Help on ASP routine

[Caliangelas]

Hello,

I need a routine to check for a number called CPF (just like Social
Security Number in USA). I already have a validation routine for that
number, but I still need to check if it exists on the institution
databank to avoid frauds on my system.

The idea is to build a "new user register page" and with a CPF field.
So, when the person enter his CPF, the ASP page would check on the
institution databank and validate or not the number. The url for the
public query is the following, remember to replace "hxxp" with "http"
to open the page correctly:

hxxp://www.receita.fazenda.gov.br/Aplicacoes/ATCTA/CPF/ConsultaPublica.asp

I don´t know if it´s possible because it has implemented a "random
numbers" protection. If anyone could help me it would be great.

Thanks!

Caliangelas
(e-mail address removed)

 

[GVaught]

You would process this the same as you would as a login page. I would set up
a pre-register page that request the CPF number which is submitted by the
user and checks the database for a match. If it matches, then you send them
to whatever page they need to go or let them know this number already exists
and they don't need to register. If it does not exist then they are directed
to the page that with the remaining information you need and passing the CPF
number they typed in the previous page to the new page.

All above is assuming you have the privileges necessary to check the
institution's databank.

Here is the part that processes the data from a form after the user submits.
Replace the Username/Password with your CPF field name:
<%@ Language=VBScript %>
<% Response.Buffer = true%>

<HTML>
<HEAD>
<META name=VI60_defaultClientScript content=VBScript>
<TITLE>Security Login Verification</TITLE>
</HEAD>
<BODY>
<%
Dim conntemp
Dim rstemp

' Pull the data from the form data entered on the previous page
myname=CStr(Request.Form("SearchAccount"))
mypassword=Cstr(Request.Form("AccountPassword"))

' Create a connection to the database which houses the login information
set conntemp=Server.CreateObject ("ADODB.Connection")
conntemp.Provider = "Microsoft.Jet.OLEDB.4.0"
conntemp.ConnectionString = "Data Source=" & Server.MapPath
("\database\ExpressDataWeb.mdb")
conntemp.open

'Open the recorset connection
set rstemp = Server.CreateObject ("ADODB.Recordset")

'Compare the data from the form with the data in the database
sqltemp="SELECT * FROM tblAccountPass where ACCOUNT='"
sqltemp=sqltemp & myname & "'"
rstemp.Open sqltemp, conntemp



If rstemp.EOF then %>
<BR>
<!-- If the user isn't authenticated, return a message to them saying so -->
I'm sorry, we don't have a user named <%=myname%> on file!<br>
Please contact Southwest Express for access to this site.
<!--Please return to <A href="securitylogin.asp">Log In</a> and select
Register-->


<% Response.End

end if

' If the password checksout, then set the session variable to the
Account/Username entered from the form
If rstemp("Password")=mypassword then
session("name")=rstemp("account")

' added check specific for this login; if the value passed isn't correct
fail the login to any pages where the value doesn't match.
session("securitylevel")=rstemp("SecurityLevel")
Response.write "Security Level =" & session("securitylevel")

'If the user authenticates send them to the Table of Contents page;
otherwise fail the login.
Response.Redirect "toc.asp"
else
%>

Password Unrecognized<br>
Try <A href="securitylogin.asp">Try Again</a> again.
<% Response.End

end if

'Close all connections
rstemp.close
conntemp.Close
set rstemp=nothing
set conntemp=nothing
%>

</BODY>
</HTML>