Blog Entry: 3/25/2006 4:51:44 PM
well, I was curious myself so I just tried it.
Good news is it worked just as I thought.,
Only problem is your changing things to allow authentication info to be passed over the net in a url. If you can live with the security implications then it will work. I mean a sniffer could see that and end up knowing the username and password.. not likely but just putting that out there.
Of course now that I think about it unless you are running under SSL (https://) when you log in normally that info is in the post info anyway and possible to get at.. course not right out in the open like when you put it in the url and less likely to be noticed.
As long as your not doing it to access critical areas like the admin pages... and you monitor the log files once in a while it's probably nothing to worry about.
again I will ask you what is the real error??,
see the link above when I asked you the 1st time.
(I need the error details and line number.. etc etc)
and what kind of a server are you trying to run it on ?
you mention xp pro but in a confusing way ?
Ahhh, I see it, thanks that was the ticket.
, Send email to users that are soon to expire:
What Format should be used for dates and does international friendly dates affect the date as used by the reminder ?
Am having serious problems with renewal notices and expiration dates.
All member sign ups are for 1 yr., yet new members are being sent
Does Paypal use a different date system or has does
Paypal have nothing to do with Subscription dates?
, The mass picyure import does not work like that. It involves no uploading component.
Only an admin can do a mass import on an album and they have to ftp the images into the site in that upload folder before they go do the mass import thing. , either that or send me your encyrption keys and the exact password entered that causes the problem and I will try to reproduce the behavior here,
Trying to make sense of this. I am still confused. In the file config_inc.asp. I found the setting for "uploaddirectory". That entry looks like this [UploadDirectory = CmdGetConfiguration("UploadDirectory")]. I assume there is a config file where the value of upload directory is located.
The settings in the config_inc.asp file have not been changed. they are set to the way it was delivered. Is there a document that gives instructions as to what and where the config settings are to be changes?,
ALL FIXED.. tested with real paypal accounts and a live system
THIS FIX IS ONLY FOR PAYPAL SUBSCRIPTIONS
Download this file "ipn.asp" and put it in the "paypal_sub_signup" folder
Basically somehow an older version of the this file was in the original download archive.
I am VERY SORRY
Anyone who purchased ASPProtect 7 before March 11, 2005 should download this fix.cwilliams38421.7018055556, remeber too.. you might have to edit code you used on your existing pages in your site so they still call the "check_user_inc.asp" correctly.. though it may very well work out so it works the way it is at the new site
any redirection code you might have done may need the redirection urls changed if you used full domain urls..
things like that... etc etc etc, Chris,
Ok new puzzle. I have now managed to gonfigure it to get the admin screen and update members. All excellent news. Seems to work a treat.
But have used the code you give in your getting started guide to add at
the very top of an aspx page to be protected. The path is configured
correctly I am sure. the aspx file is in the root, the protect program
is in a folder now configured as an application (hence the steps
forward to get to the admin screens) on the root, so address should be
Proble when I load that aspx page is as above. The exact same config error,oww!
I am sure its a setting on my server now, but I dont know what to ask for, Any ideas...
So close now!
Just got back 10 minutes ago..
Missed plane yesterday because of traffic and the flight today was 3 hours plus 4 hours of driving
The fact that you are using Server 2003 is not relevant. I am very familiar with it and all my sites run on it.
The ASPNET account will be there by default once the .NET framework is installed. It won’t just show up in the list, you have to search for it like my article mentions.
That error really means exactly what it says. You have to give that account permissions correctly. , Not sure what you mean about the path to the IIS files being
wierd...what else should it be? The wf directory is the root of
the aspprotect stuff for this project.
I assume the permissions need to be read, write at least. I was
looking at the permissions dialog from a file explorer and I see a web
sharing tab and a security tab. I look at the security tab but I
am not really sure which type of user I am looking for to add and give
permissions to so that I can get it right. Maybe that is not the
right place to set the permissions....
Sorry to be "windows challenged" but I am not super familliar with all
the different places to set various permissions for OS vs. IIS. I
looked in the "Internet Services Manager" and browsed to the logfiles
directory and looked at its permissions...is that the place to set
things up? I see a "directory" and "Directory security"
tabs...which is the important one? I made sure "write" was
checked and went to the directory security tab and enabled anonomous
access....still no logs are showing up. Restarted server a bunch of
times to make sure it took the permission settings. I logged in
and out correctly and incorrectly to see if a log would be generated
but no luck.
