473,725 Members | 2,017 Online
Bytes | Software Development & Data Engineering Community
+ Post

Home Posts Topics Members FAQ

ASP Login Script not working

Applies to: Microsoft FrontPage 2000, Microsoft Access 2000, IIS 5.0
Operating System: Microsoft Windows 2000 Professional

I am trying to protect a portion of a web site by allowing users to register a username and password & then login with those details, but so far I am having only marginal success. I am far from an expert on ASP programming, indeed the code I am using comes from "Sams Teach Yourself E-Commerce Programming with ASP" but it is ideally suited for my purpose.

In short, there are 3 .asp pages (register.asp, login.asp & checkpassword.a sp - the code for each is below), a global.asa file was automatically created and by following the instructions in the book, I also created a small Access database called UserDB.mdb, which stores the username & password of each user when they register & also verify's those details when the user attempts to login again.

The DNS connection has been setup within FrontPage and I have verified that this connection works by clicking "Tools", "Web Settings" & the "Database" tab, highlighting the DNS connection & clicking Verify.

The problems seem to occur when I try to register a new username & password, for some strange reason the details I enter are not being saved in the database table, and to compound the problem further, if I register just a username, or a password but not both, the page simply refreshes itself with empty boxes instead of giving an error message to indicate that a "username" or "password" must be entered, which if I have read the code correctly on the "checkpassword. asp" page, should happen.

To further confuse the situation, if I manually enter a username & password into the database table and then attempt to click a hyperlink taking me to a "test.asp" page, with the INCLUDE FILE: <!-- #INCLUDE FILE="checkpass word.asp" -->, I am automatically taken to the login.asp, where if I enter the username & password that I manually put into the database table, it takes me to the selected "Protected" web page. In my mind that clearly shows the DNS connection is working but yet it won't store new registered details into the database table, which is extremely confusing.

If anyone can see what I may be doing wrong, or point me in the right direction, your help & advice will be greatly appreciated. As I pointed out earlier I am far from an expert, so any help you can give would be ideally suited towards a newbie mentality.

Below is the code for the three .asp pages:

Many thanks in advance
Wayne Smith

register.asp

<%
nextPage = Request( "nextPage" )

newUsername = Request( "newUsernam e" )

newPassword = Request( "newPasswor d" )

%>

<HTML>

<HEAD><TITLE>Re gister"</TITLE></HEAD>

<BODY>

Register at this Web site by selecting a username and password:

<FORM METHOD="post" ACTION="<%=next Page%>">

<INPUT NAME="newUser" TYPE="hidden" VALUE="1">

<P><B>USERNAME: </B>

<INPUT NAME="newUserna me" SIZE=20 MAXLENGTH="20"

VALUE="<%=Serve r.HTMLEncode( newUsername )%>">

<P><B>PASSWORD: </B>

<INPUT NAME="newPasswo rd" SIZE=20 MAXLENGTH="20"

VALUE="<%=Serve r.HTMLEncode( newPassword )%>">

<P><INPUT TYPE="submit" VALUE="Register !">

</FORM>

</BODY>

</HTML>

----------------------------------------------------------------------------------

login.asp

<HTML>

<HEAD><TITLE>Lo gin</TITLE></HEAD>

<BODY>

<%=loginMessage %>

<FORM METHOD="post" ACTION="<%=next Page%>">

<P><B>USERNAME: </B>

<INPUT NAME="username" SIZE=20 MAXLENGTH="20"

VALUE="<%=Serve r.HTMLEncode( username )%>">

<P><B>PASSWORD: </B>

<INPUT NAME="password" SIZE=20 MAXLENGTH="20"

VALUE="<%=Serve r.HTMLEncode( password )%>">

<p><INPUT NAME="addCookie " TYPE="Checkbox" VALUE="1"> Remember me with a cookie

<P><INPUT TYPE="submit" VALUE="Login">

</FORM>

<p>

<a href="register. asp?nextpage=<% Server.URLEncod e( nextpage )%>">

Click here to register</a>

</BODY>

</HTML>

-------------------------------------------------------------

checkpassword.a sp

<%

CONST useSession = TRUE

' Retrieve Form Variables

username = TRIM( Request( "username" ) )

password = TRIM( Request( "password" ) )

newUser = TRIM( Request( "newUser" ) )

newUsername = TRIM( Request( "newUsernam e" ) )

newPassword = TRIM( Request( "newPasswor d" ) )

addCookie = TRIM( Request( "addCookie" ) )

' Retrieve Current Page

nextPage = Request.ServerV ariables( "SCRIPT_NAM E" )

' Ready Database Connection

Set Con = Server.CreateOb ject( "ADODB.Connecti on" )

Con.Open "userDNS"

' Add New User

IF newUser <> "" THEN

IF newUsername = "" THEN

showError "You must enter a username"

END IF

IF newPassword = "" THEN

showError "You must enter a password"

END IF

IF usernameTaken( newUsername ) THEN

showError "The username you entered has already " &_

"been chosen by a previous user. Please select " &_

"a new username"

