Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 9 of 9
  1. #1
    Regular Coder
    Join Date
    Nov 2007
    Posts
    682
    Thanks
    319
    Thanked 1 Time in 1 Post

    Can login, then out, but NOT back in again...?

    Using cookies to check that the user is logged in, but having an issue with logging back in once logged out once.

    Logging in IS working, and logging out works as well. I'm using a very simple check to see if the user is logged in as it isn't a public website, it's designed to be run locally with no internet access.

    Login checking
    PHP Code:
    <%
    uid Request.Cookies("uid")("id")

    if 
    uid "" then
    %>
    <!--
    #include virtual="\nightclub_photography\login_page.asp"-->
    <%
    else
    %>
    <!--
    #include virtual="\nightclub_photography\content.asp"-->
    <%
    end if
    %> 
    Login script:
    PHP Code:
    <!--#include virtual="\nightclub_photography\asp\md5.asp"-->

    <%
    'Retreive the URL variables'
    email Trim(request.querystring("email"))
    password request.querystring("password")

    'Check the data has been entered into the fields'
    if email "" then
        response
    .write "Error: Please enter your email!"
        
    response.End
    End 
    If
    If 
    password "" then
        response
    .write "Error: Please enter a password!"
        
    response.End
    End 
    If

    query "select * from users WHERE email = '" email "'"

    'Create connection and load users database
    set conn=Server.CreateObject("ADODB.Connection")
    conn.Provider="Microsoft.ACE.OLEDB.12.0"
    conn.Open Server.MapPath("/nightclub_photography/data/database/users.mdb")

    set rs=Server.CreateObject("ADODB.recordset")
    rs.Open query, conn

    '
    Check if the username matchs in the database
    if rs.EOF then
        response
    .write("Error: Login details incorrect!")
    else
        if 
    md5(password) = rs.Fields("password"then
            
    'Fetch, and capitlize name
            full_name = ucase(mid(rs.Fields("fname"),1,1))&mid(rs.Fields("fname"),2)&" "
            full_name = full_name + ucase(mid(rs.Fields("sname"),1,1))&mid(rs.Fields("sname"),2)
            
            '
    Set session variables
            Response
    .Cookies("perms") = rs.Fields("perms")
            
    Response.Cookies("uid")("fullname") = full_name
            Response
    .Cookies("uid")("email") = rs.Fields("email")
            
    Response.Cookies("uid")("id") = rs.Fields("id")
            
    Response.Cookies("sdate") = Date
            
            
    'Expire in 2 days to be safe
            Response.Cookies("perms").Expires = Date() + 2
            Response.Cookies("uid").Expires = Date() + 2
            Response.Cookies("sdate").Expires = Date() + 2
            
            '
    Write message and create cookies for session
            response
    .write("Message: Login Successful!")
        else
            
    response.write("Error: Login details incorrect!")
        
    end if
    end if
    %> 
    Logout Script:
    PHP Code:
    <%
    response.cookies("perms").expires=now
    response
    .cookies("uid").expires=now
    response
    .cookies("sdate").expires=now
    %> 
    There scripts are called from these two javascript functions
    PHP Code:
    function dologin() {
        
    //Field values
        
    var email doc('loginEmail').value;
        var 
    password doc('loginPassword').value;
        
        var 
    http xmlhttp();
        
    http.onreadystatechange = function() {
            if (
    http.readyState == && http.status == 200) {
                
    //Check if it's an error or message
                
    var http.responseText;
                
    k.split(":");
                
    k[0].toLowerCase();
                
    load_dialog('forms/'+k+'.asp?message=' http.responseText1)
            }
        }
        
    http.open("GET""http://localhost/nightclub_photography/asp/login.asp?email="+email+"&password="+passwordtrue);
        
    http.send();
        return 
    false;
    }
    function 
    logout() {
        var 
    http xmlhttp();
        
    http.onreadystatechange = function() {
            if (
    http.readyState == && http.status == 200) {
                
    checkLogin()    
            }
        }
        
    http.open("GET""http://localhost/nightclub_photography/asp/logout.asp");
        
    http.send();

    Login is checked when the HTA file is loaded and then rechecked when other functions run their code.
    PHP Code:
    function checkLogin() {
        var 
    http xmlhttp();
        
    http.onreadystatechange = function() {
            if (
    http.readyState == && http.status == 200) {
                
    doc("main").innerHTML http.responseText;    
                
    checkErrors();
            } else {
                
    doc("main").innerHTML "Loading...";
            }
        }
        
    http.open("GET""http://localhost/nightclub_photography/checkLogin.asp?"+Math.random());
        
    http.send();


  • #2
    Supreme Master coder! Old Pedant's Avatar
    Join Date
    Feb 2009
    Posts
    25,506
    Thanks
    77
    Thanked 4,378 Times in 4,343 Posts
    Ummm...I hope you are aware that #include's can *NOT* be made conditional in ASP code.

