Home | Advertising Info56 USERS CURRENTLY ONLINE   
PowerASP
   Site Search Contact Us Saturday, May 21, 2022  

vbscript active server pages ASP vbscript SQL database informix oracle SQL Server Perl CGI Delphi PHP source code code sample samples program CJWSoft ASPProtect ASPBanner ASPClassifieds



Blog Entry: 3/25/2006 2:58:40 PM

This is what "John Evans" of CJWSoft has to say on the matter...

"I think thatís pretty much impossible. If the server sees a .JPG or .JPEG extension why in the world would it go and try to read it or do anything with it.

I believe there may have been some issues with Outlook and Outlook express that made it look like a vbs script sent as an attachment was actually a JPG because someone found an exploit in those programs and it would appear as if double extension files were one thing when in fact they were not.

Having a real time virus scanner on the server (which any good host will) should also catch anything infected being built on the server drives as the file uploads. Always worked for me and I had a lot of people uploading ZIP files on winxptheme.com at one point. Many had viruses in them although I suspect it was totally innocent on the end users part. Some people didnít even know they had a virus on their rig. 

Fact is anything is possible but I think chances of getting a virus or being hacked in some way from this sort of upload are really slim."

 

cwilliams38447.0602083333, Hello dear Chris

I can login for the first time. I exit from the browser and then I cannot login again. This happens for every user.
I noticed that the values in the fields "Login_limit" and "Active" in the ASPP_Users table in the SQL changed to NULL and 0 when login and remained in those values after close the browser.
If manually I change the values it is ok but the problem repeated.
Thank you in advance.
,



new version is still not finshed as of the end of the year... I am not going to release it until I feel it is ready., FYI. There is a typo in the upgrade (6.0 to 7.0) instructions. It specifies adding a field named "passwords". Should be "password".,

How do I change the character length for the description field?

,

Okay,  I deleted out the aspprotect folder and started over.  I also took out the dsn connection to the ecommerce database and deleted out the subweb that had it, I decided to use another provided where the database is resident on thier servers not mine.

I broke my txt file into groups and it's loading sort of.  The first 1000 users uploaded fine...the second said it timed out, but when I looked at the access database it showed 2000 people.   The login still times out and every page seems to load incredibly slow still.

, thats intertesting.. I have never heard of the concept until now..

I did a search for ASP examples or ASP components that can help with the process and just couldn't find anything about it.,

It's real easy actually if ya sniff around the source code.
ASP is so easy to (work with/edit) even if you dont know any code.


edit   "save.asp" with a text editor

change

If Request("First_Name") = "" Then
  ErrorMessage = ErrorMessage & Server.URLEncode("You must enter a First Name.\n\n")
End If

to

If Request("Company_Name") = "" Then
  ErrorMessage = ErrorMessage & Server.URLEncode("You must enter a Company Name.\n\n")
End If



From looking at that save code I dont see where Last_Name was required. The only name I saw required was a 1st name.

Also.. making the First_Name not required may break something somwhere else. I dont think it will but it might. You are warned.

cwilliams38326.5102662037,

I think I've found the problem..

The password "abcdefgh" works

The password "abcdefghi" does not

(username "ace45")

Passwords can obviously only contain up to and including 8 characters... By some coincidence I only used short passwords with MS Access.

 

, I dont what it is..u got to just keep trying stuff like connecting to different versions of the database and maybe even the version with no password set on it.. maybe do some iisresets in between if it is your server.. maybe try putting the database in a different folder

Usually people have zero trouble setting up this particular app because everything is so time tested and rock solid...

its just got to be something related to the actual data connection.. low level stuff , Thankyou, that was very helpful,

It a generic error that means something is wrong with your data connection.

http://support.cjwsoft.com/code/moreinfo27-1.htm

http://support.cjwsoft.com/code/moreinfo136-1.htm

 

 

,

Our login works great, variables even help determine menu options.  When user logs on, however, it opens in a new page.  Is there a setting somewhere that sets whether you can open in a new or existing page?

Also, when you log off

,

I am also getting the "Unspecified Error" message.  I just transferred my site to IIS 5.0 and I get that error now.  However it does not happen everytime.  I can click on a page and it opens fine and then I hit refresh in the browser and I get the "Unspecified Error" message.  What could be causing this?

