Re: ASP Login Script not working

Tech Tip: Click here to run a free scan for Windows Errors and optimize PC performance

From: Bullschmidt (paul_at_bullschmidt.com-nospam)
Date: 06/22/04 

Date: Mon, 21 Jun 2004 22:41:39 -0700

Yes there seem to be a lot of problems with that code.

In login.asp since nextpage is never set the URL is something like
register.asp?nextpage=:
<<
<a href="register.asp?nextpage=<%server.urlencode( nextpage )%>">

Click here to register</a>
>>

There is no code in any of the 3 pages that actually writes to the
database.

In checkpassword.asp included file there is not End Function at the end
or the %> end of ASP end tag.

And by the way here is a simple overview of how I deal with the login of
an already registered user.

Perhaps have a login page that asks the user for his username and
password. And whatever page that posts to (which could be the same page
for a self posting form) tests these fields against what is in the
database, sets the username and userlevel session variables accordingly,
and then redirects to the proper page - i.e. back to the login page if
the password is wrong (perhaps with a JavaScript popup saying wrong
username/password combination) or to the main menu page if the password
is correct:

Session("UserName") = objRS("UserName")
Session("UserLevel") = objRS("UserLevel")
Response.Redirect "mainmenu.asp"

Then you can use If Then's or Select Case on each page to control
whether a user is allowed to actually be there and whether particular
links of where a user can go actually show up.

If (Session("UserLevel") <> "Admin") And (Session("UserLevel") <>
"Regular") Then
 Response.Redirect "login.asp"
End If

Best regards,
J. Paul Schmidt, Freelance ASP Web Designer
http://www.Bullschmidt.com
ASP Designer Tips, ASP Web Database Demo, Free ASP Bar Chart Tool...

*** Sent via Devdex http://www.devdex.com ***
Don't just participate in USENET...get rewarded for it!

Relevant Pages

  • Re: Enter user name, enter password, then press enter...
    ... What do you do when the customer asks that the database login in be the same ... username and password to use all of the stuff that she is permitted to use. ... I have implemented this type of security for Access, VB, and Web Based ASP ...
    (microsoft.public.access.forms)
  • RE: Receiving JDBC error when executing program - Login failed for user sa
    ... says we're using 'sa' so I would think that's the username being passed in. ... | I am receiving the following error when attempting to run my database ... I tried to login the 'sa' account ...
    (microsoft.public.sqlserver.jdbcdriver)
  • Re: Dynamic SQL
    ... Don't need to login to the database. ... OF course entering username N00bHax0r') will cause an error. ... // is the Validators good for this ????? ...
    (microsoft.public.dotnet.framework.aspnet)
  • server authentication & ASP authentication
    ... >I am designing quite a big database, about 50 tables, ... and send login and password entered by the user ... either in ASP ... I still need to store passwords ...
    (microsoft.public.sqlserver.security)
  • Re: ASP Login Script not working
    ... Here is a pretty good code solution, however it uses sql server as the backend. ... Don't use a DNS connection...rather use an absolute path to the database. ... I'm sure if I were more knowledgeable with ASP I would do just that, but alas I'm not and your reply helps me little ... created a small Access database called UserDB.mdb, which stores the username ...
    (microsoft.public.inetserver.asp.db)