Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Page 1 of 2 12 LastLast
Results 1 to 15 of 19
  1. #1
    New Coder
    Join Date
    Jan 2003
    Posts
    99
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Exclamation i need help in how i can make auto login in this fourm

    i have problem in how i can make the member who login in my website auto login in this fourm ( aspaap) if u don't know this forum i will send it now
    and i will tell u that i use in my website ( session )
    for
    user_name = session("user")
    password = session("pws")
    so where in the fourm codeing i must change to make member auto login in fourm



    i attach the fourm and file form my site with name(start.asp) in this file i make the session to know how my website work
    Attached Files Attached Files

  • #2
    Senior Coder Morgoth's Avatar
    Join Date
    Jun 2002
    Location
    Ontario, Canada Remaining Brain Cells: 6
    Posts
    1,402
    Thanks
    2
    Thanked 1 Time in 1 Post
    Does the user have the same "username" and "password" on the website and on the forums?

    To help you out, you might want to use cookies more then sessions. Cookies last longer.

    You first take the username and password when they login, and store it in a cookie. Then you open that cookie up everytime to need to see if they are loged in. So if they are on the forums you look in the cookie to see if they are logged in, and if they are, you show informationa bout them.

    Understand?

  • #3
    New Coder
    Join Date
    Jan 2003
    Posts
    99
    Thanks
    0
    Thanked 0 Times in 0 Posts
    in the first thank you for fast reply
    yes user have the same "username" and "password" on the website and on the forums
    i think that not good ideia i like session so plz download the attchment file and check the code and tell me what i must do in this comblex code
    i think the problem in two page ( i_utils.asp and login.asp)
    in page (i_utils.asp ) check this function check_security(iLevel)

  • #4
    Senior Coder Morgoth's Avatar
    Join Date
    Jun 2002
    Location
    Ontario, Canada Remaining Brain Cells: 6
    Posts
    1,402
    Thanks
    2
    Thanked 1 Time in 1 Post
    Ok, I'll download the code now, and look it over.

    But if your concern is on Cookie safety, you can find many methods on keep information secure and safe. It looks to me like to have an auto login your going to need cookies.

    A problem is that sessions use cookies anyways, so if a person has cookies disabled the sessions will not work. Yes the sessions have the information saved on the server computer, but it is linked to a user with the cookie that has the ID number to define who's info is who's.

    Understand?

  • #5
    New Coder
    Join Date
    Jan 2003
    Posts
    13
    Thanks
    0
    Thanked 0 Times in 0 Posts
    I agree.. Cookies would be the best option for auto login.. but theres always alternatives. This only works for people on Highspeed internet (Cable, DSL, etc) though.
    Put a code up in the pages that basically says If Requested IP is in the database, then session("username") = Rs("username") and same for the password.

    But like I said, that only works for people on highspeed.
    Cookies are by far the best option, they're secure too.. the only people that can access em is the computer operator, and you (your website)
    Only when we die do we realize the importance of life

  • #6
    Senior Coder Morgoth's Avatar
    Join Date
    Jun 2002
    Location
    Ontario, Canada Remaining Brain Cells: 6
    Posts
    1,402
    Thanks
    2
    Thanked 1 Time in 1 Post
    Why do cookies only work for people with highspeed?
    I think you are confusing it with IP addresses.

    Just because you don't have a single IP address or are on a proxy server doesn't mean you can't receive cookies.

    Dial Up connects can have cookies.

  • #7
    New Coder
    Join Date
    Jan 2003
    Posts
    13
    Thanks
    0
    Thanked 0 Times in 0 Posts
    but theres always alternatives. This only works for people on Highspeed internet (Cable, DSL, etc) though.
    Put a code up in the pages that basically says If Requested IP is in the database, then session("username") = Rs("username") and same for the password.

    But like I said, that only works for people on highspeed.
    I don't think I am..
    I didn't say cookies weren't for everyone =)
    Only when we die do we realize the importance of life

  • #8
    Senior Coder Morgoth's Avatar
    Join Date
    Jun 2002
    Location
    Ontario, Canada Remaining Brain Cells: 6
    Posts
    1,402
    Thanks
    2
    Thanked 1 Time in 1 Post
    My bad... I miss read you.
    But if I didn't miss read you, you would of been wrong.

    Hehe. Sorry.

  • #9
    New Coder
    Join Date
    Sep 2002
    Posts
    82
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Actually the cookie is a good idea. The cookie does not have to have the username or pasword in it. The cookie can contain a unique "Pin" that is stored in the db.

    I've used MD5 Hashing to generate a 32byte Key that I store in the DB and on the client in a cookie collection.

