I was just about to give up on that actually when I found out the security problem lies in the Access 2000 database.
There does seam to be a way to convert it over to an SQL database though. I'm looking for the instructions for that now.
Looks like you may be the right guy to talk to about that though lambada
It seams that for some really really dumb reason they have the database store the password where you can just open up the database via URL to see it plain as day...
IMO that should have been a no brainer not to do something that stupid...
But yet, there it is..
The install file you speak of is very vague and not very clear. So I looked through the web to find better instructions and I found some of the old instructions for version 1.0 that seam to be better. Although they don't give much on the sql conversion., and refer you to a dead site for instructions.
1. Database:
- DUpics uses Access 2000 for its database. If you plan to upgrade DUpics database to SQL Server, post your question in the DUpics Forum on DUresources Web site. Other users will help you with this.
- When uploading DUpics to your Web Hosting, be sure to place DUpics.mdb database file and pictures folder into a read-able and write-able directory assigned by you or your Web Host Server Admin.
So I continue to look for the cure to this issue.
Although even with the Access database it doesn't run here I'm not sure why that is.
MS Internet Information Server 4.0 or later issues possibly? Will that run here?
Any ideas?
When I open the login page I get a giant error that looks like it may be a database connection error of some sort. But since I have never used Access I have no Idea what it means.
But here it is just in case you want to see it.
<%@LANGUAGE="VBSCRIPT"%> <% Response.Buffer = True %> <% ' *** Validate request to log in to this site. MM_LoginAction = Request.ServerVariables("URL") If Request.QueryString<>"" Then MM_LoginAction = MM_LoginAction + "?" + Request.QueryString MM_valUsername=CStr(Request.Form("id")) If MM_valUsername <> "" Then MM_fldUserAuthorization="" MM_redirectLoginSuccess="approve.asp" MM_redirectLoginFailed="default.asp" MM_flag="ADODB.Recordset" set MM_rsUser = Server.CreateObject(MM_flag) MM_rsUser.ActiveConnection = MM_connDUpics_STRING MM_rsUser.Source = "SELECT U_ID, U_PASSWORD" If MM_fldUserAuthorization <> "" Then MM_rsUser.Source = MM_rsUser.Source & "," & MM_fldUserAuthorization MM_rsUser.Source = MM_rsUser.Source & " FROM USERS WHERE U_ID='" & Replace(MM_valUsername,"'","''") &"' AND U_PASSWORD='" & Replace(Request.Form("password"),"'","''") & "'" MM_rsUser.CursorType = 0 MM_rsUser.CursorLocation = 2 MM_rsUser.LockType = 3 MM_rsUser.Open If Not MM_rsUser.EOF Or Not MM_rsUser.BOF Then ' username and password match - this is a valid user Session("MM_Username") = MM_valUsername If (MM_fldUserAuthorization <> "") Then Session("MM_UserAuthorization") = CStr(MM_rsUser.Fields.Item(MM_fldUserAuthorization).Value) Else Session("MM_UserAuthorization") = "" End If if CStr(Request.QueryString("accessdenied")) <> "" And true Then MM_redirectLoginSuccess = Request.QueryString("accessdenied") End If MM_rsUser.Close Response.Redirect(MM_redirectLoginSuccess) End If MM_rsUser.Close Response.Redirect(MM_redirectLoginFailed) End If %>
FN
