Hi Mark et. All,
I have a question to see if you can educate me here since this is something new to me as well.
I created a login page for the user to login and the ASP will check and redirect them to the appropriate page. So far, everything works fine. Myself and the user admin can login to the "Trform.asp" page OK without problem.
My question for you and your peers is I have 5 more users. Let's say A, B, C, D, and E. I want myself, admin, users A, B, and C to login and redirect to the form "Trform.asp" and users D and E to login and redirect to the form "SearchProject.asp". I have tried nested IFs however, it does not look work when I have more than 1 ELSE IF statement. Below is the CheckPass.asp file and I would very much appreciate if someone can help me out. Like I mentioned above that myself and the admin can login and redirect to the Trform.asp OK. However, I want more users to have the same access to the file. -
<%
-
Dim adocon
-
Dim adorst
-
Dim strSQl
-
Dim strUsername
-
Dim strPassW
-
-
strUsername = trim(Request.Form("Username"))
-
strPassW = trim(Request.Form("PassW"))
-
-
If strUsername = "" OR _
-
strPassW = "" Then
-
Response.Redirect("UserLogin.asp?error=Sorry ... Username or Password does not exist. Please try again.")
-
-
Else
-
-
Set adocon = Server.CreateObject("ADODB.Connection")
-
adocon.Open "Provider=Microsoft.Jet.OLEDB.4.0;Data Source=" & Server.MapPath("PTSystem.mdb")
-
-
strSQL = "SELECT * FROM Accounts"
-
Set adorst = Server.CreateObject("ADODB.Recordset")
-
adorst.Open strSQL, adocon
-
-
If strUsername = "admin" then
-
Response.Redirect("Trform.asp")
-
Else If strUsername = "james" then
-
Response.Redirect("Trform.asp")
-
Else
-
Response.Redirect("UserLogin.asp")
-
End If
-
End If
-
-
End If
-
-
adorst.Close
-
Set adorst = Nothing
-
-
adocon.Close
-
Set adocon = Nothing
-
%>
12 3505
You could try this (although I hope this system is not meant to be secure) - If strUsername = "admin" Or strUsername = "james" Or strUsername = "A" etc... then
-
Response.Redirect("Trform.asp")
-
ElseIf strUsername = "D" Or strUsername = "E" etc... Then
-
Response.Redirect("someWhere_Else.asp")
-
Else
-
Response.Redirect("UserLogin.asp")
-
End If
HTH
S
You are the best! It works fine. I have 2 more questions regarding to this login issue and would appreciate if you can help me out.
1. Let's say if there are several folks outside of my team would like to have
access to the SearchProject.asp link as well. Instead of having me to go
back and update the CheckPassword.asp file to include their usernames, is
there a way, that we can redirect them automatically? The reason why,
because there might be another 20 or 30 or so and I hate to have to do it
manually.
2. Cookies. How can you setup the cookies where let's say, where
users "admin", "james", "A", "B", and "C" can go back and forth between the
Trforms.asp and SearchProjects.asp links. While the user regular users
such as "D", "E" and "F" can only access to the SearchProject.asp only?
Thanks once again for your outstanding support.
Hi
you have need another field to distinguis between You and your team if any then try to check with if.. elseif condition
2. -
<%
-
If Not IsEmpty(Request.form("Submit")) Then
-
R.MoveFirst
-
R.Find "username= " & Request.Form("username") & ""
-
If Not R.EOF Then
-
Match = strComp(R("password"), Request.Form("password"))
-
If Match = 0 Then
-
vusername = Request.Form("username")
-
Response.Cookies("username") = vusername 'store username in cookies
-
%>
-
Then after call on next -
If Request.Cookies("username") = "" Then
-
-
'other condition to check user is regular or not
-
Response.Redirect "SearchProject.asp"
-
else
-
Response.Write "Sorry!!!! You have limitted permission"
-
Hi,
Thanks for your reply. I am having trouble to intergrate the information that you provided below along with the information that I already had. The login process has 2 files total. The UserLogin.asp file and the CheckPassword.asp file.
