View Full Version : login script

07-13-2005, 03:27 PM
Would someone please help me with this login script! ASAP...

---------- authorised.asp

'If the session variable is False or does not exsist then redirect the user to the unauthorised
If Session("ValidateUser") = False or IsNull(Session("ValidateUser")) = True then
'Redirect to unauthorised
End If
'Dimension Variables
Dim strUserName 'Holds the name of the user

'Get the users name passed from the previous page
strUserName = Request.QueryString("name")


<body bgcolor="green" text="black">
<table width="518" border="0" cellspacing="0" cellpadding="0" align="center">
<td align="center">
<h1>Authorised Access</h1>
<div align="center">
Welcome <b>
<% =strUserName %>
</b> to the password proteceted area of the web site. </p>


----------- validateuser.asp
'Dimension variables
Dim adoCon 'Database Connection Variable
Dim strCon 'Holds the Database driver and the path and name of the database
Dim rsCheckUser 'Database Recordset Variable
Dim strAccessDB 'Holds the Access Database Name
Dim strSQL 'Database query sring
Dim strUserName 'Holds the user name

'Initalise the strUserName variable
strUserName = Request.Form("txtUserName")

'Check the database to see if user exsits and read in there password
'Initialise the strAccessDB variable with the name of the Access Database
strAccessDB = "users"

'Create a connection odject
Set adoCon = Server.CreateObject("ADODB.Connection")

'Database connection info and driver
strCon = "DRIVER={Microsoft Access Driver (*.mdb)};uid=;pwd=letmein; DBQ=" & Server.MapPath(strAccessDB)

'Set an active connection to the Connection object
adoCon.Open strCon

'Create a recordset object
Set rsCheckUser = Server.CreateObject("ADODB.Recordset")

'Initalise the strSQL variable with an SQL statement to query the database
strSQL = "SELECT tblUsers.Password FROM tblUsers WHERE tblUsers.UserID ='" & strUserName & "'"

'Query the database
rsCheckUser.Open strSQL, strCon

'If the recordset finds a record for the username entered then read in the password for the user
If NOT rsCheckUser.EOF Then

'Read in the password for the user from the database
If (Request.Form("txtUserPass")) = rsCheckUser("Password") Then

'If the password is correct then set the session variable to True
Session("validateuser") = True

'Close Objects before redirecting
Set adoCon = Nothing
Set strCon = Nothing
Set rsCheckUser = Nothing

'Redirect to the authorised and send the users name
Response.Redirect"authorised.asp?name=" & strUserName
End If
End If

'Close Objects
Set adoCon = Nothing
Set strCon = Nothing
Set rsCheckUser = Nothing

'If the script is still running then the user must not be authorised
Session("validateuser") = False

'Redirect to the unautorised

07-13-2005, 03:41 PM
wrong forum, mate. this is for clientside JS, not serverside VBS. PM a mod to get moved to the appropriate place. :)

in any case, you never said what the problem is. that's kinda important when requesting help. and it's not as if we can test out your code, because it's serverside and all. :rolleyes: