Blog Entry: 3/25/2006 4:26:26 PM
I have no idea.. perhaps PM me info on how to log into your site and reproduce the issue.,
Sorry about earlier post in wrong area-
I have followed instructions to set up access levels (adding the
<% CHECKFOR = "4" %> for user level 4 for instance.) The database is connecting properly and the basic check for login is taking place, but it seems that all users have access to all levels no matter what is on the database; i.e I set up a test page with "checkfor=4" and all users have access to it, even those with lower leve access.
Is there somthing I need to change in the settings to get the hit count to update?,
1st off.. you appear to have some strange things going on with that domain. Looks like you have a frameset and are loading another domain in it which is always confuding especially if you are running the site off your home computer or something... I am not sure
If I go to
and click on the "familiy" category
then right click on a broken image.. look at properties
Your linking the image to your localhost
and that is wrong, just like I said above
Nobody running the site off any computer but your development machine is going to see those pictures because the url isnt valid for them
My guess is in the settings you have the "PictureURL" set to
when it should be
Good luck with this.. I am going to the bar.
If you need more help I probably will not be available until Monday.
I've got an ecommerce module that's running on it that uses access for the db. Connecting into that thing is slow as well, but I figured that's because of the complications and volume it handles.
So as far as importing on a faster machine and copying it over to the server...what suggestions do you have?,
I did not make a mistake.. what I typed is what I meant to say. I think maybe you are taking it the opposite way as I explained it.,
What you want to do... logging them in under https and then having them continue though the site under http is not possible.
It doesn't work that. way. As far as the webserver is concerned https is a totally different site than http and each have their own unique set of application and session variables.
In a sense no different than www.somesite.com is different then somesite.com (each has their own unique set of application and session variables as well).
Now, because of the nature of Forms Based Authentication session varibles created under one will not carry over to the over and thus no password access if you switch over from a secure url to a non secure url.
If you want them logging in under SSL you need to keep them under SSL.
That is not to say there is some ultra complex scenario to mimic the session variables on the non secure side of things (possible with a complex http post to a non secure page from the scure page telling it what variables to create and set), but doing so means a ton of work and also has security concerns of its own.
I downloaded the .chm format installation documentation but when I open it I get the index but can't see any of the pages so am a bit stuck.,
I did the initial steps of downloading the sql scripts and running it in Query Analyser, tables created fine.
I can login for the first time. I exit from the browser and then I cannot login again. This happens for every user and admin.
I noticed that the values in the fields "Login_limit" and "Active" in the ASPP_Users table in the SQL changed to NULL and 0 when login and remained in those values after close the browser.
So iam just struck not able to log in. Pls advice.
I just got done trying it myself and it worked great for me too. I was aware of the security issue, but I'd already planned on using SSL for this particular call, as well as for the secured pages accessed through the normal process, so the bad guys will be kept at bay.
Thanks for the help., does emailing work at the simplest level.. ??
meaning does a user get an email when you send an email from the admin users screen ?
if emails are not sending it could very well be the setting you have chosen for emails in the settings.
the best thing to do is keep trying to send an email there and try different emails settings until you get something that works... even when I do installs for people I often have to try a lot of various things before I get emails to send.. like picking different components and trying different things for the email server address because what they tell me is often wrong
also, sometimes emails get sent but depending on where they go they may get deleted as spam.. aol, hotmail, msn, and yahoo are famous for that , Verison 8 is superior in every way and the code is much more optimized so yes I think it would handle it better. It is still a lot of banners on one page though which means a lot of hits to the database if you call them all individually with zone calling code. SQL server would make sense more than MSACCESS.
Now, the only reason I said make one zone for all those banners on the home page is because a banner has to be associated with a zone. It would make sense to put them all in one because if you just tracked the clicks like I mentioned you really wouldnt be using the zone except for maybe when you go to view stats. ,
that wont work the way you did it because groups are not stored like like.
groups are stored "*1*"
so if you test for them you must do so using the InStr function of vbscript
If InStr(Session("Groups"),"*1*") Then
' do whatever
also.. as for the session variable
it should be Session("Groups")
And in Version 6.... (its all ready to go in version 7) that session variable must be saved in the check_user_inc.asp file near where all the others are saved. If it is not there by default "I dont remember if it is or not" you have to add it like so near where all the others are saved,
Session("Groups") = CmdCheckUser("Groups")
If you are wondering if it is being saved correctly you can always response.write out the Session("Groups") to see if it holds a value
Here are three known bugs and their fixes...
