Remember UserName and Password.

[Kirilla]

Hi.

I'd like to create a "Remember user name and password" function like here on the start page of Tek-Tips. When do the windows's "Remember password" dialog appear?

What is the best way to do it?


regards, Kirilla

 

[sunlxy]

You can use cookie.
When user select "Remember..." and submit to login,put a cookie in it's computer like this:
Response.Cookie("CookieName&quot="CookieValue"
And,you also need to write this in your index.asp:
If Request.Cookie("CookieName&quot = "WhatYourSet" Then
.....
Else
.....
End If
Just like that.
Maybe it's wrong,but I have done my best.

 

[Rydel]

sunlxy, you forgot only one thing - set the expiry of the cookie, otherwise it will be deleted upon browser closing.

Response.Cookie("CookieName").Expiry=Date()+7 ' for one week

I hope this helped.

P.S. I think Kirilla acutally brought up the topic of auto-complete ("When do the windows's "Remember password" dialog appear?&quot Well this is a part of the browser, special autocomplete form application, which we the web developers can not control or access.


---

http://www.geocities.com/rydel23/

---

 

[Kirilla]

Hi.

I've tried this one:

<html>
<head>
<Script Language=&quot;JavaScript&quot; RUNAT=&quot;SERVER&quot;>
Response.Cookies(&quot;OsiamO&quot.Expires=&quot;December 31, 2001&quot;;
Response.Cookies(&quot;OsiamO&quot=&quot;CookieValue&quot;;
</Script>
</head>
</html>

It worked. Thanks. Another question, if I want to store client's password in the cookie, do I need to find out a security code?

Thanks for your help, Kirilla

 

[Rydel]

You can store the password in exactly the same way you stored the username:

Response.Cookies("pass").Expires="December 31, 2001";
Response.Cookies("pass")="some_password";

But there is a problem. It means passwords will be transmitted over the network in unencoded way. anyone listening on port 80 will be able to intercept the password. so the best way for you is to design some encryption/decryption function on the server side and then you will set the cookie like this:

Response.Cookies("pass").Expires="December 31, 2001";
Response.Cookies("pass")=myEncryption("some_password");

and retrieve it like this:

password = myDecryption(Request.Cookies("pass"))

The simplest encryption option would be to have a function which XORs the string with some long word. BTW, then you only need one function because it will perform decryption if you run it on encrypted pass.

I hope this helped.


---

http://www.geocities.com/rydel23/

---

 

[Kirilla]

Thanks Rydel.

What do you mean XORs ? Like this?

var xUser=&quot;anything&quot;^userName;

When I used this way i got back 0.

Could you help?

regards, Kirilla

 

[Rydel]

You have to do character-by-character XOR yourself. I don't have it in VBScript but the idea (in terms of algorithm) is the following:

for i=1 to len(password)
encoded = password xor ord(key[succ(pred(i) mod keylen)]);
'where keylen = Len(key)

I hope you'll be able to implement it from the above algorithm. If not, just tell me, I'll make the sub in VBSCript later when I have more time.

---

http://www.geocities.com/rydel23/

---

 

[Kirilla]

Hi Rydel.

As I tried, the bitwise XOR doesn't work for chars in JavaScript. I always get 0(zero). I think, it is the most simple example to show my code:

...
var myChar=&quot;A&quot;;
myChar^=&quot;B&quot;; //do myChar=&quot;A&quot;(XOR)&quot;B&quot;
alert(myChar); // display the result of XOR
...
The result is 0.( As I see it worked with integers)

regards, Kirilla