 

 

, Makes sense to me. I used the  ASPProtect_access2002.mdb supplied. (I am using 2003).  Only added more names and other personal info to it for test. Uploaded the amended db with FTP.  This did not restrict someone not listed in db from logging in.

Would each individuals' information need to be added to the code in order to have it check the database first to find out if the person is authorized to view?

Part of the problem is I dont know which ASP page or script links the db to the rest of the web, or how one page relates or links to the other. 

Sometimes I wonder if problems I encounter originate with the server.

Thanks for patience.


,

I am having an issue with the Thumbnailing process. My host does not support ASPImage so I have to use something called asp thumbnailer which is similar to ASPImage. I am trying to modify the Dundas upload to automatically reduce the images to create thumbnails. I ripped out the asp image code and replaced with the bottom. The main issue I believe is grabbing the image files. I am not sure how to name the actual image file that is already uploaded by the dundas upload. the code is below:

The peices in red are where the issue is I believe. What you see below is my attempt to identify the exact image and then rename it tthumbnail. My optimal solution would be to take the picture, resize it and rename it exactly what it was named before.

 

Any ideas

 

Thanks

 

 

<% Else %>

<%
 Dim thumbObj
  
 Set thumbObj = Server.CreateObject("ASPThumbnailer2.Thumbnail")
  
 If thumbObj.LoadFromWeb("../pictures/" & Filename) Then
     thumbObj.ThumbMaxDimension = 140
     If thumbObj.CreateThumbnailToWeb("../pictures/Thumbnail.jpg") Then
         Response.Write("Thumbnail successfully created.") 
     Else
         Response.Write("There was an error creating the thumbnail.")
     End If
 Else
     Response.Write("<p><hr><b>Unable to load the original image.</b><hr>")
 End If

 
Set ConnClassified = Server.CreateObject("ADODB.Connection")
ConnClassified.Open ConnectionString
Set cmdTemp = Server.CreateObject("ADODB.Command")
Set CmdSetImageInfo = Server.CreateObject("ADODB.Recordset")
cmdTemp.CommandText = "UPDATE Ads SET Image" & PicNumber & "_Uploaded = 1, Image" & PicNumber & "_FileExtension = '" & FileExtension & "' WHERE (Ad_ID = " & Ad_ID & ")"
cmdTemp.CommandType = 1
Set cmdTemp.ActiveConnection = ConnClassified
CmdSetImageInfo.Open cmdTemp, , 1, 3
%>

, I am sending you a PM with the new download url

see instructions above for what to do with it,

Access Database Password

By default all of the Access Databases we give out have a default password of "temp"

The Default username that and Access database uses is "Admin" but you should not be concerned with that except in your connection strings.

The default password for the Access Database can only be changed using Microsoft Access to do so. If you have security concerns it would make sense to change the password. The help system built into Microsoft Access best explains how to do that.

cwilliams38403.6820833333,

Great Thank you!

As of thus far the program is working rather nicely.

I am very impressed :)

,

ASPProtect Version 7
Expiry Notices go out to members who have recently renewed by subscription.

When an existing member from ASPProtect Version 6, with an expiry date, renews with SUBSCRIPTION in v7, the previous expiry date remains unchanged.
We assume the expiry date remains blank with NEW Subscriptions and that Paypal takes care of notifications.

 But our notifications to the "about to expire" dating from v6 catches the "Renewed by subscrtiption" as well, as the date has nor been changed or removed, and this REALLY confuses our members.

Can this be resolved?

, I have no idea.. perhaps PM me info on how to log into your site and reproduce the issue.,

Please be more specific. What hit count are we talking about ?

User Logging ? Albums ? Something else ?

Please descriube the situation in detail. There are really no settings for any sort of hit count.

,

MySQL Database Setup

Use of MySQL is 100% unsupported as you can see from the site.
http://www.aspbanner.com/mysql.htm

Even still I recently had an encouter with an extremely Jerky person (read the thread above for more on that) and because of him I am adding this tutorial showing one way to set things up on a windows server using the official MySQL tools available.

Let me just say as well that there are 100's of 3rd party tools to work with MySQL databases and many ways to create the database and apply the database creation script. In the past it had to be done via the command line, but now there are a lot of visual tools you can do it with. Furthermore all hosting companies set MySQL up differently and give you access to varius interfaces to manage it which are all different, and that is primarily why I do not support it. How the hell could I support all those different interfaces many of which are totally custom?

