Active Server Pages Blog News 1995-08-25

Home | Advertising Info

109 USERS CURRENTLY ONLINE

try aspprotect !!
the premier asp based user management system !!

Site Search Contact Us

Thursday, February 09, 2012

Code Snippets
Hints & Tips
Code Wizards
Guestbook
Newsletter
Forums
Links

DISCUSSION ARCHIVES
DISCUSSION ARCHIVES 2
DISCUSSION ARCHIVES 3
BLOG

Try a free httpZip trial now and compress for less!

We didn't realize
the site was so popular.

Other Stuff

Active Server Pages ASP a directory of ASP tutorials applications scripts components and articles for the novice to professional developer. CJWSoft ASPProtect ASPBanner ASPClassifieds

Blog Entry: 3/25/2006 2:22:26 PM

that is because passwords in the import/export files are encrypted.. if you make one of your own you need to use the rc4 function in the "config_inc.asp" to encrpyt your passwords just like the aspprotect system does (requires knowledge of vbscript and integration into your export system)

now, there is a way around this

if you want to import a file you made with clear text passwords edit "import.asp" beforehand and change

If UserArray2(5) <> "" Then CmdAddUsers.Fields("Password") = UserArray2(5)

to

If UserArray2(5) <> "" Then CmdAddUsers.Fields("Password") = RC4(UserArray2(5), PasswordEncryptionKey)

that way it should convert your clear text passwords to encrypted while it does the import

this post also addresses this but in the reverse scenario
http://support.cjwsoft.com/code/code_info.asp?TID=261&PN =1&TPN=1

I hope this helps you because I really do have to leave the office like right now. Very late for a dinner meeting.

I should be back on the computer later tonight or tommoro morning

, If you have messed up the admin account or forgotten the admin password you generally should open up the database manually and add a new account or see what the old account is.

In version 7 however you have another option. Go through the installation instructions again. Specifically the part where you use the "get_me_in.asp" page to get back into the admin area by pasting in the password encrpytion keye you are using from your config file. ,

Trying to make sense of this. I am still confused. In the file config_inc.asp. I found the setting for "uploaddirectory". That entry looks like this [UploadDirectory = CmdGetConfiguration("UploadDirectory")]. I assume there is a config file where the value of upload directory is located.

The settings in the config_inc.asp file have not been changed. they are set to the way it was delivered. Is there a document that gives instructions as to what and where the config settings are to be changes?

Editing using Visual Studio.NET

Here are directions for editing the application using Visual Studio.NET
2002 or 2003 version.. either should work

Some of you are wondering why I didnt just give you the project files.
It is best you go through this process and really understand what is going on.
Also, I dont use VS 2002 so I wouldnt be able to give you project files that would work with that. Not to mention there is 100% chance my prject files wouldn't work for you anyway because of path differences and other things.

Anyway.. on with the instructions...

1st.. make sure IIS, ASP.NET, .NET Framework, and Visual Studio.NET are all installed correctly and up to date.

Open Visual Studio.NET

File - New Project

Select a New Visual Basic ASP.NET web application.

give the new web to be created a name.. I called mine "aspprotectdotnet"

Hit Ok..

Now. once the project opens up we need to delete a few things in the solution explorer window.

So delete "webform1.aspx" , "deletestyles.css", "Global.asax", "AssemblyInfo.vb", and "web.config"

Basically all the files under the project...

Now... you should have the aspprotect.net files unzipped somewhere on you hard drive...

open that folder and select all the files and folders like so

Now drag those selected files and folders to the solution explorer window of Visual Studio.NET right on to the name of the web. In my case "aspprotectdotnet"

It might say this folder already contains a folder names Bins.. just tell it to copy over and continue on any prompts like that.

You'll notice your project is now populated.

Open up the references tab in the solution explorer window as we need to add some references to the dlls in the bin folder of this project. This is needed so the compile process and function correctly.

Right click on references.. click add reference
Then browse....browse on your hard drive to the location of the new web and the bin folder within it.

In my case... "C:\Inetpub\wwwroot\aspprotectnet\bin"

Choose "aspprotectlicense.dll"

Hit open...

Now do the same thing again until you have added all the dlls in that bin folder to the references..

Now.. click add-references again and this time choose
"system.management" from the choices in the .NET tab

Once all of that is done your references should look like this

Now in the Visual Studio.NET menu system up top..

Choose Build - Build Solution

If you did everything right you will see something like this in the build window

------ Build started: Project: aspprotectdotnet, Configuration: Debug .NET ------

Preparing resources...
Updating references...
Performing main compilation...
Building satellite assemblies...

---------------------- Done ----------------------

Build: 1 succeeded, 0 failed, 0 skipped

You now have the visual studio side of things all set up.

To make the project actually run we now have to set some permissions and edit the web.config file.

Using windows explorer browse to the web the app is in. Right click on the "_database" folder and give that folder and all the child folders within it. Modify permissions for both the Anonymous webserver account and the ASPNET account. These accounts might not show up until you dig into the advanced tab and click find now to show all the accounts on the machine.

Permissions screen looks like this...

Once that is done go back the solution explorer window in visual studio.

Open the docs folder.. right click on "sysdiag.aspx" and choose view in browser.

It should complie the project again.. and then run that page in either the internal or external browser depending on how you have that set up.

That page will report back path information.
"BTW.. for security reasons this page should be removed from any production server after installation is complete.. this is very important"
In my case it looks like this.

Probabale AppRootPhysicalPath
c:\inetpub\wwwroot\aspprotectdotnet

Probabale AppRootUrlPath
http://localhost/aspprotectdotnet

Probabale Path to Access Database
c:\inetpub\wwwroot\aspprotectdotnet\_database\aspprotectnet2 002.mdb

Now we need to edit the web.config file... your going to need to know some of the path information above.

In solution explorer double click on web.config.

Now edit the AppRootPhysicalPath, AppRootUrlPath, and CN keys accordingly.

In my case they will look like this.

<add key="AppRootPhysicalPath" value="c:\inetpub\wwwroot\aspprotectdotnet" />
<add key="AppRootUrlPath" value="http://localhost/aspprotectdotnet" />

<add key="Cn" value="Driver={Microsoft Access Driver (*.mdb)};Dbq= c:\inetpub\wwwroot\aspprotectdotnet\_database\aspprotectnet2 002.mdb;Uid=admin;Pwd=" />

Now.. because our web is really not in the root of our virtual directory which starts at "inetpub/wwwroot" we need to edit another tag in this file.

Find the forms tag near the bottom.

<forms name=".aspprotect~net" loginUrl="/aspprotectlogin.aspx" protection="All" timeout="60" path="/" />

Change it to say this

<forms name=".aspprotect~net" loginUrl="/aspprotectdotnet/aspprotectlogin.aspx" protection="All" timeout="60" path="/" />

Notice tha part in bold that we added.

Now, you may also want to check the temp license key info while you are in that file and make sure it is not expired but I am not going to get into that here.

Now save and close that file and do a compile again.

In solution explorer open up the "aspprotectadmin" folder.
Right click on default.aspx and click browse

You should see the login prompt in your web browser..

Log in with

admin
temp

all lower case

You should see the users screen of the application,

Click on the system info tab up in the top left... make sure all those paths are correct and save it.

Go to the settings page of the admin area. Make sure all those paths/settings are correct and save it.

Congratulations... you just set up a visual studio web project from scratch and our now ready to edit and compile an advanced web application.

From here on your on your own, but feel free to ask questions in the forums as you will probably get help from myself or others who own the software.

One last thing... because we are not in the true root of the web on the development machine the examples in the example folder will need the reference to the "protectpage.ascx" file modified before they will work

It will need to go from

Src="/protectpage.ascx"

Src="/aspprotectdotnet/protectpage.ascx"

If this app was installed in the true root of a domain on a real webserver.. you would not have to edit the forms tag in the web config file or change the paths in the examples as they would be correct the way they came

edited due to inappropriate content

Thought that was already done....

Back to the drawing board...

(Password Expiration Mod) for ASPProtect Version 7.x

This Advanced Mod requires decent knowledge of Databases and working with ASP. I originally wrote something like this for a customer on a custom project. I then took the time to re-write all the code from scratch so it could easily be plugged in to the current version of ASPProtect as an option. All in all this mod took me over 15 hours of time to develop and will save you a ton of time & money if you were planning on writing something like this on your own. Some parts of this were so difficult to get working that I would never have written this code if I was not paid to do so. (The encrypted array that rotates through the last 12 passwords was quite frustrating to get working)

The price on this is 19.95. I am not incorporating this into the base product because it makes things more complicated and isn't for everyone.

Purchase Page

Security is a big concern and making your users change their password every so often is a good idea. Keeping track of previous passwords they used and making them choose something they haven't used before takes the concept even further.

This Mod will add a password expiration date to the application. When the password expiration date is hit the user must confirm their old password as well as pick a new one before they can log in again.

There is a new password expiration directory where they must choose a new password that has not been used before. The new password must be confirmed during this process. (It remembers 12 old passwords the way it is coded) The old passwords are stored in the database in an encrypted array.

Directions:
Back up your existing ASPProtect installation.

Add two new fields to the "ASPP_Users" table in your database.

For an MSAccess Database

Password_Expiration_Date (Date_Time Field)
PreviousPasswords (Memo Field)

For a MSSQL Database

Password_Expiration_Date (smalldatetime)
PreviousPasswords (nvarchar 160 characters)

once that is done

Copy all the new ".asp" pages into your site.

Edit the "PasswordExpirationURL" variable in the "check_user_inc.asp" file

It needs to be the full URL to to the "change_password/default.asp" file

Now edit the "change_password/processchange.asp" file

There are 3 variables you can edit.

PageSentToAfter = "http://localhost/aspprotectmods/password_admin/default.asp"
PassMinLength = 4
PassMaxLength = 8

The "PageSentToAfter" is where you want them sent to after they change the password. It can be whatever you like.
If it is a protected page they should automatically get logged in with the new password they just changed to which is nice.

The other two values should be obvious.

That's it...

Just remember the password change thing is not used in the admin area...
You could easily add code for that on your own though by looking at the the password expiration code I added to the publics "check_user_inc.asp" file

Also:
You will see a new field to edit on the user edit screen for the Password Expiration of course.

, I already gave execute permissions to the stored procedures and that
cleared up the first error, but the second one I still can't figure out.,

IT worked just as cwilliams said. I did see the IP address being stored in the table but it didn't dawn on me that it was tied in to the view count, I tried it from a different IP address and it worked great .

Good coding Christopher

Thanks

John

You should read my article on server side includes� the path to the include file must of course be adjusted depending on where in your web you are.
http://www.powerasp.com/content/code-snippets/includes.asp

You will also notice if you look at the provided example pages that the include paths have been adjusted to make sense.

If it is 2 directories down it should probably look different..

example:) "../../checkuser_inc.asp"

It�s weird that if you are not getting an error because if the path to the server side include is wrong you should get a nasty server error.

Also..

The ASPProtect system and any pages it protects must also be part of the same Application in IIS. It�s the nature of forms based authentication. Do a google search if you are not sure what an application is in IIS.

Lasty�. If you are logged in at the time

Whether your current session at the site is still active� or you have the cookie set to remember you.

Well, nothing will happen� cause your already logged in and you will just see the page as normal.

Perhaps things are working and you just don�t understand that part ?

You need to go to the log off page.. log off� then close all instances of the web browser windows..

Then come back to the site� then see if it prompts you to log in.

cwilliams38228.9837152778,

Sorry, I forgot about that when I got hung up on the install problem.

I'll tackle your explanation now to see if I can get it working. Since I already bought the software I'll keep my fingers crossed.

Thanks

I am using v7 with other software written in ASP.NET. When I include the the "checkfor" and include file, I'm receiving a compliation error.

Here is the include I have on the .aspx file:
<% CHECKFOR = "4" %>

Here is the error:

Compilation Error
Description: An error occurred during the compilation of a resource required to service this request. Please review the following specific error details and modify your source code appropriately.

Compiler Error Message: BC30689: Statement cannot appear outside of a method body.

Source Error:
Line 15: <%
Line 16: ' This is part of the too many login attempts lockdown code which sets a cookie to block login attempts for a certain amount of time
Line 17: If LoginLockDown Then
Line 18: If Request.Cookies("PASSWORDSYSTEMCOOKIETRIAL")("LoginTries") <> "" Then
Line 19: If Cint(Request.Cookies("PASSWORDSYSTEMCOOKIETRIAL")("L oginTries")) = Cint(LoginLockDownAttempts) Then

Source File:
D:\Sites\resadmin\NetOptions\testsite.com\www\ASPProtect\che ck_user_inc.asp Line: 17

I've downloaded this neat little app, but I'm having troubles understanding what I should be using. Cassinni or IIS, can you help? I've tried to look at the help, but it is very vague on what to use in each situation.

Any help is appreciated.

Cheers

humm, I dont know.

If you want me too I would be glad to go into your web site and troubleshoot. If so PM me the info I need and I will take a look and see if I can figure it out.

CJW

, Wonderful! Does it matter if I move the aspbanner logo, as long as I keep it on the page? Or does it need to stay front and center?

Laura
,

Hello..

I actually noticed something was up with your install earlier...
(I saw you in my log files when you clicked to cjwoft from the docs)

I need more info... like what uploading method your using.. what image resizing component, what widths yoru resizing things to... etc

have you tried it while telling it to delete the pics and also while not telling it not to delete them from the import folder

I might have to take a look tommoro as well to really figure it if that is ok

I have to go the bar to meet some friends so I wont be of much more help tonight :)

I been working steady all week and need a few.

CJW

Much thanks, the duplicate incl's I spaced on and should have caught. The hidden form variable was a key issue. Thanks for the syntax and the help. Now I get this page together. j As a note - I got faster results by dropping my timeout to 3 minutes temporarily while progging and cleared browser cache between tests. Thanks again.

ERROR [HY000] [Microsoft][ODBC Microsoft Access Driver] Operation must use an updateable query.

Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

Exception Details: Microsoft.Data.Odbc.OdbcException: ERROR [HY000] [Microsoft][ODBC Microsoft Access Driver] Operation must use an updateable query.

Source Error:

An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.

