Forum Moderators: open
I guess it's like suspending their username and password until they click an authorization link which I send them. Anyone have an idea of where to look of a good ASP script, or know how to do it in Dreamweaver MX, or know how to do it? Any help would be nice.
After they login, the ASP page can check if Active = true, and if it does, give them full access.
<%@LANGUAGE="VBSCRIPT"%>
<!--#include file="Connections/umbcems.asp" -->
<%
' *** Validate request to log in to this site.
MM_LoginAction = Request.ServerVariables("URL")
If Request.QueryString<>"" Then MM_LoginAction = MM_LoginAction + "?" + Request.QueryString
MM_valUsername=CStr(Request.Form("username"))
If MM_valUsername <> "" Then
MM_fldUserAuthorization=""
MM_redirectLoginSuccess="members/index.asp"
MM_redirectLoginFailed="login_error.asp"
MM_flag="ADODB.Recordset"
set MM_rsUser = Server.CreateObject(MM_flag)
MM_rsUser.ActiveConnection = MM_umbcems_STRING
MM_rsUser.Source = "SELECT user_name, password"
If MM_fldUserAuthorization <> "" Then MM_rsUser.Source = MM_rsUser.Source & "," & MM_fldUserAuthorization
MM_rsUser.Source = MM_rsUser.Source & " FROM user_pass WHERE user_name='" & Replace(MM_valUsername,"'","''") &"' AND password='" & Replace(Request.Form("pass"),"'","''") & "'"
MM_rsUser.CursorType = 0
MM_rsUser.CursorLocation = 2
MM_rsUser.LockType = 3
MM_rsUser.Open
If Not MM_rsUser.EOF Or Not MM_rsUser.BOF Then
' username and password match - this is a valid user
Session("MM_Username") = MM_valUsername
If (MM_fldUserAuthorization <> "") Then
Session("MM_UserAuthorization") = CStr(MM_rsUser.Fields.Item(MM_fldUserAuthorization).Value)
Else
Session("MM_UserAuthorization") = ""
End If
if CStr(Request.QueryString("accessdenied")) <> "" And true Then
MM_redirectLoginSuccess = Request.QueryString("accessdenied")
End If
MM_rsUser.Close
Response.Redirect(MM_redirectLoginSuccess)
End If
MM_rsUser.Close
Response.Redirect(MM_redirectLoginFailed)
End If
%>
The database is ems_logins.mdb
The Data Source Name is umbcems
Thanks for the help.
~Brett
MM_rsUser.Source = "SELECT user_name, password, active"
If MM_fldUserAuthorization <> "" Then MM_rsUser.Source = MM_rsUser.Source & "," & MM_fldUserAuthorization
MM_rsUser.Source = MM_rsUser.Source & " FROM user_pass WHERE active = true AND user_name='" & Replace(MM_valUsername,"'","''") &"' AND password='" & Replace(Request.Form("pass"),"'","''") & "'"
MM_rsUser.Source = "SELECT user_name, password, active"
If MM_fldUserAuthorization <> "" Then MM_rsUser.Source = MM_rsUser.Source & "," & MM_fldUserAuthorization
MM_rsUser.Source = MM_rsUser.Source & " FROM user_pass WHERE active = true AND user_name='" & Replace(MM_valUsername,"'","''") &"' AND password='" & Replace(Request.Form("pass"),"'","''") & "'"
I tried that and it doens't seem to check it. It lets me right through even though I have "false" in the active field. Wonder what else could be wrong.
Thanks for the help though.
<%
Dim strName, strEmail, strUsername, strPass
strName = Request.Form("name")
strEmail = Request.Form("email")
strUsername = Request.Form("username")
strPass = Request.Form("password")Dim objMail
Set objMail = CreateObject("CDONTS.NewMail")
With objMail
.From = strName & (strEmail)
.To = "me@isp.com"
.Subject = strSubject
.Body = "Sent By: " & strName & chr(13) & "Email Address: " & strEmail & chr(13) & chr(13) & "Username: " & chr(13) & strUsername & chr(13) & "Password: " & chr(13) & strPass & "======================================================" & chr(13) & Date() & " at " & Time()
.Send
End With
Set objMail = Nothing
%>
Can't I just insert this in the head as well as the insert and check scripts for the add_member.asp page?
Any help you can offer would be great.
~Brett
[edited by: brett2_UMBC at 2:32 am (utc) on April 19, 2003]
Which is the DataType on the field "Active"?
It has to be Yes/No for the code to work, if it is "Text" it won't work, you have to use --> active = '"& true &"'
Error Type:
Microsoft OLE DB Provider for ODBC Drivers (0x80040E07)
[Microsoft][ODBC Microsoft Access Driver] Data type mismatch in criteria expression.
/umbcems/login.asp, line 21
I think it has to do with the code I changed.
Old:
MM_rsUser.Source = MM_rsUser.Source & " FROM user_pass WHERE active = true AND user_name='" & Replace(MM_valUsername,"'","''") &"' AND password='" & Replace(Request.Form("pass"),"'","''") & "'"
New:
MM_rsUser.Source = MM_rsUser.Source & " FROM user_pass WHERE active ='" & true &"' AND user_name='" & Replace(MM_valUsername,"'","''") &"' AND password='" & Replace(Request.Form("pass"),"'","''") & "'"
Thanks for the help, we're gettin there I think.
~Brett
I think you misunderstood me, if you do yes/no, you have to use:
MM_rsUser.Source = MM_rsUser.Source & " FROM user_pass WHERE active = true AND user_name='" & Replace(MM_valUsername,"'","''") &"' AND password='" & Replace(Request.Form("pass"),"'","''") & "'"
If you do "text", you have to use:
MM_rsUser.Source = MM_rsUser.Source & " FROM user_pass WHERE active ='"& true &"' AND user_name='" & Replace(MM_valUsername,"'","''") &"' AND password='" & Replace(Request.Form("pass"),"'","''") & "'"
Now, could anyone answer this question:
[webmasterworld.com ]
~Brett