UserLogin.asp: -
<INPUT CLASS="bluebox" NAME="Username" SIZE="25" TYPE="text" ID="Username" />
-
-
<INPUT CLASS="bluebox" NAME="PassW" SIZE="25" TYPE="Password" ID="PassW" />
-
-
<INPUT CLASS="Table_Blue" TYPE="Submit" NAME="Submit" VALUE="LOGIN" />
-
Below is the entire CheckPassword.asp file. I would appreciate if you can intergrate yours into this file for me. -
<%
-
Dim adocon
-
Dim adorst
-
Dim strSQl
-
Dim strUsername
-
Dim strPassW
-
-
strUsername = trim(Request.Form("Username"))
-
strPassW = trim(Request.Form("PassW"))
-
-
If strUsername = "" OR _
-
strPassW = "" Then
-
Response.Redirect("UserLogin.asp?error=Sorry ... Username or Password does not exist. Please try again.")
-
-
Else
-
-
Set adocon = Server.CreateObject("ADODB.Connection")
-
adocon.Open "Provider=Microsoft.Jet.OLEDB.4.0;Data Source=" & Server.MapPath("PTSystem.mdb")
-
-
strSQL = "SELECT * FROM Accounts"
-
Set adorst = Server.CreateObject("ADODB.Recordset")
-
adorst.Open strSQL, adocon
-
-
If strUsername = "admin" Or strUsername = "james" Or strUsername = "ddarvel" Then
-
Response.Redirect("Trform.asp")
-
Else If strUsername = "avear" Or strUsername = "cgirl" Then
-
Response.Redirect("SearchProject.asp")
-
Else
-
Response.Redirect("UserLogin.asp")
-
End If
-
End If
-
End If
-
-
adorst.Close
-
Set adorst = Nothing
-
-
adocon.Close
-
Set adocon = Nothing
-
%>
The Trform.asp is a form where only users admin, james, and ddarvel have access to. Should I put the following lines on the very top of the Trform.asp file? -
If Request.Cookies("username") = "" Then
-
-
'other condition to check user is regular or not
-
Response.Redirect "SearchProject.asp"
-
else
-
Response.Write "Sorry!!!! You have limitted permission"
-
By the way, do you have comments on the item 1 of the previously posted? About other users...Thanks once again for your outstanding support.
Hi hotflash
Thanks, your complements is very hot like your name any way
You have 5 user say A,B,C,D And E. So youhave three types of user on
moderator, admin and user so
Are taken any field in table to Distinguish between normal user,administrator and yourself(moderator) if not then take a filed like e_blog that store value for Moderator M admin A and normal N then after in login page try this -
If Not IsEmpty(Request.form("Submit")) Then
-
R.MoveFirst
-
R.Find "username = " & Request.Form("username") & ""
-
If Not R.EOF Then
-
Match = strComp(R("password"), Request.Form("password"))
-
If Match = 0 Then
-
vusername = Request.Form("username")
-
Response.Cookies("username") = vusername
-
If R("e_blog")="A" Then
-
Response.Cookies("e_blog")="A"
-
Response.Redirect "Trform.asp"
-
Else
-
Response.Redirect "Searchproject.asp"
-
End If
-
Else
-
Response.Write ("Invalid Password")
-
End If
-
Else
-
Response.Write("Invalid User")
-
End If
-
End If
-
R.Close
-
Set R = Nothing
-
conn.Close
-
Set conn = Nothing
-
%>
-
And in the page of Trform.asp where u chek the user is loged or not at top try to use this code login user is administrator or not -
<%If Request.Cookies("username") = "" Then
-
Response.Redirect "login.asp"
-
elseif request.Cookies("username")=request.cookies("username") then
-
if request.Cookies("e_blog")="A" Then
-
%>
-
'next code for display on form
-
And for yourself I think you can easily add line to chek and redirec where u want
Hi,
Thanks once again for your reply however; you are OVER my head on this one.
The parameters that you used in the example you provided might be different from the parameters that I actually used such as vusername, username instead of strUsername and Username, etc... I have modified the CheckPassword.asp file to the best of my knowledge to make sure we are talking about the same thing however, I am still having problem. This time, it does not even let me login. Below is a modified CheckPassword.asp per your recommendation. I would appreciate if you can take a look 1 more time please. So sorry to bug you. I used users "admin", "james" and "chris" as an ADMIN which will allow to login to the Trform.asp file the rest will be redirected to the SearchProject.asp file. Thanks once again for your quick response.
<%
Dim conn
Dim RS
Dim strSQL
Dim strUsername
Dim strPassW
Dim Submit
strUsername = trim(Request.Form("Username"))
strPassW = trim(Request.Form("PassW"))
If strUsername = "" OR _
strPassW = "" Then
Response.Redirect("UserLogin.asp?error=Sorry ... Username or Password does not exist. Please try again.")
Else
Set conn = Server.CreateObject("ADODB.Connection")
conn.Open "Provider=Microsoft.Jet.OLEDB.4.0;Data Source=" & Server.MapPath("PTSystem.mdb")
strSQL = "SELECT * FROM Accounts"
Set RS = Server.CreateObject("ADODB.Recordset")
RS.Open strSQL, conn
If Not IsEmpty(Request.Form("Submit")) Then
RS.MoveFirst
RS.Find "Username = " & Request.Form("Username") & ""
If Not RS.EOF Then
Match = strSQL(RS("PassW"), Request.Form("PassW"))
If Match = 0 Then
strUsername = Request.Form("Username")
Response.Cookies("Username") = strUsername
If strUsername = "admin" Or strUsername = "james" Or strUsername = "chris"Then
Response.Cookies("e_blog")="A"
Response.Redirect "Trform.asp"
Else
Response.Redirect "SearchProject.asp"
End If
Else
Response.Write ("Invalid Password")
End If
Else
Response.Write("Invalid User")
End If
End If
End If
RS.Close
Set RS = Nothing
conn.Close
Set conn = Nothing
%>
Hi
why are you hard core for user type selection. i sugest u in privious post take an another filed to identified user type.mean where is userid,password take another field thats is e_blog in the table thats your first work.
second work is arrange code. how can u find e_blog for user type identification you can't store directly e_blog in to cookies -
Response.Cookies("e_blog")="A"
-
you have to use -
If R("e_blog")="A" Then
-
Response.Cookies("e_blog")="A"
-
Hi,
Thanks for your replying. I am so sorry for the confusion since I am very new to this stuff. Right now, my MS Access PTSystem.mdb file has a table called Accounts. This table has 3 fields AccountID, Username and PassW. If I read your replies correctly, you want me to create another field in the Accounts table called e_blog and mark the admin users with "A"? So right now, my Accounts table looks like:
Field Name: AccountID (text), Username (text), PassW (text) and e_blog (test).
Also there are multiple test users in the table as a moment.
AccountID: Username: PassW e_blog
1 admin test1 A
2 james test1 A
3 chris test1
You noticed that username "chris" does not mark with A.
I modifed the CheckPassword.asp file to look like below however, it still does not let me login. The parameters that you provided in the sample code such as username, vusername, password is kinda different than the actual items that i defined in the CheckPassword.asp file so I tried to match them according to my understanding.
Thanks again for your outstanding support and patience.
<%
Dim conn
Dim RS
Dim strSQL
Dim strUsername
Dim strPassW
strUsername = trim(Request.Form("Username"))
strPassW = trim(Request.Form("PassW"))
If strUsername = "" OR _
strPassW = "" Then
Response.Redirect("UserLogin.asp?error=Sorry ... Username or Password does not exist. Please try again.")
Else
Set conn = Server.CreateObject("ADODB.Connection")
conn.Open "Provider=Microsoft.Jet.OLEDB.4.0;Data Source=" & Server.MapPath("PTSystem.mdb")
strSQL = "SELECT * FROM Accounts"
Set RS = Server.CreateObject("ADODB.Recordset")
RS.Open strSQL, conn
If Not IsEmpty(Request.form("Submit")) Then
RS.MoveFirst
RS.Find "Username = " & Request.Form("Username") & ""
If Not RS.EOF Then
Match = strSQL(RS("PassW"), Request.Form("PassW"))
If Match = 0 Then
strUsername = Request.Form("Username")
Response.Cookies("Username") = strUsername
If RS("e_blog")="A" Then
Response.Cookies("e_blog")="A"
Response.Redirect "Trform.asp"
Else
Response.Redirect "Searchproject.asp"
End If
Else
Response.Write ("Invalid Password")
End If
Else
Response.Write("Invalid User")
End If
End If
End If
RS.Close
Set RS = Nothing
conn.Close
Set conn = Nothing
%>
Hi,
As listed in post #5, the value in the UserLogin.asp should be LOGIN instead of Submit. I changed to LOGIN, however, at this time, I got a "Blank Page". It looks like there is still something wrong with the code. Can you help please? Thanks.
Hi
ok i try
it is complete code for normal userlogin page acording to your requirments here are three types of user and only he can view using his eblog field from user thats is the flag to identify user -
<%@ Language=VBScript %>
-
<% Option Explicit %>
-
<%
-
Dim conn
-
Dim R,sql
-
Dim vuserid
-
Dim password
-
Dim match
-
Set conn = Server.CreateObject("ADODB.Connection")
-
conn.Mode = adModeReadWrite
-
conn.Open "Provider=Microsoft.Jet.OLEDB.4.0;Data Source=" & Server.MapPath("PTSystem.mdb")
-
sql= "Select *From accounts"
-
Set R = Server.CreateObject("ADODB.Recordset")
-
R.Open SQL, conn, adOpenStatic, adLockReadOnly, adCmdText
-
-
%>
-
<html>
-
<head>
-
<title>Login-Section</title>
-
</head>
-
-
<body>
-
<form name="myform" method="POST" action="login.asp">
-
<div style="Position:Absolute; top:150; left:268">
-
<center><h2><font face="arial">Welcome To Login Page</font></h2>
-
</center>
-
<table border = '0' align = 'center' width = '500' height = '70'>
-
<tr>
-
<td align=right> <font face=Arial size=4><b>User Name</b></font></td>
-
<td > <input type= 'text' name="vuserid"></td>
-
</tr>
-
<tr>
-
<td align=right> <font face=Arial size=4 ><b>Password</font></b></td>
-
<td > <input type= "password" name= "password"></td></font>
-
</tr>
-
</table>
-
<table style="Position:relative; top:20; left:225">
-
<tr>
-
</td><td align='center'><input type="submit" name="submit" value="Login" ></td>
-
<td align="right"><input type="button" name="Close" value="Close" onclick="window.close()"></tr>
-
</table>
-
</div>
-
<div style="Position:Absolute; top:265; left:310">
-
<%
-
If Not IsEmpty(Request.form("Submit")) Then
-
R.MoveFirst
-
R.Find "User= '" & Request.Form("vuserid") & "'"
-
If Not R.EOF Then
-
Match = strComp(R("pass"), Request.Form("password"))
-
If Match = 0 Then
-
vuserid = Request.Form("vuserid")
-
Response.Cookies("userid") = vuserid
-
If R("eblog")="m" Then
-
response.Cookies("eblog")="m"
-
Response.Redirect "controladmin.asp"
-
elseif R("eblog")="a" then
-
response.Cookies("eblog")="a"
-
Response.Redirect"trform.asp"
-
else
-
Response.Redirect "search.asp"
-
End If
-
Else
-
Response.Write "<table><tr><td width=475 align=center><font color=red size= +2><b>Invalid Password</b></font></td></tr></table>"
-
End If
-
Else
-
Response.Write "<table><tr><td width=475 align=center><font color=red size=+2><b>Invalid User</b></font></td></tr></table>"
-
End If
-
End If
-
R.Close
-
Set R= Nothing
-
conn.Close
-
Set conn = Nothing
-
%>
-
</div>
-
</form>
-
</body>
-
</html>
-
and on the page where user have permission chek eblog fields with user login check let me know if any other problems
thanks
Hi idsanjeev,
Thanks for your help. I played around with the code that you provided over the weekend and the login works fine for me however, it does not look like the COOKIES is working properly.
There are 5 files involved in the Login process. The LOGIN code below allows me to login OK however the COOKIES is does not work right.
1. UserLogin.asp
2. CheckPassword.asp
3. WEBAdmin.asp (for Admin access only).
4. EngineersTools (for Engineer only).
5. PMTools (for the Project Manager only).
Questions:
1. Do I need to put sometype of Response.Cookies on top of the UserLogin.asp file so that the Admin can access to both items 4 and 5 above however, 4 and 5 can't access to 3?
2. Do I need to put sometype of Response.Cookies on top of items 3, 4 and 5?
Thanks once again for your outstanding support so far.
Here is the REVISED code. Please notice that I changed "e_blog" to "AccessLevel", "Admin" for "A", etc..
If Not IsEmpty(Request.Form("Username")) Then
strSQL = "SELECT * FROM Accounts where username='" & Request.Form("Username") & "' and PassW='" & Request.Form("PassW") & "'"
Set RS = Server.CreateObject("ADODB.Recordset")
RS.Open strSQL, conn
If Not RS.EOF Then
RS.MoveFirst
Match = 0
If Match = 0 Then
strUsername = Request.Form("Username")
Response.Cookies("Username") = strUsername
If RS("AccessLevel")= "Admin" Then
Response.Cookies("AccessLevel")= "Admin"
Response.Redirect "WEBAdmin.asp"
ElseIf RS("AccessLevel") = "Engineer" Then
Response.Cookies("AccessLevel")= "Engineer"
Response.Redirect "EngineerTools.asp"
Else
Response.Redirect "PMTools.asp"
End If
Else
Response.Write ("Invalid Password")
End If
Else
Response.Redirect("UserLogin.asp?error=Sorry ... Username or Password does not exist. Please try again.")
End If
End If
Hi
thats is not a good poster like we so
first of try to read about asp from Asp
Any way your problems is you wants to admin can access the pages of option provided 4 and 5 so your have to check after login page he goes on next page then chek user is login or not if not login then go to login if login then chek his accesslevel cookie . All about cookes store in veriable and how can call a cookies already posted in previous posting so please try from there.
Any thing store and call in cookes very easy here you have to store username in to cookies thats is accepted from form or variable name and code is already posted how to intialize and how to retrive
Read it from Cookie
let me know it work
Thanks
Regards
sanjeev jha
Sign in to post your reply or Sign up for a free account.
Similar topics
by: CoolPint |
last post by:
I read in books that nested class cannot access private members of
nesting class and vice versa unless they are made friends. Somehow, my
compiler is letting my nested class member functions access...
|
by: Tcs |
last post by:
My backend is DB2 on our AS/400. While I do HAVE DB2 PE for my PC, I haven't
loaded it yet. I'm still using MS Access. And no, I don't believe this is an
Access question. (But who knows? I...
|
by: B0nj |
last post by:
I've got a class in which I want to implement a property
that operates like an indexer, for the various colors
associated with the class.
For instance, I want to be able to do 'set' operations...
|
by: rrober07 |
last post by:
Hello,
My Setup is I have a Web Server machine(Devweb01), Database SQL
Machine(Devsql01), a Client Machine(local machine) I have configured the
SQL machine as follows:
1) Added local Aspnet...
|
by: ~~~ .NET Ed ~~~ |
last post by:
Hi,
As you all know when an ASP.NET web form is created that will include
web controls and such, it contains a
FORM that that identifies the web form and its containing controls.
Well, I have a...
|
by: pv |
last post by:
Hi everyone,
I need help with following scenario, please:
Users are accessing same web server from intranet (users previously
authenticated in Active Dir) and from extranet (common public...
|
by: Robert |
last post by:
Need some help to stop me going around in circles on this one....
Have a nested subform (subform2) which simulates a continuous form for the
record on the parent subform.
Subform2 has rows of...
|
by: ZikO |
last post by:
Hi there.
I have a problem. I have created nested classes but don't know how to access to
inner classes. I know I can create objects:
Hen Object;
Hen::Nest ObjectNest;
Hen::Nest::Egg...
|
by: xcelmind |
last post by:
Hello Dev. Guru,
I want to at this time introduce myself. I am Stanley Ojadovwa by name.
I’m a freelance and a newbie in web application development. I’m
currently using ASP as my application...
|
by: ryjfgjl |
last post by:
ExcelToDatabase: batch import excel into database automatically...
|
by: isladogs |
last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM).
In this month's session, we are pleased to welcome back...
|
by: Vimpel783 |
last post by:
Hello!
Guys, I found this code on the Internet, but I need to modify it a little. It works well, the problem is this: Data is sent from only one cell, in this case B5, but it is necessary that data...
|
by: jfyes |
last post by:
As a hardware engineer, after seeing that CEIWEI recently released a new tool for Modbus RTU Over TCP/UDP filtering and monitoring, I actively went to its official website to take a look. It turned...
|
by: PapaRatzi |
last post by:
Hello,
I am teaching myself MS Access forms design and Visual Basic. I've created a table to capture a list of Top 30 singles and forms to capture new entries. The final step is a form (unbound)...
|
by: CloudSolutions |
last post by:
Introduction:
For many beginners and individual users, requiring a credit card and email registration may pose a barrier when starting to use cloud servers. However, some cloud server providers now...
|
by: Defcon1945 |
last post by:
I'm trying to learn Python using Pycharm but import shutil doesn't work
|
by: af34tf |
last post by:
Hi Guys, I have a domain whose name is BytesLimited.com, and I want to sell it. Does anyone know about platforms that allow me to list my domain in auction for free. Thank you
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 3 Apr 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome former...
| |