Stack Trace:

[OdbcException: ERROR [HY000] [Microsoft][ODBC Microsoft Access Driver] Operation must use an updateable query.] Microsoft.Data.Odbc.OdbcConnection.HandleError(IntPtr hHandle, SQL_HANDLE hType, RETCODE retcode) +27 Microsoft.Data.Odbc.OdbcCommand.ExecuteReaderObject(CommandB ehavior behavior, String method) +838 Microsoft.Data.Odbc.OdbcCommand.ExecuteNonQuery() +80 aspprotectnet.aspprotectlogin.Login_Click(Object sender, EventArgs e) +2284 System.Web.UI.WebControls.Button.OnClick(EventArgs e) +108 System.Web.UI.WebControls.Button.System.Web.UI.IPostBackEven tHandler.RaisePostBackEvent(String eventArgument) +57 System.Web.UI.Page.RaisePostBackEvent(IPostBackEventHandler sourceControl, String eventArgument) +18 System.Web.UI.Page.RaisePostBackEvent(NameValueCollection postData) +33 System.Web.UI.Page.ProcessRequestMain() +1292

Version Information: Microsoft .NET Framework Version:1.1.4322.2300; ASP.NET Version:1.1.4322.2300

I am getting this error message when trying to log in as admin or registering a new user. I am using Windows Server 2003 and it is a DOMAIN CONTROLLER.

I have read that there is NO ASPNET account for a domain controller. In its place is the IIS_WPG account. I have given this account and the IUSR account FULL CONTROL.

STILL GETTING AN ERROR. ANY SUGGESTIONS???

It's real easy actually if ya sniff around the source code.
ASP is so easy to (work with/edit) even if you dont know any code.

edit "save.asp" with a text editor

change

If Request("First_Name") = "" Then
ErrorMessage = ErrorMessage & Server.URLEncode("You must enter a First Name.\n\n")
End If

If Request("Company_Name") = "" Then
ErrorMessage = ErrorMessage & Server.URLEncode("You must enter a Company Name.\n\n")
End If

From looking at that save code I dont see where Last_Name was required. The only name I saw required was a 1st name.

Also.. making the First_Name not required may break something somwhere else. I dont think it will but it might. You are warned.

cwilliams38326.5102662037, yea that info gets updated once an hour,

I am still a little confused... one thing I would like to mention is that the passwords in the aspprotect database are encrypted... meaning you cant just add a password to the user database by hand because it wont be the encrypted value and wont work.

It is something the application takes care of when you add a user via the web based interface.

You can however still add users manaully or with careful import/exporting... but you will have to use the existing password conversion technique which is covered at the end of our upgrade instructions in these forums.
http://support.cjwsoft.com/code/moreinfo174-1.htm

Basically you want to add a field to the "ASPP_Users" table called "Old_Password" and that is where you enter the password in plain text. Then after you are finished adding users to the database manually you do this.

You want to run a special page via the browser.

http://www.mysite.com/password_admin/convert_to_encrypted.asp

Which will convert the passwords to the encrypted value for you.
See the bottom of this thread for all the info on that.
http://support.cjwsoft.com/code/moreinfo174-1.htm

--------------------------------------------
(( TRY THIS AT YOUR OWN RISK !!))
--------------------------------------------

2004-08-19_122127_ASPBanner_V7.3_code_banner_encode_decode_m od.zip

This is an Expirmental MOD for ASPBanner Version 7.3 Only
Do not use it on other versions....

It encodes CODE Banner information before saving it into the application variables that handle banner rotation. It then decodes that information before displaying them on your web pages.

The reason for this is SOME very complex javascript does not always save correctly into the application variables that rotate banners (even when not using the JavaScript Method to display the banners)

This way the javascript or whatever you entered comes out on your web page exactly as you entered it and runs correctly.. but there is little more processing going on to handle the encoding and decoding. But its probably nothing to worry about and won't effect performance at all.

Unless your having a problem don't use this mod. It is not officially supported in any way.

-- DIRECTIONS --

( COPY THESE FILES INTO YOUR ASPBANNER DIRECTORY AND BACK UP ALL THE FILES THAT YOU WILL BE REPLACING ))
(( SO YOU CAN REVERT BACK IF THERE IS TROUBLE ))

If you are wondering if the "appinfo_inc.asp" included has the weight banner bug fix applied to it already. That is a bug mentioned in our forums

ALSO:

(( YOU CAN NOT USE THE INCLUDE METHODS OF CALLING BANNERS WITH THIS CODE ))

(( YOU CAN NOT USE THE JAVASCRIPT METHOD OF CALLING BANNERS WITH THIS CODE ))

(( USE ONE OF THE OTHER METHODS ))

cwilliams38229.4189930556, The application is only intended for use with $ the way it comes.
Use of other currencies is not supported.
(this is noted on the product page)

However, it can probably be used fairly easily with UK customers.

You'll probably want to look into setting the currency to UK in the code generated for the PayPal buttons which is in "view_item.asp". There is probably a hidden form variable you add to it to specify the currency. PayPal's shopping cart documentation and help system would have more info on that.

Doing a search real quick there I came up with this.

<input type="hidden" name="currency_code" value="GBP">

Then you may also want to change the LCID settings for the web site to UK. (I think)

To do that edit the "config_inc.asp" file with a text editor.

Add this code between the <% and %> tags.
Near the top is good

Session.LCID = 2057

There may also be hard coded dollar signs in the code that you will need to change to whatever.. If after you do the above to steps you see then you'll know where to change them based on the named of the page you on.

It is quite possible that simply changing the LCID will take care of everything, but I am not sure.

Those are the tips I can give you. ,

Look in the "check_user_inc.asp" file..

