...

View Full Version : User Question



phillip_ewing
01-21-2003, 10:00 PM
Question:
I am trying to set up basic permissions on the page.
Admin can add,edit, delete.
Teachers can edit or add
parents/students can do nothing but view

My idea was to send to them all to a different page after logging in - default1.asp, default2.asp, and default3.asp. I do not think i am doing it correctly. Is there an easier way of doing this without creating multiple pages?

Can someone please direct me in the right path?

oracleguy
01-22-2003, 12:10 AM
You could do a select case.

Like:




<html>
<head>
<title>members page</title>
</head>

<body>
<%Select Case strUserType %>
<%Case "Student" %>
...
<%Case "Teacher" %>
...
<%Case "Admin" %>
...
<%End Select%>
</body>

</html>


Or you could do this:

Have your data all on the page and have the buttons to add, edit, and delete and on the pages that they lead to you could check the user type/level and if they have clearance do the requested function, otherwise return an access denied error.

The former method would work but I'd recommend the latter. It's hard to say without knowing how the page is formatted.

Eskimo
01-22-2003, 07:27 AM
How are you discerning between them? Do they all have their own UserID and Password or are there three and they share them?

phillip_ewing
01-22-2003, 01:58 PM
On the users login.asp, i have the Users authenticating against what is wrote in the database. In the database, i have a Username, Password, Permission fields. The permission field is the field that when they register they mention who they are - teacher, parent, or student. My goal is to compare what is in the permission field and show the links that are associated with them.

I have tried the Select Case but I do not think I am doing it correctly. Right now, when a user logs in they are directed to default.asp which has addnew, edit, and delete links all in a HTML driven table. Every user has a permission field in the database but I cannot figure out how to put the those selections and my <td>'s into the case select. Any help would be appreciated. Thank you in advance.

Mhtml
01-22-2003, 03:28 PM
Ok, so you are planning on having the admin stuff on a separate page then? Not inline (same page)..


How are the ranks (permissions) set? I mean how are they labeled? eg; Teacher, Student or are they 1, 2??


Either way you will have to query your database like this.


sqlGetPermission = "SELECT * FROM Users WHERE UserName = '" & UserName &"'"


That when applied to the appropriate table will select all the fields for the user which includes the permission field.

Now since we have the permission field you can now use the SELECT CASE like mentioned before.



SELECT Case rs("Permission")
Case "Admin"
Session("UserType") = "Admin"
Response.Redirect("AdminPage.asp")
Case "Teacher"
Session("UserType") = "Teacher"
Response.Redirect("TeacherPage.asp")
Case Else
Session("UserType") = "Parent_or_Student"
Response.Redirect("OtherPage.asp")
End Select


I hope I haven't moved to fast for you there. If you would like a more indepth explanation I would be glad to go into it more.

If you wish for a better explanation I think I will need to see your current code so that I can higlight/edit to show you. :)

phillip_ewing
01-22-2003, 04:24 PM
Below is my code for the default.asp. What i want is when a teacher logs in, they are sent teacher_page.asp, etc.. Right now, everyone is going to admin_page.asp. any help would be greatly appreciated.



<%
DIM rs

strAccessDB = "users.mdb"

'Create a connection odject
Set adoCon = Server.CreateObject("ADODB.Connection")

'Database connection info and driver
strCon = "DRIVER={Microsoft Access Driver (*.mdb)};uid=;pwd=; DBQ=" & Server.MapPath(strAccessDB)

'Set an active connection to the Connection object
adoCon.Open strCon

'Create a recordset object
Set rs = Server.CreateObject("ADODB.Recordset")

'Initalise the strSQL variable with an SQL statement to query the database
strSQL = "SELECT * FROM userlist"

'Query the database
rs.Open strSQL, strCon

strpermission = Session("permission")

SELECT Case rs("permission")
Case "Admin"
Session("permission") = "Admin"
Response.Redirect("admin_page.asp")
Case "Teacher"
Session("permission") = "Teacher"
Response.Redirect("teacher_page.asp")
Case "Parent"
Session("permission") = "Parent"
Response.Redirect("other_page.asp")
Case Else
Session("permission") = "Student"
Response.Redirect("other_page.asp")
End Select

%>


Thank you again.



EZ Archive Ads Plugin for vBulletin Copyright 2006 Computer Help Forum