Chapter 12

budbud · August 1st, 2003, 11:52 AM

I must have confused my self on this matter can some one help,
where do i put the code for error msg, looking at chapter 10 didnt
really help me, could someone explain

Please :D

cheers
Budbud

omermalik · August 2nd, 2003, 09:04 AM

budbud,

I have a Session variable. Following is the code from my login page which shows error message on failed login. I have colored it in red.

MM_rsUser.Open
  If Not MM_rsUser.EOF Or Not MM_rsUser.BOF Then
Session("sErrorMessage") = ""
    ' username and password match - this is a valid user
    Session("MM_Username") = MM_valUsername
    If (MM_fldUserAuthorization <> "") Then
      Session("MM_UserAuthorization") = CStr(MM_rsUser.Fields.Item(MM_fldUserAuthorization ).Value)
    Else
      Session("MM_UserAuthorization") = ""
    End If
    if CStr(Request.QueryString("accessdenied")) <> "" And false Then
      MM_redirectLoginSuccess = Request.QueryString("accessdenied")
    End If
    MM_rsUser.Close
    If (InStr(Session("MM_UserAuthorization"), "Administrators") > 0) Then MM_redirectLoginSuccess = "admin/admin.asp" End If
    Response.Redirect(MM_redirectLoginSuccess)
  End If
  Session("sErrorMessage") ="<br>Login failed. Please type a valid username and password."
  MM_rsUser.Close
  Response.Redirect(MM_redirectLoginFailed)

and then later in page:

<td> <table width="100%" border="0" cellspacing="0" cellpadding="8">
               <tr>

                <td style="background-color : #000000"> <span style="color : #CCCCCC">
                  Please type your Username and Password, then click the
                  Login button:<%= Session("sErrorMessage") %> </span>
                  </td>
                </tr>

Hopt that helps.

Cheers,
Omer

budbud · August 4th, 2003, 03:06 AM

Thank you very much :D

cheers
Budbud

Imar · August 9th, 2003, 03:36 AM

Hi there,

I was on holidays for a while, so I haven't been able to respond earlier.

The Session variable solution that Omer has presented works pretty well, but IMO it has one minor drawback. If you use this mechanism on other pages than the login page, you might end up with an incorrect error message somewhere (suppose the user moves away from login.asp and goes to another page that is also capable of displaying an error message).

I think it's better to use a local variable, instead of a Session variable. The code that Dreamweaver has generated for you redirects the user away from login.asp back to login.asp. So, even if you are still viewing the same page, you lost all local information. This makes it impossible to use the Recordset's EOF property to determine whether logging in failed. Fortunately, a QueryString variable, accessdenied, is passed as well so you can use that one to determine whether you need to display the error message or not:

Code:

Dim sErrorMessage
If Len(Request.QueryString("accessdenied")) > 0 Then
  sErrorMessage = "<br>Login Failed. Please try again"
End If

and then in the page:

Code:

Please type your Username and Password, then click the 
Login button:<%=sErrorMessage%>

This way, the error message is only displayed after the user has been redirected to the login.asp page which you can find out by checking the accessdenied QueryString variable.

HtH,

Imar

---------------------------------------
Imar Spaanjaars
Everyone is unique, except for me.