You'll see the name of the cookie there and also get an idea how to access it.

In most versions it looks like this.

Request.Cookies("PASWORDSYSTEMCOOKIE")("COOKIE_USERNAME")

You'll want the cookie for the username because the session variable will not exist unless they have actually gone to a protected page during that session at the site.

It would probably be best the check for both the session and the cookie. That will make sure people logged in that arent using the cookie option still see the message you want to display.

Sorta like this..

GetUsername = ""
If Request.Cookies("PASWORDSYSTEMCOOKIE")("COOKIE_USERNAME") <> "" Then
GetUsername = Request.Cookies("PASWORDSYSTEMCOOKIE")("COOKIE_USERNAME")
Else If Session("Username") <> "" Then
GetUsername = Session("Username")
End If

Response.Write GetUsername

cwilliams38298.9175, okay thanks,

IMPORTANT UPDATE - READ THIS
http://support.cjwsoft.com/forum/forum_posts.asp?TID=205& ; ; ; ; ; ; ; ; ; ; ;PN=1

The 2Checkout Support Pack which is built in to ASPProtect 7 contains all the pre-built scripts you need to implement 2Checkout Payments with ASPProtect. You must be using version 2 of the 2checkout system. They are phasing out version 1 regardless so everyone will be using version 2 very soon if they are not already.

THIS IS NOT INTENDED OR DESIGNED TO USE 2CHECKOUT SUBSCRIPTIONS. (see bottom of this thread for more info on that)

This Support Pack basically gives you an additional signup and registration directory "2checkout_signup" and it should not interfere with any changes or customizations you have made to your ASPProtect setup in general. New users can register in this directory and pay for membership at the same time. Existing users whether active or expired can be sent to this directory where they can lookup their account and buy additional membership time online. You can also assign various Access and Group Levels during signup and you can set up various prices for various amounts of time as well. This is a real-time setup for the most part. As soon as a user pays via 2Checkout your system is updated and they will have access.

The 2checkout pack is NEW.. and was released on March 19, 2005. If you don't have it and would like it please just ask.

To start using this edit the "2checkout_signup/2checkout_config_inc.asp" file

You will be entering your 2Checkout Account number in that file as well as the URL you want a user to go to after payment. It is all commented in that file. (There is also a testing variable you can set to True if you want to do testing without real charges being applied)

After editing that file run this page.

http://www.mysite.com/2checkout_signup/show_postback_path.asp

Replacing the part in blue with your website info.

It will report back that postback url you need to use in the 2checkout system.

Log into your 2checkout version 2 account and under the "look & feel section" enter that postback url for both the "Approved URL" and the "Pending URL"

Trust me: You want the URL there for a pending URL because the 2Checkout system is quite random and 95% of the payments that come in go to the pending URL and end up being legitimate sales. (at least for me they do)

Now make sure the Direct Return option on that page is on as well.

If set to Yes buyers will be immediately directed to your URLs below once they click the
Complete Order button. If set to No the buyers will have to click a button to return
to your URLs below.

Save that page... and leave 2checkout.

Now, delete this page from your ASPProtect setup.
http://www.mysite.com/2checkout_signup/show_postback_path.asp

It's a minor security risk and is no longer needed needed.

The basic setup is finished. All you have to now is set up payments options the way you want them.

Changing Payment Options

In the "2checkout1.asp" file there are form options set up.

They look like this and you can have as many as you like.

<option selected value="30,9.95,3,">30 Days, 9.95</option>

In this option... A user has the option to purchase 30 days for $9.95 and he will be set to Access Level 3 when payment in completed.

Here is how it works.

The value setting (red) is essentially and array that can be made up 4 elements separated by comma's
They must be separated by a comma and there can be no spaces. In this example the 4th value was not used but the last comma must still be there. If you didn't want to set an access level and left out the "3" there would 2 commas at the end. etc etc
Basically there must always be 3 commas but you only have to set the 1st 2 values which are days and price.

days,price,access level,groups

The 1st value is the amount of days.
The 2nd value is the price for the amount of days.
The 3rd value is the access level you want to user assigned to.
The 4th option is the groups you want the user assigned to. (see PayPal subscription thread for examples of specifying group info)

Now, the label for the option in (blue) can say whatever you like.

I have a user who is trying to login. However, I am getting a error that I can't seem to find.
Username: executive.barcheski
Password: executive@amcpc.com

Encrypted Password: �?=�`م�

Error on check_user_inc.asp line 114

If (Request.Cookies("PASSWORDSYSTEMCOOKIE")("KEEPMESIGNEDIN") = "True") And (Request.Cookies("PASSWORDSYSTEMCOOKIE")("COOKIE_USERNAME") <> "") And KeepSignedInOption And Status <> "Checkem" Then
CheckUserSQL = "SELECT " & tbl_label_users & ".* FROM " & tbl_label_users & " WHERE (Username = '" & RC4(Request.Cookies("PASSWORDSYSTEMCOOKIE")("COOKIE_USERNAME "), CookieEncryptionKey) & "') And (Password = '" & Replace(RC4(RC4(Request.Cookies("PASSWORDSYSTEMCOOKIE")("COO KIE_PASSWORD"), CookieEncryptionKey), PasswordEncryptionKey),"'","''") & "')"
Else
CheckUserSQL = "SELECT " & tbl_label_users & ".* FROM " & tbl_label_users & " WHERE (Username = '" & Username & "') AND (Password = '" & Replace(RC4(Password, PasswordEncryptionKey),"'","''") & "')"
End If

