Session variables in global.asa??

[Frank123]

Here's my problem. I'm trying to add different security levels to my website by using session variables. I've got an updatable grid on my pages that I want only read only for some users and full access for others. The only way I could think of to make this possible is to make 2 data source names. I put the following if statement into global.asa:

Sub Application_OnStart

dim DSNname
if (session("Usr&quot = "administrator&quotthen DSNname = "DSN=Access2ASP;"
else
DSNname = "DSN=ReadonlyDB;"
end if

Application("Connection2_ConnectionString&quot = DSNname
Application("Connection2_ConnectionTimeout&quot = 15
Application("Connection2_CommandTimeout&quot = 30
Application("Connection2_CursorLocation&quot = 3
Application("Connection2_RuntimeUserName&quot = ""
Application("Connection2_RuntimePassword&quot = ""


Problem is it always reads in the session variable as "". I believe this is because my session variable gets created on my 2nd page of my website. Is there a way to call the Application_onstart from my login page???

Thanks for any help.

 

[MerlinB]

No.

These events are called by IIS/ASP only. There really is no reason to have different DSN's. The web user cannot see or directly affect the DSN or the database - but your code can. You should provide the features that are available within the code of each page.

Also, Application values are created JUST ONCE. ALL users get these values - so changing them will not be very useful.

Perhaps putting the DSN in a session variable would be better.

But just putting the correct logic in your page code to display/hide the edit features is the best (or at least the most usual) way.

http://www.websitedesign.co.uk

http://www.zentext.com

(Content Management)