    Request.Cookies("garbage")("log")
    Request.Cookies("garbage")("auto")

    I then have a table that I validate the Key against as part of the
    validateion process.
    Example

    CryptKeyTable
    _____________________________________________
    |IndexID | LinkID | Key |
    ------------------------------------------------------------------------
    | 235 | 568 |c6768b93905dcaccbc6005eca6c68bd7|
    ------------------------------------------------------------------------

    MemberTable
    _________________________
    |IndexID | UID | PWD |
    ----------------------------------------
    | 568 | myUID | password|
    ----------------------------------------

    Code:
    <%
    'Start Intial Validation:
    If Request.Cookies("garbage")("auto") = False Then
    	' Get Validation key Info
    	sSQL = "SELECT LinkID FROM CryptKeyTable WHERE KEY='"  & Request.Cookies("garbage")("log") & "'"
    	oRsKey.Open sSQL, oConn, 2, 1
    	' Get user Info
    	sSQL1 = "Select INDEXID FROM MemberTable WHERE PWD = '"Request.form("PWD") & "' and UID= '" & Request.FORM("USERID") & "'"
    	oRsUser.open Open sSQL, oConn, 2, 1
    	If CInt(oRsUser.Fields(0).Value) <> CInt(oRsKey.Fields(0).Value) Then
    		DisplayErrorMsg
    	Else
    		CompleteValidation CInt(oRsUser.Fields(0).Value)
    	End If
    Else
    	sSQL = "SELECT LinkID FROM CryptTable WHERE KEY='"  & Request.Cookies("garbage")("log")
    	oRsKey.Open sSQL, oConn, 2, 1
    	CompleteValidation CInt(oRsKey.Fields(0).Value)
    End If
    Sub CompleteValidation(nUID)
    End Sub
    %>

    Here is a sample of the code to use to hash the password and insert it into a database...

    MD5 Hash Logon Code Implmented
    a credit card for a newbie from Amex: The Amex Blue card would like to start developing a credit history.

  • #10
    New Coder
    Join Date
    Jan 2003
    Posts
    99
    Thanks
    0
    Thanked 0 Times in 0 Posts
    no one answer me i need solve this problem how auto login in the fourm


    and in my web site
    1- user_name = session("user")
    2- password= session("pw")
    so plz download the fourm and tell me the answer

  • #11
    Senior Coder Morgoth's Avatar
    Join Date
    Jun 2002
    Location
    Ontario, Canada Remaining Brain Cells: 6
    Posts
    1,402
    Thanks
    2
    Thanked 1 Time in 1 Post
    I don't think you can have auto login with sessions. Sessions havea time out feature, which doesn't allow them to last.

  • #12
    New Coder
    Join Date
    Jan 2003
    Posts
    99
    Thanks
    0
    Thanked 0 Times in 0 Posts
    ok
    tell me what i must do to make it auto login
    i wait the code but i hope that u download the fourm and u saw the code to be sure that will work

  • #13
    New Coder
    Join Date
    Sep 2002
    Posts
    82
    Thanks
    0
    Thanked 0 Times in 0 Posts
    bmwmpower

    The code I sent does an auto-logon based on a cookie. All you add is a the code to create the cookie if the user checks a "Remember Logon" checkbox on the logon form.

    The logon code starts withs check to see if the cookie is set for autolog.

    If Request.Cookies("garbage")("auto") <> True Then

    ' Normal code using the logon form goes here
    Else
    'Logon code using the cookie's stored value.
    End If

    The cookie can be set to expire after however long you want it too.
    a credit card for a newbie from Amex: The Amex Blue card would like to start developing a credit history.

  • #14
    Senior Coder Morgoth's Avatar
    Join Date
    Jun 2002
    Location
    Ontario, Canada Remaining Brain Cells: 6
    Posts
    1,402
    Thanks
    2
    Thanked 1 Time in 1 Post
    Yeah, what he said.

  • #15
    New Coder
    Join Date
    Sep 2002
    Posts
    82
    Thanks
    0
    Thanked 0 Times in 0 Posts
    The one thing I forgot to mention is that you create an include file with the cookie check. then link the file via SSI in any page that can only be accessed after logon.
    Include file
    Code:
    <%
    If (Not (CBool(Session("Validated"))) or (Request.Cookies("garbage")("auto"))) <> True Then 
     Response.Redirect("/admin/mylogon.asp")
    End If 
    %>
    SSI Link
    <!-- #include file="/admin/CheckAccess.inc" -->
    a credit card for a newbie from Amex: The Amex Blue card would like to start developing a credit history.


  •  
    Page 1 of 2 12 LastLast

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •