secondreckoned
Technical User
Hi,
I am writing a login script with a permission level authenication for a web page, there are 5 sections that require logins on the page. I am trying assign a letter to each section ie,
A - Admin
B - Process
C - HR
D - Management
E - Escalation
Depending on the type user ID users can have access to one or many of the sections, so an admin level with access to Process and Escalation would look like "BE" or admin HR would look like "AC". I am trying to use an INSTR function to facilitate this. Here is the code I am using.
<%
If request.form.count => 1 Then
ManagerID = request.Form(ucase("ManagerID"))
ManagerPassword = request.Form(ucase("ManagerPassword"))
If ManagerPein = "" Or ManagerPassword = "" Then
error = "*You Did Not Enter Either A Pein Or Password.<br>"
End If
Set verifyRS = objADOConn.execute("Select Top 1 * From tb_Docs Where ManagerID = '"&ManagerID&"' And ManagerPassword = '"&ManagerPassword&"'")
if verifyRS.BOF or VerifyRS.EOF Then
verify = "*ID Or Password Entered Does Not Match DataBase.<br>"
end if
'this is where the INSTR function comes in, trying to access escalation section.
'compare adminlevel from recordset to required level to access section - "E"
if INSTR(1,cstr(verifyRS("AdminLevel")),"E",0) = 0 Then
verify = verify & "*You Do Not Have Permission To Enter This Section.<br>" end if
if error = "" and verify = "" Then
'if id and password entered are correct and admin level is correct go to escalation section
response.Redirect(" End If
End If
%>
The problem I am having is that if the user enters the correct ID and password the script will take them to the correct section; however, if they don't they get an error stating:
error '80020009'
Exception occurred.
line 30 'this is the line with the INSTR function.
Also if I take out the part where I use the INSTR function the script works fine. I have varified using vartype that the datatype reading from the db is a string, so I can't figure out why I am getting this error, can anyone spot a flaw in my syntax or logic? Thanks in advance for any help...
I am writing a login script with a permission level authenication for a web page, there are 5 sections that require logins on the page. I am trying assign a letter to each section ie,
A - Admin
B - Process
C - HR
D - Management
E - Escalation
Depending on the type user ID users can have access to one or many of the sections, so an admin level with access to Process and Escalation would look like "BE" or admin HR would look like "AC". I am trying to use an INSTR function to facilitate this. Here is the code I am using.
<%
If request.form.count => 1 Then
ManagerID = request.Form(ucase("ManagerID"))
ManagerPassword = request.Form(ucase("ManagerPassword"))
If ManagerPein = "" Or ManagerPassword = "" Then
error = "*You Did Not Enter Either A Pein Or Password.<br>"
End If
Set verifyRS = objADOConn.execute("Select Top 1 * From tb_Docs Where ManagerID = '"&ManagerID&"' And ManagerPassword = '"&ManagerPassword&"'")
if verifyRS.BOF or VerifyRS.EOF Then
verify = "*ID Or Password Entered Does Not Match DataBase.<br>"
end if
'this is where the INSTR function comes in, trying to access escalation section.
'compare adminlevel from recordset to required level to access section - "E"
if INSTR(1,cstr(verifyRS("AdminLevel")),"E",0) = 0 Then
verify = verify & "*You Do Not Have Permission To Enter This Section.<br>" end if
if error = "" and verify = "" Then
'if id and password entered are correct and admin level is correct go to escalation section
response.Redirect(" End If
End If
%>
The problem I am having is that if the user enters the correct ID and password the script will take them to the correct section; however, if they don't they get an error stating:
error '80020009'
Exception occurred.
line 30 'this is the line with the INSTR function.
Also if I take out the part where I use the INSTR function the script works fine. I have varified using vartype that the datatype reading from the db is a string, so I can't figure out why I am getting this error, can anyone spot a flaw in my syntax or logic? Thanks in advance for any help...