Wrox Programmer Forums
|
Classic ASP XML Using ASP 3 and XML. See also the XML category for more XML discussions not relating to ASP. NOT for ASP.NET 1.0, 1.1, or 2.0
Welcome to the p2p.wrox.com Forums.

You are currently viewing the Classic ASP XML section of the Wrox Programmer to Programmer discussions. This is a community of software programmers and website developers including Wrox book authors and readers. New member registration was closed in 2019. New posts were shut off and the site was archived into this static format as of October 1, 2020. If you require technical support for a Wrox book please contact http://hub.wiley.com
 
Old November 19th, 2003, 08:03 AM
planoie's Avatar
Friend of Wrox
 
Join Date: Aug 2003
Posts: 5,407
Thanks: 0
Thanked 16 Times in 16 Posts
Default

I don't mean this to sound harsh, but it sounds like you need to do a bit of reading on the basics of ASP before you continue with this. For example:

- What Option Explicit means
- How include files are used
- How to use the ASP Session object
- How to use cookies

This is a course you are taking? Don't they provide some kind of reading material (or links to some)? I'm frankly worried that you are asking questions about somewhat more complex tasks (remembering logins in cookies, using XML) when you don't seem to understand a few basics of ASP.

Peter
------------------------------------------------------
Work smarter, not harder.
 
Old December 2nd, 2003, 08:19 AM
Authorized User
 
Join Date: Nov 2003
Posts: 20
Thanks: 0
Thanked 0 Times in 0 Posts
Default

took ure info into account and noow have the cookies wrkin perfectly, but i am unsure of ure comment

""

How are you maintaining the user login status? Do you have (or will you have) code on all the pages that checks to make sure a user is logged in? Because you are going to use a cookie to remember their login between sessions, you could use that as the "in-session" check as well. Every page that you need to protect should call this check. Your logout page would expire the cookies so the next page fails the login check and kicks you back to login.asp.


""

would i use the same code that i used within the login page, for example i dont want people 2 hack into the site, that would defeat the purpose of loggin in, thanks

 
Old December 2nd, 2003, 12:38 PM
planoie's Avatar
Friend of Wrox
 
Join Date: Aug 2003
Posts: 5,407
Thanks: 0
Thanked 16 Times in 16 Posts
Default

You would not use the same code from the login page, cause that just does the login, doesn't it?

Once you have the user logged in you need to secure your other pages. There's no point in having a login if the other pages aren't secured. So you need to check to see that a user is logged in. If this status is being stored in a cookie, then you will need to have every single page that you need secured to check that cookie to see if there is a user currently logged in. If they aren't, then you redirect them back to the login page.

Generally this is easiest done be creating another function/sub that does the checking. Put this function on an include file that all the secure pages include, and have the page call the function. Or you could just put the code right into the include file without it being in a function and simply include that file in the secure pages. This way, the code will automatically run when the page runs.

Peter
------------------------------------------------------
Work smarter, not harder.
 
Old December 3rd, 2003, 09:13 PM
Authorized User
 
Join Date: Nov 2003
Posts: 20
Thanks: 0
Thanked 0 Times in 0 Posts
Default

i know u said it ws this
checkLogin()
- Checks Session("username") for a value.
if there's a value, assume that we've completed a login process (by cookie or login form) and can access the page.
if there's NO value, we need to log in.
- Redirect to the login page

but how do i check for a value

sorry

 
Old December 3rd, 2003, 09:18 PM
Authorized User
 
Join Date: Nov 2003
Posts: 20
Thanks: 0
Thanked 0 Times in 0 Posts
Default

If Session("username") <> "true" Then
-stay on same page
else

    Response.Redirect("login.asp")
End If

i ahve that , but what is the asp code for stayin on the same page

 
Old December 3rd, 2003, 09:43 PM
Authorized User
 
Join Date: Nov 2003
Posts: 20
Thanks: 0
Thanked 0 Times in 0 Posts
Default

i know it is sumat like this
<%
If Session("BlnLoggedIn") <> True Then
Response.Redirect("login.asp")
End If
%>

to password pages

so i added this line to my login.inc

    If nodes.length > 0 Then
        'User found!
        Session("BlnLoggedIn") = True
        Response.Cookies("username") = sUsername


but if i am either logged in or out it always redirects me, i cant see anything wrong with the code

 
Old December 4th, 2003, 10:45 AM
planoie's Avatar
Friend of Wrox
 
Join Date: Aug 2003
Posts: 5,407
Thanks: 0
Thanked 16 Times in 16 Posts
Default

If you don't redirect then you stay on the page.

I think your test is failing because the session object returns strings:
Session("BlnLoggedIn") returns "True"
"True" (string) does NOT equal True (boolean).

You either need to test for "True" (instead of True)
    or
convert the value from session to a boolean:
    If CBool(Session("BlnLoggedIn")) <> True Then
    ...

I'd recommend the boolean conversion.

And a cleaner way to do that test would be this:

    If Not CBool(Session("BlnLoggedIn")) Then
    ...

A little less code, and it even reads easier: "If Not LoggedIn Then..."


Peter
------------------------------------------------------
Work smarter, not harder.





Similar Threads
Thread Thread Starter Forum Replies Last Post
Session/Cookie Expires, Login page appears rajn ASP.NET 1.0 and 1.1 Professional 3 June 27th, 2007 06:19 AM
login page. cookie handling. richie86 ASP.NET 1.0 and 1.1 Basics 1 November 27th, 2005 05:13 AM
How to write a cookie during a login session taoree ASP.NET 1.0 and 1.1 Basics 3 April 18th, 2004 02:40 PM
login cookie help daddycool2k ASP.NET 1.0 and 1.1 Basics 0 November 16th, 2003 03:17 PM





Powered by vBulletin®
Copyright ©2000 - 2020, Jelsoft Enterprises Ltd.
Copyright (c) 2020 John Wiley & Sons, Inc.