C
collie
Hi,
I have an asp page that needs to create 2 different cookies: one for
the admin and one for the user. The code that I have to work with was
created by someone else. the page first requires to login and if
username and password match then the user is redirected to the same
page where he sees details of his message.
What I have to do is this: in my db i have a table called users with
the fields u_id, u_password and access. Access can either be admin or
user.
In my asp page i have to create 2 cookies. The thing is that i am not
sure how to do it. now i am using hardcode. i am not calling the
access field from the table but i am writing access="admin". However
the page that is meant to receive the data from the first page where i
created the cookie doesn't work. no matter if access =admin or user it
always gives me the message "access is user".
Here is the code for the 1st page:
dim access
MM_LoginAction = Request.ServerVariables("URL")
If Request.QueryString<>"" Then MM_LoginAction = MM_LoginAction + "?"
+ Request.QueryString
MM_valUsername=CStr(Request.Form("Username"))
If MM_valUsername <> "" Then
MM_fldUserAuthorization=""
MM_redirectLoginSuccess="myAds.asp"
MM_redirectLoginFailed="myAds.asp"
MM_flag="ADODB.Recordset"
set MM_rsUser = Server.CreateObject(MM_flag)
MM_rsUser.ActiveConnection = MM_connDUclassified_STRING
MM_rsUser.Source = "SELECT U_ID, U_PASSWORD, ACCESS"
If MM_fldUserAuthorization <> "" Then MM_rsUser.Source =
MM_rsUser.Source & "," & MM_fldUserAuthorization
MM_rsUser.Source = MM_rsUser.Source & " FROM USERS WHERE U_ID='" &
MM_valUsername &"' AND U_PASSWORD='" & CStr(Request.Form("Password"))
& "'"
MM_rsUser.CursorType = 0
MM_rsUser.CursorLocation = 2
MM_rsUser.LockType = 3
MM_rsUser.Open
If Not MM_rsUser.EOF Or Not MM_rsUser.BOF Then
' username and password match - this is a valid user
'DIM ACCESS
' access=(mm_rsuser.fields.item ("ACCESS").value)
DIM U_ID
DIM U_PWORD
ACCESS="admin"
'---create user cookie
if ACCESS<>"admin" then
Response.Cookies("UserCookie")("Username") =
Request.Form("UserName")
Response.Cookies ("UserCookie")("Password")=Request.Form ("Password")
Response.Cookies("UserCookie").Path = "/"
Response.Cookies ("UserCookie").expires =dateadd("h",1,now())
Response.Write(Request.Cookies("UserCookie")("Username"))
Response.Write (Request.Cookies("UserCookie")("Password"))
'---end user cookie
else
'create admin cookie
Response.Cookies("adminCOOKIE")("ADMINusername") =
Request.Form("UserName")
Response.Cookies ("adminCOOKIE")("ADMINPassword")=Request.Form
("Password")
Response.Cookies("adminCOOKIE").Path = "/"
Response.Cookies ("adminCOOKIE").expires =dateadd("h",1,now())
Response.Write(Request.Cookies("adminCOOKIE")("ADMINusername"))
Response.Write (Request.Cookies("adminCOOKIE")("ADMINPassword"))
'---end admin cookie
end if
Session("MM_Username") = MM_valUsername
If (MM_fldUserAuthorization <> "") Then
Session("MM_UserAuthorization") =
CStr(MM_rsUser.Fields.Item(MM_fldUserAuthorization).Value)
Else
Session("MM_UserAuthorization") = ""
End If
if CStr(Request.QueryString("accessdenied")) <> "" And false Then
MM_redirectLoginSuccess = Request.QueryString("accessdenied")
End If
MM_rsUser.Close
Response.Redirect(MM_redirectLoginSuccess)
End If
MM_rsUser.Close
Response.Redirect(MM_redirectLoginFailed)
End If
%>
2nd page:
<%
Dim Username
Dim Password
Dim adminU
Dim adminP
Username = ((Request.Cookies("UserCookie")("Username")))
Password = ((Request.Cookies("UserCookie")("Password")))
adminU =
((Request.Cookies("adminCOOKIE")("ADMINusername")))
adminP =
((Request.Cookies("adminCOOKIE")("ADMINPassword")))
If Username <> "" And Password <> "" Then
Response.Write("username:" + Username + "<BR>")
Response.Write("password:" + Password + "<BR>")
Response.Write("Access is User" + "<BR>")
ElseIf adminU <> "" And adminP <> "" Then
Response.Write("adminusername:" + adminU + "<BR>")
Response.Write("adminpassword:" + adminP + "<BR>")
Response.Write("Access is admin")
End If
%>
I have an asp page that needs to create 2 different cookies: one for
the admin and one for the user. The code that I have to work with was
created by someone else. the page first requires to login and if
username and password match then the user is redirected to the same
page where he sees details of his message.
