473,834 Members | 2,063 Online
Bytes | Software Development & Data Engineering Community
+ Post

Home Posts Topics Members FAQ

Cookies problem (bug?)

Hi,
I have a site that I developed in ASP / VBScript.

Some of the visitors are complaining that they can't get in into the system
(using the login form of-course).

My login form includes e-mail and passwords fields, that I check within the
e-mail and passwords fields written in the database.
Then, if all is OK and the info the visitor enter is valid, I write it into
a cookie that next time the user get into my site, the system will recognize
him.

As I mentioned before, the problem is that some of the visitors are able to
connect/logon, and some are not. They are getting the regular screen.
I checked with them and the cookies were enabled. I also tried to add a
"Response.Buffe r=TRUE" code in the first line of code there --- > NOTHING.

Some people are able to connect just after they clear the cookies from their
computer. For some it doesn't help...
Some can't logout when they are connected :\

I am attaching here some code.

Please help me to solve this problem the persists for long time now.
Thanks,
Netanel.

LOGGING IN CODE:
-----------------------
Rec.Open "SELECT [UserID] FROM Users WHERE
([email]='"&ReplaceSTR( Request.Form("E Mail"))&"' and
StrComp([PassWord],'"&ReplaceSTR( Request.Form("P assWord"))&"',0 )=0)",DB
If (Rec.EOF) Then
Rec.Close : DisposeConn()
Response.Redire ct("Default.asp ?Err=LoginFaile d")
Else
Rec.Close : DisposeConn()
ExpireDate=Date ()+365
If (Request.Form(" SaveDetails")=" on") Then
Response.Cookie s("GDUser").Exp ires=ExpireDate
CEMail=ReplaceS TR(Request.Form ("EMail"))
CPassword=Repla ceSTR(Request.F orm("PassWord") )
TempString="UD"
Response.Cookie s("GDUser")=Tem pString
Response.Cookie s("GDUser")("EM ail")=CEMail
Response.Cookie s("GDUser")("Pa ssWord")=CPassw ord
Response.Redire ct("Default.asp ")
End If
VALIDATION CHECK ON EACH PAGE:
------------------------------------------
MyEmail=Request .Cookies("GDUse r")("EMail")
MyPass=Request. Cookies("GDUser ")("PassWor d")
MyLevel=2
MyFullName=""
MyID=0
Connected=FALSE
isAdmin=FALSE

If (MyEmail<>"") Then
Rec.Open "SELECT [UserID],[UserLevel],[FirstName],[LastName] FROM Users
WHERE ([email]='"&MyEmail&" ' and StrComp([PassWord],'"&MyPass&"',0 )=0)"
If (Rec.EOF) Then
Response.Cookie s("GDUser")="Us er Details"
Response.Cookie s("GDUser").exp ires=date()-1
Else
MyLevel=Rec("Us erLevel")
If (MyLevel=1) Then isAdmin=TRUE
MyID=Rec("UserI D")
MyFullName=Rec( "FirstName" )&" "&Rec("LastName ")
Connected=TRUE
End If
Rec.Close
End If
Jul 22 '05 #1
2 1614
in your check-login add some debug code to write out the values of all of
the parameters and SQL statements if a login fails. Then have one of the
"problem" clients test for you.

--
--Mark Schupp
Head of Development
Integrity eLearning
www.ielearning.com
"Netanel" <Ne*****@discus sions.microsoft .com> wrote in message
news:2F******** *************** ***********@mic rosoft.com...
Hi,
I have a site that I developed in ASP / VBScript.

Some of the visitors are complaining that they can't get in into the
system
(using the login form of-course).

My login form includes e-mail and passwords fields, that I check within
the
e-mail and passwords fields written in the database.
Then, if all is OK and the info the visitor enter is valid, I write it
into
a cookie that next time the user get into my site, the system will
recognize
him.

As I mentioned before, the problem is that some of the visitors are able
to
connect/logon, and some are not. They are getting the regular screen.
I checked with them and the cookies were enabled. I also tried to add a
"Response.Buffe r=TRUE" code in the first line of code there --- > NOTHING.

Some people are able to connect just after they clear the cookies from
their
computer. For some it doesn't help...
Some can't logout when they are connected :\

I am attaching here some code.

Please help me to solve this problem the persists for long time now.
Thanks,
Netanel.