The physical path to the logfiles directory is set correctly in the setup tab in aspprotect... sorry to still be baffled.
How do I know if the filesystem object is disabled on the server?? I can copy and paste things in there...
Adding Support For ServerObjects ASPMail
ASPProtect as you know does not support ServerObjects ASPMail component by default.
Best setup I recomend is just setting up a rig and making a workgroup.
No real reason for a production machine to have any access to internal
security when you think about it.
Here are directions to make it work.
In the ASPProtect admin settings area simply pretend as if you are using the softartisans sasmtp mailer component. ASPMail and that sasmtp component share the same properties… and the code used for them is nearly identical.
So search through the code for any place where email is sent and simply change
Set Mailer = Server.CreateObject("SoftArtisans.SMTPMail")
Set Mailer = Server.CreateObject("SMTPsvg.Mailer")
It is about 4 places. They are not too hard to find.
That’s the easy way to get all the emailing functions working with ASPMail
classic asp should be pretty easy to move, just set up new webs and
dump the scripts in there. If you have 2 machines its always easier to
look at the one while your building the other. Basically copy the setup
and tada... the only thing you might need to remeber is components (if
your using any) and thats usually not a very big deal either.
Point sort of being at some point your going to have to change that
thing around and while its no fun you have to imagine now is a better
time to bite the bullet and get it set up the right way. Your
alternative is to mess around for hours and hours praying that you
change domain wide security to the point that running NET
apps on that domain controller works. Personally I wouldnt sleep well
knowing I had just messed around so bad with the OS that I had no clue
what bugs and security holes I might have accidently opened in the
process. I wont even get into the possible things that might stop
working on the rest of the domain if you fiddle with accounts like
Oh and if thats not enough reason to make you think about it, consider
how hard it will be to try and rember what you did at 2AM 6 months from
now if that machine takes a dive or some critical update undoes what
I feel for you though, trust me we have all been down that road once or
twice. Get some sleep and in the AM the task at hand wont seem nearly
as bad. You live and you learn, and you will definatly be WAY better
off making things right sooner than later
You edit the web.config file that came with ASPProtect.NET.
You find this tagcwilliams38454.4368055556,
<customErrors mode="RemoteOnly" />
you change it to this
<customErrors mode="Off" />
If you have a different web.config file in your root I suggest you make sure the tag is set to off there as well for troubleshooting sake
If done correctly you will get a detailed error
It's basic low level ASP.NET stuff really and does not have anything specific to do with ASPProtect.NET.
You also need to make sure your web is set up correctly for ASP.NET and that the correct web.config's are firing..etc etc
I have noticed that during the file import, that some of the pictures get messed up. I can import aroun 150 pictures into different albums, say 3 albums with 50 each.
I have noticed however that some of the get messed up. What is happening is...the thumbnail will be correct, but after you click it the picture that shows up is one form a different album.
Any cure for this?,
The parent paths things really should not be an issue.
This is an article from the troubleshooting section of the documentation that takes care of it all very easily.
As for a good host that knows ASP and does not mess around when you ask for something. I always recommened www.alentus.com
, you can whatever you like but like I said those gif files are already in the correct place. The log parser is messing up. , Its not a known issue.. I would try the original code before you made any changes and see if it still happens to you.
It seems to be working fine here for me in amy test web.
I am going to look into some more in the meantime.cwilliams38341.7166782407,
basically one at a time because of limitations of the file uploads that browsers can support
more on that here
An Admins can however ftp a bunch of pics to the import folder and import them into any album all at once pretty easily
It's just a generic error that means one of 1000 different things is wrong.. there is a lot of information on in in these forums as well as links to articles about it.
usually it means permissions to the database folder are incorrect or the physical path you are specifying for your dsn-less connection is invalid..
everything has to be perfect
People who have the option pack have a new feature called groups.
Groups are meant as a replacement for using the access levels as they are much more powerful. Support for pages protected using access levels is left in tact for backward compatiability for a customers older protection code.
A customer recently told me groups could not be used like access levels and that 8 access levels was not enough. This is how I explained that groups can do everything access levels can do.
Groups can honestly do everything access levels can do if you really think about it.
Using groups and protecting pages accordingly you could actually create a system that basically worked identically to the way the access levels works.
You make 8 groups and assign users to them accordingly
Protection code on page allows access to groups 1-8
The aspprotect system generates this code for you…
<% GROUPACCESS = "1,2,3,4,5,6,7,8" %>
In this case a user assigned to any one of those groups would have access..
