473,322 Members | 1,409 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,322 software developers and data experts.

Nested If? Login using MS Access and ASP

Hi Mark et. All,

I have a question to see if you can educate me here since this is something new to me as well.

I created a login page for the user to login and the ASP will check and redirect them to the appropriate page. So far, everything works fine. Myself and the user admin can login to the "Trform.asp" page OK without problem.

My question for you and your peers is I have 5 more users. Let's say A, B, C, D, and E. I want myself, admin, users A, B, and C to login and redirect to the form "Trform.asp" and users D and E to login and redirect to the form "SearchProject.asp". I have tried nested IFs however, it does not look work when I have more than 1 ELSE IF statement. Below is the CheckPass.asp file and I would very much appreciate if someone can help me out. Like I mentioned above that myself and the admin can login and redirect to the Trform.asp OK. However, I want more users to have the same access to the file.
Expand|Select|Wrap|Line Numbers
  1. <%
  2. Dim adocon
  3. Dim adorst
  4. Dim strSQl
  5. Dim strUsername
  6. Dim strPassW
  7.  
  8. strUsername = trim(Request.Form("Username"))
  9. strPassW = trim(Request.Form("PassW"))
  10.  
  11. If strUsername = "" OR _
  12. strPassW = "" Then
  13. Response.Redirect("UserLogin.asp?error=Sorry ... Username or Password does not exist. Please try again.")
  14.  
  15. Else
  16.  
  17. Set adocon = Server.CreateObject("ADODB.Connection")
  18. adocon.Open "Provider=Microsoft.Jet.OLEDB.4.0;Data Source=" & Server.MapPath("PTSystem.mdb")
  19.  
  20. strSQL = "SELECT * FROM Accounts" 
  21. Set adorst = Server.CreateObject("ADODB.Recordset")
  22. adorst.Open strSQL, adocon
  23.  
  24. If strUsername = "admin" then
  25.     Response.Redirect("Trform.asp")
  26. Else If strUsername = "james" then
  27.     Response.Redirect("Trform.asp")
  28. Else
  29.     Response.Redirect("UserLogin.asp")
  30. End If
  31. End If
  32.  
  33. End If
  34.  
  35. adorst.Close
  36. Set adorst = Nothing
  37.  
  38. adocon.Close
  39. Set adocon = Nothing
  40. %>
Jan 8 '08 #1
12 3505
You could try this (although I hope this system is not meant to be secure)

Expand|Select|Wrap|Line Numbers
  1. If strUsername = "admin" Or strUsername = "james" Or strUsername = "A" etc... then
  2.     Response.Redirect("Trform.asp")
  3. ElseIf strUsername = "D" Or strUsername = "E" etc... Then
  4.     Response.Redirect("someWhere_Else.asp")
  5. Else
  6.     Response.Redirect("UserLogin.asp")
  7. End If

HTH

S
Jan 8 '08 #2
You are the best! It works fine. I have 2 more questions regarding to this login issue and would appreciate if you can help me out.

1. Let's say if there are several folks outside of my team would like to have
access to the SearchProject.asp link as well. Instead of having me to go
back and update the CheckPassword.asp file to include their usernames, is
there a way, that we can redirect them automatically? The reason why,
because there might be another 20 or 30 or so and I hate to have to do it
manually.

2. Cookies. How can you setup the cookies where let's say, where
users "admin", "james", "A", "B", and "C" can go back and forth between the
Trforms.asp and SearchProjects.asp links. While the user regular users
such as "D", "E" and "F" can only access to the SearchProject.asp only?

Thanks once again for your outstanding support.
Jan 8 '08 #3
idsanjeev
241 100+
Hi
you have need another field to distinguis between You and your team if any then try to check with if.. elseif condition

2.

Expand|Select|Wrap|Line Numbers
  1. <%
  2. If Not IsEmpty(Request.form("Submit")) Then
  3.   R.MoveFirst
  4.   R.Find "username= " & Request.Form("username") & ""
  5.   If Not R.EOF Then
  6.     Match = strComp(R("password"), Request.Form("password"))
  7.     If Match = 0 Then
  8.        vusername = Request.Form("username")
  9.       Response.Cookies("username") = vusername 'store username in  cookies
  10. %>
  11.  
Then after call on next
Expand|Select|Wrap|Line Numbers
  1. If Request.Cookies("username") = "" Then
  2.  
  3. 'other condition to check user is regular or not
  4. Response.Redirect "SearchProject.asp"
  5. else
  6.   Response.Write "Sorry!!!! You have limitted permission"
  7.  
Jan 9 '08 #4
Hi,

Thanks for your reply. I am having trouble to intergrate the information that you provided below along with the information that I already had. The login process has 2 files total. The UserLogin.asp file and the CheckPassword.asp file.

UserLogin.asp:
Expand|Select|Wrap|Line Numbers
  1. <INPUT CLASS="bluebox" NAME="Username" SIZE="25" TYPE="text" ID="Username" />
  2.  
  3. <INPUT CLASS="bluebox" NAME="PassW" SIZE="25" TYPE="Password" ID="PassW" />
  4.  
  5. <INPUT CLASS="Table_Blue" TYPE="Submit" NAME="Submit" VALUE="LOGIN" />
  6.  
Below is the entire CheckPassword.asp file. I would appreciate if you can intergrate yours into this file for me.
Expand|Select|Wrap|Line Numbers
  1. <%
  2. Dim adocon
  3. Dim adorst
  4. Dim strSQl
  5. Dim strUsername
  6. Dim strPassW
  7.  
  8. strUsername = trim(Request.Form("Username"))
  9. strPassW = trim(Request.Form("PassW"))
  10.  
  11. If strUsername = "" OR _
  12. strPassW = "" Then
  13. Response.Redirect("UserLogin.asp?error=Sorry ... Username or Password does not exist. Please try again.")
  14.  
  15. Else
  16.  
  17. Set adocon = Server.CreateObject("ADODB.Connection")
  18. adocon.Open "Provider=Microsoft.Jet.OLEDB.4.0;Data Source=" & Server.MapPath("PTSystem.mdb")
  19.  
  20. strSQL = "SELECT * FROM Accounts" 
  21. Set adorst = Server.CreateObject("ADODB.Recordset")
  22. adorst.Open strSQL, adocon
  23.  
  24. If strUsername = "admin" Or strUsername = "james" Or strUsername = "ddarvel" Then
  25.     Response.Redirect("Trform.asp")
  26. Else If strUsername = "avear" Or strUsername = "cgirl" Then
  27.     Response.Redirect("SearchProject.asp")
  28. Else
  29.     Response.Redirect("UserLogin.asp")
  30. End If
  31. End If
  32. End If
  33.  
  34. adorst.Close
  35. Set adorst = Nothing
  36.  
  37. adocon.Close
  38. Set adocon = Nothing
  39. %>
The Trform.asp is a form where only users admin, james, and ddarvel have access to. Should I put the following lines on the very top of the Trform.asp file?
Expand|Select|Wrap|Line Numbers
  1. If Request.Cookies("username") = "" Then
  2.  
  3. 'other condition to check user is regular or not
  4. Response.Redirect "SearchProject.asp"
  5. else
  6.   Response.Write "Sorry!!!! You have limitted permission"
  7.  
By the way, do you have comments on the item 1 of the previously posted? About other users...Thanks once again for your outstanding support.
Jan 9 '08 #5
idsanjeev
241 100+
Hi hotflash
Thanks, your complements is very hot like your name any way
You have 5 user say A,B,C,D And E. So youhave three types of user on
moderator, admin and user so
Are taken any field in table to Distinguish between normal user,administrator and yourself(moderator) if not then take a filed like e_blog that store value for Moderator M admin A and normal N then after in login page try this
Expand|Select|Wrap|Line Numbers
  1. If Not IsEmpty(Request.form("Submit")) Then
  2.   R.MoveFirst
  3.   R.Find "username = " & Request.Form("username") & ""
  4.   If Not R.EOF Then
  5.     Match = strComp(R("password"), Request.Form("password"))
  6.     If Match = 0 Then
  7.         vusername = Request.Form("username")
  8.           Response.Cookies("username") = vusername
  9.              If R("e_blog")="A" Then
  10.     Response.Cookies("e_blog")="A"
  11.                 Response.Redirect "Trform.asp"
  12.       Else
  13.       Response.Redirect "Searchproject.asp"
  14.                End If
  15.                   Else
  16.         Response.Write ("Invalid Password")
  17.       End If 
  18.          Else   
  19.              Response.Write("Invalid User")  
  20.   End If
  21. End If
  22. R.Close
  23. Set R = Nothing
  24. conn.Close
  25. Set conn = Nothing
  26. %>
  27.  
And in the page of Trform.asp where u chek the user is loged or not at top try to use this code login user is administrator or not
Expand|Select|Wrap|Line Numbers
  1. <%If Request.Cookies("username") = "" Then
  2.   Response.Redirect "login.asp"
  3. elseif request.Cookies("username")=request.cookies("username") then
  4. if request.Cookies("e_blog")="A" Then
  5. %>
  6. 'next code for display on form
  7.  
And for yourself I think you can easily add line to chek and redirec where u want
Jan 10 '08 #6
Hi,

Thanks once again for your reply however; you are OVER my head on this one.

The parameters that you used in the example you provided might be different from the parameters that I actually used such as vusername, username instead of strUsername and Username, etc... I have modified the CheckPassword.asp file to the best of my knowledge to make sure we are talking about the same thing however, I am still having problem. This time, it does not even let me login. Below is a modified CheckPassword.asp per your recommendation. I would appreciate if you can take a look 1 more time please. So sorry to bug you. I used users "admin", "james" and "chris" as an ADMIN which will allow to login to the Trform.asp file the rest will be redirected to the SearchProject.asp file. Thanks once again for your quick response.

<%
Dim conn
Dim RS
Dim strSQL
Dim strUsername
Dim strPassW
Dim Submit

strUsername = trim(Request.Form("Username"))
strPassW = trim(Request.Form("PassW"))

If strUsername = "" OR _
strPassW = "" Then
Response.Redirect("UserLogin.asp?error=Sorry ... Username or Password does not exist. Please try again.")

Else

Set conn = Server.CreateObject("ADODB.Connection")
conn.Open "Provider=Microsoft.Jet.OLEDB.4.0;Data Source=" & Server.MapPath("PTSystem.mdb")

strSQL = "SELECT * FROM Accounts"
Set RS = Server.CreateObject("ADODB.Recordset")
RS.Open strSQL, conn

If Not IsEmpty(Request.Form("Submit")) Then
RS.MoveFirst
RS.Find "Username = " & Request.Form("Username") & ""
If Not RS.EOF Then
Match = strSQL(RS("PassW"), Request.Form("PassW"))
If Match = 0 Then
strUsername = Request.Form("Username")
Response.Cookies("Username") = strUsername
If strUsername = "admin" Or strUsername = "james" Or strUsername = "chris"Then
Response.Cookies("e_blog")="A"
Response.Redirect "Trform.asp"
Else
Response.Redirect "SearchProject.asp"
End If
Else
Response.Write ("Invalid Password")
End If
Else
Response.Write("Invalid User")
End If
End If


End If

RS.Close
Set RS = Nothing
conn.Close
Set conn = Nothing
%>
Jan 10 '08 #7
idsanjeev
241 100+
Hi
why are you hard core for user type selection. i sugest u in privious post take an another filed to identified user type.mean where is userid,password take another field thats is e_blog in the table thats your first work.
second work is arrange code. how can u find e_blog for user type identification you can't store directly e_blog in to cookies
Expand|Select|Wrap|Line Numbers
  1.  Response.Cookies("e_blog")="A"
  2.  
you have to use
Expand|Select|Wrap|Line Numbers
  1. If R("e_blog")="A" Then
  2.     Response.Cookies("e_blog")="A"
  3.  
Jan 11 '08 #8
Hi,

Thanks for your replying. I am so sorry for the confusion since I am very new to this stuff. Right now, my MS Access PTSystem.mdb file has a table called Accounts. This table has 3 fields AccountID, Username and PassW. If I read your replies correctly, you want me to create another field in the Accounts table called e_blog and mark the admin users with "A"? So right now, my Accounts table looks like:

Field Name: AccountID (text), Username (text), PassW (text) and e_blog (test).

