Blog Entry: 3/25/2006 1:38:17 PM
I think this addresses your question
I will actually explain how to set access_levels and/or groups...
carefully edit with a text editor
find this part
CmdAddUser.Fields("Access_Level") = "4"
that is where the acess level gets set...
you can change the level or remove that line all together if you dont want one set
now for groups you would add this line in the same area
CmdAddUser.Fields("Groups") = "*3*"
CmdAddUser.Fields("Groups") = "*1*,*2*,*3*",
Groups access for a user is stored in one field in the database like you see above. If you are confused what you should be saving in that field I suggest simply setting a user to whatever groups you want via the admin area and then looking in the database to see what got saved in that field. It's pretty simple really how they are stored.
that user would be a member of groups 1,5, and 9
Say, I just thought of one last thing.
Your not by any chance running something like norton antivirus with norton script blocker on that server are you ?
It can cause issues when ASP uses the filesystem object and cause never ending page hangs like you are having.
There are other apps as well that can cause it to hang.
And ASPProtect does use the filesystem object., Along with being able to set an expiry date or number of impressions, is it possible to add another option for a banner to be "non-expiring"?
With our current ad software (which we are transferring all data from to ASPBanner), we run banners for both paid advertisers, and for our own services. The banners relating to our own services, we would like to set to "non-expiring" so they appear all the time. ,
I am using ASPProtect's password program, which has been very successful, for managing over 1,500 military veterans' memberships at http://www.vspa.com. What I am trying to do now is utilize the "Groups" code, as generated by the Admin page, to prevent members with expired accounts (and non-members) from accessing restricted "members only" .ASP pages they may have bookmarked, or found via web search. The code generated and used is as follows:
<%@ LANGUAGE="VBSCRIPT" %>
<!-- Begin ASPProtect Code -->
<!-- Groups with access to this page. ( * ADMIN * Member Current * Member Life * Officer/Staff * ) -->
<% GROUPACCESS = "10,12,14,19" %>
<!-- End ASPProtect Code -->
The above is placed over the <html><head> statements on the page.
When I am logged in the code works perfectly! When I log off and try the URL again, the page appears in its entirety but with a Login box for Username and Login Password at the top of the page. You may view the problem at: http://www.vspa.com/aspprotect/vspa-password-enter.asp .
What I would like to have happen is expired members and non-members would be sent (or Redirected) to a Login page. I do not want the Login password box to merely be inserted above the page that I am trying to keep them from visiting.
You might just learn something and actually get your project finished before 2010
your over there hacking away on your virus infested WaReZ machine
LOL thanks for the good laugh-- i guess its time to do some reading and making my own mods to the program..
btw i never insulted cafrepress.. not sure where you got that from- just advised that what they have is exactly what i want to have done. How much for your service?,
You'll need to find a validation function to test for it.
I dont have any experience with validating zip codes here much less UK.
Google it would be my best advice.. or maybe find some free app written in UK format and see how they did it.
And if ya find anything post it here if ya like
Trying to make sense of this. I am still confused. In the file config_inc.asp. I found the setting for "uploaddirectory". That entry looks like this [UploadDirectory = CmdGetConfiguration("UploadDirectory")]. I assume there is a config file where the value of upload directory is located.
The settings in the config_inc.asp file have not been changed. they are set to the way it was delivered. Is there a document that gives instructions as to what and where the config settings are to be changes?, I did not set that variable in the IPN code that aspprotect uses. It is optional.
You will want to download PayPal's IPN documentation and see what the variable is called and then add it to the IPN form code if you want to use it.
it will be a hidden form variable (one line of code added to) paypal2.asp,
False alarm. Dumb user alert (both the classifieds customer and me).
When I test fixes, I need to be looking at the right Ad_ID to get correct results ,
Are there any problems with modifying the default database fields.
I need to have an update from net billing and they use different settings in the database than the default.
Will the interface still be functional?
Connecting user is dbo of database.
User_ID is primary key with auto increment identity.