Protection code on page allows access to groups 2-8
The aspprotect system generates this code for you…
<% GROUPACCESS = "2,3,4,5,6,7,8" %>
In this case a user assigned to any group between 2-8 would have access..
Protection code on page allows access to groups 3-8
The aspprotect system generates this code for you…
<% GROUPACCESS = "3,4,5,6,7,8" %>cwilliams38114.800775463,
In this case a user assigned to any group between 3-8 would have access..
Perfect. Thanks buddy :)eeye38433.0629976852,
no, that system only works with ASP.NET code.
Currently it can not possibly work with classic asp.
PayPal made it a nightmare to use and work with.
Special things regarding the signing of digital certificates also need to be installed on the web server so if it isn't your server your also out of luck.,
that would probably work...
any ".aspx" page can grab that data after someone logs in..
anything you see set in the "aspprotectlogin.aspx.vb" file will be there
any data not set there would have to be added and then the project recomplied so that data gets saved...
I did all that you sugessted and all failed, you said "I did a sign up.. your verify URL is not saved/set in the application variables. is this somthing I can change manually? below are the steps I performed......
1 - made sure the web is it's own application in IIS
2 - Reset IIS in command promt
3 - Restarted the server, the only thing is I have not waited perhaps long enough for it to kick in. but it should have with the restart.
I am running windows 2003 on the front end with wondows 2003 and Exchange 2003 on the back end, is there anything else that may be causing this issure?
Matt..., question 2 is answered best here
Ok, got it. Didn't know if there was something already set up for this that I was missing.
>>I should also mention that the paypals scenarios used in ASPProtect can not be tested using PayPal's sandbox.
>>Also test using two real PayPal accounts and on a live setup. (You'll allowed two paypal accounts) then you can log into the other and refund the transctions and of
course it makes sense to use low amount like 1 cent and what not.
Yeah, been messing around with
that. Got everything going except the return page which I can't
do until the site is live.
>>Also, I'd love to see what you came up with with the
integration. I have been working on it here as well and took it in a
different direction as I plan to sell directions for it as an add-on
Ok. Will email you with a username and password for access to the site once it's live.
Sounds like a great add-on for ASPProtect!
The redirection at 1st login feature is supposed to work like I explain in this thread.
Though what you just said is a bit confusing it sounds like you have some sort of browser problem and it is doing the redirect every single time. ?,
I would suggest reseting all your browser settings to normal and making sure cookies are enabled because forms based authentication uses session variables and cookies must be enabled for session variables to work correctly. If not something like this could happen as the redirection at 1st login would happen over and over every time.
So try it on other computers and try with firefox as well as IE. Many people go nuts with their browser settings and way too much stuff blocked which can cuse all sorts of issues. Also some script blocking and firewall software can cause problems so disable all of that when testing.
You may also have created some sort of endless loop. (I really need to know way more information on what you did to know that for sure)
You may also want to consider doing your redirects manually meaning you protect a a page and right after the protection you use regular ASP redirect statements to redirect the user whevever you like based on their session info which is available to easily check immediatly after someone gets through the authentication.
I still stand behind my statements that redirection is not good site design. You really really need to understand and plan your ASP pages as well as have a very good understanding of the session and how all of that works if you use redirection with a password authentication scenario. You should never be redirecting someone to an ".htm" pages except during testing because you wont be able to stop users who are not supposed to go there from going there directly.
Understood.... can you point me to a place where there are other methods of calling banners? Do you mean not use Flash? I am new to this and will need some pushing over the cliff!
Its still not there as labeled 'internet guest'. There's a 'guest' and a host of others. Is there a way to identify it as the proper guest account to use with ASPProtect?
Also, looking through support documentation, I see other possibilities it could be (http://www.powerasp.com/content/hintstips/permissions.asp). Is there a way of telling which the problem is and whether we use a dsn connection or not?
The error we are getting is
Microsoft OLE DB Provider for ODBC Drivers error '80004005'
[Microsoft][ODBC Microsoft Access Driver]General error Unable to open registry key 'Temporary (volatile) Jet DSN for process 0x1340 Thread 0x17a4 DBC 0x162becc Jet'.
/aspprotect/scripts/populate_config_variables_inc.asp, line 11 , CDOSYS is the way to go usually...
My article may shed some light on the different ways to send email using CDOSYS
As for eliminating the registration its pretty much like what you said.. manually remove the links and what not... etc etc and dont send users to the registration pages..