The fact is 99% of the people that purchased ASPBanner to use with MySQL have done so without issue and love how it runs. Regardless here is how I set up a working MySQL database on a windows server proving it does indeed run with a MySQL database.

1st of all if you are setting up the server you need to download some things from http://www.mysql.com/ 
(btw: you local developers can install this on XP Pro as well if you like.)

For this article we are going to download the current non beta windows version of MySQL which is 5.0. ALso known as the Windows Essentials (x86) download. It's about 17 meg.

Because ASPBanner uses the MyODBC drivers (now called Connector/ODBC) to connect to the MySQL database you need to download those as well. (Our site flat out says this is required for MySQL use)

So I download those from here. http://dev.mysql.com/downloads/connector/odbc/3.51.html
Version 3.51 has been the current version for a couple years now.
You want the windows driver install which is about 2 meg.

The two downloads should look like this.



Now, on the webserver you run the version 5 setup (mysql-essential-5.0.19-win32.msi) I will guide you through it step by setp.



Hit Next



I am going to choose typical for the sake of this article.

Hit Next



Hit Next



Wait for a bit



I skipped this part.



Choose to configure the MySQL Now

Hit Finish

Hit Next



I am going to choose Detailed Configuration



Since I am on a development machine for this install I am going to choose Developer Machine. For a Real Server choose one of the server options.



For this article I am going to choose Multifunctional Database: You may want to pick one of the other options. That is up to you. ASPBanner will work under any of the scenarios.



I am going to leave the location at its default

Hit Next



Since this is a development machine these options are fine.

Hit Next



These options are fine as well.

Hit Next



Standard is fine for my development machine.

Hit Next



I am going to choose both of these options. The 1st one is Important and should be enabled on a real server so MySQL always runs. The 2nd is not so important.

Hit Next



Set the "root" password and do not forget it. You will need it to manage your MySQL server. I do not advise creating an anonymous account unless it is a development server and you just do not care. Whether you enable root access from remote machines or not is up to you so do some research on that. For this articles needs I am not choosing it.

Hit Next



Hit Execute and wait



If all goes well you will see this. (I actually got an error message about not being able to connect... I went to to Administrative tools/services and restarted the MySQL service and hit retry which cured that... it probably only did this to me since I have installed this before.. new installs probably will not have any trouble)

Hit Finish

Your done.. You just installed the MySQL Server (TIP: its usally a good idea to reboot and make sure the MySQL servce is running by default)

Now, moving on..

Lets install the MyODBC drivers.. (now called Connector/ODBC)

This one is a bit of a no-brainer so I am not going to go into detail.
Just run (mysql-connector-odbc-3.51.12-win32.msi) and run through all the defaults until it is done.. Choose typical when that comes up.

Your done setting up MyODBC on the server. If its not your server I guess you don't need to worry about installing all of this as its your hosts job to do that.

,

Is there anyway to limit the number of Albums each user can make?

,

Thank you so much that works great.

I will test with the other settings on the email server again thanks for the advice,

best regards

,

This is amazing. You replied to question within minutes. Thanks for showing such a professionalism.

 

,

that is because passwords in the import/export files are encrypted.. if you make one of your own you need to use the rc4 function in the "config_inc.asp" to encrpyt your passwords just like the aspprotect system does (requires knowledge of vbscript and integration into your export system)

now, there is a way around this

if you want to import a file you made with clear text passwords edit "import.asp" beforehand and change

 If UserArray2(5) <> "" Then CmdAddUsers.Fields("Password") = UserArray2(5)

to

 If UserArray2(5) <> "" Then CmdAddUsers.Fields("Password") = RC4(UserArray2(5), PasswordEncryptionKey)

that way it should convert your clear text passwords to encrypted while it does the import

this post also addresses this but in the reverse scenario
http://support.cjwsoft.com/code/code_info.asp?TID=261&PN =1&TPN=1

I hope this helps you because I really do have to leave the office like right now. Very late for a dinner meeting.

I should be back on the computer later tonight or tommoro morning

,

sorry, I am guilty of being very tired and didnt read your message fully.

I know this forum area is called "database connection issues" but it is only meant for generic issues.

Issues specific to a particular application need to go in that applications area in the forum. It keeps the forums more organized and helps other people fnd help later on.

