|
-
Dec 10th, 2000, 09:07 PM
#1
Thread Starter
Lively Member
Hi im new to asp
i can build insert,delete,update forms for my SQL7
database but need to build a members password vaidation
asp form that searches my database for the correct password and username and if not correct then display an
password error form how would i do this.!!
thanks
ps and do you know of any good asp help sites
-
Dec 11th, 2000, 02:07 AM
#2
Conquistador
put this in login.asp
Code:
<%
Response.Expires = -1000 'Makes the browser not cache this page
Response.Buffer = True 'Buffers the content so our Response.Redirect will work
Dim Error_Msg
login = Request.Form("login")
If login = "login_again" Then
Session("UserLoggedIn") = ""
ShowLogin
Else
If Session("UserLoggedIn") = "true" Then
AlreadyLoggedIn
Else
If login = "true" Then
CheckLogin
Else
ShowLogin
End If
End If
End If
Sub ShowLogin
Response.Write(Error_Msg & "<br>")
%>
<form name=form1 action=login.asp method=post>
User Name : <input type=text name=username><br>
Password : <input type=password name=userpwd><br>
<input type=hidden name=login value=true>
<input type=submit value="Login">
</form>
<%
End Sub
Sub AlreadyLoggedIn
%>
You are already logged in.
Do you want to logout or login as a different user?
<form name=form2 action=login.asp method=post>
<input type=submit name=button1 value='Yes'>
<input type=hidden name=login value='login_again'>
</form>
<%
End Sub
Sub CheckLogin
Dim Conn, cStr, sql, RS, username, userpwd
username = Request.Form("username")
userpwd = Request.Form("userpwd")
Set Conn = Server.CreateObject("ADODB.Connection")
cStr = "DRIVER={Microsoft Access Driver (*.mdb)};"
cStr = cStr & "DBQ=" & Server.MapPath("password.mdb") & ";"
Conn.Open(cStr)
sql = "select username from UserTable where username = '" & LCase(username) & "'"
sql = sql & " and userpwd = '" & LCase(userpwd) & "'"
Set RS = Conn.Execute(sql)
If RS.BOF And RS.EOF Then
Error_Msg = "Login Failed. Try Again."
ShowLogin
Else
Session("UserLoggedIn") = "true"
Response.Redirect "otherpage.asp"
End If
End Sub
%>
put this in the other pages
Code:
<%
Response.Expires = -1000 'Makes the browser not cache this page
Response.Buffer = True 'Buffers the content so your Response.Redirect will work
If Session("UserLoggedIn") <> "true" Then
Response.Redirect("login.asp")
End If
%>
Whatever you want on the form here...
there you go
-
Dec 11th, 2000, 08:07 AM
#3
Member
I've done something very similar to this myself, something I've been wondering though is what would happen to someone using a version 3 browser when looking at these pages as I beleive version 3 browsers don't support the http response message that is returned by response.redirect ??
Regards
Ian.
-
Dec 11th, 2000, 05:53 PM
#4
Lively Member
SQL server
thanky for posting that code bcut my server is an SQL
server not an access database
please help me!!
-
Dec 12th, 2000, 02:29 AM
#5
Conquistador
so it can't run that code?
if answer = no
sorry i can't help u then...
else
what's the matter then?
end if
-
Dec 12th, 2000, 10:07 AM
#6
Frenzied Member
I'm just curious..
Why does anyone care about v3 browsers?
That is like trying to make sure that your code will work with Windows 3.1.
Why would anyone have not upgraded their browser since the v3 generation of browsers? That's two (nearly 3) generations of software ago.
oOOo--oOOo
__ /\/\onte96
oOOo--oOOo
Senior Programmer/Analyst
MCP
[email protected]
[email protected]
Your results may vary.. some restrictions may apply.. pricing and participation may vary.. not available in all states.. professional driver closed course..quantities limited..
-
Dec 12th, 2000, 10:14 AM
#7
Member
Well the site HAS been designed for only version 4 browsers and above so i guess i'm not really worried about version 3 browsers ... not that i think we can just ignore then.
My main concern was given that version 3 browsers don't support response.redirct could this allow someone with an old browser to bypass the security model i'm using (check session variable at start of each page, if not correct value redirect).
Ian.
-
Dec 12th, 2000, 10:31 AM
#8
Frenzied Member
Instead of using Response.Redirect, you could use Response.Write to create a jscript redirect like:
Code:
If Len(Session("UserId"))=0 Then
Response.Write "<SCRIPT language='JavaScript'>"
Response.Write "window.parent.parent.location.href='default.asp';"
Response.Write "</SCRIPT>"
Response.End
End if
Which should work with any javascript-enabled browser and break out of frames to display the login page.
oOOo--oOOo
__ /\/\onte96
oOOo--oOOo
Senior Programmer/Analyst
MCP
[email protected]
[email protected]
Your results may vary.. some restrictions may apply.. pricing and participation may vary.. not available in all states.. professional driver closed course..quantities limited..
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
Click Here to Expand Forum to Full Width
|
Reply With Quote