SQL Script of current table:
CREATE TABLE [dbo].[Security_Users] (
[User_ID] [int] IDENTITY (1, 1) NOT NULL ,
[First_Name] [nvarchar] (100) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Last_Name] [nvarchar] (100) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Company_Name] [nvarchar] (100) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Username] [nvarchar] (75) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Password] [nvarchar] (15) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Access_Level] [nvarchar] (30) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Notes] [nvarchar] (1000) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Admin] [bit] NOT NULL ,
[Active] [bit] NOT NULL ,
[Expiration_Date] [smalldatetime] NULL ,
[Email] [nvarchar] (100) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Address] [nvarchar] (100) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[City] [nvarchar] (100) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[State_Province] [nvarchar] (100) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Zipcode_Postal_Code] [nvarchar] (20) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Phone] [nvarchar] (20) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Counter] [int] NULL ,
[Last_Access] [smalldatetime] NULL ,
[Login_Limit] [int] NULL ,
[Custom1] [nvarchar] (255) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Custom2] [nvarchar] (255) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Custom3] [nvarchar] (255) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Custom4] [nvarchar] (255) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Custom5] [nvarchar] (255) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Custom6] [nvarchar] (255) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[ValidateEmailCode] [nvarchar] (50) COLLATE SQL_Latin1_General_CP1_CI_AS NULL ,
[Date_Created] [datetime] NULL ,
[Validated] [bit] NOT NULL
) ON [PRIMARY]
ALTER TABLE [dbo].[Security_Users] WITH NOCHECK ADD ,
CONSTRAINT [PK_Security_Users] PRIMARY KEY CLUSTERED
) ON [PRIMARY]
Sorry, you cannot, that is how it works and that is how it has to work for reasons I am not going to try to explain as it is pretty technical. (it works the same way even when not using paypal and using email authentication... nearly every registration system out there does it that way under an email authentication scenario or a PayPal IPN thing.)
Basically, if you are concerned about it you need to periodically manually check for accounts that were never activated and delete them. Maybe when I get some time some day I will make a little interface to help find those and clean them up at once.
, I just remembered the current skin is stored in a text file in the pictures folder. If it did not have permissions for writing it could give you trouble. That could of had something to do with it.cwilliams38295.3821064815, that information is actually not helpful in determining whether parent paths is enabled or not.
You should really ask your hosting company or better yet try doing a server side include to page one directory up and see if you get an error.
<!--#include file = "../myfile.asp"-->
cwilliams38302.6484259259, We have no add-ons for anything but accepting payments through paypal and 2checkout... if you want to accept payments through some other setup you have make a payment directory addon and write code to do it based on the system you are using..
We provide the ASP source code so that is doable for someone that is good with ASP. If not then it won't be doable.
You really should check out the documentation regarding the config file before you go any farther.
If the server supports ASP.NET you do not have to spend any money to have real fast loading thumbnails.
Also, licenses of ASPImage only cost 69.95 and regardless any quality host supporting ASP should have one of the 3 supported resizing components installed or else you should consider a better host like www.alentus.com Places like that have good hosting prices and give you access to 3000.00 worth of 3rd party asp components.
, I have ASPPhotoGallery installed. Everything has been working great for some time. Suddenly, for no apparent reason, I am not getting the "Hits" incremented when a user opens an album. It works when an administrator is logged on. Does not for any anonymous users. Everything else seems to work fine. Again, this used to work. Any ideas. ,
This is a great article for newbies..
Hints & Tips when working with ASPcwilliams38436.5949768519,
(FREE) Nov 23 2005 Update Files
If you purchased ASPProtect Version 7.x before Nov 23 2005 then you can download these Update Files.
(These are non-critical updates.. only update if you want the described changes below)
These updates do the following..
- Make the Tabs in the Admin area move up and down as you navigate around so they look more like tabs used in a file cabinet.
- Updates the import/export process so the tab delimited text files created now store the passwords in plain text instead of encrypted. I have been thinking about this one for a while now and I think it is better this way as it was confusing a lot of people. If can also kill the whole process if by chance the encrypted output of a password contains a line break of sorts. There is no way to deal with that scenario so this is way the import/export process is going to work from now on. This also means you should be VERY carfeful about leaving export files lying around as they will have the passwords in them.
- Updates the "expected_paths.asp" in the data folder because the paths it was generating had an extra "data/" in it.
- Updates the users page so it will not show the import/export link if you have not entered a path for the export files in the settings.
- Adds an Activity Tab if using the Activity Tracking features instead of the links it used to put on the users page that most people didn't see.
To install these just copy them in over the old files.
Now of course back up your existing files so can revert back if there is a problem or you do not like the changes. If you made any custom changes to any of your pages use your head and realize that copying these in over your existing files will overide any custom changes you made. (that is your business, I am just warning you)
If I also password protect the pricelist pages then someone will have to login twice.
nobody should have to log in twice... ?
session variables keep track of access... once your in - your in and you can browse to and from any password protected pages you like
If it is making you log in each time then cookies are most likely disabled.. session variables requires cookies being on to work.. cookies being on is a requirement of aspprotect and is how Formed Based Authentication works..
let me know if that is the issue there...,
you shouldnt have to be logging in more than once per session
Thats the whole point of the application...
here ya go
Umm, if your using MSACCESS your using MSACCESS
SQL server has nothing to do with it.,
Editing using Visual Studio.NET
Here are directions for editing the application using Visual Studio.NET
2002 or 2003 version.. either should work
Some of you are wondering why I didnt just give you the project files.
It is best you go through this process and really understand what is going on.
Also, I dont use VS 2002 so I wouldnt be able to give you project files that would work with that. Not to mention there is 100% chance my prject files wouldn't work for you anyway because of path differences and other things.
Anyway.. on with the instructions...
1st.. make sure IIS, ASP.NET, .NET Framework, and Visual Studio.NET are all installed correctly and up to date.
Open Visual Studio.NET
File - New Project
Select a New Visual Basic ASP.NET web application.
give the new web to be created a name.. I called mine "aspprotectdotnet"
Now. once the project opens up we need to delete a few things in the solution explorer window.
So delete "webform1.aspx" , "deletestyles.css", "Global.asax", "AssemblyInfo.vb", and "web.config"
Basically all the files under the project...
Now... you should have the aspprotect.net files unzipped somewhere on you hard drive...
open that folder and select all the files and folders like so
Now drag those selected files and folders to the solution explorer window of Visual Studio.NET right on to the name of the web. In my case "aspprotectdotnet"
It might say this folder already contains a folder names Bins.. just tell it to copy over and continue on any prompts like that.
You'll notice your project is now populated.
Open up the references tab in the solution explorer window as we need to add some references to the dlls in the bin folder of this project. This is needed so the compile process and function correctly.
Right click on references.. click add reference
Then browse....browse on your hard drive to the location of the new web and the bin folder within it.
In my case... "C:\Inetpub\wwwroot\aspprotectnet\bin"
Now do the same thing again until you have added all the dlls in that bin folder to the references..
Now.. click add-references again and this time choose
"system.management" from the choices in the .NET tab
Once all of that is done your references should look like this
Now in the Visual Studio.NET menu system up top..
Choose Build - Build Solution
If you did everything right you will see something like this in the build window
------ Build started: Project: aspprotectdotnet, Configuration: Debug .NET ------
Performing main compilation...
Building satellite assemblies...
---------------------- Done ----------------------
Build: 1 succeeded, 0 failed, 0 skipped
You now have the visual studio side of things all set up.
To make the project actually run we now have to set some permissions and edit the web.config file.
Using windows explorer browse to the web the app is in. Right click on the "_database" folder and give that folder and all the child folders within it. Modify permissions for both the Anonymous webserver account and the ASPNET account. These accounts might not show up until you dig into the advanced tab and click find now to show all the accounts on the machine.
Permissions screen looks like this...
Once that is done go back the solution explorer window in visual studio.
Open the docs folder.. right click on "sysdiag.aspx" and choose view in browser.
It should complie the project again.. and then run that page in either the internal or external browser depending on how you have that set up.
That page will report back path information.
"BTW.. for security reasons this page should be removed from any production server after installation is complete.. this is very important"
In my case it looks like this.
Probabale Path to Access Database
Now we need to edit the web.config file... your going to need to know some of the path information above.
In solution explorer double click on web.config.
Now edit the AppRootPhysicalPath, AppRootUrlPath, and CN keys accordingly.
In my case they will look like this.
Notice tha part in bold that we added.
Now, you may also want to check the temp license key info while you are in that file and make sure it is not expired but I am not going to get into that here.
The way the application ships there are no password confirmation areas anywhere ? Please be more specific as to what you have done and if any mods are involved ?,
If you are talking about one of the MODS please realize they are not supported. http://support.cjwsoft.com/code/moreinfo459-1.htm
Even though they are not supported I look them over pretty closely and I know of no issue like you mentioned so I would suggest re-downloading the MOD. Perhaps you got a corrupt download or file.
yes, usernames and passwords are both case sensitive. It increases security.,
ok, well if you want to test on your own.... in the ipn.asp file for the subscription folder you will see this area of code used for testing
' Un-comment this section and give this directory proper permissions to enable logging to a text file
' Very helpful for troubleshooting
' Set ObjMyFile = CreateObject("Scripting.FileSystemObject")
' LogFileName = ("paypal.txt")
' 'Open Text File.. If doesn't exist create it and append to it .. If exists just append to it
' Set WriteMyData = ObjMyFile.OpenTextFile(Server.MapPath("paypal.txt"),8,True)
' RowHeaderString = ""
' RowHeaderString = RowHeaderString & OrderID & vbTab
' RowHeaderString = RowHeaderString & Custom & vbTab
' RowHeaderString = RowHeaderString & User_ID & vbTab
' RowHeaderString = RowHeaderString & subscr_id & vbTab
' RowHeaderString = RowHeaderString & txn_type & vbTab
' RowHeaderString = RowHeaderString & subscr_date & vbTab
' RowHeaderString = RowHeaderString & Access_level & vbTab
' RowHeaderString = RowHeaderString & Groups
now that folder will need modify permissions for the text file to be written to but this is a good way to test if the ipn.asp page ever gets hit by paypal.
ITS REAL IMPORTANT THAT THE TEST FILE CAN BE WRITTEN TO OR DOING THIS WILL JUST CAUSE MORE ISSUES
To ensure the text file can be written to and permissions are correct for that folder you can make a new .asp in there and run this to see if the text file writing works
Set ObjMyFile = CreateObject("Scripting.FileSystemObject")
LogFileName = ("paypal.txt")
'Open Text File.. If doesn't exist create it and append to it .. If exists just append to it
Set WriteMyData = ObjMyFile.OpenTextFile(Server.MapPath("paypal.txt"),8,True)
WriteMyData.WriteLine("the file was written to")
Now, you can even change the location of the text file to place that does have permissions if you like.
This is what I would do if I was in there... then I would make some test payments using 1 cent and another paypal account (your allowed 2)
and see what happens
it is always possible the subscription code may have a bug in it. The last time I tested I only tested the single payment folder which worked perfectly. If I have time in the next couple days I am going to test the subscription stuff again. If there is something wrong I can cure it quickly.
The two routines share a lot of code in common.
Hey, I run a business and I will not have things like that mentioned in these forums. ,
IT worked just as cwilliams said. I did see the IP address being stored in the table but it didn't dawn on me that it was tied in to the view count, I tried it from a different IP address and it worked great .
Is this the full version 7.
Did you make any changes to the code ?
Is the User_ID field still an autonumber field in the Access database ?
I do not see how this could happen unless somehow the autonumber field setting for User_ID was changed in the database?,
If you can would you do it for a price as a mod or will this be added to the new version.,
I was thinking it worked like this; A user goes to that page and logs in.. and from there they can then browse the site and do what they want..
So in order for it to work i need to edit a page say... members.aspx (i assume it needs to be an asp.net page) and in the header put that protect code and when a user accesses it, it will prompt them for their un and pw and then if correct will allow them to view the page... and likewise if they are still logged in will be able to use the page?
If that is how to works as i mentioned above thats great...
I understand the redirect principle...but say i have a log in box on the main page... you know like most pages have a user log in on the left hand side... i wanted to do that. But i cant obviously protect the main home page or else normal users will not be able to view it without logging in or registering,
I think its great to share a mod.
I will have few with the new album.,
thanks!! the file took care of the extra slash. I also fixed the problem by modifying the permissions.,
1.) this has been explored and because of the way groups works is not feasable. Because us this I wrote code to allow you to view and sort all users for any group on the actual groups page. You pick a groups and then click the "Show Users" button, new version is still not finshed as of the end of the year... I am not going to release it until I feel it is ready.,