So please post in the correct area.
I will answer this question soon. I have to do something 1st though.

,

no, there is not not.

If you wanted to to that you would have to add some code to check their album count in the database and not allow them to make a new album if they were at the limit.

cwilliams38433.0233680556,

A correctly configured Microsoft SQL Database is critical to the correct operation of the ASPBanner system.

Table & Field settings must be exactly the way we set them in the database creation scripts provided with the ASPBanner system.

Below are screenshots of the design view settings for all the tables used in the ASPBanner system in case you want to double check them




In addition to the settings above each table has one field that is a primary key with an auto increment of one

In the screenshots above each of those fields has a yellow key next to it.
If the field does not have yellow primary key icon on you just right click and the option to make it one appears.

The SQL column settings for each one of the primary key fields must be set as follows




In addition to these settings the SQL scripts provided with the system auto populate the Banner_Users table with two users. This is very important because without the Admin user the scripts add you wont be able to log in to the ASPBanner system as an admin.

cwilliams38325.7405092593,

Ohhh...

I was thinking it worked like this; A user goes to that page and logs in.. and from there they can then browse the site and do what they want..

So in order for it to work i need to edit a page say... members.aspx (i assume it needs to be an asp.net page) and in the header put that protect code and when a user accesses it, it will prompt them for their un and pw and then if correct will allow them to view the page... and likewise if they are still logged in will be able to use the page?

If that is how to works as i mentioned above thats great...

I understand the redirect principle...but say i have a log in box on the main page... you know like most pages have a user log in on the left hand side... i wanted to do that. But i cant obviously protect the main home page or else normal users will not be able to view it without logging in or registering

,

that's they way it should be done..

the only other thing would have been to test everything with sql before trying to import any data.. and make sure all was fine at that stage




more info on the errors would be helpful.

Id' also carefully visually compare the SQL tables and fields with the SQL scripts and make sure all field types and settings got set correctly.

Also, make sure the user accessign the database has datareader and datawriter permissions of course.

,

ASPProtect protects ".asp" pages only.

That is your problem.

, Even if I try to upload the test file that was included with the system I still get the same error.

My host is using Windows 2003 Server.

Will send you a private email to see if the issues can be sorted out.

Thanks
,

The random password is generated during signup and the function that creates it is located on this page of code.

users/register.asp

it looks like this

Function RndStr(Length, UseChrs)
 If IsNull(UseChrs) OR (UseChrs = "") Then UseChrs = "
0123456789abcdefghijklmnopqrstuvwxyz!@#$%
^&*()_+=-"
 NewStr = ""
 Randomize(CByte(Left(Right(Time(),5),2)))
 For gpIndex = 1 To Length
  NewStr = NewStr & Mid(UseChrs, Int((Len(UseChrs)) * Rnd + 1), 1)
 Next
 RndStr = NewStr
End Function

For example go to this page and hit refresh and watch the password change.

http://www.aspprotect.com/demo2/users/register.asp

Yes, sometimes if you hit refresh quickly over and over you'll get the same password, but not generally. Also that is not something that would happen normally as a user isnt going to sit at that screen and hit refresh over and over.

Anyway... when signing up the new user of course has the option to change that password to something they would like better...


As far as... "selecting the same user name and password every time"

I need more information. That does not make sense for a lot of reasons.

Most importantly because usernames are not generated. The are inputed by the user during signup. They are then checked to ensure they do not already exist before the user is allowed to complete their signup.

So under normal circumstances there can never be duplicate usernames in the system or even users with duplicate emails as that is checked as well.

Now of course if you edited the code in any way it is possible all this is not working correctly ?

cwilliams38164.8059143519,

The "forgot your password" feature is not sending passwords to users when they put in their emails.

Any suggestions?

Thanks

,

Protecting ASP Pages

To protect a page without using the Access_Level or Groups feature simply add this code to the top of that page.

Put this under the <%@ LANGUAGE="VBSCRIPT" %>

<!--#INCLUDE FILE="check_user_inc.asp"-->

This is an example of a File Server Side Include. You could also use a Virtual Server Side Include.

The following URL explains what Server Side Includes are.
http://www.powerasp.com/content/code-snippets/includes.asp

Now when someone runs that page they will prompted to login. They will not be allowed access to that page until they successfully logged in.