CmdCheckUser.Open CheckUserSQL, ConnPasswords

error received: unclosed quote after '�?=�

Any ideas

Jason Johnson

1st: try it with a normal dsn-less connection like we show in the example.. dont use that OLEDB.4.0 connection string.. connecting like that can cause a lot of problems and is not as great as everyone thinks it is and it can sometimes be difficult to get it working when the database has a password set on it

For the sake of troubleshooting just connect like so: (fixing the path of course)

ConnectionString = "DBQ=C:\Inetpub\wwwroot\aspprotect\data\database\ASPProtect_ access2002.mdb;Driver={Microsoft Access Driver (*.mdb)};UID=Admin;Password=temp"

ASPProtect will generate the actual connection string you should use when you run this page

http://www.mysite.com/data/setup_info.asp

Replacing the part in blue with your website info.

2nd: any IIS server setup to have the access database over the network path like that has a poor setup... and that can cause all sorts of problems as well, access is not designed to run over the network like that.. for more on that read this thread - Start 5 posts down
http://support.cjwsoft.com/code/code_info.asp?TID=479&KW =OLEDB%2E4%2E0

3rd: If the app does not run using the connection string like I say to use then the problem is 100% on their end and is either related to permissions or the fact they are keeping the access database on a network path which is BAD BAD BAD... no quality host that knew what they are doing would set it up that way.. ultimately you don't want to host asp with a place that has a setup like that

4th: If you want to try some other stuff out we have a free guestbook, asptest, and a free version of aspbanner you can try out as well... www.cjwsoft.com

5th: If you need a quality asp host that knows what they are doing and offers great asp support www.alentus.com is the place

6th: Your right, it is not the code, its the data connection

Than you

I'm happy after changing to XML parser for two of the ads. Later I'll change the other codes to XML, never to use iframe again!

, The PayPal feature that is in ASPClassifieds has always been labeled as experimental and has never been supported as the documentation says. About a year ago I stopped even mentioning the feature on the product pages or in the live demo because I didn't like how it worked and I decided I would just market the application as a free based classifieds. It�s just not something I can support or talk about. To work really well it really needs to be coded to use PayPal IPN and a credit system. Where ads and various extra features cost so many credits and people have to buy credits before they can post any ads.

That�s about all I can tell you. It's just not something I support.

, Your suggestion worked - thanks - ,

Microsoft has a free version of SQL server 2000 than you can run on a development machine.

http://www.microsoft.com/downloads/details.aspx?FamilyID=413 744d1-a0bc-479f-bafa-e4b278eb9147&DisplayLang=en

This is really the same thing as the MSDN version of SQL server that comes with Visual Studio

It is limited in two ways.

No single database can exceed 2 gigabytes in size. However, each Desktop Engine server instance can contain many databases, each of which can be up to 2 gigabytes in size. Each computer can host up to sixteen instances of Desktop Engine.

Performance will rapidly decline when more than five simultaneous users use the database engine at the same time. With five users or less Desktop Engine will operate with full SQL Server speed.

After you install this your going to need a way to connect to your sql server as well as a way to run queires on it.

I suggest either install the client tools off any SQL 2000 Installation Disc (giving you enterprise manager and query manager)

or use the FREE SQL Server Web Data Administrator which will do amost everything you will need to do. It is really very slick
http://support.cjwsoft.com/forum/forum_posts.asp?TID=127& ; ; ;PN=1

Then you have a pretty sweet setup for testing and developing locally using SQL server.

If you are wondering why someone with a real SQL Server 2000 cd wouldn't just install the real SQL server locally it is because the server part will usually not install on XP Pro or non server versions of windows for licensing reasons. (at least every SQL 2000 CD I have is like that regardless of whether it is standard or enterprise) But the client side tools on the cd are invaluable so I just install the Desktop Version of SQL along with the client side tools and everything works great.

Thanks.

Nick

, You are right.
I have SQL server.
From August to today I have used a very simple login system and now I come back to you for better.
I can insert, edit, delete users but it happens what I mentioned in my first message.
,

Perfect. Thanks buddy :)

eeye38433.0629976852,

http://support.cjwsoft.com/code/moreinfo286-2.htm

http://support.cjwsoft.com/code/moreinfo391-1.htm

http://support.cjwsoft.com/code/moreinfo385-1.htm

This post unfortutely needs to be here because this application has been the biggest pain in the neck for me you could possibly imagine. This is not because of problems with the application, but because of people's general lack of knowlegde regarding ASP.NET. This post totally voices my stance on what sort of knowledge you need to have and also the fact that I am not going to support anything but general installation on a correctly and professionaly set up live server.

