By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
440,262 Members | 1,146 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 440,262 IT Pros & Developers. It's quick & easy.

help with code please

P: n/a
Hi,

I have an asp page that needs to create 2 different cookies: one for
the admin and one for the user. The code that I have to work with was
created by someone else. the page first requires to login and if
username and password match then the user is redirected to the same
page where he sees details of his message.

What I have to do is this: in my db i have a table called users with
the fields u_id, u_password and access. Access can either be admin or
user.
In my asp page i have to create 2 cookies. The thing is that i am not
sure how to do it. now i am using hardcode. i am not calling the
access field from the table but i am writing access="admin". However
the page that is meant to receive the data from the first page where i
created the cookie doesn't work. no matter if access =admin or user it
always gives me the message "access is user".

Here is the code for the 1st page:
dim access

MM_LoginAction = Request.ServerVariables("URL")
If Request.QueryString<>"" Then MM_LoginAction = MM_LoginAction + "?"
+ Request.QueryString
MM_valUsername=CStr(Request.Form("Username"))

If MM_valUsername <> "" Then
MM_fldUserAuthorization=""
MM_redirectLoginSuccess="myAds.asp"
MM_redirectLoginFailed="myAds.asp"

MM_flag="ADODB.Recordset"
set MM_rsUser = Server.CreateObject(MM_flag)
MM_rsUser.ActiveConnection = MM_connDUclassified_STRING
MM_rsUser.Source = "SELECT U_ID, U_PASSWORD, ACCESS"
If MM_fldUserAuthorization <> "" Then MM_rsUser.Source =
MM_rsUser.Source & "," & MM_fldUserAuthorization
MM_rsUser.Source = MM_rsUser.Source & " FROM USERS WHERE U_ID='" &
MM_valUsername &"' AND U_PASSWORD='" & CStr(Request.Form("Password"))
& "'"
MM_rsUser.CursorType = 0
MM_rsUser.CursorLocation = 2
MM_rsUser.LockType = 3
MM_rsUser.Open

If Not MM_rsUser.EOF Or Not MM_rsUser.BOF Then

' username and password match - this is a valid user
'DIM ACCESS
' access=(mm_rsuser.fields.item ("ACCESS").value)
DIM U_ID
DIM U_PWORD
ACCESS="admin"
'---create user cookie
if ACCESS<>"admin" then
Response.Cookies("UserCookie")("Username") =
Request.Form("UserName")
Response.Cookies ("UserCookie")("Password")=Request.Form ("Password")
Response.Cookies("UserCookie").Path = "/"
Response.Cookies ("UserCookie").expires =dateadd("h",1,now())
Response.Write(Request.Cookies("UserCookie")("User name"))
Response.Write (Request.Cookies("UserCookie")("Password"))

'---end user cookie
else
'create admin cookie

Response.Cookies("adminCOOKIE")("ADMINusername") =
Request.Form("UserName")
Response.Cookies ("adminCOOKIE")("ADMINPassword")=Request.Form
("Password")
Response.Cookies("adminCOOKIE").Path = "/"
Response.Cookies ("adminCOOKIE").expires =dateadd("h",1,now())
Response.Write(Request.Cookies("adminCOOKIE")("ADM INusername"))
Response.Write (Request.Cookies("adminCOOKIE")("ADMINPassword"))

'---end admin cookie

end if

Session("MM_Username") = MM_valUsername
If (MM_fldUserAuthorization <> "") Then

Session("MM_UserAuthorization") =
CStr(MM_rsUser.Fields.Item(MM_fldUserAuthorization ).Value)
Else
Session("MM_UserAuthorization") = ""

End If
if CStr(Request.QueryString("accessdenied")) <> "" And false Then
MM_redirectLoginSuccess = Request.QueryString("accessdenied")

End If
MM_rsUser.Close
Response.Redirect(MM_redirectLoginSuccess)
End If

MM_rsUser.Close
Response.Redirect(MM_redirectLoginFailed)

End If
%>

2nd page:
<%
Dim Username
Dim Password
Dim adminU
Dim adminP
Username = ((Request.Cookies("UserCookie")("Username")))
Password = ((Request.Cookies("UserCookie")("Password")))
adminU =
((Request.Cookies("adminCOOKIE")("ADMINusername")) )
adminP =
((Request.Cookies("adminCOOKIE")("ADMINPassword")) )
If Username <> "" And Password <> "" Then
Response.Write("username:" + Username + "<BR>")
Response.Write("password:" + Password + "<BR>")
Response.Write("Access is User" + "<BR>")

ElseIf adminU <> "" And adminP <> "" Then
Response.Write("adminusername:" + adminU + "<BR>")
Response.Write("adminpassword:" + adminP + "<BR>")
Response.Write("Access is admin")
End If
%>
Jul 19 '05 #1
Share this question for a faster answer!
Share on Google+

This discussion thread is closed

Replies have been disabled for this discussion.