables needed to log in it may work out for you..
You'll have to try it out... all the form variables needed are in that login form example.
Basically you'd be posting to a protected (.asp) page..
and providing the following for the most part.. how your app creates it post data is on your end...
<input type="hidden" name="Status" value="Checkem">
<input type="text" name="Username" value="Yourusername">
<input type="Password" name="Password" value="YourPassword">
As an alternate scenario...
Now, by default the "check_user_inc.asp" file is looking for posted form data... for security reasons it is not looking for querystring info..
If you change this bit of code in that file
Username = Replace(Request.Form("Username"),"'","''")
Password = Request.Form("Password")
Username = Replace(Request("Username"),"'","''")
Password = Request("Password")
It will then grab either form or querystring data...
Meaning you wouldn't necessary have to create a true post to the page with form data. You could just access the page via a querysting like so
Of course that introduces security risks as the username and password would be passed in plain text over the net
Another option is...
You can also make a copy of the "check_user_inc.asp" page called whatever with those modifications just to use in pages you need your little application to post to... thus reducing the security concerns a a bit as the rest of yoru site could still have its pages protected under the normal scenario.
I hope this answers your question... I havent really ever tried any of this but that is how I think it would work... ,
Yes, you are right.
We have now tested it using the DSN less connection with Access 2002 and it works fine. We have also tested it again with a DSN using 2002 and this also seems to work.
The comment about speed is a consideration although I have not noticed any differences. ( we only have a few database entries at this time).
Thanks for your help, ok.
I just had a series of fraudulant orders this past week including today and the whole thing has me on edge. (foreign people getting my code for free and doing who knows what with it) When you mentioned calling the cc company it pushed all the right buttons.
I am using VS 2005, when i go to new project in visual basic folder asp.net web application is not there..
Can i add it somehow?, also, from looking at your site your ideal scenario would be a system that allows you to show all banners in one zone at any given time but in a different order.
ASPBanner is just not that sort of system. It is only designed to show one banner at a time from a given zone in random order.,
The redirection at 1st login feature is supposed to work like I explain in this thread.
Though what you just said is a bit confusing it sounds like you have some sort of browser problem and it is doing the redirect every single time. ?,
I would suggest reseting all your browser settings to normal and making sure cookies are enabled because forms based authentication uses session variables and cookies must be enabled for session variables to work correctly. If not something like this could happen as the redirection at 1st login would happen over and over every time.
So try it on other computers and try with firefox as well as IE. Many people go nuts with their browser settings and way too much stuff blocked which can cuse all sorts of issues. Also some script blocking and firewall software can cause problems so disable all of that when testing.
You may also have created some sort of endless loop. (I really need to know way more information on what you did to know that for sure)
You may also want to consider doing your redirects manually meaning you protect a a page and right after the protection you use regular ASP redirect statements to redirect the user whevever you like based on their session info which is available to easily check immediatly after someone gets through the authentication.
I still stand behind my statements that redirection is not good site design. You really really need to understand and plan your ASP pages as well as have a very good understanding of the session and how all of that works if you use redirection with a password authentication scenario. You should never be redirecting someone to an ".htm" pages except during testing because you wont be able to stop users who are not supposed to go there from going there directly.
I have been working on this all night long. I have been reading every possible article. I have created an ODBC connection on the server.. which i have never done before? Still nothing. I looked at the machine.config file... i read about impersonating whatever the hell that is... I am really stressed out. I have the 1.1 framework installed.
I read about dsn and dsn-less connections. Is there another way i can connect to the database? Without using a username and pw maybe?
I did a google search and it turns out that error very well might have to do with ASP trying to send an email and that process failing.
That tells me your emailing from the application is not working so it is probably not something you edited incorrectly.
see this article...
Emailing was working as when I did your installation (I think I did it months ago, didn't I) so it must be some incorrect changes to your email settings in the admin settings screen. Try sending an individual email to a user from the admin users screen and see if it works. My guess is you will get the same error and means your email sending options are no longer correct or valid.,
If that is the case I would ask you if you changed them or possibly something changed as far as your email setup goes. Passwords ? EMail Server .. etc etc etc
Ok, set up a new web.config in root, with just the suggested code.
I'm in a bind cause I'm supposed to be launching on Monday!? I have four different subscriptions set up in ASPProtect and I'm going to 2Checkout for payment. When I go to 2checkout I have the same 4 subscriptions setup.
How does ASPProtect know what product id to use in 2Checkout?
I have the redirect setup etc. but it's using the default URL in 2checkout and not the product(Subscriptions). The only way I can tell what the user selects is from the price... and I'm specifying the time period, the cost, group in the 2checkout1.asp but I'm not getting the user set for the periods either.... my main problem is the interface to 2checkout... I think if a product id is added somehow it might work. What can I do?
that worked to get this....
error occurred during the processing of a configuration file required
to service this request. Please review the specific error details below
and modify your configuration file appropriately.
Parser Error Message: It
is an error to use a section registered as
allowDefinition='MachineToApplication' beyond application level. This
error can be caused by a virtual directory not being configured as an
application in IIS.
Line 411: <authentication mode="Forms">
Line 413: <!-- DO NOT CHANGE UNLESS INSTRUCTED TO DO SO -->
Source File: D:\hshome~aspnetprotect\web.config Line: 411
If you are developing using Windows XP Pro and running the NTFS file system setting proper permissions on a folder in your website requires that you 1st disable simple file sharing.
To do so open up "my computer". At the top open up "tools/folder options"
Then the "view" tab.