ASPProtect.NET is a great application but using ASP.NET requires a lot more basic knowledge than using classic ASP and there are a lot of basic low level ASP.NET things that need to be set up correctly for an application like ASPProtect.NET to run. These are things I do not cover because you should know the ASP.NET basics when using an application as complex as this. It's just that I don't have time to nor should I have to teach people the basics of ASP.NET. I don't charge nearly enough for ASPProtect.NET to offer that kind of support.

So, I will say it one more time. ASPProtect.NET is targeted towards experienced Visual Studio.NET developers that know how to work with Code Behind VB.NET and are familiar with basic ASP concepts such as IIS application settings, the .NET framework, the aspnet_client folder, and the basics of the web.config file. If you are using ASP.NET for whatever reason you need to know about these things. The best way is to get some good books and do set up ASP.NET on a local development machine so you can start learning.

If you are one of the ASP.NET challenged let me say this as well.

Stick with Classic ASP. ASP.NET is a step in the wrong direction for the average user which I like to refer to as "Joe Coder". Classic ASP is very powerful and easy to pick up. ASP.NET is not easy to pick up and never will be for a lot of people. In my opinion it�s actually the wrong technology to use for anyone other than big corporations who need extreme scalability in their applications or for the hobbyist or object oriented programmer who just wants to use the latest and greatest. Ask yourself if you really want to deal with compiling Code Behind code each time you make changes to your web site as opposed to just editing some files in notepad real quick like you can do with classic ASP ? Do you have the money to purchase and use Visual Studio.NET or are you going to struggle with compiling all your ASP.NET pages using a command line compiler and a batch file ? Yes, you can build ASP.NET code that isn't code behind but why even bother if that is the case because your missing the point of ASP.NET if you do that and missing out on a lot of powerful new features and concepts.

When I do custom projects for bigger clients I usually end up using ASP.NET because they want to go that way and understand the time and money involved. When I do any of my own projects I use Classic ASP because the truth is you can still make some rockin busy scalable web sites with Classic ASP just like you can still make great web sites with CGI, PP, Cold Fusion.. etc etc. Look around the web because a lot of the biggest sites out there still use those scripting technologies and their stuff runs very well. ASP.NET is a lot of hype and although some things about it are plain awesome it is an environment best suited for real object oriented programmers, not the weekend code warriors.

The other thing to keep in mind about classic ASP is the shear abundance of applications and scripts available for it. ASP.NET can be expensive for that reason alone as there still is a shortage of good time tested applications out there and what is out there is always priced a lot higher.

In addition to that half of the ASP.NET applications out there are just half baked poorly converted versions of their Classic ASP counterparts. Is that the kind of thing you want to sink twice the money into or would you rather have something that runs well and has been tweaked year after year into a rock solid product?

To make things worse a lot of the hosting companies out there offering ASP.NET hosting are severely limiting the basic abilities of ASP.NET because of various security concerns. This means if you go with a Host that does that 75% of the asp.net stuff out there won't run on the hosted server. Isn't that wonderful ?

Now, Let's make things even worse. So far every time Microsoft has released a new version of ASP.NET a lot of things from the previous version have stopped working and needed to be modified to work correctly. Is that really something you will have the time, resources, and energy to deal with.

You may ask "but is classic ASP going to be around 5 years from now?" Though you never really know until the new version of windows server ships I say "Hell Yes" it will be. According to my sources at Port80 Software who work very closely with the folks at Microsoft (as well as many other sources out there) it will almost certainly be in Longhorn which is the next version of Windows Server. Longhorn probably won't come out until 2007 and will be popular for 3-4 years after that. The version of windows server after that will most likely support Classic ASP as well and if it doesn't I am sure there will be a way to make ASP run on it. If you really look around a lot of hosting companies are still running Windows Server 2000 which is 5 years old at the moment. The bottom line is Classic ASP helped put Microsoft web technologies on the map. Microsoft can not simply drop it because if they do they give up a dominate market share to the scripting competition being PHP, CGI, Cold Fusion.. etc etc PHP for instance a huge installed base on many platforms which are essentially free. ASP.NET can not compete with that in any way and not supporting Classic ASP would put microsoft in a bad position.

Take it from me. If you are a weekend code warrior/script kiddie. You'll be a lot happier sticking with classic ASP. You will also have save a lot of money and you can still have great web sites. There are tons of great applications out there in ASP and ASP still is and always will be the easiest scripting language to work with and learn. Better yet look around on sites like www.4guysfromrolla.com and see if you actually understand any of the latest articles. If it looks like Greek to you that is yet another sign that you should stick to classic ASP.

Personally, I will be focusing just as much time and effort on ASP.NET as I will on Classic ASP in the years to come for a few reasons.

Because I sell software I obviously need to convert/re-write most of my appIications to work with ASP.NET. My living may eventually depend on it.
Because I love using the latest technologies I want to continue to develop using ASP.NET.
Because I do many custom projects for various clients using ASP.NET is a must.
Because in some cases using ASP.NET over classic ASP makes total sense.

