View Full Version : i need help in how i can make auto login in this fourm

01-19-2003, 11:15 AM
i have problem in how i can make the member who login in my website auto login in this fourm ( aspaap) if u don't know this forum i will send it now
and i will tell u that i use in my website ( session )
user_name = session("user")
password = session("pws")
so where in the fourm codeing i must change to make member auto login in fourm

i attach the fourm and file form my site with name(start.asp) in this file i make the session to know how my website work

01-19-2003, 06:12 PM
Does the user have the same "username" and "password" on the website and on the forums?

To help you out, you might want to use cookies more then sessions. Cookies last longer.

You first take the username and password when they login, and store it in a cookie. Then you open that cookie up everytime to need to see if they are loged in. So if they are on the forums you look in the cookie to see if they are logged in, and if they are, you show informationa bout them.


01-20-2003, 01:22 PM
in the first thank you for fast reply
yes user have the same "username" and "password" on the website and on the forums
i think that not good ideia i like session so plz download the attchment file and check the code and tell me what i must do in this comblex code
i think the problem in two page ( i_utils.asp and login.asp)
in page (i_utils.asp ) check this function check_security(iLevel)

01-20-2003, 08:22 PM
Ok, I'll download the code now, and look it over.

But if your concern is on Cookie safety, you can find many methods on keep information secure and safe. It looks to me like to have an auto login your going to need cookies.

A problem is that sessions use cookies anyways, so if a person has cookies disabled the sessions will not work. Yes the sessions have the information saved on the server computer, but it is linked to a user with the cookie that has the ID number to define who's info is who's.


01-20-2003, 08:38 PM
I agree.. Cookies would be the best option for auto login.. but theres always alternatives. This only works for people on Highspeed internet (Cable, DSL, etc) though.
Put a code up in the pages that basically says If Requested IP is in the database, then session("username") = Rs("username") and same for the password.

But like I said, that only works for people on highspeed.
Cookies are by far the best option, they're secure too.. the only people that can access em is the computer operator, and you (your website)

01-20-2003, 09:05 PM
Why do cookies only work for people with highspeed?
I think you are confusing it with IP addresses.

Just because you don't have a single IP address or are on a proxy server doesn't mean you can't receive cookies.

Dial Up connects can have cookies.

01-20-2003, 09:07 PM
but theres always alternatives. This only works for people on Highspeed internet (Cable, DSL, etc) though.
Put a code up in the pages that basically says If Requested IP is in the database, then session("username") = Rs("username") and same for the password.

But like I said, that only works for people on highspeed.

I don't think I am..
I didn't say cookies weren't for everyone =)

01-20-2003, 09:10 PM
My bad... I miss read you.
But if I didn't miss read you, you would of been wrong.

Hehe. Sorry.

01-20-2003, 10:46 PM
Actually the cookie is a good idea. The cookie does not have to have the username or pasword in it. The cookie can contain a unique "Pin" that is stored in the db.

I've used MD5 Hashing to generate a 32byte Key that I store in the DB and on the client in a cookie collection.


I then have a table that I validate the Key against as part of the
validateion process.

|IndexID | LinkID | Key |
| 235 | 568 |c6768b93905dcaccbc6005eca6c68bd7|

|IndexID | UID | PWD |
| 568 | myUID | password|

'Start Intial Validation:
If Request.Cookies("garbage")("auto") = False Then
' Get Validation key Info
sSQL = "SELECT LinkID FROM CryptKeyTable WHERE KEY='" & Request.Cookies("garbage")("log") & "'"
oRsKey.Open sSQL, oConn, 2, 1
' Get user Info
sSQL1 = "Select INDEXID FROM MemberTable WHERE PWD = '"Request.form("PWD") & "' and UID= '" & Request.FORM("USERID") & "'"
oRsUser.open Open sSQL, oConn, 2, 1
If CInt(oRsUser.Fields(0).Value) <> CInt(oRsKey.Fields(0).Value) Then
CompleteValidation CInt(oRsUser.Fields(0).Value)
End If
sSQL = "SELECT LinkID FROM CryptTable WHERE KEY='" & Request.Cookies("garbage")("log")
oRsKey.Open sSQL, oConn, 2, 1
CompleteValidation CInt(oRsKey.Fields(0).Value)
End If
Sub CompleteValidation(nUID)
End Sub

Here is a sample of the code to use to hash the password and insert it into a database...

MD5 Hash Logon Code Implmented (http://www.asphonolulu.com/Samples/viewsource.asp?file=/samples/asp/authentication/sourceforlogon.asp)

01-21-2003, 09:33 AM
no one answer me i need solve this problem how auto login in the fourm

and in my web site
1- user_name = session("user")
2- password= session("pw")
so plz download the fourm and tell me the answer

01-21-2003, 02:12 PM
I don't think you can have auto login with sessions. Sessions havea time out feature, which doesn't allow them to last.

01-21-2003, 02:45 PM
tell me what i must do to make it auto login
i wait the code but i hope that u download the fourm and u saw the code to be sure that will work

01-21-2003, 09:20 PM

The code I sent does an auto-logon based on a cookie. All you add is a the code to create the cookie if the user checks a "Remember Logon" checkbox on the logon form.

The logon code starts withs check to see if the cookie is set for autolog.

If Request.Cookies("garbage")("auto") <> True Then

' Normal code using the logon form goes here
'Logon code using the cookie's stored value.
End If

The cookie can be set to expire after however long you want it too.

01-21-2003, 10:32 PM
Yeah, what he said.

01-21-2003, 11:10 PM
The one thing I forgot to mention is that you create an include file with the cookie check. then link the file via SSI in any page that can only be accessed after logon.
Include file

If (Not (CBool(Session("Validated"))) or (Request.Cookies("garbage")("auto"))) <> True Then
End If

SSI Link
<!-- #include file="/admin/CheckAccess.inc" -->

01-22-2003, 10:36 AM
this code will not woRk with my forum CODE so plz open the fourm code and check it u will know what i mean
( login.asp and i_utils.asp ) this page for login
what i want is my session("username") = username for the fourm and session("password")= password for the fourm or as u like if i user cookie

01-22-2003, 05:18 PM
I did look at the zip file. Problems Encountererd.

You left out several files that prevents the Forums.asp from loading:
search.mdb,i_smtp.asp, i_header.asp, i_formatting.asp, i_footer.asp

The code has the Start.asp and Forums.asp data connections pointing to search.mdb, while the i_Utils.asp data connection is pointed to "data\7706.mdb"

The schema in 7706.mdb does not match the fields requested in START.asp's validate (line 21) of the returned sample.

I've uploaded the files with the basic code for the autolog routine added

01-23-2003, 12:42 PM
iam so so happy for quick reply

iam so so sorry for upload wrong files so i will upload the files again and i want tell u something
1- start.asp page for my website login and in this page u will see that the user_name and password take session to used it in all web
2- login.asp for the fourm login
3- about data base i have 2 data base one for my web and one for the fourm but the both have same recored for user_name and password and same data in the recored
4- i_utils.asp in this fill u will see the (check_security) plz read this code and u will know every thing about fourm

i will upload the files in two groub

01-23-2003, 12:43 PM
this is groub 2