Also there are multiple test users in the table as a moment.

AccountID: Username: PassW e_blog
1 admin test1 A
2 james test1 A
3 chris test1

You noticed that username "chris" does not mark with A.

I modifed the CheckPassword.asp file to look like below however, it still does not let me login. The parameters that you provided in the sample code such as username, vusername, password is kinda different than the actual items that i defined in the CheckPassword.asp file so I tried to match them according to my understanding.

Thanks again for your outstanding support and patience.

<%
Dim conn
Dim RS
Dim strSQL
Dim strUsername
Dim strPassW

strUsername = trim(Request.Form("Username"))
strPassW = trim(Request.Form("PassW"))

If strUsername = "" OR _
strPassW = "" Then
Response.Redirect("UserLogin.asp?error=Sorry ... Username or Password does not exist. Please try again.")

Else

Set conn = Server.CreateObject("ADODB.Connection")
conn.Open "Provider=Microsoft.Jet.OLEDB.4.0;Data Source=" & Server.MapPath("PTSystem.mdb")

strSQL = "SELECT * FROM Accounts"
Set RS = Server.CreateObject("ADODB.Recordset")
RS.Open strSQL, conn

If Not IsEmpty(Request.form("Submit")) Then
RS.MoveFirst
RS.Find "Username = " & Request.Form("Username") & ""
If Not RS.EOF Then
Match = strSQL(RS("PassW"), Request.Form("PassW"))
If Match = 0 Then
strUsername = Request.Form("Username")
Response.Cookies("Username") = strUsername
If RS("e_blog")="A" Then
Response.Cookies("e_blog")="A"
Response.Redirect "Trform.asp"
Else
Response.Redirect "Searchproject.asp"
End If
Else
Response.Write ("Invalid Password")
End If
Else
Response.Write("Invalid User")
End If
End If

