|
 |
access_asp thread: Re: problem with session and login form
Message #1 by "Zee Computer Consulting" <zee@t...> on Fri, 31 Aug 2001 19:29:23 -0700
|
|
This might help, although they may be other factors in your situation -- (1)
use Session.Contents instead of just Session and Request.Form instead of
just Request -- and (2) check for the empty string indirectly by using the
len() and trim() functions:
Session.Contents("user") = Request.Form("AdminName")
IF len(trim( Session.Contents("user") )) = 0 THEN
Response.Redirect "login.asp"
END IF
and in global.asa:
Session.Contents("user")=""
Session.Contents("Start") = Now
-- Zee
----- Original Message -----
From: Jim Losi <jlosi1@t...>
To: Access ASP <access_asp@p...>
Sent: Friday, August 31, 2001 11:32 PM
Subject: [access_asp] problem with session and login form
> ok, this is boggling my mind. Sessions are very new to me. I have the age
> old question about how to creat a login and maintain that a page cannot be
> shown if the session is empty
>
> think I'm getting closer to what I'm looking for. But it's still not
> setting the session properly. less files in this one.
>
>
> LOGIN.ASP
>
> <html>
> <head></head>
> <body>
> <table bgcolor="#000000" width="100%" height="400" cellspacing="0"
> cellpadding="0" border="1">
> <tr>
> <td align="center">
> <form name="login" method="post" action="verify.asp ">
>
> <input type="text" name="AdminName">
> <br>
> <input type="password" name ="AdminPass">
> <br>
> <input type="submit" value="Login">
> </form>
> </td>
> </tr>
> </table>
> </body>
> </html>
>
> ***verify.asp***
> <!--#include file="../Dim_Page.asp"-->
> <!--#include file="../Connection.asp"-->
> <%
>
> session("user")=request("AdminName")
> if session("user")="" then
> response.redirect "login.asp"
> end if
>
> RS.Open "SELECT AdminName, AdminPass FROM tblAdmin " & _
> "WHERE AdminName = '" & Request("AdminName") & "' AND " & _
> "AdminPass='" & Request("AdminPass") & "'", MyConn
>
> if RS.EOF then
> response.redirect "login.asp"
> else
> response.redirect "admincontrol.asp"
> end if
>
> RS.close
>
>
> %>
>
>
> ***admincontrol.asp***
> <!--#include file="verify.asp"-->
> <%
>
> response.write "you made it"
> %>
>
> ***global.asa***
>
> <SCRIPT LANGUAGE=VBScript RUNAT=Server>
>
> Sub Session_OnStart
>
> session("user")=""
> Session("Start") = Now
> ' Change Session Timeout to 20 minutes (if you need to)
> Session.Timeout = 5
> ' Set a Session Start Time
> ' This is only important to assure we start a session
>
>
> End Sub
>
> </SCRIPT>
>
>
> Ok.. i can feel that I'm really close to solving this.. but if any one can
> help, I would greatly appreciate it!
> -Jim
Message #2 by "Jim Losi" <jlosi1@t...> on Sun, 2 Sep 2001 00:26:58
|
|
Ok.. I figured it out.. here's what WE did.. had a little help from a
friend of mine.
***Global.asa***
<SCRIPT LANGUAGE=VBScript RUNAT=Server>
Sub Session_OnStart
Session("user")=""
session("entry")=""
Session("Start") = Now
End Sub
</SCRIPT>
***subadmin***
<%
if session ("user")="" then
session ("entry")=Request.servervariables("SCRIPT_NAME")
response.redirect ("login.asp")
end if
%>
***verify***
<!--#Include file="../connection.asp"-->
<%
session("user")=request("AdminName")
RS.Open "SELECT AdminName, AdminPass FROM tblAdmin " & _
"WHERE AdminName = '" & Request("AdminName") & "' AND " & _
"AdminPass='" & Request("AdminPass") & "'", MyConn
if RS.EOF then
PrintLoginError
else response.redirect (session("entry"))
end if
RS.close
%>
***admincontrol.asp***
<!--#include file="subadmin.asp"-->
<%
response.write "you made it"
%>
and the login form used in the first post. This will bounce a person to
the login page if they attemp to access the admincontrol page directly
with out logging in.
|
|
|
View Cart