Then at the bottom uncheck "use simple file sharing"
After that that is done... using "my computer" browse to the folder in your web that you need to set permissions on.cwilliams38203.582337963,
Right click on that folder and then choose the "security" tab.
(If simple file sharing is on that tab wont be there)
Give the "Internet Guest Account" Modify Permissions
This will check all the boxes under modify as well.
You can also give permissions to the everyone account and accomplish the same thing.
If you are using ASP.NET you need to give permissions to an account called ASPNET. It wont show up in the user list. You'll need to click "add" and then type in "ASPNET"
I just installed ASPProtect on my site. The instructions were definately on the target. Very very good instructions.
But... Isn't there always a but ???
I needed to setup my site with MS SQL and it is hosted so I don't have Enterprise Manager. I tried the web based Enterprise Manager and any other one I could find. But, I kept getting errors when trying to use the SQL Script.
I finally had to go back to my work where we do have the licenses and get an SQL Admin to use Enterprise Manager to run the script and it worked finally.
I don't know if this is a common problem ??? But, maybe you would want to look at the SQL Server script or make a different version that would work with the Web Based SQL manager.
I have had a couple of users log out of the system as they are supposed to, move to another computer and not be allowed to login because of "they are currently logged in using another IP address" when in fact they logged off properly. Is there anything that they should be doing differently?
Yes I'm using the Option Pack.
How can I make so it goes to certain webpages if user enters valid username and password??
I suppose user enters its information on check_user_inc.asp page, and username and password are stored on SQL database.
, It is common when testing a site that this happens because of the nature of session variables.
Admins have access to EVERYTHING so it is very important when testing different user accounts that you specifically log out... and then close every single browser window before logging in as a different user. This is to ensure session info from the previous user does not overlap in any areas.
(The session variable for admin access being the main one)
Under normal circumstances a user would not log in with many different accounts on the same computer this this would only be a problem for a developer who is testing.
So make sure you go to the to log-off page and log off.. then close all browser windows.. then test another user.
If all this is not the case then something else is going on and I will need more information. I pretty much know the level checking code for ASPProtect Version 6 is correct as there has been no reason to change any of it in over a year. I would have heard reports of problems with it. ,
Has anyone used the aspmail function to send and recieve emails from within your forms? If so what string did you use in the aspmail_host field in the connections database.
If you code support for it yes, the application comes with no paypal code or support built in.,
If you think it will help you, you are welcome to a copy of the classic asp version which supports paypal subscriptions. Perhaps looking at the code would help you.
Wondering what might be causing a long delay to display the login screen? This does seem to be intermittent. Could be server/ISP related? Have experienced enough times to justify posting this question.
I can count up to 20 seconds after clicking on the link. After login all other selections zip right along without problem.
((TITLE EDITED BY ADMIN))
it would be nice if there was an option for login abuse, where a login account would be flagged if it logged in from x number of different IPs over a period of time. I know many have dynamic IPs, but there's got to be a balance between legitimate logins and logins that are 'shared' for the sake of saving money (I sell subscriptions), in the end costing me.
Maybe searching the first two number groups in the IP (example, 209.168.*.*), and if finding more than an admin specified number of logins per week from IPs with different first two groups, the record would be flagged or locked...
Our webhost set the permissions, but the error is still there, so that is obviously not the problem. We now have both our webhost and our asp support technician trying to figure out the problem and everyone is stumped. Can you please provide us with the following information to help us out:
1) what is the name of the file that sets the connection string?
2) what is the name of the file, if it is different from above, that sets the password of the database?
thanks, I have no idea of what kind of 'stuff' to try. I'm running other asp apps that use there own Access databases with no problem whatsoever.,
Yes, I was referring to ASP Protect.
I had about a dozen people access the same account, but it is highly unlikely that they would all try at the same time (unless there were several hundred people who had access). Having an enhanced login abuse would be nice.
, It works. Thanks Chris.
The only major usability issue I've found to date is multi-zone banners. Cloning is helpful to a point, but then if you have a change to that banner, you have to make the change 6 times or what have you. I think, even at the expense of speed, multi-zone capability for a single banner would be excellent addition. Of course, that supposes I haven't just missed it and it's already there.cwilliams38453.6665509259,
The password is HANNAH. If you're into trouble shooting mode and would like the key, I can send it to you. If not, no big deal, I've email the guy a new password. We'll see how many rounds it takes him to get it right.
Timecard Entry: 3/25/2006 1:38:54 PM
E-mail, Trvl to JCIDA
Working on export file system for SoftMLS2 and palmpilots. Have a specification chart Jeff Wood gave and I have to write all the code to make it work., lunch, bank, Finish migrating Picket Fence, Starting backup sequence on servers., Picked up mail and opened. Posted accounts, ans. phone and customer inquiries. Credit card authorizations and coupon referrals., getting together information for howards trunk forcast to bell atlantic, TICC team meeting, to Keene Valley, payroll, Develop proposald fopr Mils cottages, develop proposal for Allied Federated co-op, develop proposal for Jefeerson county employment and training
Contact statcommunictaions, develop spreadsheet for lead for Nic,
Speak with john doldo III for domain name, regaister virtaul email
Caskinette auto changes to web site
Premier paging infor forweb site
Clayton Chamber - info for web site
Black Creek farms- left message
Jennifer knapp- send fax and proposal
Deferiet paper- happy with web site
anser enmail/check voice mail, Checked email, voice mail.
Sheduled appts & meetings.
Filing & Copies., Howard, Lunch, web site, rad log, on line, trash , straighten up
, Discussing PDF file issues w/CJW, travel time back to clayton, busy, but squeezed in some Rad's and callbacks,