ASP logon page

Cinderella · February 11th, 2005, 03:05 PM

Hi guys! I need some help on this logon page I found in Microsoft knowledge base. I need the logon page direct the user to a page called tech.asp resided in the same folder as the logon page. However, the current one just points to page on Microsoft website, and even the user name and password show up in the URL! I know it must have something to do with the <form action> code. Please help!

Cinderella

<html>
<head>
<title>Logon Form</title>
<%
Username="Administrator"
Password="Admin"
Validated = "OK"
if Strcomp(Request.Form("User"),Username,1)=0 AND Request.Form("password") = Password then
'Set the validation cookie and redirect the user to the original page.
    Response.Cookies("ValidUser") = Validated
    'Check where the users are coming from within the application.
    If (Request.QueryString("from")<>"") then
    Response.Redirect Request.QueryString("from")
    else
    'If the first page that the user accessed is the Logon page,
        'direct them to the default page.
          Response.Redirect "MyPage.asp"
    End if
Else
' Only present the failure message if the user typed in something.
    If Request.Form("User") <> "" then
        Response.Write "<h3>Authorization Failed.</h3>" & "<br>" & _
        "Please try again.<br>#xa0;<br>"
    End if
End if
%>
</head>
<body bgcolor="#FFFFFF">
<FORM ACTION=http://support-preview.partners.extranet.microsoft.com "Logon.asp?"&Request.QueryString%><input type="hidden" name="fp" value="2"><input type="hidden" name="scid" value="<%Response.Write"> method="post">
<h3>Logon Page for MyPage.asp</h3>
<p>
Username:
<INPUT TYPE="text" NAME="User" VALUE='' size="20"></INPUT>
Password:
<INPUT TYPE="password" NAME="password" VALUE='' size="20"></INPUT>
<INPUT TYPE="submit" VALUE="Logon"></INPUT>
</FORM>
</body>
</html>

shahchi1 · February 11th, 2005, 04:59 PM

try this

<html>
<head>
<title>Logon Form</title>
<%
IF Request.QueryString("strAction") = "Posted" Then
Username="Administrator"
Password="Admin"
Validated = "OK"
if Strcomp(Request.Form("User"),Username,1)=0 AND Request.Form("password") = Password then

'Set the validation cookie and redirect the user to the original page.
    Response.Cookies("ValidUser") = Validated
    Response.Redirect "tech.asp"

Else
' Only present the failure message if the user typed in something.
    If Request.Form("User") <> "" then
        Response.Write "<h3>Authorization Failed.</h3>" & "<br>" & _
        "Please try again.<br><br>"
    End if
End if
End IF
%>
</head>
<body bgcolor="#FFFFFF">
<FORM ACTION="Logon.asp?strAction=Posted" method="post">
<h3>Logon Page for MyPage.asp</h3>
<p>
Username:
<INPUT TYPE="text" NAME="User" VALUE='' size="20"></INPUT>
Password:
<INPUT TYPE="password" NAME="password" VALUE='' size="20"></INPUT>
<INPUT TYPE="submit" VALUE="Logon"></INPUT>
</FORM>
</body>
</html>

mat41 · February 12th, 2005, 08:44 PM

<form method="get"> = Values are sent as QueryStrings
<form method="post"> = Values are sent as request.form("elementName")

Wind is your friend
Matt

Cinderella · February 14th, 2005, 12:19 PM

Hi guys,

I really appreciate all your replies. I modified my script as shahchi1 suggested. However, I got the following error:
Response object error 'ASP 0156 : 80004005'

Header Error

/technology/tech_only/Logon.asp, line 9

The HTTP headers are already written to the client browser. Any HTTP header modifications must be made before writing page content.

It seems that this is the line causing the problem:
the Response.Cookies("ValidUser") = Validated

However, it is written within <head> part before page content starts. Any suggestions?

Thanks!

Cinderella

shahchi1 · February 14th, 2005, 01:50 PM

Try this code not the one I have posted earlier

<%
IF Request.QueryString("strAction") = "Posted" Then
Username="Administrator"
Password="Admin"
Validated = "OK"
if Strcomp(Request.Form("User"),Username,1)=0 AND Request.Form("password") = Password then

'Set the validation cookie and redirect the user to the original page.
    Response.Cookies("ValidUser") = Validated
    Response.Redirect "tech.asp"

Else
' Only present the failure message if the user typed in something.
    If Request.Form("User") <> "" then
        Response.Write "<h3>Authorization Failed.</h3>" & "<br>" & _
        "Please try again.<br><br>"
    End if
End if
End IF
%>

<html>
<head>
<title>Logon Form</title>
</head>
<body bgcolor="#FFFFFF">
<FORM ACTION="Logon.asp?strAction=Posted" method="post">
<h3>Logon Page for MyPage.asp</h3>
<p>
Username:
<INPUT TYPE="text" NAME="User" VALUE='' size="20"></INPUT>
Password:
<INPUT TYPE="password" NAME="password" VALUE='' size="20"></INPUT>
<INPUT TYPE="submit" VALUE="Logon"></INPUT>
</FORM>
</body>
</html>

Cinderella · February 14th, 2005, 02:37 PM

Hi Shahchi1,

It worked! Many Thanks! You were a big help!

Cinderella