END IF

sqlString = "INSERT INTO userlist ( user_username, user_password ) " &_

"VALUES ('" & newUsername & "','" & newPassword & "')"

Con.Execute sqlString

username = newUsername

password = newPassword

IF useSession THEN Session( "loggedIn" ) = "Yes"

END IF

' Authenticate User

IF Session( "loggedIn" ) = "" THEN

IF username = "" OR password = "" THEN

loginMessage = "You must login before you can view this page."

showLogin

END IF

result = validateLogin( username, password )

IF result = 1 THEN

loginMessage = "You entered an unregistered username."

showLogin

END IF

IF result = 2 THEN

loginMessage = "You did not enter a valid password."

showLogin

END IF

IF useSession THEN Session( "loggedIn" ) = "Yes"

END IF

' Add a Cookie

IF addCookie <> "" THEN

Response.Cookie s( "username" ) = username

Response.Cookie s( "username" ).Expires = "12/25/2037"

Response.Cookie s( "password" ) = password

Response.Cookie s( "password" ).Expires = "12/25/2037"

END IF

' Create Security Query String Variable

sq = "username=" & Server.HTMLEnco de( username ) & "&"

sq = sq & "password=" & Server.HTMLEnco de( password )

' Create Security Form Variable

sf = "<input name=""username "" type=""hidden"" "

sf = sf & "value=""" & Server.HTMLEnco de( username ) & """>"

sf = sf & "<input name=""password "" type=""hidden"" "

sf = sf & "value=""" & Server.HTMLEnco de( password ) & """>"

' Check Username and Password

FUNCTION validateLogin( theUsername, thePassword )

sqlString = "SELECT user_password FROM userlist " &_

"WHERE user_username=' " & fixQuotes( username ) & "'"

Set RS = Con.Execute( sqlString )

IF RS.EOF THEN

validateLogin = 1

ELSE

IF RS( "user_passw ord" ) <> thePassword THEN

validateLogin = 2

ELSE

validateLogin = 0

END IF

END IF

END FUNCTION

' Check Whether Username Already Taken

FUNCTION usernameTaken( theUsername )

sqlString = "SELECT user_id FROM userlist " &_

"WHERE user_username=' " & fixQuotes( theUsername ) & "'"

Set RS = Con.Execute( sqlString )

IF RS.EOF THEN

usernameTaken = FALSE

ELSE

usernameTaken = TRUE

END IF

RS.Close

Set RS = Nothing

END FUNCTION

' Show Error Page

SUB showError( theError )

%>

<HTML>

<HEAD><TITLE>Pr oblem</TITLE></HEAD>

<BODY>

<b>There was a problem with your registration information</b>

<br><%=theErr or %>

<FORM METHOD="POST" ACTION="registe r.asp">

<INPUT NAME="nextpage" TYPE="hidden"

VALUE="<%=nextp age%>">

<INPUT NAME="newUserna me" TYPE="hidden"

VALUE="<%=Serve r.HTMLEncode( newUsername )%>">

<INPUT NAME="newPasswo rd" TYPE="hidden"

VALUE="<%=Serve r.HTMLEncode( newPassword )%>">

<INPUT TYPE="SUBMIT" VALUE="Continue ">

</FORM>

</BODY>

</HTML>

<%

Response.End

END SUB

' Show the Login Page

SUB showLogin

%>

<!-- #INCLUDE FILE="login.asp " -->

<%

Response.End

END SUB

FUNCTION fixQuotes( theString )

fixQuotes = REPLACE( theString, "'", "''" )

END FUNCTION

%>

Jul 19 '05 #1
1 5506
Yes there seem to be a lot of problems with that code.

In login.asp since nextpage is never set the URL is something like
register.asp?ne xtpage=:
<<
<a href="register. asp?nextpage=<% server.urlencod e( nextpage )%>">

Click here to register</a>


There is no code in any of the 3 pages that actually writes to the
database.

In checkpassword.a sp included file there is not End Function at the end
or the %> end of ASP end tag.

And by the way here is a simple overview of how I deal with the login of
an already registered user.

Perhaps have a login page that asks the user for his username and
password. And whatever page that posts to (which could be the same page
for a self posting form) tests these fields against what is in the
database, sets the username and userlevel session variables accordingly,
and then redirects to the proper page - i.e. back to the login page if
the password is wrong (perhaps with a JavaScript popup saying wrong
username/password combination) or to the main menu page if the password
is correct:

Session("UserNa me") = objRS("UserName ")
Session("UserLe vel") = objRS("UserLeve l")
Response.Redire ct "mainmenu.a sp"

Then you can use If Then's or Select Case on each page to control
whether a user is allowed to actually be there and whether particular
links of where a user can go actually show up.