LOGGING IN CODE:
-----------------------
Rec.Open "SELECT [UserID] FROM Users WHERE
([email]='"&ReplaceSTR( Request.Form("E Mail"))&"' and
StrComp([PassWord],'"&ReplaceSTR( Request.Form("P assWord"))&"',0 )=0)",DB
If (Rec.EOF) Then
Rec.Close : DisposeConn()
Response.Redire ct("Default.asp ?Err=LoginFaile d")
Else
Rec.Close : DisposeConn()
ExpireDate=Date ()+365
If (Request.Form(" SaveDetails")=" on") Then
Response.Cookie s("GDUser").Exp ires=ExpireDate
CEMail=ReplaceS TR(Request.Form ("EMail"))
CPassword=Repla ceSTR(Request.F orm("PassWord") )
TempString="UD"
Response.Cookie s("GDUser")=Tem pString
Response.Cookie s("GDUser")("EM ail")=CEMail
Response.Cookie s("GDUser")("Pa ssWord")=CPassw ord
Response.Redire ct("Default.asp ")
End If
VALIDATION CHECK ON EACH PAGE:
------------------------------------------
MyEmail=Request .Cookies("GDUse r")("EMail")
MyPass=Request. Cookies("GDUser ")("PassWor d")
MyLevel=2
MyFullName=""
MyID=0
Connected=FALSE
isAdmin=FALSE

If (MyEmail<>"") Then
Rec.Open "SELECT [UserID],[UserLevel],[FirstName],[LastName] FROM Users
WHERE ([email]='"&MyEmail&" ' and StrComp([PassWord],'"&MyPass&"',0 )=0)"
If (Rec.EOF) Then
Response.Cookie s("GDUser")="Us er Details"
Response.Cookie s("GDUser").exp ires=date()-1
Else
MyLevel=Rec("Us erLevel")
If (MyLevel=1) Then isAdmin=TRUE
MyID=Rec("UserI D")
MyFullName=Rec( "FirstName" )&" "&Rec("LastName ")
Connected=TRUE
End If
Rec.Close
End If

Jul 22 '05 #2
check www.aspprotect.com
"Netanel" <Ne*****@discus sions.microsoft .com> wrote in message
news:2F******** *************** ***********@mic rosoft.com...
Hi,
I have a site that I developed in ASP / VBScript.

Some of the visitors are complaining that they can't get in into the
system
(using the login form of-course).

My login form includes e-mail and passwords fields, that I check within
the
e-mail and passwords fields written in the database.
Then, if all is OK and the info the visitor enter is valid, I write it
into
a cookie that next time the user get into my site, the system will
recognize
him.

As I mentioned before, the problem is that some of the visitors are able
to
connect/logon, and some are not. They are getting the regular screen.
I checked with them and the cookies were enabled. I also tried to add a
"Response.Buffe r=TRUE" code in the first line of code there --- > NOTHING.

Some people are able to connect just after they clear the cookies from
their
computer. For some it doesn't help...
Some can't logout when they are connected :\

I am attaching here some code.

Please help me to solve this problem the persists for long time now.
Thanks,
Netanel.

LOGGING IN CODE:
-----------------------
Rec.Open "SELECT [UserID] FROM Users WHERE
([email]='"&ReplaceSTR( Request.Form("E Mail"))&"' and
StrComp([PassWord],'"&ReplaceSTR( Request.Form("P assWord"))&"',0 )=0)",DB
If (Rec.EOF) Then
Rec.Close : DisposeConn()
Response.Redire ct("Default.asp ?Err=LoginFaile d")
Else
Rec.Close : DisposeConn()
ExpireDate=Date ()+365
If (Request.Form(" SaveDetails")=" on") Then
Response.Cookie s("GDUser").Exp ires=ExpireDate
CEMail=ReplaceS TR(Request.Form ("EMail"))
CPassword=Repla ceSTR(Request.F orm("PassWord") )
TempString="UD"
Response.Cookie s("GDUser")=Tem pString
Response.Cookie s("GDUser")("EM ail")=CEMail
Response.Cookie s("GDUser")("Pa ssWord")=CPassw ord
Response.Redire ct("Default.asp ")
End If
VALIDATION CHECK ON EACH PAGE:
------------------------------------------
MyEmail=Request .Cookies("GDUse r")("EMail")
MyPass=Request. Cookies("GDUser ")("PassWor d")
MyLevel=2
MyFullName=""
MyID=0
Connected=FALSE
isAdmin=FALSE

