Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations gkittelson on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Urgent Please What's the best way to... 2

Status
Not open for further replies.
TonyU

TonyU

Technical User
Feb 14, 2001
1,317
US
I'm trying to find the code for verifying if the correct user has logged in.
Tony
:)
 
Sort by date Sort by votes
hi

you can store all the user name and password in a database and then compare it with the database or..you can create a string in the asp file name username and password and check if it matches...but best way is to make it in a database. But the easiest way is to make it in a asp file.

thanks,
hui
 
Upvote 0 Downvote
you are going to have to give us alot more information than that, if you want us to help you.

because there are so many different ways to handle users, logins, etc.

depending on how YOU have it written determines if the "Correct" user is logged in. Karl Blessing aka kb244{fastHACK}
kblogo.jpg
 
Upvote 0 Downvote
well Sirs, I have very little knowledge in asp but here's my code. I've heard I need to put my login name in a session but I'm not sure.

<%
reqlogin2 = request(&quot;login&quot;)

Dim RSLogin2
Set RSLogin2 = Server.CreateObject(&quot;ADODB.Recordset&quot;)
SQL1 = &quot;Select * from db1 where login = '&quot; & reqlogin2 & &quot;'&quot;
RSLogin2.open SQL2, &quot;DSN=mydata&quot;
RSLogin2.MoveFirst

session(&quot;login&quot;) = RSLogin2(&quot;login&quot;)
session(&quot;name&quot;) = RSLogin2(&quot;name&quot;)
%>

does this make sense, I'm trying to understand it myself.


QUOTE OF THE DAY
Not to know if bad; not to wish to know is worse.
<%
Jr Clown
%>
 
Upvote 0 Downvote
Oops, wrong post QUOTE OF THE DAY
Not to know if bad; not to wish to know is worse.
<%
Jr Clown
%>
 
Upvote 0 Downvote
WTF??

I actually do not the code at all, but if you can point me to where I can get 1, I'd be greatful Tony
:)
 
Upvote 0 Downvote
if you do not code at all, why post here, assuming you are a developer.

Please clarify your post. Karl Blessing aka kb244{fastHACK}
kblogo.jpg
 
Upvote 0 Downvote
Can you give me the link to the Rookie's forum then Sir. thanks.
I meant to type &quot;I do not know the code at all&quot; .
btw, you don't have to help me if you don't want to
Tony
:)
 
Upvote 0 Downvote
I'd be glad to help, as far as the &quot;rookie&quot; forum goes, thats kind of hard, since this is the only forum for ASP (rookie or otherwise) , but perhaps you might be interested in links on learning ASP in general to help get a foothold to what you want to do.

first off need to make sure you at least have what is required.

A Webserver capable of executing ASP
(IIS = Internet Information Server)
-NT 4 with service pack4 running IIS 4
-Windows 2000 running IIS 5
-Apache Webserver with the Chili(cant spell) patch for running ASP (free but not fully supported)
-Win9x with PWS (Personal Web Server) (also free download, but very limited on security and support)

A IDE (an Interface)
- Visual Interdev (my personal choice for writing ASP)
- Borland UltraDev
- Microsoft FrontPage(does not support ASP, but at the same time, doesnt prevent you from typing in ASP without the extra help)

and of course, a webbrowser to check your result.

there is a site, where you can get some webspace, on a webserver that supports, ASP and no need for an IDE (tho IDE is very helpful if you need the syntax reference) , the only problem is, that you have to edit, and work on your pages, on the site, you cant upload via FTP, only through it's web interface.

the site is ...
they do have tutorials, and online references to the language, might be a good place to start, though it is a bit annoying for a common developer like myself, I own , which is provided by hostway.com , it's an NT Account, so I have ASP Support on it.

Let me know if you need any help (also on rare occasions, I do often share my webspace with friends and such, only problem is , I never could find a way to setup multi user capability, so certain friends can update a sub dir themselves, rather than send me update packets.) Karl Blessing aka kb244{fastHACK}
kblogo.jpg
 
Upvote 0 Downvote
Thanks for your response.
Here's what I got

PWS
FrontPage 2000
IE5.5
Access 2000

Let's say we're both in my db, and when you log in I want YOU to be sent to then when I log in I should be sent to Tony
:)
 
Upvote 0 Downvote
ok, looking at it from a database perspective I See.