What I have to do is this: in my db i have a table called users with
the fields u_id, u_password and access. Access can either be admin or
user.
In my asp page i have to create 2 cookies. The thing is that i am not
sure how to do it. now i am using hardcode. i am not calling the
access field from the table but i am writing access="admin". However
the page that is meant to receive the data from the first page where i
created the cookie doesn't work. no matter if access =admin or user it
always gives me the message "access is user".
Here is the code for the 1st page:
dim access
MM_LoginAction = Request.ServerVariables("URL")
If Request.QueryString<>"" Then MM_LoginAction = MM_LoginAction + "?"
+ Request.QueryString
MM_valUsername=CStr(Request.Form("Username"))
If MM_valUsername <> "" Then
MM_fldUserAuthorization=""
MM_redirectLoginSuccess="myAds.asp"
MM_redirectLoginFailed="myAds.asp"
MM_flag="ADODB.Recordset"
set MM_rsUser = Server.CreateObject(MM_flag)
MM_rsUser.ActiveConnection = MM_connDUclassified_STRING
MM_rsUser.Source = "SELECT U_ID, U_PASSWORD, ACCESS"
If MM_fldUserAuthorization <> "" Then MM_rsUser.Source =
MM_rsUser.Source & "," & MM_fldUserAuthorization
MM_rsUser.Source = MM_rsUser.Source & " FROM USERS WHERE U_ID='" &
MM_valUsername &"' AND U_PASSWORD='" & CStr(Request.Form("Password"))
& "'"
MM_rsUser.CursorType = 0
MM_rsUser.CursorLocation = 2
MM_rsUser.LockType = 3
MM_rsUser.Open
If Not MM_rsUser.EOF Or Not MM_rsUser.BOF Then
' username and password match - this is a valid user
'DIM ACCESS
' access=(mm_rsuser.fields.item ("ACCESS").value)
DIM U_ID
DIM U_PWORD
ACCESS="admin"
'---create user cookie
if ACCESS<>"admin" then
Response.Cookies("UserCookie")("Username") =
Request.Form("UserName")
Response.Cookies ("UserCookie")("Password")=Request.Form ("Password")
Response.Cookies("UserCookie").Path = "/"
Response.Cookies ("UserCookie").expires =dateadd("h",1,now())
Response.Write(Request.Cookies("UserCookie")("Username"))
Response.Write (Request.Cookies("UserCookie")("Password"))
'---end user cookie
else
'create admin cookie
Response.Cookies("adminCOOKIE")("ADMINusername") =
Request.Form("UserName")
Response.Cookies ("adminCOOKIE")("ADMINPassword")=Request.Form
("Password")
Response.Cookies("adminCOOKIE").Path = "/"
Response.Cookies ("adminCOOKIE").expires =dateadd("h",1,now())
Response.Write(Request.Cookies("adminCOOKIE")("ADMINusername"))
Response.Write (Request.Cookies("adminCOOKIE")("ADMINPassword"))
'---end admin cookie
end if
Session("MM_Username") = MM_valUsername
If (MM_fldUserAuthorization <> "") Then
Session("MM_UserAuthorization") =
CStr(MM_rsUser.Fields.Item(MM_fldUserAuthorization).Value)
Else
Session("MM_UserAuthorization") = ""
End If
if CStr(Request.QueryString("accessdenied")) <> "" And false Then
MM_redirectLoginSuccess = Request.QueryString("accessdenied")
End If
MM_rsUser.Close
Response.Redirect(MM_redirectLoginSuccess)
End If
MM_rsUser.Close
Response.Redirect(MM_redirectLoginFailed)
End If
%>
2nd page:
<%
Dim Username
Dim Password
Dim adminU
Dim adminP
Username = ((Request.Cookies("UserCookie")("Username")))
Password = ((Request.Cookies("UserCookie")("Password")))
adminU =
((Request.Cookies("adminCOOKIE")("ADMINusername")))
adminP =
((Request.Cookies("adminCOOKIE")("ADMINPassword")))
If Username <> "" And Password <> "" Then
Response.Write("username:" + Username + "<BR>")
Response.Write("password:" + Password + "<BR>")
Response.Write("Access is User" + "<BR>")
ElseIf adminU <> "" And adminP <> "" Then
Response.Write("adminusername:" + adminU + "<BR>")
Response.Write("adminpassword:" + adminP + "<BR>")
Response.Write("Access is admin")
End If
%>