If (Session("UserL evel") <> "Admin") And (Session("UserL evel") <>
"Regular") Then
Response.Redire ct "login.asp"
End If

Best regards,
J. Paul Schmidt, Freelance ASP Web Designer
http://www.Bullschmidt.com
ASP Designer Tips, ASP Web Database Demo, Free ASP Bar Chart Tool...
*** Sent via Devdex http://www.devdex.com ***
Don't just participate in USENET...get rewarded for it!
Jul 19 '05 #2

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics
3
2875
php login script error
by: koolyio | last post by:
Hey, could you please tell me what is wrong with my login script. I just started learning php. CODE: login.php <? session_start(); header("Cache-Control: private"); ?>
PHP
4
1430
Need some help with login script
by: Joe | last post by:
Hi, I have MS Access database with a small table that has four columns ID (Primary Key), page, userid and password. The page column holds the name of the page which has the login form. The userid and password column contain the id and password that I am trying to check. You might wonder why I don’t have only two columns, userid and password. I intend to use this database for several different login pages. For a particular login page,...
ASP.NET
20
6187
Auto login
by: Navillus | last post by:
Hey gang, I'm helping this guy with his company's website. They have a page where you login, and basically it looks like when you enter your password and user info and submit the form, it runs a javascript function that saves the info as a cookie. It looks like this: <script language="JavaScript"> function savecookie() {
Javascript
5
2444
A good Login Script?
by: Kivak Wolf | last post by:
Hi, I am currently trying to make a website that requires an account to use so it can disply the data according to the account. I have ASP.NET 2.0 installed and working fine. However, it is not my server, I am having a company host it. I know that you can use the "Login" control right in VS2005, but it won't work unless the website is on localhost. Where can I find a good place to get or find out how to make a login control from...
ASP.NET
1
4994
Custom login will not work
by: Jakob Lithner | last post by:
When I started a new ASP project I was eager to use the login facilities offered in Framework 2.0/VS 2005. I wanted: - A custom principal that could hold my integer UserID from the database - An easy way to classify different pages as either Admin, Member or Public, where login is necessary for Admin and Member but not for Public. My idea was to put the pages in different directories to easily keep my order. - An easy menu system that...
ASP.NET
1
2729
Login Control -- Set Focus ?
by: Brad Isaacs | last post by:
Good evening friends, I am working with Visual Studio 2005, ASP.NET 2.0 I am working with the Login controls provided my .NET 2.0, trying to make the Login1 control UserName textbox obtain SetFocus upon load of the .aspx web page but I cannot for the life of me get this to work. It loads and the Focus is not working. I have tried the following:
ASP.NET
5
2573
register and login email process looping indefinitely
by: muppetjones | last post by:
I'm really new to the whole networking side of things, so I don't know the backend very well. I wrote a series of PHP/AJAX scripts to allow a user to create a login account, but apparently my script is doing much much more than I imagined as I received an email from my admin this morning: I think a core dump means my program had a fatal error, and I know my program is supposed to email me when there is an error. Granted, I was debugging...
PHP
3
1141
Login problem
by: harsh9892991141 | last post by:
every time enter my login id and password in my index page it shows me the error 404 Object not found! The requested URL was not found on this server. The link on the referring page seems to be wrong or outdated. Please inform the author of that page about the error. If you think this is a server error, please contact the webmaster. Error 404 127.0.0.1
PHP
4
3690
OWA: 'Posting a Login' From Outside Script?
by: adam.waterfield | last post by:
I am just wondering if anyone here can help with a problem that we have here. We have a PHP based website/application that has a user login that is connected to our AD setup. This works fine. Obviously their usernames and passwords are common to their exchange mailbox ones. What we would like to do is just have the one common login for our web application. I can obviously get their username/password in login to the site, encrypt and...
PHP
0
8752
Changing the language in Windows 10
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it. First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...
Windows Server
0
9401
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed. This is as boiled down as I can make it. Here is my compilation command: g++-12 -std=c++20 -Wnarrowing bit_field.cpp Here is the code in...
C / C++
0
9257
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth. The Art of Business Website Design Your website is...
Online Marketing
1
9174
The easy way to turn off automatic updates for Windows 10/11
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For most users, this new feature is actually very convenient. If you want to control the update process,...
Windows Server
0
9111
tracyyun
Discussion: How does Zigbee compare with other wireless protocols in smart home applications?
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
General
0
8096
agi2029
AI Job Threat for Devs
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own.... Now, this would greatly impact the work of software developers. The idea...
Career Advice
0
6011
Couldn’t get equations in html when convert word .docx file to html file in C#.
by: conductexam | last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one. At the time of converting from word file to html my equations which are in the word document file was convert into image. Globals.ThisAddIn.Application.ActiveDocument.Select();...
C# / C Sharp
0
4517
Trying to create a lan-to-lan vpn between two differents networks
by: TSSRALBI | last post by:
Hello I'm a network technician in training and I need your help. I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs. The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols. I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...
Networking - Hardware / Configuration
1
3221
transfer the data from one system to another through ip address
by: 6302768590 | last post by:
Hai team i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
C# / C Sharp

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes
How to Post and Respond on Bytes
How to Promote and Link on Bytes
How to increase your Ranking on Bytes
Become a Recognized Expert on Bytes
Feedback Welcomed! Contact Us