If you have any of these symptoms these fixes will most likely take care of them.
If you don't have a symptom do not make any changes as you most likely have an updated copy of the application.
Technically if you bought that app on or after April 27th 2004 these bugs should all have been corrected.
(no descriptions showing in pop up window)
Edit pic_window.asp with a text editor
Set f=fs.OpenTextFile(Server.MapPath("pictures/Album_ID_" & Album_ID & ".txt"), 1)
Set f=fs.OpenTextFile(Server.MapPath("../pictures/Album_ID_" & Album_ID & ".txt"), 1)
(last image in slideshow it not showing)
<% For PicArrayIndex = 0 To Ubound(PicArray) - 1 %>
<% For PicArrayIndex = 0 To Ubound(PicArray) %>
Add To Favorites fix
(add to favorites feature doesn’t work at all)
Edit "album_uppermenu_inc.asp" in the scripts folder
<a href="users/favorite_albums.asp?Album_ID=<% =Album_ID %>"><img border="0" src="<% =application("skinpath") %>add_to_favorites.gif"></a>
<a href="users/favorite_albums.asp?Album_ID=<% =Album_ID %>&Action=Add_To_Favorites"><img border="0" src="<% =application("skinpath") %>add_to_favorites.gif"></a>cwilliams38104.7034375,
The redirection feature isn't working as I exected.
If I clear a user's redirection_URL, they can navigate to any protected page on my website as expected.
However, if I set the user's redirection_URL to a protected page, they cannot login. More specifically, their browser just keeps displaying the login form while the browser's progress bar just increments ad infinitum.
If I set the user's redirection_URL to a NON-protected page, the user is directed to that non-protected page, but if they then try to navigate to a protected page, they are redirected back to the redirection_URL.
Is this the way the redirection feature is supposed to work?
My application requires that a user is directed to a protected page and from there, they can navigate to any page that they are allowed to go to.
What can I do?, Totally 100% depends on what you are doing.. you certainly can't be renaming any fields unless you plan on editing a lot of code that references them. Adding new fields is nothing to worry about.
Also, you really should post a question like this under the forum section for the application you are referring to as well as specify exactly what changes you are talking about. For example I don't even know what application you are referring to.
I sell about 8 applications.,
We can't seem to find the purchase emails for this install of ASPProtect.
It would have been in May 2004 for NetOptions LLC or CareerMatrix.com
We noticed it should have been v6 of ASPProtect.
Can you resend the download links?, How and where does one add countries/cities to the list so that they appear in the Drop-Down list that advertisers see when they are placing a new ad?, You are NEVER supposed to move any files, especially that one. Of course that is going to break a lot of things.
Please put it back the way it was.
You change the path of the include file when you call it, never the location of the include file.,
Is there a way to know if it is a SQL server with IIS5? My database type is MSACCESS.
Another good tip is to make a copy of the "password_admin/default.asp" named whatever you like..
"default2.asp" would work...
then maybe add a link to it from the header_inc.asp filecwilliams38422.509525463,
then you can modify that one all you want and your will still have the original around.
That concept works for a lot of things.. for example you could make a copy of the "users" folder and call it "users2" granted a few paths might need to be changed here and there but really not a lot. (how do you think the paypal signup folders were created, they started as a copy of the "users" folder of course)
You can even make a copy of the "check_users_inc,asp" file if you like. Then make a copy of the "scripts/login_form_inc.asp" file... then make your new "check_user_inc.asp" file reference it.
Then you can password protect pages using different versions of the "check_user_inc.asp" file. Why ? well maybe you want different looking logn forms for different parts of your website or you want to make a lot of changes to the "check_user_inc.asp" file and want to leave the original alone.
I really do not know to tell you the truth. I'll do some research.
The script only allows .jpg, .jpeg, and .gif extensions.
If someone uploads a file called... "filename.vbs.jpeg" with bad vbscript in it I seriously doubt anything can happen because of it because of the extension.
But I really do not know.
It has never happened to any sites I have or know of.
thanks.. it was not taken as a complaint.