Just don't fall for the HYPE folks. I am one of the few established developers out there that has a set of Balls and is willing to put the truth out there and see past the bullsh*t. If you go ASP.NET do it because you seriosuly think you need the power and scalabilty and money and time is not an issue or because you are a hobbiest and object oriented programmer who likes working with and has time to work with the latest and greatest web scripting technolgies out there. I truly believe that so far ASP.NET is as much a success as it is a failure. I am sure some of you out there know what I mean by that.

All this being said you should also realize that ASPProtect.NET is a little different than your average ASP.NET application because it uses a lot of advanced ASP.NET techniques and you essentially use it to password protect your existing scripts meaning you need to integrate your stuff with our stuff in a sense. If you just go buy some random ASP.NET application like a classifieds system or storefront it is probably just going to run on it's own an therefore will be a lot easier to set up and deal with.

Here are some links you folks should read as well.
http://rtfm.atrax.co.uk/infinitemonkeys/articles/asp/905.asp
http://www.itnewsgroups.net/group/microsoft.public.inetserve r.asp.general/topic2074.aspx
http://support.microsoft.com/default.aspx?scid=fh;%5Bln%5D;L ifeWin

Chris Willians
http://www.cjwsoft.com/about.asp

, I just made a new admin account and I still can not log in using it ?

Did you by chance edit the code by adding LCID info or something like that ? Something is just very wrong.

The simple example protected pages can not even be logged into ?

,

Another good tip is to make a copy of the "password_admin/default.asp" named whatever you like..

"default2.asp" would work...

then maybe add a link to it from the header_inc.asp file

then you can modify that one all you want and your will still have the original around.

That concept works for a lot of things.. for example you could make a copy of the "users" folder and call it "users2" granted a few paths might need to be changed here and there but really not a lot. (how do you think the paypal signup folders were created, they started as a copy of the "users" folder of course)

You can even make a copy of the "check_users_inc,asp" file if you like. Then make a copy of the "scripts/login_form_inc.asp" file... then make your new "check_user_inc.asp" file reference it.

Then you can password protect pages using different versions of the "check_user_inc.asp" file. Why ? well maybe you want different looking logn forms for different parts of your website or you want to make a lot of changes to the "check_user_inc.asp" file and want to leave the original alone.

The sky is the limit really. When it comes down to it besides the actual guts of the "check_user_inc.asp" file ASPProtect is nothing but html tags and chunks of simple server side code that produce more html dynamically. What your browser ends up with is basic html. (some client side javascript in certain cases, but that is pretty basic stuff too.)

cwilliams38422.509525463,

What kind of encryption do you use with version 7?
If I purchase version 7 and use it on my site with a new SQL database then migrate the old records from version 6 so I can by-pass the issue with my home-grown Base 64 encryption, do you forsee other issues with the upgrade?

Timecard Entry: 3/25/2006 2:22:26 PM

Answered tech related calls., tried some adjustments on the MLS roster page, Research, review, and decomm DNS entries, TICC newsletter article, readied money for clayton, filed customer paperwork, signups, teched calls, researching stock photography, and writing purchase order, purchase cd and purchase books., Emails, finished mailing for the broome county realtors., Tasks, LEARNING NEW! ADOBE PHOTOSHOP 5.5 AND IMAGEREADY, technical support duties, helped techs with issues, qlight, emonitor, radlog, callbacks for expired and new users, emails. follow ups, open incidents, ask us a question, dial up issues, , sent out revised ad to Larry Bowman at the times, Randy - Network, Relay Rack Layout, going over changes needed to ccbrmls.com, noting the ones that have been completed, Talked to Kelly about his experiences in Cortland yesterday and MLS browser issues (people having trouble with Netscape), channel 7 review commercial, Took in just 1 call for billing. Emptied all the trash and cleaned up a little. Searched the web for some good sites for gary in regards to tech support training., email, Alternative Insuracne- info for virtuale mail- send instructions work order created for fulton real estate work order created for chris bryn's real estate meeting with paul wpbstv.org - send proposal , not too busy, luncheon, speaches, Resetting all modems., Took tech calls and checked DUI, AUQ, RAD, and voice mail. , chow, filing, At home working on new MLS software. Still converting old code to work with the new system., worked on installing nt on two machines one for a test one for exchange, to Montreal,

Active Server Pages Rule The World

Contact Us

download aspbanner !!
rotate banners on your website !!

All artwork, design & content contained in this site are Copyright � 1998 - 2012 PowerASP.com and Christopher J. Williams
Banner ads ,other site logos, etc are copyright of their respective companies.
STATS Unless otherwise noted - All Rights Reserved.

Active Server Pages ASP a directory of ASP tutorials applications scripts components and articles for the novice to professional developer. CJWSoft ASPProtect ASPBanner ASPClassifieds www.aspclassifieds.com, www.powerasp.com,www.cjwsoft.com,www.aspphotogallery.com,www.codewanker.com,www.aspprotect.com,www.aspbanner.com