Good Morning, I am wondering if anyone knew of a good login script, to look up from an Access DB,
Any assistance would be cracking!
Cheers
Richard
Richard Noon
Any assistance would be cracking!
Cheers
Richard
Richard Noon
Follow along with the video below to see how to install our site as a web app on your home screen.
Note: This feature may not be available in some browsers.
Dim strSQL 'Database query sring
Dim strUserName 'Holds the user name
Dim objMD5 'Hold MD5 Obj
Dim strTotalTries 'Holds No of Tries
Dim blnAuto 'Holds Auto Login
Dim redir 'Holds Redirection Page
Dim blnCookies 'Holds Cookies Navigation
Dim tm2
blnCookies = Cbool(Request.form("blnCookies"))
' are actually working.
if NOT Request.Cookies("Zone")("test") = "OK" then blnCookies = True
strUserName = formatSQLInput(Request.Form("txtUserName"))
if NOT Request.form(".tries") <> "" then
Response.Redirect("default.asp?encrypt=MD5&.tries=0" & strTotalTries & "&au=FORM&SN=" & strUserName & "")
end if
if Session("BruteForce")=True then
if NOT Lcase(Decrypt(Request.Form("token"),Request.Form("cryptKey"))) = Lcase(Trim(Mid(Request.Form("key_ent"), 1, 6))) then response.redirect("default.asp?encrypt=MD5&.tries=0" & strTotalTries & "&au=Security&SN=" & strUserName & "")
end if
redir = request.form("rd")
Set objMD5 = New MD5 'Intializating MD5 Object
'Initalise the MD5 as Password variable
objMD5.Text = Request.Form("txtUserPass")
'Initalise the strUserName variable
blnAuto = Request.Form("aulogin")
response.write strUserName
response.write objMD5.HEXMD5
'Create a recordset object
Set rsCheckUser = Server.CreateObject("ADODB.Recordset")
'Initalise the strSQL variable with an SQL statement to query the database
strSQL = "SELECT tblUsers.Password, tblUsers.date_join, tblUsers.blocked FROM tblUsers WHERE tblUsers.UserID ='" & strUserName & "'"
'Query the database
rsCheckUser.Open strSQL, strCon
Dim rand 'Holds session random Key
Dim guid 'Genrate 64-Bit Guid
'GUID is Very much effective in MailBox Security
guid = CreateWindowsGUID()
rand = RandomPW(10)+RandomPW(5) ' Genrates Random Session Key of Length 10+5 More Secure than 15
strTotalTries = CInt(Request.Form(".tries"))+1
'If the recordset finds a record for the username entered then read in the password for the user
If NOT rsCheckUser.EOF Then
'Read in the password for the user from the database in MD5 RSA Hash
If lcase(objMD5.HEXMD5) = rsCheckUser("Password") Then
'If the password is correct then set the session variable to True
Session("" & Rand & "") = True
'UPDATED TEXT: use for checking account duration
if blnTrial = True then
if year(now()) - year(rsCheckUser("date_join")) >= Cdbl(intTrialPeriod/365) then response.redirect("default.asp?au=expire")
if month(now()) - month(rsCheckUser("date_join")) >= Cdbl(intTrialPeriod/30) then response.redirect("default.asp?au=expire")
if Day(now()) - Day(rsCheckUser("date_join")) >= intTrialPeriod then response.redirect("default.asp?au=expire")
End if
'End of UPDATE EE 2.25
if rsCheckUser("Blocked") = True then Response.redirect("default.asp?au=blocked")
'FOr Online Status
'Create a recordset object
Set rsCheckUser = Server.CreateObject("ADODB.Recordset")
'Initalise the strSQL variable with an SQL statement to query the database
strSQL = "Update tblUsers SET Activity = Yes , rand_key = '" & Rand & "' , sid = '" & guid & "' WHERE tblUsers.UserID ='" & strUserName & "'"
'Query the database
rsCheckUser.Open strsql, strCon
'Close Objects before redirecting
Set adoCon = Nothing
Set strCon = Nothing
Set rsCheckUser = Nothing
if NOT blnCookies = True then
'Writes the cookie
Response.Cookies("Zone").Expires = Now()
Response.Cookies("Zone")("UserID") = strUserName
Response.Cookies("Zone")("Key") = rand
Response.Cookies("Zone")("Auto") = blnAuto
Response.Cookies("Zone")("GUID")= guid
Response.Cookies("Zone").Expires = DateAdd("yyyy", 1, Now())
'Redirect to the authorised user page and send the users name
if redir <> "" then
Response.Redirect"" & redir & "?.rand=" & rand
End if
Response.Redirect"Menu.asp?.rand=" & rand
else
if redir <> "" then
Response.Redirect"" & redir & "?__sid=" & guid
End if
Response.Redirect"Menu.asp?__sid="& guid
End if
End If
End If
'Close Objects
Set adoCon = Nothing
Set strCon = Nothing
Set rsCheckUser = Nothing
Session("try") = strTotalTries
'If the script is still running then the user must not be authorised
Session("" & Rand & "") = False
'Redirect to the unautorised user page
Response.Redirect("default.asp?encrypt=MD5&.tries=" & strTotalTries & "&au=WRONG&SN=" & strUserName & "")