I just wanted to explain
When you said you tried using the web version of sql manager. Did you use the microsoft one I link to here "just curious"
, yes, like it says it is expirimental
turn it off.. the banner system will run just as fast for the most part
or leave it on and an occasional user will see a permission denied error where a banner will be, Personally, I really wouldnt worry about. Personal Client virus software like that is not really meant to run on servers anyway. That software is meant for client machines, not web servers.
Any Server designed virus product will not incorporate script blocking features because servers often need to run scripts when dealing with ASP, PHP, CFM, etc etc
That article I link to has more on all of that.
Turning that off is nothing to worry about. I been running IIS servers for 8 years. ,
I am investigating the possibility of purchasing above script having spent some hours trying to integrate various free banner rotators into my Invision portal.
What attracts me to your script is that it has 6 ways to call banners. I am an inexperienced webmaster with only a smatterring of knowledge about ASP. Will ASP Banner be able to integrate with my portal?
David van der Want,
its a text file you just edit it with notepad.. if ya mess it up ya put an original copy back in
no biggie either way
jump in there..
I just showed ya exactly what to change.. its a no brainer man
This is simple source code. It's meant to be edited and hacked.
The only reason I warn you is so you can't blame me later on if it effects something
I am just trying to help
If ya dont like that solution why not just use periods for the first name field.. or a dash or something... then nobody will really see it
or maybe store the company name in the first_name field
seems like clever things to try without changing the code..
I'm using ASPimage and have the maximum width set to 320 in the settings. Also using SAFileUP ver. 4.0.
Files upload okay, and the script displays a confirmation that the image was resized to 320, but the actual image uploaded is displaying full size rather than reduced to 320.
Also, the thumbnails are not displayed in the Picture Manager. Would indicated ASPImage is not working or the script is not communicating with it.
Nick, now, even though it should work with two slashes or not... here is an updated file that will clear that issue up.
You can try it but I think you have other issues like I said above.
just replace this file in the "scripts" folder
thanks for posting this... Since "private" is the default setting from what I read and setting it to "public" cured the issue chances are leaving it at "public" is the way to go.,
ALSO: since you are one the few people that has ever contributed anything helpful to the forums I am going to reward you with a free copy of the password expiration mod. I am sending you a PM with the download info.
I just installed the software, but I can't find any place where I can see when users logged in, can someone please tell me where I can do this?
Thanks, ok, I am going to do that in the next few hours. I cant do it right now as I have a few other business's and something else needs my attention right now.
ok, here is what is going on
you are password protecting an ".asp" page that requires querystring info to run correctly (example - "somepage.asp?ID=3""), It works. Thanks Chris.
that is something I never intended anyone to do.. while it does handle and repass the querystring info along during successful login it does not re-pass that info during a failed login as you have found out
this is all by design.. the only reason the system re-passes the querystring info at all is because I wanted to make it smart for the sake of the remember me/cookie feature.. so if someone was using that and bookmarked a page deep in your site with querstring info...then when they went back to that bookmark they would get authenticated and still see the page as intended with the querystring info in tact
it was a nice feature never intended to handle any situations other than what I just described...
notice the url in the browser after failing a login.. then logging in successfully.. it is missing the querystring info
that more than anything is what is going on.. browser caching can cause some confusion when dealing with this because the browser likes to return you to the page minus the querstring info... when that happens a simple browser refresh at that time may very well solve the problem and then you see the page you are supposed to see...
To avoid all of this...
One solution to this is to always start people logging in to an ".asp" page that has no querystring info. That way this won't happen. Once they are logged in you can then offer them links to the pages they need to go to. (you of course still want to password protect those pages)
Another solution is to log them into a page with no querystring info and then do a response.redirect to the page with quersytring info.. thus accomplishing the same thing but without the possibility of the issue because of a failed login.
Another solutions is to do checks in your asp page for missing querstring info.. and if it isn't there do something about it like send them somewhere else.. or display a message about there being an error... etc etc
So,basically you don't want to tell people to login into such and such page with querstring info... and providing a username and password..... You can do it but like you found out it can cause an error if they mess up logging in the 1st time. The system just was not designed to handle that. There are complex reasons for that involving security that would just take me too long to explain.