If (MyEmail<>"") Then
Rec.Open "SELECT [UserID],[UserLevel],[FirstName],[LastName] FROM Users
WHERE ([email]='"&MyEmail&" ' and StrComp([PassWord],'"&MyPass&"',0 )=0)"
If (Rec.EOF) Then
Response.Cookie s("GDUser")="Us er Details"
Response.Cookie s("GDUser").exp ires=date()-1
Else
MyLevel=Rec("Us erLevel")
If (MyLevel=1) Then isAdmin=TRUE
MyID=Rec("UserI D")
MyFullName=Rec( "FirstName" )&" "&Rec("LastName ")
Connected=TRUE
End If
Rec.Close
End If

Jul 22 '05 #3

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

0
505
by: John J Lee | last post by:
Just noticed your c.l.py post quoted below. Nobody but me knows or cares about this obscure stuff ;-) so I'm not surprised you got no answer... C. Titus Brown Dec 27 2004, 12:41 pm wrote: > The issue turned out to be that mailman sends out RFC 2965 cookies, > which are by default rejected by cookielib. I don't remotely pretend to > understand the issues involved; hence my post ;). > > A few questions for those more clued in than...
0
1422
by: S. Bourbeau | last post by:
Hi all. Some of our web site users are experiencing a strange behavior of IE 6 (Sp1 or not). It looks like their ASP Session Cookie expire before time. Here are some details. The user connects to our web site and we keep his ID in the Session object. At the beginning of every page, we check the presence of this ID and if it is missing, we redirect the user to the connection page. Somewhere in the site, we create a temporary cookie. At
6
3063
by: Mark | last post by:
Hi... I've come across some weird bug with Response.Cookies. Or maybe it will be called "by design" but for the life of me I can't figure out what purpose it would serve. If you're setting a cookie (say Response.Cookies ("TEST")) and you have a query string variable &test=x or &Test=x and you get Request.QueryString to parse the query string, the cookie that gets dropped matches the case of the query string, not what your code says. ...
1
5979
by: Michal A. Valasek | last post by:
Hello, I have problem deleting cookies and cookies values (using framework version 1.1 on W2003). When I try to remove entire cookie, by calling Response.Cookies.Remove("Test"), nothing happens, the cookie "Test" remains unchanged. When I try to remove one of cookie values, by calling
5
2814
by: Martin Heuckeroth | last post by:
Hi We are working on a webservice application and are having some problems with the cookies and/or sessions. We have them working on our intranet but then its not working on the internet. We have been looking our asses off but can not find a working solution. the code we came up with is ...
5
5361
by: Miljana | last post by:
Hi, I have one problem with cookies in ASP.NET application. It seems that I can not retreive cookie from Request.Cookies collection. I put cookie in Response.Cookies collection, and after page post back, when I try to retreive it from Request.Cookies collection, it appears that it does not exists. This problem does not occur on several developing machines we use for developing application, but occurs in another environment (another...
6
3669
by: DJones | last post by:
I'm using the following code in my .Net application (.Net v1.1, Windows 2000) to write Session Cookies. HttpContext.Current.Response.Cookies("cookieSession")("SessionID") = strSessionID HttpContext.Current.Response.Cookies("cookieSession")("Site_ID") = strSite_ID
4
5166
by: macro | last post by:
when I use HttpWebRequest with CookieContainer object that handles cookies, if I have this cookie header in a response: Set-Cookie: CookieName=; path=/;expires=01-Jan-1999 00:00:00 GMT the cookie is not deleted for the next request, what should be and actually done with Internet Explorer as client. is this a bug is there a solution / workaroung by manually deleting the cookie?
0
1052
by: daz_oldham | last post by:
I posted a topic a while back and have since found what the problem was. I was setting cookies in the following manner: Response.Cookies; I was finding that the cookie would all of a sudden lose its value without reason.
0
9799
marktang
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look ! Part I. Meaning of...
0
10795
Oralloy
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed. This is as boiled down as I can make it. Here is my compilation command: g++-12 -std=c++20 -Wnarrowing bit_field.cpp Here is the code in...
0
10220
tracyyun
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
0
9332
agi2029
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own.... Now, this would greatly impact the work of software developers. The idea...
1
7760
isladogs
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules. He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms. Adolph will...
0
5627
by: TSSRALBI | last post by:
Hello I'm a network technician in training and I need your help. I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs. The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols. I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...
0
5796
by: adsilva | last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
2
3981
muto222
by: muto222 | last post by:
How can i add a mobile payment intergratation into php mysql website.
3
3083
bsmnconsultancy
by: bsmnconsultancy | last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.