End If

RS.Close
Set RS = Nothing
conn.Close
Set conn = Nothing
%>
Jan 11 '08 #9
Hi,

As listed in post #5, the value in the UserLogin.asp should be LOGIN instead of Submit. I changed to LOGIN, however, at this time, I got a "Blank Page". It looks like there is still something wrong with the code. Can you help please? Thanks.
Jan 13 '08 #10
idsanjeev
241 100+
Hi
ok i try
it is complete code for normal userlogin page acording to your requirments here are three types of user and only he can view using his eblog field from user thats is the flag to identify user
Expand|Select|Wrap|Line Numbers
  1. <%@ Language=VBScript %>
  2. <% Option Explicit %>
  3. <%
  4. Dim conn
  5. Dim R,sql
  6. Dim vuserid
  7. Dim password
  8. Dim match
  9. Set conn = Server.CreateObject("ADODB.Connection")
  10. conn.Mode = adModeReadWrite
  11. conn.Open "Provider=Microsoft.Jet.OLEDB.4.0;Data Source=" & Server.MapPath("PTSystem.mdb")
  12. sql= "Select *From accounts"
  13. Set R = Server.CreateObject("ADODB.Recordset")
  14. R.Open SQL, conn, adOpenStatic, adLockReadOnly, adCmdText
  15.  
  16. %>
  17. <html>
  18. <head>
  19. <title>Login-Section</title>
  20. </head>
  21.  
  22. <body>
  23. <form name="myform" method="POST" action="login.asp">
  24. <div style="Position:Absolute; top:150; left:268">
  25. <center><h2><font face="arial">Welcome To Login Page</font></h2>
  26. </center>
  27. <table border = '0' align = 'center' width = '500' height = '70'>
  28.   <tr>
  29.     <td  align=right>&nbsp;&nbsp;&nbsp;<font face=Arial size=4><b>User Name</b></font></td>
  30.     <td >&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type= 'text' name="vuserid"></td>
  31.   </tr>
  32.   <tr>
  33.     <td align=right>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<font face=Arial size=4 ><b>Password</font></b></td>
  34.     <td >&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type= "password" name= "password"></td></font>
  35.   </tr>
  36. </table>
  37. <table style="Position:relative; top:20; left:225"> 
  38. <tr>
  39. </td><td align='center'><input type="submit" name="submit" value="Login"  ></td>
  40. <td align="right"><input type="button" name="Close" value="Close" onclick="window.close()"></tr>
  41. </table>
  42. </div>
  43. <div style="Position:Absolute; top:265; left:310">
  44. <%
  45. If Not IsEmpty(Request.form("Submit")) Then
  46.   R.MoveFirst
  47.  R.Find "User= '" & Request.Form("vuserid") & "'"
  48.   If Not R.EOF Then
  49.     Match = strComp(R("pass"), Request.Form("password"))
  50.     If Match = 0 Then
  51.        vuserid = Request.Form("vuserid")
  52.       Response.Cookies("userid") = vuserid
  53.       If R("eblog")="m" Then
  54.       response.Cookies("eblog")="m"
  55.       Response.Redirect "controladmin.asp"
  56.       elseif R("eblog")="a" then
  57.       response.Cookies("eblog")="a"
  58.       Response.Redirect"trform.asp"
  59.       else
  60.       Response.Redirect "search.asp"
  61.       End If
  62.     Else
  63.       Response.Write "<table><tr><td width=475 align=center><font color=red size= +2><b>Invalid Password</b></font></td></tr></table>"
  64.       End If 
  65.       Else   
  66.       Response.Write "<table><tr><td width=475 align=center><font color=red size=+2><b>Invalid User</b></font></td></tr></table>"  
  67.     End If
  68.  End If
  69. R.Close
  70. Set R= Nothing
  71. conn.Close
  72. Set conn = Nothing
  73. %>
  74. </div>
  75. </form>
  76. </body>
  77. </html>
  78.  
and on the page where user have permission chek eblog fields with user login check let me know if any other problems
thanks
Jan 15 '08 #11
Hi idsanjeev,

Thanks for your help. I played around with the code that you provided over the weekend and the login works fine for me however, it does not look like the COOKIES is working properly.

There are 5 files involved in the Login process. The LOGIN code below allows me to login OK however the COOKIES is does not work right.

1. UserLogin.asp
2. CheckPassword.asp
3. WEBAdmin.asp (for Admin access only).
4. EngineersTools (for Engineer only).
5. PMTools (for the Project Manager only).

Questions:

1. Do I need to put sometype of Response.Cookies on top of the UserLogin.asp file so that the Admin can access to both items 4 and 5 above however, 4 and 5 can't access to 3?

2. Do I need to put sometype of Response.Cookies on top of items 3, 4 and 5?

Thanks once again for your outstanding support so far.

Here is the REVISED code. Please notice that I changed "e_blog" to "AccessLevel", "Admin" for "A", etc..

If Not IsEmpty(Request.Form("Username")) Then

strSQL = "SELECT * FROM Accounts where username='" & Request.Form("Username") & "' and PassW='" & Request.Form("PassW") & "'"
Set RS = Server.CreateObject("ADODB.Recordset")
RS.Open strSQL, conn