    That is, your code doing this:
    Code:
    <% 
    uid = Request.Cookies("uid")("id") 
    
    if uid = "" then 
    %> 
    <!--#include virtual="\nightclub_photography\login_page.asp"--> 
    <% 
    else 
    %> 
    <!--#include virtual="\nightclub_photography\content.asp"--> 
    <% 
    end if 
    %>
    is *ACTUALLY* ALWAYS #including *BOTH* login_page.asp and content.asp.

    The only thing the IF is doing is running (or not running) the actual code within those files.

    So if, for example, you DIM the same variable name in both files you *WILL* get an error.
    An optimist sees the glass as half full.
    A pessimist sees the glass as half empty.
    A realist drinks it no matter how much there is.

  • Users who have thanked Old Pedant for this post:

    martynball (06-04-2013)

  • #3
    Supreme Master coder! Old Pedant's Avatar
    Join Date
    Feb 2009
    Posts
    25,506
    Thanks
    77
    Thanked 4,378 Times in 4,343 Posts
    Anyway, what does "having an issue" mean? WHAT is the issue?
    An optimist sees the glass as half full.
    A pessimist sees the glass as half empty.
    A realist drinks it no matter how much there is.

  • #4
    Regular Coder
    Join Date
    Nov 2007
    Posts
    682
    Thanks
    319
    Thanked 1 Time in 1 Post
    That could be the problem then thanks will have a look in a minute. And the issue is that, the page first loads login_page.asp, I then login and the div content changes to the content.asp, now I log back out which switches it back to login_page.asp, now for the second time I try to login but I do not get the content.asp but instead login_page.asp

  • #5
    Supreme Master coder! Old Pedant's Avatar
    Join Date
    Feb 2009
    Posts
    25,506
    Thanks
    77
    Thanked 4,378 Times in 4,343 Posts
    So try emulating your code by hitting those URLs "by hand".

    That is, for example, just hit your own URL
    Code:
    http://localhost/nightclub_photography/asp/login.asp?email=abc@xyz.com&password=foobar
    And then, if needed, put some debug output into login.asp so you can see that cookie values, etc., it is reading/writing.
    An optimist sees the glass as half full.
    A pessimist sees the glass as half empty.
    A realist drinks it no matter how much there is.

  • Users who have thanked Old Pedant for this post:

    martynball (06-04-2013)

  • #6
    Regular Coder
    Join Date
    Nov 2007
    Posts
    682
    Thanks
    319
    Thanked 1 Time in 1 Post
    Whilst I do some debugging like you said, can you tell me how I can go about selecting which page to load based on if the user is logged in, like I tried to do below.

    I did just try another way but I noticed ASP code didn't run and it just loaded pure text onto the page.

    PHP Code:
    <% 
    uid Request.Cookies("uid")("id"

    if 
    uid "" then 
    %> 
    <!--
    #include virtual="\nightclub_photography\login_page.asp"--> 
    <% 
    else 
    %> 
    <!--
    #include virtual="\nightclub_photography\content.asp"--> 
    <% 
    end if 
    %> 

  • #7
    Regular Coder
    Join Date
    Nov 2007
    Posts
    682
    Thanks
    319
    Thanked 1 Time in 1 Post
    I seemed to have fixed it, it's because each ajax request keeps on getting cached! How do I stop this?

    The only solution I can find is to add Math.random() at the end of each request, there must be a better way so i don't have to mess with URL variables!

    Code:
    http.open("GET", "http://localhost/nightclub_photography/asp/login.asp?email="+email+"&password="+password+"&f="+Math.random(), true);

  • #8
    Supreme Master coder! Old Pedant's Avatar
    Join Date
    Feb 2009
    Posts
    25,506
    Thanks
    77
    Thanked 4,378 Times in 4,343 Posts
    Wow, that's weird. Never heard of AJAX requests being cached. I would think that the caching must be happening on the ASP side of things, except that I haven't heard of that, either.

    Ehhh...there are worse answers than needing to use a random number for a cache buster.
    An optimist sees the glass as half full.
    A pessimist sees the glass as half empty.
    A realist drinks it no matter how much there is.

  • Users who have thanked Old Pedant for this post:

    martynball (06-04-2013)

  • #9
    Regular Coder
    Join Date
    Nov 2007
    Posts
    682
    Thanks
    319
    Thanked 1 Time in 1 Post
    I saw something somewhere about adding ajax headers before sending the request so it doesn't cache, i was going to try that just incase it is the ajax, but i can't figure out where you place the code within the ajax request..


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •