Hi,

I have a working members code now where members can sign up, login to a protected page and log out. I now want to personalise each members login so when a member logs in it says welcome [username] etc and then when the use logs out it says 'thanks [username] you have logged out'. I tried to query my database but it doesnt work. any suggestions on how i can really simply do this?

Thanks.

Normally what you do is when they login, and it's succesful, you store the username or whatever you want into a session variable and then you can access it wherever you want.

and how do i do that? and how do i pull alsorts of info from the database just by using there stored username?

Sessions (http://www.w3schools.com/asp/asp_sessions.asp) After the login is succesful just store the username, and userid or whatever information you need into a session. Then when you need to run a query, you'll have their userId in a variable, and you can just select whatever from table where userid = userId variable.

thanks for the link to that site. i got it working now.

ok, now im stuck again. how can i query my database using the username in the session to get other user details from the database? im sure this is really simple. any suggestions of websites that i can learn this from?

You just run a query, but use that session variable name in the where clause. Although I would store the userId to, and query the table like:
Select fields from table where userId = sessionVar

Take a look at SQL (http://www.w3schools.com/sql/default.asp)

k i tried a select query followed by a where query and it gives an error:

Script error detected at line 21.
Source line: SELECT firstname FROM users
Description: Expected 'Case'

help!! the page code is:

<%@LANGUAGE="VBSCRIPT"%>
<%
' *** Restrict Access To Page: Grant or deny access to this page
MM_authorizedUsers=""
MM_authFailedURL="denied.asp"
MM_grantAccess=false
If Session("MM_Username") <> "" Then
If (true Or CStr(Session("MM_UserAuthorization"))="") Or _
(InStr(1,MM_authorizedUsers,Session("MM_UserAuthorization"))>=1) Then
MM_grantAccess = true
End If
End If
If Not MM_grantAccess Then
MM_qsChar = "?"
If (InStr(1,MM_authFailedURL,"?") >= 1) Then MM_qsChar = "&"
MM_referrer = Request.ServerVariables("URL")
if (Len(Request.QueryString()) > 0) Then MM_referrer = MM_referrer & "?" & Request.QueryString()
MM_authFailedURL = MM_authFailedURL & MM_qsChar & "accessdenied=" & Server.URLEncode(MM_referrer)
Response.Redirect(MM_authFailedURL)
End If

SELECT firstname FROM users
WHERE username = session("MM Username")
%>
<html>
<head>
<title>Untitled Document</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<p>Welcome
<%Response.Write(Session("mm_username"))%>
<br>
<%Response.Write("firstname")%>
</p>
<A HREF="out.asp">Log Out</A>
<p>&nbsp;</p>
</body>
</html>

You have to execute your query, you just typed out the select statement, and you need to use the same variable you used to set the session. Your session variable I see your printing is this:
Session("mm_username")
And when you typed out your select statement you had:
session("MM Username")
They must be the same.
If you look at your code you said you had that let users login and everything, their should be code their that executes a query, thats how you would execute this one as well.

this is the code that is used in the login page:

i might be being dumb here but i dont see a query like the one im trying to create. im a complete novice with asp but trying to learn it!

<%@LANGUAGE="VBSCRIPT"%>
<!--#include file="Connections/inch.asp" -->
<%
' *** Validate request to log in to this site.
MM_LoginAction = Request.ServerVariables("URL")
If Request.QueryString<>"" Then MM_LoginAction = MM_LoginAction + "?" + Request.QueryString
MM_valUsername=CStr(Request.Form("user"))
If MM_valUsername <> "" Then
MM_fldUserAuthorization=""
MM_redirectLoginSuccess="page.asp"
MM_redirectLoginFailed="denied.asp"
MM_flag="ADODB.Recordset"
set MM_rsUser = Server.CreateObject(MM_flag)
MM_rsUser.ActiveConnection = MM_inch_STRING
MM_rsUser.Source = "SELECT username, password"
If MM_fldUserAuthorization <> "" Then MM_rsUser.Source = MM_rsUser.Source & "," & MM_fldUserAuthorization
MM_rsUser.Source = MM_rsUser.Source & " FROM users WHERE username='" & MM_valUsername &"' AND password='" & CStr(Request.Form("pass")) & "'"
MM_rsUser.CursorType = 0
MM_rsUser.CursorLocation = 2
MM_rsUser.LockType = 3
MM_rsUser.Open
If Not MM_rsUser.EOF Or Not MM_rsUser.BOF Then
' username and password match - this is a valid user
Session("MM_Username") = MM_valUsername
If (MM_fldUserAuthorization <> "") Then
Session("MM_UserAuthorization") = CStr(MM_rsUser.Fields.Item(MM_fldUserAuthorization).Value)
Else
Session("MM_UserAuthorization") = ""
End If
if CStr(Request.QueryString("accessdenied")) <> "" And false Then
MM_redirectLoginSuccess = Request.QueryString("accessdenied")
End If
MM_rsUser.Close
Response.Redirect(MM_redirectLoginSuccess)
End If
MM_rsUser.Close
Response.Redirect(MM_redirectLoginFailed)
End If
%>
<html>
<head>
<title>Untitled Document</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<form name="form1" method="post" action="<%=MM_LoginAction%>">
<font face="Verdana, Arial, Helvetica, sans-serif"><b><font size="1">Username:
<input type="text" name="user">
<br>
Password:</font></b></font>
<input type="text" name="pass">
<br>
<input type="submit" name="Submit" value="Submit">
</form>
</body>
</html>

You can see it right here, you're doing a select statement and executing the query:

MM_flag="ADODB.Recordset"
set MM_rsUser = Server.CreateObject(MM_flag)
MM_rsUser.ActiveConnection = MM_inch_STRING
MM_rsUser.Source = "SELECT username, password"
If MM_fldUserAuthorization <> "" Then MM_rsUser.Source = MM_rsUser.Source & "," & MM_fldUserAuthorization
MM_rsUser.Source = MM_rsUser.Source & " FROM users WHERE username='" & MM_valUsername &"' AND password='" & CStr(Request.Form("pass")) & "'"
MM_rsUser.CursorType = 0

MM_rsUser.CursorLocation = 2
MM_rsUser.LockType = 3
MM_rsUser.Open
If Not MM_rsUser.EOF Or Not MM_rsUser.BOF Then
' username and password match - this is a valid user
Session("MM_Username") = MM_valUsername