Lets say for example, we want to reference to the database each time.

lets assume, there is a table in the DB , called Logins

and the fields are something like

UID | Username | Password | DefaultSite

on our login page, lets say we want to have a login , so to say we have a user and a password box.

(going to try a two page method, since single page might boggle you)

login.htm can be a plain htm, just for the purpose of login, we might have something like this

...
<Form action=&quot;verify.asp&quot; method=&quot;post&quot;>
<input type=text name=&quot;userid&quot;>
<input type=password name=&quot;pwd&quot;> (a password type same as text, only it masks the typed letters with *** )
<input type=submit value=&quot;login&quot;>
</form>
....

when you click the login button, it'll call verify.asp
at the top I would throw in a Response.buffer = true, so that no data is sent to the client, so that we can redirect to the default site, or if we need to show an error instead.

in verify we might have something like this

(assuming your database has a DSN[data source name] such as mylogins)

Set Conn = Server.CreateObject(&quot;ADODB.Connection&quot;)
Conn.Open &quot;DSN=mylogins&quot;, &quot;yourusername&quot;, &quot;yourpassword&quot;
on an access database, without permision set, your username/password can typically be blank for the connection.

Set RS = Server.CreateObject(&quot;ADODB.Recordset&quot;)
RS.Open &quot;select * from Logins&quot;
if not RS is nothing then
RS.movefirst()
exitcondition = false
while not RS.eof and not exitcondition
if RS(&quot;UserName&quot;) = Request.Form(&quot;userid&quot;) then
if RS(&quot;Password&quot;) = Request.Form(&quot;pwd&quot;) then
defaultsite = RS(&quot;DefaultSite&quot;)
Session(&quot;userid&quot;) = RS(&quot;userid&quot;) <!-- kept for record -->
exitcondition = true
end if
end if
wend
end if

if Session(&quot;userid&quot;) <> &quot;&quot; and not IsEmpty(Session(&quot;userid&quot;)) then
Response.redirect defaultsite
else
Response.write &quot;<b><font color=&quot;&quot;red&quot;&quot;>Inccorect Login or Login not found</font></b>&quot;
Response.flush
Response.end
end if


This is a very rough, and skimmed way of explaining it, using the userid sessioned off, to keep track of the user until the session times out, usally works best, if you are having the user move around within your site.

I could explain it in more detail later tonight. Karl Blessing aka kb244{fastHACK}
kblogo.jpg
 
Upvote 0 Downvote
I'm confused!!!!!
(-:
X-)
s-)

Here's what I have and help maybe you guys can help me fix it.
***** PAGE1 *****(LOGIN.ASP)
<%
Dim RSlogin
set RSlogin=server.createobject(&quot;adodb.recordset&quot;)
RSlogin.open &quot;login&quot;, &quot;dsn=mydb&quot;
%>
.
.
.
.
.
.
.

Down to the middle of the screen I have this, that selects names from my names DB to populate the drop-down box. I'm sorry, forgot to mention that I don't have a password field I'm simple having them pick their name to carry it over the next 2 pages. (That's the best way I know how)

<Select Name=&quot;login&quot; Size=&quot;1&quot;>
<option selected value=&quot;Click to log in&quot;>Click to log in</option>
<%
Do while NOT RSlogin.eof
Response.write &quot;<Option value='&quot; & RSlogin(&quot;name&quot;) & &quot;'>&quot;
Response.write RSlogin(&quot;name&quot;)
Response.write &quot;</Option>&quot;
RSlogin.Movenext
loop
RSlogin.Close
Set RSlogin=nothing
%>
</select></td>
***** END OF PAGE1 *****(LOGIN.ASP)

***** PAGE2 *****(LOGIN.ASP)
<%
Dim RSlogin2
set RSlogin2=server.createobject(&quot;adodb.recordset&quot;)
RSlogin2.open &quot;login&quot;, &quot;dsn=mydb&quot;
.
.I don't know what would go here to check names on db and
.send them where they belong.
.
%>
***** END OF PAGE2 *****(LOGIN.ASP)


I hope this helps you help me...


Tony
:)
 
Upvote 0 Downvote
WOW. you are the man bro Tony
:)
 
Upvote 0 Downvote
login.htm
---------------------------------------------
Code: 
<HTML>
<HEAD>
<META NAME=&quot;GENERATOR&quot; Content=&quot;Microsoft Visual Studio 6.0&quot;>
</HEAD>
<BODY>
<Table border=1 align=&quot;center&quot;>
	<Form action=&quot;verify.asp&quot; method=&quot;post&quot;>
		<TR>
			<Td><input type=&quot;text&quot; name=&quot;username&quot;></td>
			<td><input type=&quot;password&quot; name=&quot;password&quot;></td>
			<td><input type=&quot;submit&quot; value=&quot;Login&quot;></td>
		</TR>
	</form>
</Table>
</BODY>
</HTML>


verify.asp
---------------------------------------------------
Code: 
<%@ Language=VBScript %>
<% Response.Buffer = true %>
<HTML>
<HEAD>
</HEAD>
<BODY>
<%
Set Conn = Server.CreateObject(&quot;ADODB.Connection&quot;)
Set RS = Server.CreateObject(&quot;ADODB.Recordset&quot;)
' this step we want to get the physical path so we can open the database directly
Path_Translated = Request.ServerVariables(&quot;PATH_TRANSLATED&quot;)
Path_Striped = Left(Path_Translated,InstrRev(Path_Translated, &quot;\&quot;))'strips the asp name off the path
Conn.Open &quot;DRIVER={Microsoft Access Driver (*.mdb)}; DBQ=&quot; & Path_Striped & &quot;logins.mdb;&quot;, &quot;&quot;, &quot;&quot;
RS.Open &quot;select * from Logins&quot;, Conn
if not RS is nothing then
	RS.movefirst()
	exitcondition = false
	while not RS.eof and not exitcondition
		if RS(&quot;UserName&quot;) = Request.Form(&quot;username&quot;) then
			if RS(&quot;PassWord&quot;) = Request.Form(&quot;password&quot;) then
				defaultsite = RS(&quot;DefaultSite&quot;)
				Session(&quot;userid&quot;) = RS(&quot;ID&quot;)
				exitcondition = true
			end if
		end if
		RS.MoveNext
	wend
end if
if Session(&quot;userid&quot;) <> &quot;&quot; and not IsEmpty(Session(&quot;userid&quot;)) then
	Response.redirect defaultsite
else
	Response.write &quot;<b><font color=&quot;&quot;red&quot;&quot;>Inccorect Login or Login not found</font></b>&quot;
	Response.flush
end if
%>
</BODY>
</HTML>
<% Response.End %>

The Database (logins.mdb)
--------------------------------------------------------
in Access create a table called Logins
the four fields to create are

ID
UserName
PassWord
Defaultsite

Karl Blessing aka kb244{fastHACK}
kblogo.jpg
 
Upvote 0 Downvote
keep in mind, even though I have it pointed to the database in the same folder as the ASP, this does not prevent a user from typing in say.

and downloading the access database.

which is why I originally (changed it to current method to make it simpler for you) had the database under my _private folder, which is accesible only to my serverside script, and not to the public. Karl Blessing aka kb244{fastHACK}
kblogo.jpg
 
Upvote 0 Downvote
Thank you very much bro, you are the man. It worked great Tony
:)
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

leifoet
  • Locked
  • Question
First execute an input command and only then proceed with displaying the next record of the table
Replies
0
Views
283
leifoet
leifoet
leifoet
  • Locked
  • Question
How to send HTML emails with ASP classic?
Replies
0
Views
439
leifoet
leifoet
penguinspeaks
  • Locked
  • Question
Parse a database field that is comma delimited and input the results into another table
Replies
0
Views
317
penguinspeaks
penguinspeaks
penguinspeaks
  • Locked
  • Question
Return to current location on page after asp processes.
Replies
2
Views
371
penguinspeaks
penguinspeaks
Swi
  • Locked
  • Question
Best/Quickest Grid to display data
Replies
1
Views
314
Swi
Swi

Part and Inventory Search

Sponsor

Back
Top