Forum Moderators: open
I am working out a login page for our intranet and have hit the following snag. When the user logs in for the very first time (ever) I take their username and password, check it in the database, then set cookies and session variables for their permissions.
The cookies are to be used by ASPmaker and the session variables are for my code. I have done a check at the bottom of the validation page and the sessions are all set correctly.
However, when I redirect them to a new page, the sessions are lost. Normally I would say it was the redirect, HOWEVER when I autolog the person in via a different page (based on the cookies stored above) they have the sessions and can redirect no problem.
The code for settings the cookies and sessions is identical (I copy pasted one to the other).
I'll post the code for the validate page that isn't working correctly in a post below.
Thanks for any suggestions.
Casey
<%
Session.Timeout=60
dim myArray(25)
myArray(0) = "subdivisionsGOOD"
myArray(1) = "initialSitePlan"
myArray(2) = "masterPlans"
myArray(3) = "common4"
myArray(4) = "fireFlow"
myArray(5) = "commonowner"
myArray(6) = "hydrants4"
myArray(7) = "iiworkorders4"
myArray(8) = "leaks_breaks4"
myArray(9) = "manhole"
myArray(10) = "meterreading4"
myArray(11) = "petitions4"
myArray(12) = "projects4"
myArray(13) = "site_plan4"
myArray(14) = "smoke_test"
myArray(15) = "specialAgreements"
myArray(16) = "systemflushings4"
myArray(17) = "tv_inspect"
myArray(18) = "VDOT4"
myArray(19) = "watersewer4"
myArray(20) = "workorder_GIS"
myArray(21) = "workorder_search4"
myArray(22) = "workorder4"username = request.form("username")
password = request.form("password")
xDb_Conn_Str = "Provider=Microsoft.Jet.OLEDB.4.0;Data Source=G:\Inetpub\db\security.mdb;"
Set conn = Server.CreateObject("ADODB.Connection")
conn.Open xDb_Conn_Str
mySQL = "SELECT username, password, clearance FROM security WHERE username = '"&username&"' AND password = '"&password&"'"
Set valid = Server.CreateObject("ADODB.Recordset")
valid.open mySQL, conn
if valid.eof = false then
'set the rights and send them on
if valid("clearance") = "administrator" then
Session("CustomerService") = "login"
Session("CustomerServiceEdit") = "login"
Session("Documentation") = "login"
Session("Lab") = "login"
Session("Personnel") = "login"
Session("GIS") = "login"
Session("Administration") = "login"
Session("Accounting") = "login"
for i = 0 to 22
Response.Cookies(myArray(i))("autologin") = "autologin"
Response.Cookies(myArray(i))("username") = "******"
Response.Cookies(myArray(i))("password") = "*****"
Response.Cookies(myArray(i)).Expires = Date + 365 ' Change the expiry date of the cookies here
next
elseif valid("clearance") = "normal" then
Session("CustomerService") = "login"
Session("CustomerServiceEdit") = "invalid"
Session("Documentation") = "login"
Session("Lab") = "login"
Session("Personnel") = "login"
Session("GIS") = "login"
Session("Administration") = "login"
Session("Accounting") = "login"
for i = 0 to 22
Response.Cookies(myArray(i))("autologin") = "autologin"
Response.Cookies(myArray(i))("username") = "******"
Response.Cookies(myArray(i))("password") = "******"
Response.Cookies(myArray(i)).Expires = Date + 365 ' Change the expiry date of the cookies here
next
else
Session("CustomerService") = "invalid"
Session("CustomerServiceEdit") = "invalid"
Session("Documentation") = "invalid"
Session("Lab") = "invalid"
Session("Personnel") = "invalid"
Session("GIS") = "invalid"
Session("Administration") = "invalid"
Session("Accounting") = "invalid"
for i = 0 to 22
Session(myArray(i)&"_status") = "invalid"
next
end if
valid.close
conn.close
set valid = nothing
set conn = nothing
response.redirect "main.asp"
else
'invalid, try again
valid.close
conn.close
set valid = nothing
set conn = nothing
response.redirect "login.asp"
end if
%>