An example of doing this is provided in the "default.asp" file included in the root of the Password System.
Look at the source code with a text editor to see the working code. It is quite simple.


 Protecting ASP Pages Using Access Levels

To protect a page using the Access Level feature simply add this code to the top of that page.
You simply specify the Access Level before the include file is called. In this example we are protecting the page with Access Level 4.

Put this under the <%@ LANGUAGE="VBSCRIPT" %>

<% CHECKFOR = "4" %>
<!--#INCLUDE FILE="check_user_inc.asp"-->

This is an example of a File Server Side Include. You could also use a Virtual Server Side Include.

The following URL explains what Server Side Includes are.
http://www.powerasp.com/content/code-snippets/includes.asp

Now when someone runs that page they will prompted to login. They will not be allowed access to that page until they successfully logged in as a Level 4 user.

Examples of managing Access Levels are provided in the "multiple_access_levels" folder included in the root of the Password System.
Look at the source code of the ASP pages in that folder with a text editor to see the working code. Again, It is quite simple to follow.


Protecting ASP Pages Using Groups

Please see the code generators in the admin are for the code to do that.

cwilliams38403.6864351852, I have found the alternate databases and they do not work either. I then went back and changed the database path in the asptest page to connect to the 2000 and 2002 test databases and it connected successfully to both of those databases, just as it had successfully connected to the asptest.mdb., Not the way it ships. You would have to add that functionality by editing the source code and database., Ok...thanks.,


Timecard Entry: 3/25/2006 2:58:40 PM

SoftPublication - Adding auto image sizing to all picture upload components. Added switches to turn off auto image sizing on servers that don't support image component. Added feature to input image size at upload time and auto aspect ratio adjustments., Crystal Reports, short break for a little taco bell, Playing football outside w/ Ed, Steve, Jim, and Chris., worked on some stuff for jeff, including moving over a domain from imcnet servers, also figuring out some stuff on imcnet servers, helping the ppls down in the noc with some troubles called custoemr to work out problem, tech support mac setup emails, Cleaned up the laptop that we are using for the wireless test machine. Added a few items and checked about the battery situation on it. , Creating an admin area and user login for Timberview, Checking emails and responding to them, Vermont marketing, mailing, affinity codes, etc... also a couple customer long distance issues., Greg Systems- left message for Vicky Environmento- Mike- problem with email- Left message for Ben Cindy Shaw- left message for web site Chadwick realty- spoke with Chris Berer- handles computer info Bonnie castle- go over info with Tom, helped Melody did petty check , Drive back to Clayton (50 miles), Work Order 2000-7-12. Developed header text ad replaced old header text with typeface that matches brochure on each page. Replaced selected photos with new scans and revised text. , Working w/ Ron D. and Hitty and alittle w/ Jeff, they are all asking me regarding DSL procedures and how I would like to handle the orders and such. Trying to Iron that out., While trying to add a SQL database to the sql server for their SOFTMLS system I somehow boned up the SQL server so we spent quite a while trying to get it back to normal again..., Phones busy, tanned, Trade entry, deposit, to bank, , to Syracuse, Lunch, Restructure, phones radlog, dial up issues, had to go over to imc net building to reset ns2, Learning Cisco Routers, technical support supervisor. emonitor, radlog, dial up issues, ask us a questions, incoming calls, emails, took mostly incoming calls ... helped techs as needed ..covered incoming calls and tech issues , Checking jefflewismediation.org login for third time. Customer says events calendar admin buttons are not appearing when using one of their machines (works on all but one). Nothing wrong here but checking code to be sure. Sounds like cookies got disabled on clients machine. (billable), Answered phones and Helped with a few phamplets. Picked up later in the evening, answered incoming calls, billing calls,

   Active Server Pages Rule The World
Contact Us  
All artwork, design & content contained in this site are Copyright © 1998 - 2022 PowerASP.com and Christopher J. Williams
Banner ads ,other site logos, etc are copyright of their respective companies.
STATS Unless otherwise noted - All Rights Reserved.

vbscript active server pages ASP vbscript SQL database informix oracle SQL Server Perl CGI Delphi PHP source code code sample samples program CJWSoft ASPProtect ASPBanner ASPClassifieds www.aspclassifieds.com, www.powerasp.com,www.cjwsoft.com,www.aspphotogallery.com,www.codewanker.com,www.aspprotect.com,www.aspbanner.com