Wrox Programmer Forums

Need to download code?

View our list of code downloads.

| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read
Classic ASP XML Using ASP 3 and XML. See also the XML category for more XML discussions not relating to ASP. NOT for ASP.NET 1.0, 1.1, or 2.0
Welcome to the p2p.wrox.com Forums.

You are currently viewing the Classic ASP XML section of the Wrox Programmer to Programmer discussions. This is a community of tens of thousands of software programmers and website developers including Wrox book authors and readers. As a guest, you can read any forum posting. By joining today you can post your own programming questions, respond to other developers’ questions, and eliminate the ads that are displayed to guests. Registration is fast, simple and absolutely free .
DRM-free e-books 300x50
Reply
 
Thread Tools Search this Thread Display Modes
  #21 (permalink)  
Old November 19th, 2003, 08:03 AM
planoie's Avatar
Friend of Wrox
Points: 16,481, Level: 55
Points: 16,481, Level: 55 Points: 16,481, Level: 55 Points: 16,481, Level: 55
Activity: 0%
Activity: 0% Activity: 0% Activity: 0%
 
Join Date: Aug 2003
Location: Clifton Park, New York, USA.
Posts: 5,407
Thanks: 0
Thanked 16 Times in 16 Posts
Default

I don't mean this to sound harsh, but it sounds like you need to do a bit of reading on the basics of ASP before you continue with this. For example:

- What Option Explicit means
- How include files are used
- How to use the ASP Session object
- How to use cookies

This is a course you are taking? Don't they provide some kind of reading material (or links to some)? I'm frankly worried that you are asking questions about somewhat more complex tasks (remembering logins in cookies, using XML) when you don't seem to understand a few basics of ASP.

Peter
------------------------------------------------------
Work smarter, not harder.
Reply With Quote
  #22 (permalink)  
Old December 2nd, 2003, 08:19 AM
Authorized User
 
Join Date: Nov 2003
Location: , , .
Posts: 20
Thanks: 0
Thanked 0 Times in 0 Posts
Default

took ure info into account and noow have the cookies wrkin perfectly, but i am unsure of ure comment

""

How are you maintaining the user login status? Do you have (or will you have) code on all the pages that checks to make sure a user is logged in? Because you are going to use a cookie to remember their login between sessions, you could use that as the "in-session" check as well. Every page that you need to protect should call this check. Your logout page would expire the cookies so the next page fails the login check and kicks you back to login.asp.


""

would i use the same code that i used within the login page, for example i dont want people 2 hack into the site, that would defeat the purpose of loggin in, thanks

Reply With Quote
  #23 (permalink)  
Old December 2nd, 2003, 12:38 PM
planoie's Avatar
Friend of Wrox
Points: 16,481, Level: 55
Points: 16,481, Level: 55 Points: 16,481, Level: 55 Points: 16,481, Level: 55
Activity: 0%
Activity: 0% Activity: 0% Activity: 0%
 
Join Date: Aug 2003
Location: Clifton Park, New York, USA.
Posts: 5,407
Thanks: 0
Thanked 16 Times in 16 Posts
Default

You would not use the same code from the login page, cause that just does the login, doesn't it?

Once you have the user logged in you need to secure your other pages. There's no point in having a login if the other pages aren't secured. So you need to check to see that a user is logged in. If this status is being stored in a cookie, then you will need to have every single page that you need secured to check that cookie to see if there is a user currently logged in. If they aren't, then you redirect them back to the login page.

Generally this is easiest done be creating another function/sub that does the checking. Put this function on an include file that all the secure pages include, and have the page call the function. Or you could just put the code right into the include file without it being in a function and simply include that file in the secure pages. This way, the code will automatically run when the page runs.

Peter
------------------------------------------------------
Work smarter, not harder.
Reply With Quote
  #24 (permalink)  
Old December 3rd, 2003, 09:13 PM
Authorized User
 
Join Date: Nov 2003
Location: , , .
Posts: 20
Thanks: 0
Thanked 0 Times in 0 Posts
Default

i know u said it ws this
checkLogin()
- Checks Session("username") for a value.
if there's a value, assume that we've completed a login process (by cookie or login form) and can access the page.
if there's NO value, we need to log in.
- Redirect to the login page

but how do i check for a value

sorry

Reply With Quote
  #25 (permalink)  
Old December 3rd, 2003, 09:18 PM
Authorized User
 
Join Date: Nov 2003
Location: , , .
Posts: 20
Thanks: 0
Thanked 0 Times in 0 Posts
Default

If Session("username") <> "true" Then
-stay on same page
else

    Response.Redirect("login.asp")
End If

i ahve that , but what is the asp code for stayin on the same page

Reply With Quote
  #26 (permalink)  
Old December 3rd, 2003, 09:43 PM
Authorized User
 
Join Date: Nov 2003
Location: , , .
Posts: 20
Thanks: 0
Thanked 0 Times in 0 Posts
Default

i know it is sumat like this
<%
If Session("BlnLoggedIn") <> True Then
Response.Redirect("login.asp")
End If
%>

to password pages

so i added this line to my login.inc

    If nodes.length > 0 Then
        'User found!
        Session("BlnLoggedIn") = True
        Response.Cookies("username") = sUsername


but if i am either logged in or out it always redirects me, i cant see anything wrong with the code

Reply With Quote
  #27 (permalink)  
Old December 4th, 2003, 10:45 AM
planoie's Avatar
Friend of Wrox
Points: 16,481, Level: 55
Points: 16,481, Level: 55 Points: 16,481, Level: 55 Points: 16,481, Level: 55
Activity: 0%
Activity: 0% Activity: 0% Activity: 0%
 
Join Date: Aug 2003
Location: Clifton Park, New York, USA.
Posts: 5,407
Thanks: 0
Thanked 16 Times in 16 Posts
Default

If you don't redirect then you stay on the page.

I think your test is failing because the session object returns strings:
Session("BlnLoggedIn") returns "True"
"True" (string) does NOT equal True (boolean).

You either need to test for "True" (instead of True)
    or
convert the value from session to a boolean:
    If CBool(Session("BlnLoggedIn")) <> True Then
    ...

I'd recommend the boolean conversion.

And a cleaner way to do that test would be this:

    If Not CBool(Session("BlnLoggedIn")) Then
    ...

A little less code, and it even reads easier: "If Not LoggedIn Then..."


Peter
------------------------------------------------------
Work smarter, not harder.
Reply With Quote
Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Session/Cookie Expires, Login page appears rajn ASP.NET 1.0 and 1.1 Professional 3 June 27th, 2007 06:19 AM
login page. cookie handling. richie86 ASP.NET 1.0 and 1.1 Basics 1 November 27th, 2005 05:13 AM
How to write a cookie during a login session taoree ASP.NET 1.0 and 1.1 Basics 3 April 18th, 2004 02:40 PM
login cookie help daddycool2k ASP.NET 1.0 and 1.1 Basics 0 November 16th, 2003 03:17 PM



All times are GMT -4. The time now is 11:47 AM.


Powered by vBulletin®
Copyright ©2000 - 2019, Jelsoft Enterprises Ltd.
© 2013 John Wiley & Sons, Inc.