If you dont want people to be able to edit their info ever... or retrieve lost passwords.. you can delete the users folder completely..
though it's probably better to leave some of that stuff and just disable the registration links and page...
The paypal and 2checkout folders can be wiped out completley either way as you won't be using them at all. ,
I assume you mean 500 pixels wide
no.. because you cant reliably tell a pictures image width without an image resizing component to look it up.. asp can not do things like that on its own
serverobjects has a free component called "imagesize" that can do it as well but you need access to the server to install the component
so if you cant do that with regular asp code you definetly can not stop the upload proces because the picture is too wide..
heck, that would be nearly imposible to do regardless.. even with the best 3rd party components at your disposal
even with an image resizing component you would have to allow the upload.. then check the pixel width.. then delete it.. tell the user what is going on...etc etc .. all a very complicated process
Ok i was wanting to know what the "if then" statement would be if i wanted to show xxx if your group is xxx.
<% If Session("Groups") = "1" then%>
<font size="2">TEXT HERE</font>
But that did not seem to work.,
You cant do it from initial lohin, but you can do it from the time of registration signup.
As for the emailing thing it is most likely an email sending issue more than a code problem. For example spam filters incorrectly grabiing those emails or something of that nature..
Best thing to do is try different things for emailing options until you get something that works. I suggest using CDOSYS with a real email server and using a valid email account for yourself at that email domain. SMTP authentication if necessary. This will ensure the emails sent have valid MX records and dont get treated as spam.
, Can I copy the file into the export folder and then the import user function?,
humm.. their FAQ is interesting...it looks like some sort of .NET configuration issue regarding security policies like you mentioned, Just want to be able to log users in from the home page via a username and password box somewhere say on the left hand side with a login button. Like most sites have.... i cant seem to figure out how to do that with the software.
Thats one of the big problems with hosting .NET. Some hosting companies just do do some oddball things. ASPProtect.NET works under default conditions but when hosts go around locking things down to the max there is bound to be trouble. This is the 1st I have heard of this.
Now, ASPProtect.NET does use the "System.Data.OleDb" and "System.Data.Odbc" which your host says they block because they require full trust.
All I can really say at the moment is go with a hosting company like www.alentus.com or www.maximumasp.com that does not restrict your .NET abilities so much.
In the meantime I am going to ask John Evans what he thinks about this.
My other question is..Is there a way to incorporate this software into an event registry? What i mean is this:
Say a company is having a pool party, BBQ, and tennis lessons (just examples)
When a user registers with aspprotect i want him/her to have the option to register for one of the events. Also, I as the admin, would like to be able to view who and how many registered for each event... Here is what i am talking about (and it has a payment option to charge for an event which would be PERFECT if you could do) http://www.cescripts.com/demo/registration/view-events.php
Please let me know if there is a way to add this option or create...
Thanks, the DESC addition did the trick!
I log all 404 errors on my site and since installing ASPBanner, I get a lot of the following error:
/aspbanner/edit_banner.asp?Banner_ID=11&User_ID=1 contains a broken link:
ID changes and there are various missing links. Some missing links include:
While not critical, these are filling up my error logs and it takes time for me to sort through them. ,
Timecard Entry: 3/25/2006 4:51:44 PM
Sales and Mrkt Mtg, worked on panasoton softrouter with andy, cleaning up ns1. ns2. ns6, mpts1 making soft router disks. exploring backup options, fresh air, finished payroll and sent email regarding deadline, same as a.m. plus work Verisign issues, more email stuff, Started to develop a work order control form that can be tabbed through to fill out, Updating homepage to remove Beth's name and email also correcting links to local and national numbers, Traveled back to Clayton - Mileage =94, INTRO TO FLASH 4.0 ONLINE LESSONS COURSE, Boys and Girls Expo, Helped customers with remains of authentication problems.... signed up three users., st law chamber, read and sent emails, NOC Schedule, Watertown to Clayton - 24 miles, phones, invoices, etc., called customers to help them get onto their web site via frontpage, email, voicemail, call backs, misc, talked with scott from fouveon about what is still needed from me for the boxes to be shiped, sent off email with last needed info to lenny at fouveon., Answering email and voicemail, Dial up issues. One was using a wrong number, other had DUN account deleted so I helped to set up., dinner, printed payroll, presentation for dutches co, Work with Jason on Chamber Mailers, stop by Herald Building, timecards, teched calls and radlog, made new weekly report,