I hope this makes some sense to you.. it is very hard to try and explain
really all depends on the sql connection string you are using and the names of your sql user you are using...
you really havent described very much..
I'd double check all of it.. something is wrongcwilliams38325.8892824074, I just got home from a lonnng trip.. I will try to answer this 1st thing in the morning.
Have SQL 2000 backend...
We just moved from Windows 2000 to Windows 2003, used import data routine in SQL to move data.
Logged into admin area. When adding new user, no record is created. However, editing record works just fine.
Any ideas would be appreciated.,
I have been having some display issues with the .NET version of ASPBanner. I set the size of the image, and I set the size of the banner and there is still white space above and below the image. I am not using a text link below the banner, so I have it set to blank.
Here is a link to my page.
Two of the three banners in the rotation on the main page have non-white backgrounds so it's easy to see the issue I'm talking about.
Is there a way to tighten up the formatting so that the image fits onto the page in the size specified?
Ok i am having an issue with my other comp. I have spent ANOTHER 3 hours researching this one.... it WONT START THE IIS SERVICE!!!
I get this error:
The service did not respond to the start or control request in a timely fashion
I decided to use one of my client's hosts; which happens to be Network Solutions.
I uploaded the whole thing there and they advised me they cannot do the explicit permissions on that _database folder. This is what they said: I would also would like to point out that ASP.NET applications and permissions do not extend to any other folder, other than the root, (/htdocs/), and the bin, (/htdocs/bin/) folders. Sub-directories and folder after bin and htdocs will not have ASP.NET permission (read or write).
If you could move or reconfigure your application to save all your code behind, include and dll files onto the root or bin folder, your application could work or possibly run as you would expect. Please have this done and retest your application. If and when you get a different problem or another error after doing so, please let us know, and we shall be happy to help you troubleshoot any problems that you may have.
There is a 'create database option' where i can create a database..create a dsnname, user name, password and have to specify the database file name. Once i do this i need to place the database file (aspprotectnet2002.mdb) in the /db folder within the root. I also tried this and made the appropriate change in the web.config but it STILL DOES NOT WORK. I AM PULLING MY HAIROUT WHY WONT ANYTHING WORK.
ALL THE FILES ON ON THE ROOT OF THE WEB HOST. I PULLED THE FILES OUT OF THE _DATABASE FOLDER AND DUMPED THEM ON THE ROOT. I CHANGED THAT ON THE WEB.CONFIG BUT ITS STILL LOOKING FOR SOME .XML FILE IN THAT _DATABASE FOLDER.
I'VE BEEN TRYING EVERYTHING AND IT SEEMS THAT I CANT USE THIS SOFTWARE FOR THE LIFE OF ME, My client has a list of 13,000 members that
have already been assigned ID's and passwords with a
When doing a bulk import, will we be able to retain the userid and password or will a new id be assigned during the bulk load?
Thanks in advance for your help.
Timecard Entry: 3/25/2006 4:26:26 PM
general billing. Emailed expiring accounts. , Mail out PC Bundle Info to Channel Partners, went to the bank to make deposit and tax checks and came back to enter deposit and pull invoices , Norm was also here to install phones, switchboard, billing calls, chow, Customer Support-FrontPage issues, lunch, created a new signature for my return email, lunch at Skeemers, Meeting with Beth and restructuring partners site to be easier to use and take out a step in the process as well as design pamphlet to give to resellers to explain the process, call from Jeff about boards' information, Staff Meeting, Met w/Anderson team, TIMECARDS, TICC Quarterly reports, enter bills, 75 Miles : Watertown - Syracuse, Everything went fine., lunch time, my timecard and printed timecards, worked on Real Rock poll (got it working) and published to index, worked on databases on home page, made more User Manuals, Email/Voice Mail/Newsgroups, Frederic Remington membership form quit working. Finding error/fixing., bell atlantic conference call with chr on collocation issues. minutes and task sheet prepped and emailed to team., went over changes with Bob Nelson for web site- need to sit down with jason
, Meet with Howard, Randy, & Darrell, Timecard; review procedure for cash flow report due Monday, meeting for 401k, went over to comm building with andy to fix problem with danc isdn turns out radius stopped on that serv added a monitro got danc back up... changed some stuff on ns0, quick frontpage tutorial with interns...,