Well, i get the default.aspx.cs from install directory, and make some changes in the following part of code:
Code: case 0:
if ( TextBox1.Text == string.Empty )
{
AddLoadMessage( "Missing configuration password." );
return;
}
else if ( TextBox2.Text != TextBox1.Text )
{
AddLoadMessage( "Password not verified." );
return;
}
try
{
Configuration config = WebConfigurationManager.OpenWebConfiguration( "~/" );
AppSettingsSection appSettings = config.GetSection( "appSettings" ) as AppSettingsSection;
if ( appSettings.Settings ["configPassword"] == null )
{
appSettings.Settings.Remove( "configPassword" );
}
//appSettings.Settings.Add( "configPassword", TextBox1.Text );
//appSettings.Settings.Add( "configPassword", System.Web.Security.FormsAuthentication.HashPasswordForStoringInConfigFile( TextBox1.Text, "md5" ) );
//config.Save( ConfigurationSaveMode.Modified );
e.Cancel = false;
}
catch
{
// just a warning now...
//throw new Exception( "Cannot save the configPassword to the app.config file. Please verify that the ASPNET user has write access permissions to the app.config file. Or modify the app.config \"configPassword\" key with a plaintext password and try again." );
throw;
}
break;
Note that I put comments on all the lines that try to save information back in the app.config file.
But, this will remove the security of the forum, so, I need to remove the page from install directory after instaling the forum.
But, I make it on test server with a nre installation of the forum, and it like to be running now. After testings, I will try to make an upgrade, because is that I need really to do.
I'm using the GoDaddy hosting, and it have a different setting in the trust level. I forgot to put the error message here, but it say something about violation of security, when trying to save the app.config file, and this message is different from the message that appear when you don't have rights to write to the file.