If Not RS.EOF Then
RS.MoveFirst
Match = 0
If Match = 0 Then
strUsername = Request.Form("Username")
Response.Cookies("Username") = strUsername
If RS("AccessLevel")= "Admin" Then
Response.Cookies("AccessLevel")= "Admin"
Response.Redirect "WEBAdmin.asp"
ElseIf RS("AccessLevel") = "Engineer" Then
Response.Cookies("AccessLevel")= "Engineer"
Response.Redirect "EngineerTools.asp"
Else
Response.Redirect "PMTools.asp"
End If
Else
Response.Write ("Invalid Password")
End If
Else
Response.Redirect("UserLogin.asp?error=Sorry ... Username or Password does not exist. Please try again.")
End If
End If
Jan 15 '08 #12
idsanjeev
241 100+
Hi
thats is not a good poster like we so
first of try to read about asp from
Asp
Any way your problems is you wants to admin can access the pages of option provided 4 and 5 so your have to check after login page he goes on next page then chek user is login or not if not login then go to login if login then chek his accesslevel cookie . All about cookes store in veriable and how can call a cookies already posted in previous posting so please try from there.
Any thing store and call in cookes very easy here you have to store username in to cookies thats is accepted from form or variable name and code is already posted how to intialize and how to retrive
Read it from
Cookie
let me know it work
Thanks
Regards
sanjeev jha
Jan 16 '08 #13

Sign in to post your reply or Sign up for a free account.

Similar topics

8
by: CoolPint | last post by:
I read in books that nested class cannot access private members of nesting class and vice versa unless they are made friends. Somehow, my compiler is letting my nested class member functions access...
3
by: Tcs | last post by:
My backend is DB2 on our AS/400. While I do HAVE DB2 PE for my PC, I haven't loaded it yet. I'm still using MS Access. And no, I don't believe this is an Access question. (But who knows? I...
6
by: B0nj | last post by:
I've got a class in which I want to implement a property that operates like an indexer, for the various colors associated with the class. For instance, I want to be able to do 'set' operations...
4
by: rrober07 | last post by:
Hello, My Setup is I have a Web Server machine(Devweb01), Database SQL Machine(Devsql01), a Client Machine(local machine) I have configured the SQL machine as follows: 1) Added local Aspnet...
5
by: ~~~ .NET Ed ~~~ | last post by:
Hi, As you all know when an ASP.NET web form is created that will include web controls and such, it contains a FORM that that identifies the web form and its containing controls. Well, I have a...
2
by: pv | last post by:
Hi everyone, I need help with following scenario, please: Users are accessing same web server from intranet (users previously authenticated in Active Dir) and from extranet (common public...
20
by: Robert | last post by:
Need some help to stop me going around in circles on this one.... Have a nested subform (subform2) which simulates a continuous form for the record on the parent subform. Subform2 has rows of...
5
by: ZikO | last post by:
Hi there. I have a problem. I have created nested classes but don't know how to access to inner classes. I know I can create objects: Hen Object; Hen::Nest ObjectNest; Hen::Nest::Egg...
1
by: xcelmind | last post by:
Hello Dev. Guru, I want to at this time introduce myself. I am Stanley Ojadovwa by name. I’m a freelance and a newbie in web application development. I’m currently using ASP as my application...
0
by: ryjfgjl | last post by:
ExcelToDatabase: batch import excel into database automatically...
1
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
0
by: Vimpel783 | last post by:
Hello! Guys, I found this code on the Internet, but I need to modify it a little. It works well, the problem is this: Data is sent from only one cell, in this case B5, but it is necessary that data...
0
by: jfyes | last post by:
As a hardware engineer, after seeing that CEIWEI recently released a new tool for Modbus RTU Over TCP/UDP filtering and monitoring, I actively went to its official website to take a look. It turned...
1
by: PapaRatzi | last post by:
Hello, I am teaching myself MS Access forms design and Visual Basic. I've created a table to capture a list of Top 30 singles and forms to capture new entries. The final step is a form (unbound)...
1
by: CloudSolutions | last post by:
Introduction: For many beginners and individual users, requiring a credit card and email registration may pose a barrier when starting to use cloud servers. However, some cloud server providers now...
1
by: Defcon1945 | last post by:
I'm trying to learn Python using Pycharm but import shutil doesn't work
0
by: af34tf | last post by:
Hi Guys, I have a domain whose name is BytesLimited.com, and I want to sell it. Does anyone know about platforms that allow me to list my domain in auction for free. Thank you
0
isladogs
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 3 Apr 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome former...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.